Sold by: Infisical
Infisical is the leading platform for developers to securely manage application configuration and secrets across their team and infrastructure. Used by Fortune 500 enterprises, international governments, and fastest-growing startups. With Infisical, you can save time for your engineering teams and enhance organization-wide security posture.
4.6
Overview
Infisical is the leading open-source secrets management platform designed to securely store, manage, and synchronize application configuration and sensitive information like API keys, database credentials, and environment variables across engineering teams and infrastructure.
Infisical is available both through Infisical Cloud (a hosted SaaS product) as well as Infisical Self-hosted (self-managed on-prem product). Through SOC2 compliance, continuous penetration testing, enterprise uptime guarantee, and support SLAs, Infisical is able to satisfy the hardest security and reliability requirements of global enterprises. As a result, Infisical supports a myriad of Fortune 500 corporations, governmental institutions, as well as the fastest-growing startups in the world.
Infisical's value comes from enabling operational advantage of engineering organizations as well as enhancing organization-wide security posture. To achieve that, Infisical offers a full-fledged set of tools for managing secrets in production environments, efficiently injecting secrets into CI/CD pipelines, enabling local development workflows, preventing secrets leaks, ensuring secure secret sharing, and more!
In addition, Infisical comes with 50+ integration across leading developer and infrastructure tools (e.g., AWS, GitHub Actions, GitLab CI/CD, Jenkins, Kubernetes, Terraform, Ansible, Docker), as well as frameworks such as Next.js, Express, Django, among others.
We recommend speaking to Infisical before purchasing to ensure the best experience. Please contact sales@infisical.com for a private offer.
Highlights
- Unified secret management platform for developers with additional secret scanning and secret sharing capabilities.
- Integrates with all leading developer and infrastructure tools, including Kubernetes, Jenkins, AWS, GitHub Actions, and GitLab CI/CD.
- Available both through a self-hosted on-prem installation as well as a managed Infisical Cloud offering.
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata or Vanta. Review certifications and security standards before purchase.
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Identity | Identities are represented by either human or machine users. | $1,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Submit a ticket via support@infisical.com or your dedicated support engineer.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Infisical
By CyberArk
By Akeyless
Top
100
In Monitoring
Top
50
In Infrastructure as Code, Continuous Integration and Continuous Delivery
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Secret Storage and Management
Securely stores, manages, and synchronizes application configuration and sensitive information including API keys, database credentials, and environment variables across engineering teams and infrastructure.
CI/CD Pipeline Integration
Efficiently injects secrets into CI/CD pipelines with integrations for GitHub Actions, GitLab CI/CD, Jenkins, and other leading developer tools.
Multi-Platform Deployment Options
Available as both self-hosted on-premises installation and managed cloud-based SaaS offering to accommodate different deployment requirements.
Extensive Third-Party Integrations
Supports 50+ integrations across infrastructure tools such as Kubernetes, AWS, Terraform, Ansible, Docker and frameworks including Next.js, Express, and Django.
Enterprise Security Compliance
Maintains SOC2 compliance, undergoes continuous penetration testing, and provides enterprise uptime guarantees with support SLAs to meet security and reliability requirements.
Centralized Secrets Management
Centrally secures, rotates, and manages secrets across multi-cloud and hybrid environments with a unified view across multiple AWS accounts and AWS Secrets Manager instances.
Multi-Platform Integration
Offers REST APIs and integrates with a wide range of DevOps tools, container platforms, vulnerability scanners, RPA, and automation tools for credential delivery.
Secrets Rotation and Lifecycle Management
Automatically rotates secrets in AWS Secrets Manager and across enterprise environments without requiring changes to developer workflows or applications.
Audit and Access Control
Provides centralized control and comprehensive auditing of how applications, DevOps tools, and automation platforms authenticate and access sensitive resources including databases and cloud environments.
Enterprise-Scale Architecture
Designed to support massive scalability with data sovereignty requirements for large global enterprises and eliminates vault sprawl across distributed environments.
Secrets Management and Rotation
Centrally manages and rotates credentials across hybrid and multi-cloud environments with automated lifecycle management
Privileged Access Management
Provides just-in-time, least-privilege access with intent-aware control that evaluates requested actions before granting access and issues task-scoped, short-lived credentials
Multi-Vault Governance
Unifies visibility and control across AWS and third-party vaults through a single policy and audit framework
Cryptographic Security
FIPS 140-3 validated platform powered by Distributed Fragments Cryptography (DFC) and zero-knowledge architecture that ensures encryption keys and secrets are never fully assembled or accessible
AI Agent Identity Security
Secures autonomous agents with ephemeral, policy-bound access without embedding credentials in code, prompts, or workflows, with continuous execution inspection and audit trails
Standard contract
No
No
Customer reviews
Victor Ramon Gomes Dos Santos
Centralized secrets management has improved development workflows and simplifies granular access control
Reviewed on Jun 05, 2026
Review from a verified AWS customer
What is our primary use case?
