Silverfort Pricing

Based on number of users

2 pricing models:

Base Platform

+ any number of modules to address specific needs

OR

Unified Identity Protection Platform

Which includes all modules and capabilities

Product Module Available Features
Base Platform
Advanced MFA
Service Account Protection
ITDR
Unified Identity Protection
Infrastructure
Identity visibility & auditing
Authentication logs across all user accounts and identity providers
Exporting authentication logs to SIEM
Discovery of users, devices, and resources across all identity providers
Identity security posture management (ISPM)
Legacy authentication protocols (NTLMv1, Cleartext LDAP, weak encryption, etc.)
Password hygiene (unchanged passwords, old passwords, etc.)
Vulnerable user accounts (shadow admins, stale users, admins with SPN, etc.)
Domain configuration issues (unconstrained delegation, non-admin DC owner, etc.)
Vulnerable resources (Log4Shell exposure, shared devices, etc.)
Protect any resource with MFA
AD authentications (including legacy systems, command-line interfaces, on-prem infrastructure, etc.)
Desktop logon
Azure AD
Okta
PingFederate
ADFS
RADIUS
Use any MFA type
Supporting all leading MFA methods (mobile push, OTP, FIDO2, etc.)
Supporting all leading MFA providers (Azure MFA, Okta Verify, PingID, HYPR, Duo, Yubico, RSA SecureID, etc.)
Silverfort MFA desktop and mobile app (optional)
Phishing and MFA bombing protection
Cyber insurance compliance
Cyber insurance compliance report
Service account discovery
Inventory of all service accounts (name, group membership, attributes, behavior, etc.)
Classifications to different types (M2M, hybrid, scanners, etc.)
Identify service accounts that are also used manually by admins
Discover privileges, interactive logins, broadly used accounts and more
Service account monitoring
Map all sources and destinations for each service account
Behavioral analysis of each service account’s unique activity patterns
Service account protection
Block or alert when service accounts are used outside their intended purpose
Automated access policy suggestion, based on the service account normal behavior
Policy automation and APIs
Discover and export a list of all privileged service accounts’ sources, destinations and dependencies to simplify and accelerate their onboarding to the PAM (if needed)
Detection & alerting
Known attack patterns (brute force, Kerberoasting, etc.)
ML-based anomaly detection (lateral movement, unauthorized access, etc.)
External risk indicators (SIEM, XDR, etc.)
Respond to threats with real-time access block
Risk-based policies – respond to detected threats by blocking access in real-time
Risk-based policies – respond to detected threats with step-up MFA verification
Integration with 3rd party SOAR response and remediation playbooks
Reporting
Executive risk assessment reports
Authentication firewall
Apply identity segmentation rules to allow/deny access in different scenarios
Block access of users over insecure protocols (NTLMv1, etc.)
Prevent PAM bypass by ensuring that privileged users can only access resources through the PAM

Ask for Pricing