Skip to content

Akeyless unveiled the world’s first Unified Secrets and Machine Identity Platform to address the #1 cause of breaches. Discover Why & How.

Akeyless Pricing

Vaultless® Secrets Management

FREE

Try out Akeyless and use it
for your smaller projects

$0 Start Free
  • 5 Clients
    An Akeyless Client is a unique identity, such as an application, user, or machine, which consumes secrets and/or authenticates itself through the Akeyless Secret Orchestration. Registration and reception of the same uniquely identified client are counted as one client per month.
  • 2,000 Static Secrets
    A secret is any form of password, credentials, api-key, or token, certificate, encryption key or signing keys, either statically set or dynamically created.
  • Cloud Workload Machine Authentication
  • Single Gateway
    The Akeyless Gateway adds extra protection between your private network and the cloud. Acting as a SaaS extension of our core services, the stateless Gateway ensures service continuity and recovery. There is no need to alter any network infrastructure to work with your internal organizational resources.
  • Secure Secrets Sharing
  • 3 days of Log Retention
    Akeyless audit logs include changes or actions within the Akeyless Vault system, providing a complete track record of your Akeyless Vault system operations.
  • Add Other Products (limited usage)
    • Encryption and KMS
    • Password Manager

ENTERPRISE

Enterprise-level support and flexibility, built for scaled environments

Let's Talk Contact Us
    All Team package features and:
  • 24×7 Support
  • Dynamic Secrets
    Dynamic secrets are secrets that are generated every time access is required, and automatically expire after a given time frame.
  • Rotated Secrets
    Rotated secrets enable you to protect the credentials for privileged-user accounts such as an Administrator account on a Windows server, a root account on a Linux server, or an Admin account on a network device, by resetting its password.
  • Internal Caching
    The Gateway Cache improves performance when fetching secrets. The Proactive Cache enables storing secrets in the Gateway Cache in advance.
  • Multi-Gateway Cluster
  • Zero Knowledge Mode
    Leveraging Akeyless’ unique FIPS-certified Encryption Key Management technology, your encryption keys never exist as a whole. They are instead created as fragments on different regions and cloud providers and never combined, not even during the encryption/signing process itself. To ensure that you are the exclusive owner of your keys, one of the fragments is created on your side and cannot be accessed by Akeyless.
  • Log Forwarding
  • Extended Log Retention
  • Add Other Products (Optional, full functionality)
    • Certificate Lifecycle Management
    • Universal Secrets Connector
    • Encryption and KMS
    • Secure Remote Access
    • Password Manager

We’re running a world-class cloud service.

Leveraging the immense power of the cloud, the Akeyless Platform is built on top of multiple availability zones, regions and across clouds, to provide enterprise production-grade resiliency and availability. Akeyless is certified for ISO 27001, GDPR, FIPS 140-2 and SOC 2 Type 2, and runs periodical penetration testing by world-renowned consultants.

We have Zero Knowledge of your secrets and keys.

With our patented technology, Akeyless DFC (Distributed Fragments Cryptography), we are able to operate any cryptographic operation using fragments of encryption keys, without ever combining the fragments, not even during encryption itself. One of the key fragments is created independently on the customer side and stored so that Akeyless never has access to it. We simply don’t have all of your key fragments and therefore can’t decrypt your secrets.

Our secret is in our technology, design & people.

The Akeyless Platform was built from the ground up, on top of a patented technology, and using the most modern cloud native architecture and software design. Our proprietary software is built by a constantly growing team of highly talented and experienced engineers, previously working for known vendors, driven by the passion to produce and operate a leading enterprise-grade solution.

Frequently Asked Questions

  • What is considered a Client?

    An Akeyless Client is a unique identity, such as an application, user, or machine, which consumes secrets and/or authenticates itself through the Akeyless Platform. Registration and reception of the same uniquely identified client are counted as one client per month.

    For more information, please see “Client page“.

  • What is considered a Secret?

    A Secret is any form of password, credentials, API key, token, certificate, encryption key or signing keys, either statically set or dynamically created.

  • What happens if I don’t have network connectivity?

    For cases where you’d like to strengthen the service continuity, even when your environment is experiencing temporary internet disconnection, we offer an optional component, Akeyless Gateway, which provides configurable in-memory caching of secrets. Our Gateway is provided as a stateless container, with auto-scaling capabilities and fail-safe mechanisms.

  • Do you support sub-admins (aka multi-tenancy) within my account?

    Oh yes. We even support more than one level of multi-tenancy. Every tenant can define sub-tenants under it, which helps support any organizational structure you’d like. And that’s not all. Though tenants are isolated, you, as a global admin, can decide what objects are shared among your sub-tenants.

cloud

See Akeyless in Action

Get a Demo certification folder key