Infisical was conceived as a proof of concept for a secret manager tool designed for applications and environment variables. The primary appeal was based on how it integrates with development workflows. We implemented the tool via CLI for developers and deployed a self-hosted solution to integrate into applications in production.
We implemented an agent in our Kubernetes cluster and ran applications locally via CLI, integrating directly with the self-hosted instance.
Since this was a proof of concept, using Infisical did not have significant impact, but it provided strong evidence of the tool's capabilities and was quite positive overall.
Infisical had a positive impact on my organization, even in its proof-of-concept phase, because it integrated more seamlessly into the development environment. Starting a project with Infisical meant reducing risks compared to using .env files. The integration via CLI and the ability to configure granular access allowed us to move faster. We could begin the project knowing exactly what our responsibilities were and could fetch secrets directly without taking on as much risk as we would have with a .env file.
What is most valuable?
Infisical's best features are the ability to integrate via CLI in a very simple and easy manner. I have experience with other tools serving the same purpose, such as AWS Secrets Manager , which is more complicated to configure via CLI because you need access keys and more granular access within the cloud environment itself, given its direct contact with other resources. Having this functionality separated in Infisical and configured simply is a very strong point. The ability to integrate into a cluster in a straightforward way with agents and operators makes the configuration process very simple.
The access granularity within the platform is also relevant. You can configure solid RBAC for access to Infisical and you have the possibility of granularizing the secrets themselves through folders, allowing for more organized configuration. These are also very positive points.
What needs improvement?
Infisical could be improved by having a solution to integrate with cloud providers. This would be interesting because sometimes people hesitate to leave their cloud environment for an open-source solution due to lack of trust. If the decision had depended solely on me, we would have adopted Infisical. However, it was a joint business decision regarding a tool we did not know well, and because we already had contracted other solutions with built-in secret manager capabilities, we ended up choosing those other options. Infisical is already a very strong tool.
Better documentation is needed. When implementing the agent in Kubernetes , I had to search quite a bit to adapt it to my specific cluster. Clearer and more up-to-date documentation would greatly help in the process of integrating the tool with other solutions already in place.
For how long have I used the solution?
I have been using Infisical for about three months.
What do I think about the stability of the solution?
Infisical is stable in my experience. It demonstrated stability during use.
What do I think about the scalability of the solution?
Infisical has high scalability because it has the possibility of integrating into the cluster and offers a self-hosted solution. You can organize the space with several projects and several folders for each project, manage access, and other configurations, making it quite scalable.
Which solution did I use previously and why did I switch?
Before choosing Infisical, I evaluated other options, including HashiCorp Vault and AWS Secrets Manager .
How was the initial setup?
I did not acquire Infisical through the AWS Marketplace .
We were not able to measure return on investment at the proof-of-concept stage, so we did not obtain metrics such as time savings, risk reduction, or other measurable points.
What was our ROI?
We were not able to measure return on investment at the proof-of-concept stage, so we did not obtain metrics such as time savings, risk reduction, or other measurable points.
What's my experience with pricing, setup cost, and licensing?
My experience with Infisical's pricing, configuration costs, and licensing is that initially, people thought it was a bit expensive, which is why we opted for the self-hosted alternative. Because of that, we conducted the proof of concept with self-hosted, understood that there was already a solution on AWS for this purpose, and continued with the AWS solution.
Which other solutions did I evaluate?
The possibility of integrating with clouds also contributed to my rating.
We used AWS as the private cloud provider in the proof of concept.
What other advice do I have?
My advice for other people thinking about using Infisical is to conduct a proof of concept to determine if it fits your organizational structure. My review rating for Infisical is eight out of ten.
reviewer2848647
Centralized secrets management has improved team collaboration and protected sensitive data
Reviewed on Jun 03, 2026
Review provided by PeerSpot
What is our primary use case?
Infisical is primarily used to maintain secret variables or environment variables across different environments. When working on the development environment, environment variables that have been predefined are directly fetched. For example, if environment variables have been placed into an API folder in the development environment, they can be quickly fetched from dev/API. In the same way, if environment variables need to be fetched from staging or production, the particular command attached to that environment can be used to fetch the environmental variables associated with those environments.
