Iam
Explore 66 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Imprivata VPAM is a Zero-Trust third-party access management platform that provides secure, monitored remote access for vendors to internal privileged assets while maintaining granular access controls and comprehensive audit capabilities.
Imprivata VPAM is a Zero-Trust third-party access management platform that provides secure, monitored remote access for vendors to internal privileged assets while maintaining granular access controls and comprehensive audit capabilities.
ZTrust is an identity and access management platform offering SSO, MFA, and password management with support for multiple deployment models and compliance standards.
ZTrust is an identity and access management platform offering SSO, MFA, and password management with support for multiple deployment models and compliance standards.
Jamf Connect is an identity and access management solution that provides cloud-based authentication, password synchronization, and Zero Trust Network Access for Mac and mobile devices.
Jamf Connect is an identity and access management solution that provides cloud-based authentication, password synchronization, and Zero Trust Network Access for Mac and mobile devices.
NordLayer ZTNA is a Zero Trust Network Access solution that provides identity-based access controls and network segmentation to secure applications and resources regardless of user location.
NordLayer ZTNA is a Zero Trust Network Access solution that provides identity-based access controls and network segmentation to secure applications and resources regardless of user location.
CyberArk is an identity security platform that secures human and machine identities through privileged access management, secrets management, and intelligent privilege controls across on-premises, hybrid, and cloud environments.
CyberArk is an identity security platform that secures human and machine identities through privileged access management, secrets management, and intelligent privilege controls across on-premises, hybrid, and cloud environments.
An enterprise cybersecurity platform that unifies endpoint, cloud, and identity security through an integrated data lake architecture with AI-powered analysis capabilities.
An enterprise cybersecurity platform that unifies endpoint, cloud, and identity security through an integrated data lake architecture with AI-powered analysis capabilities.
A managed security service provider specializing in identity security solutions including IAM, IGA, and PAM with implementation, operational, and advisory services.
A managed security service provider specializing in identity security solutions including IAM, IGA, and PAM with implementation, operational, and advisory services.
Monokee is an identity orchestration and access management platform that provides visual, low-code tools for designing authentication workflows, managing digital identities, and implementing secure access controls across multiple domains.
Monokee is an identity orchestration and access management platform that provides visual, low-code tools for designing authentication workflows, managing digital identities, and implementing secure access controls across multiple domains.
Cloudflare Access is a zero trust network access solution that secures applications and resources by implementing identity-based authentication and authorization without traditional VPN infrastructure.
Cloudflare Access is a zero trust network access solution that secures applications and resources by implementing identity-based authentication and authorization without traditional VPN infrastructure.
The Ping Identity Platform is an enterprise identity and access management solution that provides authentication, authorization, and identity governance capabilities with flexible deployment options for securing customer, workforce, and partner identities.
The Ping Identity Platform is an enterprise identity and access management solution that provides authentication, authorization, and identity governance capabilities with flexible deployment options for securing customer, workforce, and partner identities.
A cloud-based identity and access management solution that provides access governance, compliance monitoring, and risk management for hybrid environments.
A cloud-based identity and access management solution that provides access governance, compliance monitoring, and risk management for hybrid environments.
A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.
A cloud-native security platform that provides asset inventory, vulnerability management, compliance monitoring, and security posture management across multiple cloud providers.
A cloud native application protection platform that provides unified visibility, risk assessment, and remediation capabilities across multi-cloud and hybrid environments.
A cloud native application protection platform that provides unified visibility, risk assessment, and remediation capabilities across multi-cloud and hybrid environments.
Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.
Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.
Airlock Secure Access Hub is an integrated security platform that combines identity and access management with web application and API protection to secure digital applications while maintaining user experience.
Airlock Secure Access Hub is an integrated security platform that combines identity and access management with web application and API protection to secure digital applications while maintaining user experience.
A cloud-native application protection platform that provides comprehensive security monitoring, vulnerability management, and threat detection for cloud environments and container workloads.
A cloud-native application protection platform that provides comprehensive security monitoring, vulnerability management, and threat detection for cloud environments and container workloads.
A Non-Human Identity Management platform that provides discovery, security, and lifecycle management for machine identities across hybrid cloud environments.
A Non-Human Identity Management platform that provides discovery, security, and lifecycle management for machine identities across hybrid cloud environments.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A platform that discovers, manages and secures non-human identities like service accounts, API keys and secrets across enterprise environments.
A platform that discovers, manages and secures non-human identities like service accounts, API keys and secrets across enterprise environments.
A cloud-based platform that discovers, monitors, and manages non-human identities and their associated credentials across cloud infrastructure.
