Sold by: Astrix Security
First integration access management solution helping organizations unleash the power of automation & app integrations (a 2023 RSA Innovation Sandbox finalist) Astrix Security secures core systems across SaaS, IaaS and PaaS environments from Salesforce and Office 365 to GitHub, GCP BigQuery, and Workato.
4.3
Overview
From Salesforce and Office 365 to GitHub, Snowflake and Workato, Astrix Security platform keeps core systems across SaaS, PaaS, and IaaS secure from over-privileged, unnecessary, and malicious integrations exposing them to supply chain attacks, data leakage, and compliance violations.
Our agentless, easy-to-deploy solution provides security teams with holistic visibility into all their app-to-app connections, and instantly detects and mitigates integration threats with automated remediation workflows - all while continuously minimizing third-party exposure with zero-trust policies and automated enforcement guardrails.
In doing so, we empower security teams to gain control over their organization's app-to-app access layer for the first time, turning them from gatekeepers to growth partners.
Highlights
- Agentless - We are a non-proxy API-based solution.
- Easy to deploy - Connect us to your core system in minutes with a few clicks.
- Non-intrusive - We respect your privacy by reading your metadata only and asking for minimal permissions.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Base Annual Commit | Base annual commitment fee | $300,000.00 |
Platform Annual Commit | Annual Commitment fee per platform | $100,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Astrix Security
By Obsidian Security, Inc.
Top
10
In Data Security and Governance
Top
25
In Centralized Identity Management, Data Analysis
AI generated from product descriptions
Deployment Architecture
Agentless, non-proxy API-based solution that deploys in minutes with minimal configuration
Threat Detection and Remediation
Automated detection and mitigation of integration threats including over-privileged access, malicious integrations, and supply chain attacks with automated remediation workflows
Access Control and Policy Enforcement
Zero-trust policies with automated enforcement guardrails for continuous minimization of third-party exposure across app-to-app connections
Multi-Cloud Environment Support
Comprehensive security coverage across SaaS, PaaS, and IaaS environments including Salesforce, Office 365, GitHub, GCP BigQuery, Snowflake, and Workato
Integration Visibility and Monitoring
Holistic visibility into all app-to-app connections with metadata-based analysis and continuous monitoring for compliance violations and data leakage risks
Identity Threat Detection
Active threat detection and neutralization for SaaS identities with spearphishing blocking and incident response capabilities
Third-Party Integration Risk Management
Discovery and governance of third-party integrations across SaaS applications with risk assessment and mitigation
Data Movement Governance
Monitoring and control of data movement between SaaS applications with visibility into data flows
Application Posture Management
Automated compliance enforcement, privilege reduction, and configuration drift prevention across SaaS platforms
Unified SaaS Security Platform
Integrated platform combining identity security, data governance, and application posture management in a single modular solution
Application Discovery and Shadow IT Detection
Tracks all SaaS applications including sanctioned, unsanctioned, and shadow apps, SaaS-to-SaaS connections, AI Agents, and Shadow AI tools with associated user identities and data.
Identity and Access Management
Ensures account security and enforces least privilege access by monitoring and minimizing access privileges across all identities from both human and machine sources.
Threat Detection and Response
Provides pre-built detection controls with advanced analytics to identify and alert on data theft, account compromise, configuration drift, misconfigurations, over-privileged users, and risky user behavior with automated response capabilities.
Knowledge Graph Technology
Utilizes AI-based graph technology that connects in minutes to establish relationships between users, actions, interactions, and SaaS applications for continuous risk assessment and prioritization.
Rapid SaaS Integration
Supports low-code and no-code approach to add new SaaS integrations within 3 to 5 days while maintaining compliance and security posture across evolving application landscapes.
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
No security profile
-
-
-
-
Standard contract
Customer reviews
Hliaqat Hliaqat
Automated discovery has given us full visibility into non-human access and reduced SaaS attack risk
Reviewed on Jun 17, 2026
Review from a verified AWS customer
What is our primary use case?
My primary use case for Astrix is discovering, monitoring, and securing all non-human entities connecting to our core SaaS application, including API keys, OAuth tokens, service accounts, and third-party integrations.
What is most valuable?
