Akeyless
Cloud-native SaaS platform for unified secrets management and machine identity security
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Open-source platform for secrets, PKI, and SSH management
Centralize application secrets, API keys, and credentials across teams and infrastructure. Includes native integrations, secret rotation, dynamic secrets, internal PKI, and SSH certificate management.
Infisical is a comprehensive secret management platform designed to centralize application configuration, API keys, database credentials, and internal PKI across your entire infrastructure. Built to make security tooling accessible beyond dedicated security teams, it reimagines the developer experience for managing sensitive data.
Manage secrets through an intuitive dashboard with support for multiple projects and environments. Sync secrets to GitHub, Vercel, AWS, and other platforms via native integrations. Track every change with secret versioning and point-in-time recovery. Automate security with secret rotation, dynamic ephemeral secrets, and built-in leak prevention scanning.
The platform includes a full-featured internal PKI for creating certificate authority hierarchies, issuing X.509 certificates, and managing the complete certificate lifecycle. Issue signed SSH certificates for ephemeral infrastructure access. Authenticate machine identities using cloud-native methods including Kubernetes, AWS, Azure, GCP, and OIDC.
Deploy via managed cloud or self-host on your own infrastructure. Interact through SDKs (Node, Python, Go, Ruby, Java, .NET), CLI, Kubernetes operators, or REST API. Advanced access controls include RBAC, temporary access, approval workflows, and comprehensive audit logging.
When teams consider Infisical, these hosted platforms usually appear on the same shortlist.
Cloud-native SaaS platform for unified secrets management and machine identity security
Managed service for securely storing, retrieving, and rotating application secrets (credentials, API keys, etc.)
Cloud service for secure storage and management of cryptographic keys, secrets, and certificates
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Multi-cloud secret synchronization
Centrally manage secrets and automatically sync to AWS, Vercel, GitHub Actions, and other platforms, eliminating manual updates and reducing configuration drift across environments.
Kubernetes workload security
Deploy the Kubernetes operator to deliver secrets and TLS certificates to pods with automatic rotation, removing hardcoded credentials from container images and manifests.
Database credential rotation
Automatically rotate PostgreSQL and MySQL credentials at scheduled intervals or generate dynamic, ephemeral credentials on-demand to minimize exposure windows for compromised secrets.
Internal certificate authority
Establish private CA hierarchies, enforce certificate policies via templates, and issue X.509 certificates for internal services with automated renewal and revocation management.
Yes, Infisical supports self-hosting via Docker Compose and other deployment methods. You can run it on-premise or in your own cloud environment to maintain full control over your data.
The core platform is MIT licensed. Premium enterprise features located in the `ee` directory require an Infisical commercial license. Managed cloud and self-hosted enterprise offerings are available.
Infisical CLI can scan files, directories, and full git history for exposed secrets. Install the pre-commit hook to automatically scan each commit before pushing to your repository.
Native integrations include GitHub, Vercel, AWS, Terraform, Ansible, Kubernetes, and many others. You can also use SDKs for Node, Python, Go, Ruby, Java, and .NET, or the REST API.
Infisical supports Kubernetes Auth, AWS Auth, Azure Auth, GCP Auth, OIDC Auth, and Universal Auth for platform-agnostic authentication of services and CI/CD pipelines.
Project at a glance
ActiveLast synced 4 days ago