Sold by: Cerby
Securely manage access to all your apps, no exceptions, with the first and only comprehensive access management platform.
4.6
Overview
Cerby is the first and only comprehensive access management platform for nonstandard applications. Harnessing the power of identity providers, Cerby makes passwordless authentication an immediate reality for any application by extending single sign-on (SSO) and lifecycle management capabilities. Onboard, offboard, and manage users at scale, with just a few clicks.
Cerby makes it possible to securely extend access, minimize risk, and lower costs.
With Cerby, your team can:
- Go passwordless (and ditch your password manager)
- Automate offboarding
- Securely manage social media accounts
- Get SSO for any app
- Control SaaS sprawl and optimize spend
- Secure SaaS privileged accounts
- Automate 2FA for enrollment
Highlights
- Unlock the full potential of your identity and goverance programs with Cerby
- Extend your reach, not your budget
- Manage access to all your apps with no exceptions
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months | Overage cost |
|---|---|---|---|
Shared Apps | Per shared credential (username and password) | $0.00 | |
Standard Apps | Per application | $0.00 | |
Premium Apps | Per application | $1.00 | |
Cerby Core | Cerby platform including EPM, Cerby SSO to Any App, Secure Credential Sharing, Secrets Management, Cerby Application Network, Web / Mobile / Browser Clients, Security Health Dashboard, Activity Logging, IdP Integration. | $1.00 | - |
Cerby EPM+ | Cerby integrations for websites / business apps not requring idLCM for shared and individual user credentials. Includes authentication automations (password rotations, MFA enforcement, session management/logout). | $1.00 | - |
Cerby IDCLM | Cerby full integrations for websites & business apps including idLCM. Includes authentication automations (password rotations, MFA enforcement, session management/logout) + idLCM integrations for User Provisioning, Entitlement Management, deprovsioning, & IGA integrations | $1.00 | - |
Cerby Secure Social | Cerby's integrations for social media platforms and accounts. | $1.00 | - |
Cerby Premium Support | Includes: Email, phone and chat support. Dedicated support channel (Slack, Teams, etc.). Proactive monitoring. Self-learning materials (documentation and videos). Customer success manager. Success planning. Security strategy reviews (Monthly). Roadmap reviews (Quarterly). | $1.00 | - |
Cerby Standard Support | Includes: Email, phone and chat support. Self-learning materials (documentation and videos). Customer success manager. Security strategy reviews (Quarterly). | $1.00 | - |
Dimension | Description | Cost/unit |
|---|---|---|
additional | Additional Usage | $0.00 |
Cerby Core Platform | EPM, SSO, Secure Sharing, App Network, IdP, and Security Analytics. | $0.00 |
Cerby IDLCM | Web/App integrations & idLCM. Includes Auth Automations & Full Identity Governance. | $0.00 |
Cerby Premium Support | Full Support & CSM, Omnichannel help, proactive monitoring, and monthly security reviews. | $0.00 |
Vendor refund policy
All fees are non-refundable and non-cancellable except as required by law.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
25
In Centralized Identity Management, Cloud Governance
Top
100
In Security
Top
10
In Financial Services
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Passwordless Authentication
Extends single sign-on (SSO) capabilities to enable passwordless authentication for nonstandard applications without requiring password managers.
Identity Provider Integration
Leverages identity providers to manage authentication and access control across applications through centralized identity governance.
User Lifecycle Management
Automates user onboarding, offboarding, and management operations at scale through streamlined administrative workflows.
Multi-Factor Authentication Automation
Automates two-factor authentication (2FA) enrollment and management across applications.
Privileged Account Security
Provides secure management and access control for privileged accounts across SaaS applications.
Single Sign-On Capability
Enables one-click secure access to applications and resources including AWS IAM and AWS SSO
Adaptive Multi-Factor Authentication
Supports context and risk-aware authentication methods with passwordless user experience options
Web Session Security and Monitoring
Protects identities beyond login and provides visibility into user actions within web applications
Identity Lifecycle Management and Automation
Automates identity lifecycle events, orchestrates identity workflows, and streamlines access reviews and compliance requirements
Cloud Directory and User Management
Leverages scalable cloud directory to unify user management across enterprise and reduce identity silos
Centralized Identity and Access Visibility
Provides centralized view of identities, accounts, entitlements, and privileged access across IT estate with threat detection capabilities for compromised identities and privileged access misuse
Privileged Credential Management
Manages privileged passwords, accounts, credentials, secrets, and sessions for both human and machine identities with complete control and security enforcement
Least Privilege Enforcement
Enforces least privilege access dynamically across Windows, macOS, Unix, and Linux environments while preventing malware, phishing attacks, and controlling application execution
Cross-Cloud Entitlement Visibility
Delivers cross-cloud visibility of entitlements, detects account permission anomalies, and ensures access originates only from trusted sources with privilege right-sizing guidance
Granular Remote Access Control
Provides granular control, management, and auditing of remote privileged access for employees, vendors, developers, and cloud operations engineers with support for multiple device types and operating systems
Standard contract
No
No
No
Customer reviews
Kalpesh Pawar
Identity governance has strengthened and enforces MFA and shared SaaS access controls
Reviewed on Feb 19, 2026
Review from a verified AWS customer
What is our primary use case?
Cerby is primarily used for MFA enforcement via LDP, automated JML, secure non-SAML OIDC SaaS, and Shadow SaaS governance.
For MFA enforcement, the use case involves a legacy SaaS app with SAML OIDC that is not integrated with Azure AD , where users access it via local credentials with no native MFA support. Cerby acts as an identity orchestration layer, enforcing upstream LDP MFA, blocking direct credential logins, and removing local password visibility. The outcome from Cerby includes no password sharing, compliance-ready access governance, and MFA enforcement on non-federated apps.
