Listing Thumbnail

    Infisical Secret Management

     Info
    Sold by: Infisical 
    Infisical is the leading platform for developers to securely manage application configuration and secrets across their team and infrastructure. Used by Fortune 500 enterprises, international governments, and fastest-growing startups. With Infisical, you can save time for your engineering teams and enhance organization-wide security posture.
    4.6

    Overview

    Infisical is the leading open-source secrets management platform designed to securely store, manage, and synchronize application configuration and sensitive information like API keys, database credentials, and environment variables across engineering teams and infrastructure.

    Infisical is available both through Infisical Cloud (a hosted SaaS product) as well as Infisical Self-hosted (self-managed on-prem product). Through SOC2 compliance, continuous penetration testing, enterprise uptime guarantee, and support SLAs, Infisical is able to satisfy the hardest security and reliability requirements of global enterprises. As a result, Infisical supports a myriad of Fortune 500 corporations, governmental institutions, as well as the fastest-growing startups in the world.

    Infisical's value comes from enabling operational advantage of engineering organizations as well as enhancing organization-wide security posture. To achieve that, Infisical offers a full-fledged set of tools for managing secrets in production environments, efficiently injecting secrets into CI/CD pipelines, enabling local development workflows, preventing secrets leaks, ensuring secure secret sharing, and more!

    In addition, Infisical comes with 50+ integration across leading developer and infrastructure tools (e.g., AWS, GitHub Actions, GitLab CI/CD, Jenkins, Kubernetes, Terraform, Ansible, Docker), as well as frameworks such as Next.js, Express, Django, among others.

    We recommend speaking to Infisical before purchasing to ensure the best experience. Please contact sales@infisical.com  for a private offer.

    Highlights

    • Unified secret management platform for developers with additional secret scanning and secret sharing capabilities.
    • Integrates with all leading developer and infrastructure tools, including Kubernetes, Jenkins, AWS, GitHub Actions, and GitLab CI/CD.
    • Available both through a self-hosted on-prem installation as well as a managed Infisical Cloud offering.

    Details

    Categories

    Delivery method

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Trust Center

    Trust Center
    Access real-time vendor security and compliance information through their Trust Center powered by Drata or Vanta. Review certifications and security standards before purchase.

    Buyer guide

    Gain valuable insights from real users who purchased this product, powered by PeerSpot.
    Buyer guide

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Infisical Secret Management

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    12-month contract (1)

     Info
    Dimension
    Description
    Cost/12 months
    Identity
    Identities are represented by either human or machine users.
    $1,000.00

    Vendor refund policy

    All fees are non-cancellable and non-refundable except as required by law.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    Submit a ticket via support@infisical.com  or your dedicated support engineer.

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    100
    In Monitoring
    Top
    50
    In Infrastructure as Code, Continuous Integration and Continuous Delivery