Automated discovery of all non-human identities is a standout feature of Astrix . It gives us a complete inventory we never had before, the remediation workflow for revoking risky tokens, and continued monitoring.
Astrix has positively impacted our organization by reducing our SaaS attacks, especially within the first few weeks and days we deployed. We saw significantly fewer attacks on our SaaS-based portals. We went from having zero visibility to complete third-party integration visibility, which helps us considerably.
Regarding Astrix's AI capabilities, the AI-driven risk score engine is excellent. It applies consistent logic across all discovered connections and risks, and we genuinely appreciate that aspect.
What needs improvement?
Astrix could be improved with deeper coverage on on-premises and hybrid application environments. Currently, it excels in SaaS-based portals and SaaS-based environments. It would be beneficial if they could work on legacy and those types of integrations more frequently and effectively. Integration visibility that falls outside the current scope would also be valuable, along with better workflow automation. Creating automation workflows that can open tickets in ticketing systems such as Jira would be advantageous.
For how long have I used the solution?
I have been using Astrix for nearly two years.
What do I think about the stability of the solution?
Astrix is very stable and reliable.
What do I think about the scalability of the solution?
Astrix's scalability is good and very scalable.
How are customer service and support?
Astrix has excellent customer support. I would rate Astrix's customer support a 10 because the team is always helpful.
Which solution did I use previously and why did I switch?
We did not have any dedicated solution before Astrix. We were starting from a blank slate, and Astrix fit our needs very well.
How was the initial setup?
My experience with Astrix's pricing, setup cost, and licensing was satisfactory. The team is very good. The setup was not overly simple, but it was not overly difficult either with the help of the professional team.
What was our ROI?
I have seen a return on investment with Astrix, particularly with time saved. Fewer employees are needed because previously we had no visibility and had to check manually. Now we have automation, which makes a significant difference. However, I do not have actual numbers.
What's my experience with pricing, setup cost, and licensing?
My experience with Astrix's pricing, setup cost, and licensing was satisfactory. The team is very good. The setup was not overly simple, but it was not overly difficult either with the help of the professional team.
Which other solutions did I evaluate?
Before choosing Astrix, we evaluated other options including Appstine, Do Control, and Nudge , among others. Astrix prevailed in our evaluation, which is why we selected it.
What other advice do I have?
A few months ago, we used Astrix to flag a third-party marketing analysis tool that a team member had authorized via OAuth to access our Google Workspace with far broader permissions than required. It had full drive read access across the organization. We revoked it immediately. Without Astrix, we would have never identified that vulnerability.
We use Astrix extensively to identify dormant and orphaned API keys. We discovered over 200 API tokens across the environment. Multiple environments contained connected applications that employees had authorized but stopped using. We leverage Astrix in these scenarios as well.
With Astrix's automated discovery, it identifies these items automatically, which is beneficial because we do not have to conduct manual searches. It is a great feature and a great product for that capability.
In the first 90 days of using Astrix, we discovered approximately 340 to 350 risks that were remediated. We also reduced our API keys by 70 to 80 percent.
I would rate Astrix a nine on a scale of one to ten. I rate it a nine because it solves an understated problem better than any other solution. However, we lose one point for the on-premises coverage gap because it does not have capabilities for on-premises environments and for early alert noise. Otherwise, it is excellent for SaaS-based environments.
Regarding Astrix's AI capabilities, I would say its accuracy is very high. There are very few instances when we found that it was inaccurate. Generally, the accuracy is excellent.
I would advise others considering Astrix to run a proof of concept first so you can evaluate the gaps and shortcomings in your environment. The first scan result will immediately demonstrate the difference between what humans can see and what an AI-capable, non-human machine can discover. I recommend running a proof of concept first, engaging multiple teams, discovering risks, and then gradually establishing your policies. My overall rating for Astrix is nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Ahamed Shadhir
Automated SaaS access governance has reduced OAuth risks and improves audit readiness
Reviewed on Mar 03, 2026
Review provided by PeerSpot
What is our primary use case?
My primary use case for Astrix is SaaS to SaaS access governance and third-party app risk management, especially for OAuth connected applications across Google Workspace and Microsoft 365.
