For the best web experience, please use IE11+, Chrome, Firefox, or Safari


Lapses in security are constantly exploited by attackers. The prime target: privileged accounts, which provide deep access to your systems. With the One Identity Safeguard suite, you can secure these privileged accounts, and enable an identity-centric Zero Trust model for just-in-time access. Collect, store, manage, authenticate, record and analyze privileged access. Reduce your stress level over privileged accounts.

One Identity Safeguard Products

Safeguard for Privileged Passwords

Safeguard for Privileged Passwords automates, controls and secures the process of granting privileged credentials with role-based access management and automated workflows. The user-centered design of Safeguard for Privileged Passwords means a reduced learning curve. Plus, the solution enables you to manage passwords from anywhere and using nearly any device. The result is a solution that secures your enterprise and gives your privileged users a new level of freedom and functionality.

Key Features
  • Quick Discovery and onboarding of assets
  • Automated workflow engine
  • Approve passwords from anywhere
  • Full REST API
  • Free personal password vault for business users

Safeguard for Privileged Sessions

Safeguard for Privileged Sessions enables you to control, monitor and record privileged sessions of administrators, remote vendors and other high-risk users. Content of the recorded sessions is indexed to make searching for events and automatic reporting simple so you can easily meet your auditing and compliance requirements. In addition, Safeguard for Privileged Sessions serves as a proxy, and inspects the protocol traffic on the application level and can reject any traffic that violates the protocol – thus it is an effective shield against attacks.

Key Features
  • Full session audit, recording and replay
  • Real-time alerting and blocking
  • Initiate workflows or deploy in transparent mode with no changes to users
  • Full text search including Optical Character Recognition

Safeguard for Privileged Analytics

Safeguard for Privileged Analytics monitors questionable behaviors and uncovers previously unknown threats from inside and outside of your organization. By using user behavior analytics technology, Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action -- and ultimately prevent data breaches.

Key Features
  • Pattern-free analysis to detect unknown bad behaviors
  • Full content analyzation, including screen content, issued commands and windows titles
  • Use keystroke dynamics and mouse movement analysis to help identify breaches
  • Reduce alert noise by categorizing alerts by risk and deviation levels

One Identity Safeguard On Demand

One Identity Safeguard On Demand is SaaS-delivered solution that combines a secure password safe, and a session-management and -monitoring solution with threat detection and analytics all managed and delivered from the cloud.

  • Full-strength PAM with SaaS delivery
  • Mitigate potential damage of a security breaches
  • Meet compliance requirements
  • Identify and stop risky behaviors and unusual events

Safeguard Authentication Services

Integrate Unix, Linux and Mac OS X in Active Directory, while extending the compliance and security of Active Directory to your enterprise using Safeguard Authentication Services. This solution creates an Active Directory Bridge enabling users to log on to non-Windows systems using their Active Directory credentials. With centralized authentication and single sign-on, your organization can improve operational efficiencies and achieve compliance with cross-platform access control.

Key Features
  • Consolidate identities and enforce separation of duties
  • Extend Windows Group Policy to non-Windows systems
  • Leverage existing investments in infrastructure and skills
  • Single sign-on for Unix, Linux and Mac

Safeguard for Sudo

Sudo has a proven history of delivering value; however, management of sudo can be cumbersome. With One Identity Safeguard for Sudo, you can centralize management of sudoer policy files. Easily generate reports on sudoer access rights and activities, and enable keystroke logging of all activities performed through sudo.

Key Features
  • Centralized management of the sudoers policy file
  • Keystroke logging of all sudo activities
  • Access rights and activity reporting for sudo
  • Leverage existing investments in infrastructure and skills

Key Benefits

Mitigate risk of security breaches

Stay on top of any audit & compliance requirements

Happy admins due to using a great UX and familiar tools



Automate discovery of privileged accounts on hosts, in directories and your network


Store privileged passwords in a hardened appliance to enhance security and accelerate deployment


Record all session activity down to the keystroke, mouse movement and windows viewed


Real-time traffic monitoring backed by automated actions that execute under specific conditions


All activity is captured, indexed and stored in time-stamped and signed files for forensics and compliance


Play back or search for any recorded activity/event, including situational context

Privileged Access Governance

Unify governance so users can request, provision and attest to privileged and user access.

Cavium enables secure access to privileged credentials with One Identity Safeguard

Safeguard allows me to change passwords on a daily or hourly basis, which dramatically reduces the exposure we have for passwords being stolen or misused.

Abe Smith Cavium Read Case Study

Cloud service provider tightens control of privileged access without additional overhead

The way we monitor privileged sessions is far more efficient with Safeguard. Session data is at our fingertips, so we can trace anything that raises an alarm.

Edouard Camoin Chief Information Security Officer, 3DS OUTSCALE Read Case Study

Adobe achieves internal and external security compliance with Safeguard for Privileged Sessions

Safeguard for Privileged Sessions is a reliable and straightforward solution, which integrated seamlessly into our existing identity management system and is able to support our needs for both Linux and Windows server access. Implementation went very smoothly as it did not require any changes to our network or servers. We are happy with the benefits Safeguard for Privileged Sessions has been able to provide, and the ease in which we were able to adopt it.

Matt Magleby Sr. Computer Scientist at Adobe