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    7 reviews
    Insufficient data
    Insufficient data
    18 reviews
    Insufficient data
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Secret Storage and Management
    Securely stores, manages, and synchronizes application configuration and sensitive information including API keys, database credentials, and environment variables across engineering teams and infrastructure.
    CI/CD Pipeline Integration
    Efficiently injects secrets into CI/CD pipelines with integrations for GitHub Actions, GitLab CI/CD, Jenkins, and other leading developer tools.
    Multi-Platform Deployment Options
    Available as both self-hosted on-premises installation and managed cloud-based SaaS offering to accommodate different deployment requirements.
    Extensive Third-Party Integrations
    Supports 50+ integrations across infrastructure tools such as Kubernetes, AWS, Terraform, Ansible, Docker and frameworks including Next.js, Express, and Django.
    Enterprise Security Compliance
    Maintains SOC2 compliance, undergoes continuous penetration testing, and provides enterprise uptime guarantees with support SLAs to meet security and reliability requirements.
    Centralized Secrets Management
    Centrally secures, rotates, and manages secrets across multi-cloud and hybrid environments with a unified view across multiple AWS accounts and AWS Secrets Manager instances.
    Multi-Platform Integration
    Offers REST APIs and integrates with a wide range of DevOps tools, container platforms, vulnerability scanners, RPA, and automation tools for credential delivery.
    Secrets Rotation and Lifecycle Management
    Automatically rotates secrets in AWS Secrets Manager and across enterprise environments without requiring changes to developer workflows or applications.
    Audit and Access Control
    Provides centralized control and comprehensive auditing of how applications, DevOps tools, and automation platforms authenticate and access sensitive resources including databases and cloud environments.
    Enterprise-Scale Architecture
    Designed to support massive scalability with data sovereignty requirements for large global enterprises and eliminates vault sprawl across distributed environments.
    Secrets Management and Rotation
    Centrally manages and rotates credentials across hybrid and multi-cloud environments with automated lifecycle management
    Privileged Access Management
    Provides just-in-time, least-privilege access with intent-aware control that evaluates requested actions before granting access and issues task-scoped, short-lived credentials
    Multi-Vault Governance
    Unifies visibility and control across AWS and third-party vaults through a single policy and audit framework
    Cryptographic Security
    FIPS 140-3 validated platform powered by Distributed Fragments Cryptography (DFC) and zero-knowledge architecture that ensures encryption keys and secrets are never fully assembled or accessible
    AI Agent Identity Security
    Secures autonomous agents with ephemeral, policy-bound access without embedding credentials in code, prompts, or workflows, with continuous execution inspection and audit trails

    Contract

     Info
    Standard contract
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    4.6
    11 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    64%
    36%
    0%
    0%
    0%
    3 AWS reviews
    |
    8 external reviews
    External reviews are from G2  and PeerSpot .
    reviewer2865399

    Secure role-based secret storage has protected our tools and simplifies day-to-day access

    Reviewed on Jun 26, 2026
    Review provided by PeerSpot

    What is our primary use case?

    My main use case for Infisical  is to store secrets for other programs and tools, and I use it for that most often. For example, we had access keys for the local GitLab  instance and those were stored inside Infisical  and fetched from there. That is mostly what Infisical was used for with other tools as well.

    What is most valuable?

    In my opinion, the best features Infisical offers are the security aspects, as the security made it difficult to access all the secrets very easily. When I refer to security features, the overall sense of security is mostly what I liked, but I would say the role-based access was very nice.

    Infisical has positively impacted my organization, and even though I was an intern, I noticed improvements or benefits after using it as that was part of the assignment.

    What needs improvement?

    I believe Infisical can be improved by adding more features. I don't think there is a specific feature missing or something I had in mind for improvement; I believe continuing on the current path and expanding what has already been done is the best course of action for Infisical.

    For how long have I used the solution?

    I have been using Infisical for about five months.

    What do I think about the stability of the solution?

    I haven't experienced any issues or downtime with Infisical.

    What do I think about the scalability of the solution?

    I didn't notice any challenges or strengths regarding Infisical's scalability as that wasn't my responsibility.

    How are customer service and support?

    I have no knowledge about the customer support for Infisical because I didn't have to reach out to them.

    Which solution did I use previously and why did I switch?

    I haven't used a different solution for secret management before, so I have no basis for comparison.

    What other advice do I have?

    I would advise others looking into using Infisical to really examine the documentation they provide because it is very useful. Infisical is a nice, modern tool in secret management. I gave this review a rating of 8.

    Tarcisio Rocha

    Centralized secrets have secured CI/CD pipelines and prevent password traces in terminals

    Reviewed on Jun 20, 2026
    Review provided by PeerSpot

    What is our primary use case?

    My main use case for Infisical  is to store my CI/CD secret keys, which I use in GitHub .

    A quick and specific example of how this integration makes my work easier is that it adds a lot of security in the sense of not using passwords in command prompts. That way, I can send commands directly in GitHub  using Infisical 's secret passwords, without having to leave traces in the commands directly in the terminal.

    Regarding how Infisical contributes to security or to the management of passwords and commands in my routine, it prevents us from leaving passwords in the command prompts. Alongside GitHub, GitHub does not store passwords. Instead, it accesses Infisical directly through the application without leaving command traces in any prompt. It is excellent regarding security in command prompts, with no password traces.