The most important use case for me is monitoring and controlling third-party OAuth integrations. For example, I discovered through Astrix that several employees had connected AI productivity tools and automation apps to Google Drive and Gmail, some with full read and write permission across company files. Before Astrix, I had very limited visibility into which apps were connected, what level of permission they had, whether they are still actively used, or whether they posted external exfiltration risk. After Astrix, I received real-time risk alerts. Astrix classified the app based on risk level. I am able to automatically revoke high-risk tokens and created policies to prevent similar risky scopes in the future. This one incident justified the investment.
Other use cases include vendor off-boarding automation, continuous SaaS posture management, security hygiene reporting for compliance audit, and identifying dormant integrations to reduce blast radius for compromised SaaS accounts.
What is most valuable?
The best features are deep OAuth app visibility, real-time risk detection, automated remediation, risk scoring and prioritization, and SaaS-to-SaaS threat detection.
The real-time risk detection and alerts have benefited us the most. Astrix continuously monitors connections and third-party apps, flagging high-risk applications automatically when risky permission, suspicious behavior, or unusual access patterns are detected. This helped us considerably.
Since deploying Astrix, we've seen a 42% reduction in high-risk third-party OAuth apps, a 65% reduction in dormant SaaS integration, faster vendor offboarding from days to an hour, and improved audit readiness.
The faster offboarding has been transformative. Before Astrix, offboarding was mostly manual and checklist-driven. When an employee or vendor left, we would disable their primary account, remove them from groups, manually review shared drives, and try to identify third-party apps they had authorized. After Astrix, it is centralized, automated, and immediate.
What needs improvement?
I would like to see advanced reporting exports, expanded integration ecosystems, enhanced real-time remediation workflows, and more granular SaaS risk scoring customization.
Expanded integration into the ecosystem would be beneficial, but they have to work on planning and it takes time. Integration does not happen instantaneously.
Some reporting customization options are limited. API documentation could be more robust. I would appreciate deeper integration with ticketing systems and more granular policy automation options. Nothing major, but just polish-level improvements.
Customer support could be improved so that faster support on services would attract more customers.
For how long have I used the solution?
I have been using Astrix for the past seven to eight months.
What do I think about the stability of the solution?
Astrix is stable.
What do I think about the scalability of the solution?
Astrix scales well across business units and cloud environments. We operate in a hybrid cloud environment on Azure .
How are customer service and support?
I would rate customer support around a seven out of ten. They should work on the response timings to improve the customer experience.
Customer support could be improved so that faster support on services would attract more customers.
Which solution did I use previously and why did I switch?
Before Astrix, we tried to use Microsoft Defender, manual workspace audit, and limited Okta reporting. We evaluated BetterCloud , AppOmni , and Adaptive Shield . The reason we shifted to Astrix is that Astrix focused deeply on SaaS-to-SaaS risk, not just SaaS configuration, offered faster deployment and a cleaner UI, and demonstrated strong OAuth risk detection capabilities.
How was the initial setup?
The initial setup was straightforward, and their documentation was clear.
What about the implementation team?
We are strictly a customer, so we do not have any business relationships with Astrix.
What was our ROI?
We avoided hiring one additional SaaS security analyst and reduced potential breach exposure surface. We saved approximately 400 plus hours annually in manual review effort. Setup costs are reasonable compared to enterprise CASB solutions, and licensing scales predictably with users.
What's my experience with pricing, setup cost, and licensing?
Setup costs are reasonable compared to enterprise CASB solutions, and licensing scales predictably with users.
Which other solutions did I evaluate?
Before Astrix, we tried to use Microsoft Defender, manual workspace audit, and limited Okta reporting. We evaluated BetterCloud , AppOmni , and Adaptive Shield .
What other advice do I have?
If your organization relies heavily on SaaS, uses Google Workspace or 365, allows third-party OAuth apps, has compliance requirements such as SOC 2, ISO 27001, and HIPAA, and needs visibility into SaaS-to-SaaS access, you should run a proof of concept, as traditional CASBs are not enough. You would likely uncover more exposed risks than expected.
Astrix addresses a very specific and growing gap in modern SaaS security. As an organization becomes more SaaS-native and AI tools proliferate, OAuth risk and SaaS-to-SaaS attack paths will only increase. Having visibility and automated controls in this area is becoming essential, not optional. I would rate this product an eight out of ten overall.