Additional use cases for Cerby include shared privilege access to SaaS accounts, automated deprovisioning, and Shadow IT governance.
What is most valuable?
The top features that Cerby offers are shared account session attribution and audit logs, credential brokering and vaulting, and automated JML without SCIM.
Using Cerby for shared SaaS admin accounts, access is brokered per user. No one sees the password, and each session is mapped to the individual via LDP identity with full timestamps plus activity logs. During audits or incidents, I can trace exactly who accessed what and when, eliminating accountability gaps.
The underrated feature of Cerby is its non-invasive deployment model, which requires no API dependency or app-side integration. From an infrastructure perspective, the browser-based identity orchestration allows us to extend zero trust controls to unmanaged SaaS without waiting for vendor support, which is highly valuable in fast-moving MSP environments.
Cerby has positively impacted my organization by reducing identity risk across non-federated SaaS through the enforcement of LDP-based MFA and centralized role-based access control without app changes. I have seen faster JML execution, no orphaned accounts, elimination of shared credential exposure, and improved audit readiness.
With Cerby, the JML for non-SCIM SaaS moved from manual tickets to near real-time deprovisioning. Orphaned accounts reduced by 70 to 80 percent after the enforcement of automated access revocation and centralized role-based access control sync. Audit preparation time dropped to 30 percent due to consolidated session logs and shared account attributions.
What needs improvement?
The key improvement areas for Cerby are few, but they should be addressed. I would like to see deeper API level integration wherever necessary to reduce browser dependency, stronger reporting analytics dashboards, and granular multi-tenant segregation controls for larger MSP environments.
Additional improvement areas for Cerby include providing clarity on high availability architecture, bulk lifecycle operations for large user migrations, and advanced conditional access support.
For how long have I used the solution?
I have been using Cerby for two and a half years.
What do I think about the stability of the solution?
Cerby is stable.
What do I think about the scalability of the solution?
Cerby is scalable. I have been using it for fewer customers earlier, but I am now using it for more customers as well, and the performance has not decreased even after that.
How are customer service and support?
Cerby customer support is good. Till now, there have been no issues with the response and solution provided.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I previously used CyberArk and native LDP control via Microsoft Entra ID . I switched to Cerby to cover non-SAML, SCIM SaaS where PAM vaulting did not provide true per-session attribution or automated JML. Cerby filled the identity governance gap without requiring app-side integration.
What was our ROI?
Using Cerby has delivered a measurable return on investment in identity, operational efficiency, and risk reduction. Cerby's JML ticket turnaround has dropped from 24 to 72 hours to just under 15 minutes, which is 70 to 95 percent faster processing. The risk and compliance level has lowered, with orphaned SaaS accounts reduced by 80 to 90 percent, thereby lowering security exposure and support rework. Additionally, less manual IAM ticket handling has reduced support load, enabling 0.1 to one FTE reallocations in the larger team. These metrics vary by organization size and SaaS footprint, but they demonstrate tangible operational and security values that Cerby provides.
What's my experience with pricing, setup cost, and licensing?
Cerby's pricing is competitive versus legacy PAM plus proxy tooling cost cycles with seat counts and managed apps. The setup cost is low during the initial implementation overhead, with no app-side integration required. The licensing is on a per-user, per-seat model, which aligns with enterprise IAM budgeting, making it predictable but can rise with broad SaaS coverage.
What other advice do I have?
I would advise others looking into using Cerby to first map non-federated, non-SCIM SaaS in their environment because that is where Cerby delivers maximum value. Additionally, I would suggest testing shared account governance and JML automation in a pilot phase with high-risk apps. I would rate this product an 8 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Marketing and Advertising
Amazing Product and Service
Reviewed on Aug 31, 2022
Review provided by G2
What do you like best about the product?
I love that it works with okta. It automatically removes access to termed employees, and with password, rotation turned on, account passwords are changed automatically for added security. I love the amazing team, everyone on Cerby is amazing, I cannot say enough great things about the team. They are very hands-on and eager to listen, adapt and constantly improve the platform.
What do you dislike about the product?
I do not have anything I dislike about Cerby. Maybe having a feature that can automatically capture new logins and update them within the Cerby portal might be helpful
What problems is the product solving and how is that benefiting you?
Access management of 3rd party platforms. With Cerby, we can better manage who has access to non-centrally managed platforms, by putting controls that ensure only authorized users have access to these platforms.
Marketing and Advertising
cerby review
Reviewed on Aug 26, 2022
Review provided by G2
What do you like best about the product?
Its part of my Okta dashboard. With cerby it's easy to share with coworkers.
What do you dislike about the product?
it requires signing into okta in order for to chrome app to work.
What problems is the product solving and how is that benefiting you?
able to separate from personal password saver. Able to get access to password after the user has left employeement.
Paul S.
Very intuitive, make the signing in process smooth
Reviewed on Aug 25, 2022
Review provided by G2
What do you like best about the product?
Clean UI, easy to understand, robust all
What do you dislike about the product?
the testing environment only, couldn't get the full collaborative experience
What problems is the product solving and how is that benefiting you?
easiness to have password secured for easy login
Fausto Isaac V.
good but not essential
Reviewed on Aug 25, 2022
Review provided by G2
What do you like best about the product?
having my passwords in one place sometimes gets me out of a hurry to be faster but logging into cerby to register each time makes the process more difficult and I wish it was more intuitive.
What do you dislike about the product?
every time I have to enter my password in cerby as it is not permanent and I have to do it every day every time I log in or sometimes several times which makes it a bit annoying in my perception.
What problems is the product solving and how is that benefiting you?
I am supposed to have all my passwords centralized in one place so I don't have to struggle to access different platforms without the need to capture passwords and also manage with other people or work team in case I need it.