    What is most valuable?

    Infisical's best features include the ease I have to store passwords and manage the users who will use those passwords. That helps a lot.

    User management through Infisical makes my work easier because I am able to manage the access levels to the types of passwords that I have stored in Infisical. This allows me to have higher access levels with higher-level passwords and deeper levels of access.

    Infisical is extremely simple to use, so it is important to emphasize how easy it is to handle the platform as a whole. It is very straightforward and very easy to deal with in terms of how it is laid out.

    Infisical has had a positive impact on my organization mainly in the level of security regarding the use of passwords that give direct access to the server. We stopped using passwords directly on personal computers. This ensures a very high level of security for both those in development and those in management. There are possibilities of computers breaking or losing saved passwords. If someone breaks into my personal computer, that person will not have access via prompt to my high-level passwords. This security segregation raises and gives much more credibility to the company as a whole.

    I have noticed time savings in access management after adopting Infisical as the main benefit. Regarding leaks, we have not had anything proven related to leaks yet.

    What needs improvement?

    I have not encountered any limitation in Infisical. I use the free version and have not had any limitations. It is excellent. In the way we are using it as a test, it will certainly be used as an indispensable tool in any CI/CD operation in GitHub and servers.

    Infisical already fully meets my needs at the moment.

    For how long have I used the solution?

    I have been using Infisical for a year.

    What do I think about the stability of the solution?

    Infisical is stable, as I never experienced any instability. I never had any problems with it.

    What do I think about the scalability of the solution?

    Infisical's scalability works well when there is an increase in the volume of users or data. With the increase in the number of users, I did not feel any difference because the CI/CD I use is for a small company. The number of developers using the CI/CD platform, where Infisical is embedded, is not stressed enough.

    How are customer service and support?

    I have not needed to contact Infisical's customer support because, as I mentioned, it is highly resilient and sustainable regarding its configurations.

    Which solution did I use previously and why did I switch?

    I previously tried to use a different solution before Infisical, but it was extremely complex and did not work out. I do not remember the name, but it is one of the best on the market as well. I found it extremely complex. I decided to migrate to Infisical because I saw some friends saying it was good.

    How was the initial setup?

    My experience with Infisical's pricing, setup costs, and licensing is excellent. Even using the free version, it fits perfectly for small solutions for small companies. It is very worthwhile.

    What was our ROI?

    I have obtained a return on investment using Infisical, with a reduction in time of up to 15 minutes when using manual passwords. We stopped using manual passwords and started using Infisical's application layer. This reduced those 15 minutes of waiting time to practically instantaneous. We no longer have to wait for the terminal to finish the process so we can focus on other things.

    What's my experience with pricing, setup cost, and licensing?

    My experience with Infisical's pricing, setup costs, and licensing is excellent. Even using the free version, it fits perfectly for small solutions for small companies. It is very worthwhile.

    Which other solutions did I evaluate?

    Before choosing Infisical, I evaluated other options, specifically HashiCorp. With this company, I had extreme difficulty configuring the panel, and I found Infisical very intuitive.

    What other advice do I have?

    The advice I would give to others considering using Infisical is to test it, because these other tools that exist, such as HashiCorp, are extremely expensive and extremely complex. Infisical brings exactly this ease for the end user to be able to do a good job with quality and at an extremely affordable price. I would rate my overall experience with Infisical a 10 out of 10.

    Raja Prasad

    Secure secret sharing has streamlined environment management for multiple cloud applications

    Reviewed on Jun 20, 2026
    Review from a verified AWS customer

    What is our primary use case?

    I primarily use Infisical for keeping the environment values that are used in our applications. We also use Infisical for secret sharing with our developers and clients using Infisical's secret sharing feature. We integrate Infisical to use environment values in our Dockerfile.

    What is most valuable?

    We use self-hosted Infisical in our AWS ECS cluster as a Docker  container, primarily for secret sharing and keeping secrets in a very secure manner. We can give Infisical access to our developers so they can update and delete secrets when required for our dev and staging environments. For the production environment, we keep our environment values in Secrets Manager instead.