Integration with Vercel has been implemented on the deployed environment. In that instance, environmental variables also need to be maintained, so the same Infisical environments are used on the Vercel deployed environment as well, depending on the environment, which could be development, staging, or production.
What is most valuable?
Managing environmental variables in Infisical is straightforward because there is no need to specifically care about maintaining them locally on .env files or putting them into a gitignore file and maintaining them separately. With local .env file management, there is a higher security vulnerability where environmental variables could be breached. Additionally, if environmental variables are accidentally pushed to a Git repository, that would cause problems. Managing something on Infisical helps to maintain security because it has very prominent security precautions in place.
Infisical has prevented issues in that no issues have been encountered after using it in the first place. Security features have specifically prevented issues, and according to my perspective, none of those security-related situations were encountered in the first place. The integration is smooth for other applications when using Infisical. No matter what, if the proper credentials are available, access can be obtained from anywhere at any time.
The main positive impact is that it saves a lot of time because there is no need to worry about security vulnerabilities that can occur. When it comes to workflow collaboration and efficiency, collaboration is improved because a particular organization can be created inside Infisical. Once a particular organization is created and access is given to particular people in the organization, collaboration becomes very easy. Another plus point is that everybody does not need to maintain a .env file separately. On the collaboration side, everybody can access it seamlessly since it is a central hub with separate access controls. That is really efficient because if something is changed, everybody sees it immediately, which is very valuable.
What needs improvement?
Creating multiple organizations at the same time with the pricing plan, instead of creating a very limited amount of organizations, would be a plus point for improvement. There is a limitation on how many people can be given access for a particular organization or project, which is another area that could be improved. From a features perspective, there is a little lag when running projects and importing particular secret variables. Requests to log in occur in quick succession, where sometimes it happens every five days or every ten days, which does occur from time to time, though not that frequently.
Continuous logins take place after using or importing secret variables multiple times, and that is one area for improvement. Another improvement needed is the limited number of people that can be added to a particular organization to access the secret variables.
For how long have I used the solution?
I have used Infisical for one year.
What do I think about the stability of the solution?
Infisical is quite stable in my experience, and there have been no downtime or reliability issues encountered.
What do I think about the scalability of the solution?
Scalability has been important because when scaling occurs, many secret variables are stored underneath. In that instance, scalability is present because many secret variables are now counted, stored, and handled. In that instance, it plays a crucial role.
How are customer service and support?
The support team has not been encountered because there have been no issues with Infisical in the first place. In that instance, there was no chance or need to interact with their customer support to configure any problem.
Which solution did I use previously and why did I switch?
Prior to Infisical, the main dependence was on .env files. No third-party solutions or API integrations were used before. This is actually the initial integration or the initial implementation for this particular topic.
How was the initial setup?
There is a noticeable reduction in setup time because several tasks on the .env file previously needed to be completed, and security features had to be ensured. When particular access is given to a person in the organization who needs to access the secret variables on a particular project, it saves a lot of time because all that needs to be done is give them the particular access, and then they can log in with their GitHub account or any organization credentials. When it comes to deployment as well, using Vercel, it is quick because once anything is changed on Infisical, it would automatically change on the Vercel environmental variables as well, depending on the particular environment. A rough estimate of time saved has not been measured on a pinpoint basis, but a lot of time is saved, and it is easy to use.
What about the implementation team?
There is not much idea about the pricing and setup cost because a separate team handles those matters. From my perspective, there is nothing called a setup cost, but there is a subscription that is ongoing. The pricing seemed acceptable.
What was our ROI?
A lot of time is saved, and whenever a new employee or a new member is coming to the organization, it would be very seamless to integrate the new member or the developer. The most important return on investment would be the time saved and the seamless integration.
What's my experience with pricing, setup cost, and licensing?
There is not much idea about the pricing and setup cost because a separate team handles those matters. From my perspective, there is nothing called a setup cost, but there is a subscription that is ongoing. The pricing seemed acceptable.
Which other solutions did I evaluate?
Doppler was tried when evaluating other options. When going through that evaluation, Infisical was performing well with the metrics.
What other advice do I have?
Most of the topics have been covered, starting from what Infisical is to customer support and improvements. The review rating for this product is 9 out of 10.
Shivdutt Bhadakwad
Token-driven secrets management has streamlined CI/CD workflows and reduced deployment time
Reviewed on Jun 01, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Infisical is storing secret keys and secret tokens for a company and injecting them dynamically into the CI/CD workflow because companies typically do not hard-code these key secrets and tokens into their source code.
The process was straightforward. I obtained the Infisical token and used it to log in to Infisical from the cloud machine to obtain all the secrets. The secrets were divided based on the project, so for different projects, I obtained different secrets and injected them into the environment file.