A cloud-based platform that discovers, monitors, and manages non-human identities and their associated credentials across cloud infrastructure.
An open-source credential management platform that provides end-to-end encrypted password sharing and storage capabilities for organizations.
An open-source credential management platform that provides end-to-end encrypted password sharing and storage capabilities for organizations.
A cloud native security platform that uses behavioral fingerprinting and runtime verification to detect threats across Kubernetes environments, cloud infrastructure, and software supply chains.
A cloud native security platform that uses behavioral fingerprinting and runtime verification to detect threats across Kubernetes environments, cloud infrastructure, and software supply chains.
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Okta Workforce Identity Cloud is an identity and access management platform that provides secure, streamlined access for an organization's workforce across various applications and resources.
Okta Workforce Identity Cloud is an identity and access management platform that provides secure, streamlined access for an organization's workforce across various applications and resources.
Okta Customer Identity Cloud is a CIAM solution that provides secure, customizable identity management for consumer and SaaS applications.
Okta Customer Identity Cloud is a CIAM solution that provides secure, customizable identity management for consumer and SaaS applications.
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.
A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.
A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.
Akamai Enterprise Application Access is a ZTNA solution that provides secure, identity-based access to private applications without exposing the network.
Akamai Enterprise Application Access is a ZTNA solution that provides secure, identity-based access to private applications without exposing the network.
A platform that helps companies automate the management of their SaaS identities and applications, providing visibility, security, and compliance across the organization's SaaS ecosystem.
A platform that helps companies automate the management of their SaaS identities and applications, providing visibility, security, and compliance across the organization's SaaS ecosystem.
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
Identify AWS IAM permissions by brute-forcing API calls.
Securely store and access AWS credentials in a development environment.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
A tool that generates least privilege IAM policies for AWS services
A tool that generates least privilege IAM policies for AWS services
A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.
A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
A community-driven list of sample security analytics for auditing cloud usage and detecting threats in Google Cloud.
A community-driven list of sample security analytics for auditing cloud usage and detecting threats in Google Cloud.
IAM Zero detects IAM issues and suggests least-privilege policies for AWS and other cloud platforms.
IAM Zero detects IAM issues and suggests least-privilege policies for AWS and other cloud platforms.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
Repokid uses Access Advisor to remove unused service permissions from IAM roles in AWS.
A tool for identifying security issues in CloudFormation templates.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Centralized workforce identity management for AWS applications.
A Terraform module to set up a secure AWS account configuration baseline
A Terraform module to set up a secure AWS account configuration baseline
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
A security tool that monitors AWS objects for ownership attribution, detects domain hijacking, and verifies security services.
Redirects EC2 metadata API traffic to a container that retrieves temporary AWS credentials and proxies other calls to the EC2 metadata API.
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
Tool for visualizing and analyzing control paths in Active Directory to determine access privileges and permissions.
Tool for visualizing and analyzing control paths in Active Directory to determine access privileges and permissions.
A NodeJS/Typescript library for generating IAM Policy Actions Statements for AWS CDK with predefined constants and a factory class.
Open-source tool for analyzing AWS temporary tokens to detect malicious activity.
Open-source tool for analyzing AWS temporary tokens to detect malicious activity.
OpenIAM offers a unified identity governance platform featuring CIAM, MFA, and PAM integration.
A script and library for identifying risks in AWS IAM configuration
A script and library for identifying risks in AWS IAM configuration
AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.
AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.
A post-exploitation tool for Azure Active Directory and Office 365 environments that manages access tokens and provides interactive access to Microsoft 365 services.
A post-exploitation tool for Azure Active Directory and Office 365 environments that manages access tokens and provides interactive access to Microsoft 365 services.
A web service for easier AWS IAM permissions and credential management with various login methods and IAM Self-Service Wizard.
A web service for easier AWS IAM permissions and credential management with various login methods and IAM Self-Service Wizard.
AirIAM is an AWS IAM to least privilege Terraform execution framework that compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform.
AirIAM is an AWS IAM to least privilege Terraform execution framework that compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform.
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
Runs IAM policy linting checks against AWS accounts to identify security best practices and policy errors.
Runs IAM policy linting checks against AWS accounts to identify security best practices and policy errors.
CloudTracker helps identify over-privileged IAM users and roles by analyzing CloudTrail logs.
CloudTracker helps identify over-privileged IAM users and roles by analyzing CloudTrail logs.
A proof of concept for using the SSM Agent in Fargate for incident response
A proof of concept for using the SSM Agent in Fargate for incident response
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.