    Infisical has improved security significantly. It helps developers to update environment variables in Infisical because as members of Infisical, they can login as users. All developers have access to Infisical, making it very easy for them to update, delete, and restore environment variables or secrets. Infisical's secret sharing feature is the best feature where we can set time limits for how many times and for how long a developer or any other entity can access that link to get the environment variables.

    It saves considerable time because updating environment variables to other platforms like AWS or other secrets managers requires logging in and then updating the secrets, which takes more time. Storing environment variables in Infisical is very easy, and since we have self-hosted Infisical, all data and everything resides on our premises only. We plan to continue using Infisical long term because it is more secure than Infisical cloud.

    What needs improvement?

    When I use Infisical CLI tool, which is created via Go language as a Go binary, sometimes the Go binary is not updated. When we scan Infisical using the Trivy  vulnerability scanning tool, we found issues with Infisical CLI Go binaries that are not updated with the latest version. Due to that, Trivy  vulnerability scanning fails. Our solution is to bypass the Go binary during Infisical vulnerability scanning steps. I suggest that the Infisical team update the Go binaries in their Infisical CLI.

    For how long have I used the solution?

    I have been using Infisical for the last two years with a self-hosted Infisical instance in our AWS cloud.

    Which solution did I use previously and why did I switch?

    We previously used AWS S3  bucket to keep our environment variables. We switched because storing environment variables in S3  bucket was very time-consuming. Whenever we needed to update an environment variable, we had to download the environment files, change them, and then upload them back to the S3 bucket, which was very time-consuming and hectic.

    What's my experience with pricing, setup cost, and licensing?

    The setup cost was very minimal for us at around twenty dollars.

    What other advice do I have?

    I suggest every organization to use Infisical unless you are using Trivy for vulnerability scanning, otherwise your pipeline will be blocked. I strongly suggest Infisical to update their Go binaries in their Infisical CLI tool. I give this product a rating of eight out of ten.

    Which deployment model are you using for this solution?

    On-premises

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Amazon Web Services (AWS)
    reviewer2858871

    Centralized secrets management has reduced errors and enables fast sharing across development teams

    Reviewed on Jun 19, 2026
    Review provided by PeerSpot

    What is our primary use case?

    My main use case for Infisical  is to manage my environment variables in Docker  containers. When a container goes up, I hydrate the container with the values at runtime.

    In a recent project for software for organizational wellness, I have an entry point where I have Infisical  CLI installed in the container. When the application comes up, I invoke Infisical CLI with a service token, and with that, I hydrate the container with the corresponding environment variables.

    What is most valuable?

    The best feature that Infisical offers is the self-host mode, which lets you have your own hosted service because you have control of everything at that point.

    The user interface is an additional feature that I have found especially useful.

    Infisical has had a positive impact on my organization because it has helped me manage secrets in a much faster way, and all the people in the mobile or web development departments can integrate with the ecosystem quickly thanks to its SDK.

    The concrete result I have observed thanks to the integration of Infisical is a very high reduction in errors because we now have a very short time for modifying a secret and sharing it among teams. It is very easy to modify a secret and have that value distributed across all the applications of the other teams.

    What needs improvement?

    According to my experience, I see Infisical as very complete and a quite useful tool. I have no suggestions for possible improvements they could implement.

    For how long have I used the solution?

    I have been working for four years, but in my area, I have been for more than six years. I have been using Infisical for three years.

    What do I think about the stability of the solution?

    I consider Infisical to be very stable. I rarely see incidents, and it is very stable.

    What do I think about the scalability of the solution?

    I rate the scalability of Infisical as 100 out of 100. It is really very scalable and easy to implement in varied teams.

    Which solution did I use previously and why did I switch?

    I did not use any other tool before Infisical.

    What was our ROI?

    I have seen a return on investment with Infisical through optimized time.

    What's my experience with pricing, setup cost, and licensing?

    My experience with Infisical's pricing, installation costs, and licensing was good. I had no cost because I have it hosted myself.

    Which other solutions did I evaluate?

    Before choosing Infisical, I did not evaluate other options.