What is most valuable?
According to my opinion, the best feature Infisical offers is that everything was happening because of a token. A single token was able to obtain all the secrets, which was very hassle-free and straightforward to use.
I found the process of managing and rotating tokens in Infisical easy to use. The tokens were divided into three phases: development, staging, and production, so it was very easy to rotate any token at any time in any stage.
Infisical has positively impacted my organization by helping us transition from deploying everything manually, where we had to copy-paste all the environment variables into the environment files in the cloud. Infisical helped tremendously by dynamically injecting all the tokens and secrets into the workflow, which was very fast and saved a lot of time.
What needs improvement?
One thing that kept frustrating me was that sometimes Infisical was not working from our cloud machine. We had to manually look into the workflow and run the workflow again by pasting the token. Sometimes Infisical was not working, and I do not know what was the reason, but it may have been on the Infisical side rather than on our side. The workflow was breaking because the system was not able to contact Infisical, so we had to manually rerun this, and then it would work.
I would like to add more about needed improvements. One feature that I would like to see, or that is actually already a feature, is permission management. Permission management is a bit confusing in Infisical, and it took us a lot of time to clear out the permission issues. I faced many permission issues, so I had to go back and forth with my founder to get all the permissions required for building the CI/CD pipeline and injecting the tokens into it.
For how long have I used the solution?
I have been using Infisical for a couple of months.
What do I think about the stability of the solution?
In my experience, Infisical is stable as we did not face any downtime. However, there was one major issue that I have already discussed multiple times in this interview. My cloud machine was not able to communicate with Infisical, so I had to manually check what the issue was. Mostly, the issue was on the Infisical side rather than on our cloud side because everything was working perfectly fine. I had to manually rerun this, and then it would work perfectly fine.
What do I think about the scalability of the solution?
Infisical's scalability is very good as it was able to handle increased workloads well. Initially, we were only deploying one service, and we had to scale up for three to four microservices, and it was able to handle that pretty well.
Which solution did I use previously and why did I switch?
I previously used a different solution before Infisical. Initially, we were handling everything manually at DeepLure, where we would just copy-paste secrets from our local systems to the cloud. Apart from Infisical, I have used Doppler , but that is only limited to my personal projects.
What was our ROI?
I have seen a return on investment with Infisical as I saved a lot of time. The manual process took us around ten minutes, but with Infisical, it cut down to almost two minutes, and we were able to deploy multiple services at the same time.
What other advice do I have?
My advice to others looking into using Infisical is that it is very straightforward to use, and you can easily integrate this into your workflow. It is easy to set up, so the overall experience is pretty good, and I would definitely recommend this tool to others.
I have additional thoughts about Infisical before we wrap up. If you fix the issue that I have discussed, where the system was not able to communicate with Infisical, then it would be a very good tool. I give this product a rating of eight out of ten.
Rohan B.
Incredible developer-centric secret ops/management platform!
Reviewed on Jul 03, 2024
Review provided by G2
What do you like best about the product?
Infisical made our dev team instantly more productive from the moment we onboarded. We used to labor over making sure our .env files were in sync; Infisical quickly got rid of that. Furthermore, as we've grown as an org, we've since been able to embrace their more advanced features like secret rotations, granular access controls and their plethora of 3rd party integrations with other services we use.
Highly recommend it!
Highly recommend it!
What do you dislike about the product?
Nothing to date - the Infisical team is A+ at receiving feedback or product feature requests and incorporating it onto their roadmap. They've dealt with any issues my team or I had super quick and keep me updated on the progress of things too.
What problems is the product solving and how is that benefiting you?
Infisical increases security by preventing accidental code check-ins of secrets, or passing around .env files. It also enables easier secrets access from CI, and has great integrations allowing the propagation of secrets into our hosting providers (with added sugar like being able to automatically trigger redeploys of our apps/services when secrets on Infisical are added, deleted or changed). Finally, Infisical has some more advanced features like support for secret rotations and granular access controls so we can control who on the team has read/write perms.
Ben G.
Infisical is a game changer!
Reviewed on Jun 20, 2024
Review provided by G2
What do you like best about the product?
Infisical has made secret management incredibly simple for our team. We were able to easily integrate it into our system and are huge fans of the system!
What do you dislike about the product?
Nothing! The team is super quick to respond and the functionality is exactly what we're looking for.
What problems is the product solving and how is that benefiting you?
Infisical makes it easy for us to store our secrets in a unified place, and easily inject it into our pipeline. No more sharing secrets in an .env file!