Akeyless Pricing
Vaultless® Secrets Management
FREE
Try out Akeyless and use it
for your smaller projects
-
5 ClientsAn Akeyless Client is a unique identity, such as an application, user, or machine, which consumes secrets and/or authenticates itself through the Akeyless Secret Orchestration. Registration and reception of the same uniquely identified client are counted as one client per month.
-
2,000 Static SecretsA secret is any form of password, credentials, api-key, or token, certificate, encryption key or signing keys, either statically set or dynamically created.
-
Cloud Workload Machine Authentication
-
Single GatewayThe Akeyless Gateway adds extra protection between your private network and the cloud. Acting as a SaaS extension of our core services, the stateless Gateway ensures service continuity and recovery. There is no need to alter any network infrastructure to work with your internal organizational resources.
-
Secure Secrets Sharing
-
3 days of Log RetentionAkeyless audit logs include changes or actions within the Akeyless Vault system, providing a complete track record of your Akeyless Vault system operations.
-
Add Other Products (limited usage)
- Encryption and KMS
- Password Manager
ENTERPRISE
Enterprise-level support and flexibility, built for scaled environments
-
All Team package features and:
-
24×7 Support
-
Dynamic SecretsDynamic secrets are secrets that are generated every time access is required, and automatically expire after a given time frame.
-
Rotated SecretsRotated secrets enable you to protect the credentials for privileged-user accounts such as an Administrator account on a Windows server, a root account on a Linux server, or an Admin account on a network device, by resetting its password.
-
Internal CachingThe Gateway Cache improves performance when fetching secrets. The Proactive Cache enables storing secrets in the Gateway Cache in advance.
-
Multi-Gateway Cluster
-
Zero Knowledge ModeLeveraging Akeyless’ unique FIPS-certified Encryption Key Management technology, your encryption keys never exist as a whole. They are instead created as fragments on different regions and cloud providers and never combined, not even during the encryption/signing process itself. To ensure that you are the exclusive owner of your keys, one of the fragments is created on your side and cannot be accessed by Akeyless.
-
Log Forwarding
-
Extended Log Retention
-
Add Other Products (Optional, full functionality)
- Certificate Lifecycle Management
- Universal Secrets Connector
- Encryption and KMS
- Secure Remote Access
- Password Manager
We’re running a world-class cloud service.
Leveraging the immense power of the cloud, the Akeyless Platform is built on top of multiple availability zones, regions and across clouds, to provide enterprise production-grade resiliency and availability. Akeyless is certified for ISO 27001, GDPR, FIPS 140-2 and SOC 2 Type 2, and runs periodical penetration testing by world-renowned consultants.
We have Zero Knowledge of your secrets and keys.
With our patented technology, Akeyless DFC (Distributed Fragments Cryptography), we are able to operate any cryptographic operation using fragments of encryption keys, without ever combining the fragments, not even during encryption itself. One of the key fragments is created independently on the customer side and stored so that Akeyless never has access to it. We simply don’t have all of your key fragments and therefore can’t decrypt your secrets.
Our secret is in our technology, design & people.
The Akeyless Platform was built from the ground up, on top of a patented technology, and using the most modern cloud native architecture and software design. Our proprietary software is built by a constantly growing team of highly talented and experienced engineers, previously working for known vendors, driven by the passion to produce and operate a leading enterprise-grade solution.
Frequently Asked Questions
-
What is considered a Client?
An Akeyless Client is a unique identity, such as an application, user, or machine, which consumes secrets and/or authenticates itself through the Akeyless Platform. Registration and reception of the same uniquely identified client are counted as one client per month.
For more information, please see “Client page“.
-
What is considered a Secret?
A Secret is any form of password, credentials, API key, token, certificate, encryption key or signing keys, either statically set or dynamically created.
-
What happens if I don’t have network connectivity?
For cases where you’d like to strengthen the service continuity, even when your environment is experiencing temporary internet disconnection, we offer an optional component, Akeyless Gateway, which provides configurable in-memory caching of secrets. Our Gateway is provided as a stateless container, with auto-scaling capabilities and fail-safe mechanisms.
-
Do you support sub-admins (aka multi-tenancy) within my account?
Oh yes. We even support more than one level of multi-tenancy. Every tenant can define sub-tenants under it, which helps support any organizational structure you’d like. And that’s not all. Though tenants are isolated, you, as a global admin, can decide what objects are shared among your sub-tenants.