    What other advice do I have?

    My advice to other professionals who are thinking about using Infisical is that they should use it because it helps you save a lot of time.

    Victor Ramon Gomes Dos Santos

    Centralized secrets management has improved development workflows and simplifies granular access control

    Reviewed on Jun 05, 2026
    Review from a verified AWS customer

    What is our primary use case?

    Infisical  was conceived as a proof of concept for a secret manager tool designed for applications and environment variables. The primary appeal was based on how it integrates with development workflows. We implemented the tool via CLI for developers and deployed a self-hosted solution to integrate into applications in production.

    We implemented an agent in our Kubernetes  cluster and ran applications locally via CLI, integrating directly with the self-hosted instance.

    Since this was a proof of concept, using Infisical  did not have significant impact, but it provided strong evidence of the tool's capabilities and was quite positive overall.

    Infisical had a positive impact on my organization, even in its proof-of-concept phase, because it integrated more seamlessly into the development environment. Starting a project with Infisical meant reducing risks compared to using .env files. The integration via CLI and the ability to configure granular access allowed us to move faster. We could begin the project knowing exactly what our responsibilities were and could fetch secrets directly without taking on as much risk as we would have with a .env file.

    What is most valuable?

    Infisical's best features are the ability to integrate via CLI in a very simple and easy manner. I have experience with other tools serving the same purpose, such as AWS Secrets Manager , which is more complicated to configure via CLI because you need access keys and more granular access within the cloud environment itself, given its direct contact with other resources. Having this functionality separated in Infisical and configured simply is a very strong point. The ability to integrate into a cluster in a straightforward way with agents and operators makes the configuration process very simple.

    The access granularity within the platform is also relevant. You can configure solid RBAC for access to Infisical and you have the possibility of granularizing the secrets themselves through folders, allowing for more organized configuration. These are also very positive points.

    What needs improvement?

    Infisical could be improved by having a solution to integrate with cloud providers. This would be interesting because sometimes people hesitate to leave their cloud environment for an open-source solution due to lack of trust. If the decision had depended solely on me, we would have adopted Infisical. However, it was a joint business decision regarding a tool we did not know well, and because we already had contracted other solutions with built-in secret manager capabilities, we ended up choosing those other options. Infisical is already a very strong tool.

    Better documentation is needed. When implementing the agent in Kubernetes , I had to search quite a bit to adapt it to my specific cluster. Clearer and more up-to-date documentation would greatly help in the process of integrating the tool with other solutions already in place.

    For how long have I used the solution?

    I have been using Infisical for about three months.

    What do I think about the stability of the solution?

    Infisical is stable in my experience. It demonstrated stability during use.

    What do I think about the scalability of the solution?

    Infisical has high scalability because it has the possibility of integrating into the cluster and offers a self-hosted solution. You can organize the space with several projects and several folders for each project, manage access, and other configurations, making it quite scalable.

    Which solution did I use previously and why did I switch?

    Before choosing Infisical, I evaluated other options, including HashiCorp Vault  and AWS Secrets Manager .

    How was the initial setup?

    I did not acquire Infisical through the AWS Marketplace .

    We were not able to measure return on investment at the proof-of-concept stage, so we did not obtain metrics such as time savings, risk reduction, or other measurable points.

    What was our ROI?

    We were not able to measure return on investment at the proof-of-concept stage, so we did not obtain metrics such as time savings, risk reduction, or other measurable points.

    What's my experience with pricing, setup cost, and licensing?

    My experience with Infisical's pricing, configuration costs, and licensing is that initially, people thought it was a bit expensive, which is why we opted for the self-hosted alternative. Because of that, we conducted the proof of concept with self-hosted, understood that there was already a solution on AWS  for this purpose, and continued with the AWS  solution.

    Which other solutions did I evaluate?

    The possibility of integrating with clouds also contributed to my rating.

    We used AWS as the private cloud provider in the proof of concept.

    What other advice do I have?

    My advice for other people thinking about using Infisical is to conduct a proof of concept to determine if it fits your organizational structure. My review rating for Infisical is eight out of ten.

    View all reviews