Beetle

A password manager for the agentic age.

An E2E encrypted secret and license management platform for humans and agents with advanced access controls across every app surface.

Get Started Downloads

End-to-end encryptionLocal decrypt

Usage-based pricingMetered access

Agent-ready vaultsScoped access

Downloads

Beetle on every surface.

Web, desktop, browser plugin, and terminal surfaces for encrypted vault access.

Desktop app

Chrome plugin

Web app

CLI

Pricing

Free for individual use, usage-based pricing for teams.

Classic vault workflows stay simple for individual use. Teams add the permissioning, tenant controls, and metered operations needed for production agent access.

Individual

For individual operators and local agent workflows.

End-to-end encrypted vaults
Projects for grouping vaults, licenses, and agents
Chrome plugin
Desktop app
Mobile app

Get started

Teams

For teams running shared vaults and agent fleets.

Everything in Individual
Multi-tenant workspaces and tenant members
Security groups, inherited roles, and direct permissions
Agent runtime bootstrap with scoped API keys
Usage monitoring, audit events, and billing controls

View usage pricing

Enterprise

For procurement, compliance, and scale needs.

Everything in Teams
Custom contracts, procurement, and security review
Dedicated onboarding and migration planning
Reserved usage, support terms, and account guidance
Bespoke integrations and compliance workflows

Contact sales

Security

Built for secrets you can safely delegate.

Beetle combines local key custody, encrypted vault sharing, scoped authorization, and audit-ready operations so humans and agents can work from the same protected source of truth.

Defense in depth

Independent layers around every vault request.

Keys: Held locally
Vault data: Encrypted at rest
Requests: Scoped and audited

Local private keys

Zero-trust key custody

Vault private keys stay on approved devices and runtimes, with password- or passkey-derived unlock flows protecting local access.

AES-256-GCM + RSA-OAEP

Modern vault encryption

Secrets use authenticated encryption with wrapped data keys, key-versioned rotation support, and RSA-OAEP sharing for vault access.

Tenant isolation

Scoped access paths

Requests are resolved through tenant, security-group, project, and direct-share scopes before sensitive records are returned.

Audit and alert trail

Operational visibility

Security events, session changes, CRUD activity, request metrics, and audit-write failures are captured for review and response.

platform

A full-stack license and secret management platform.

One platform to vertically integrate your license and secret management.

PincerLicenses

BeetleVaults

Unified control planeAgents, vaults, licenses

Identity-aware accessHuman-approved scopes

Audit-ready eventsShared trust trail

Products

Two product surfaces, one operating platform.

Beetle and Pincer cover encrypted access and license operations on top of the same R4 platform.

Beetle

Encrypted password, license, and secret management for humans and agents across every app surface.

View Beetle

Pincer

License acquisition and lifecycle workflows for teams that need marketplace, contract, and renewal operations in one place.

View Pincer

Beetle

A password manager for the agentic age.

An E2E encrypted secret and license management platform for humans and agents with advanced access controls across every app surface.

Get Started Downloads

End-to-end encryptionLocal decrypt

Usage-based pricingMetered access

Agent-ready vaultsScoped access

Downloads

Beetle on every surface.

Web, desktop, browser plugin, and terminal surfaces for encrypted vault access.

Desktop app

Chrome plugin

Web app

CLI

Pricing

Free for individual use, usage-based pricing for teams.

Classic vault workflows stay simple for individual use. Teams add the permissioning, tenant controls, and metered operations needed for production agent access.

Individual

For individual operators and local agent workflows.

End-to-end encrypted vaults
Projects for grouping vaults, licenses, and agents
Chrome plugin
Desktop app
Mobile app

Get started

Teams

For teams running shared vaults and agent fleets.

Everything in Individual
Multi-tenant workspaces and tenant members
Security groups, inherited roles, and direct permissions
Agent runtime bootstrap with scoped API keys
Usage monitoring, audit events, and billing controls

View usage pricing

Enterprise

For procurement, compliance, and scale needs.

Everything in Teams
Custom contracts, procurement, and security review
Dedicated onboarding and migration planning
Reserved usage, support terms, and account guidance
Bespoke integrations and compliance workflows

Contact sales

Security

Built for secrets you can safely delegate.

Beetle combines local key custody, encrypted vault sharing, scoped authorization, and audit-ready operations so humans and agents can work from the same protected source of truth.

Defense in depth

Independent layers around every vault request.

Keys: Held locally
Vault data: Encrypted at rest
Requests: Scoped and audited

Local private keys

Zero-trust key custody

Vault private keys stay on approved devices and runtimes, with password- or passkey-derived unlock flows protecting local access.

AES-256-GCM + RSA-OAEP

Modern vault encryption

Secrets use authenticated encryption with wrapped data keys, key-versioned rotation support, and RSA-OAEP sharing for vault access.

Tenant isolation

Scoped access paths

Requests are resolved through tenant, security-group, project, and direct-share scopes before sensitive records are returned.

Audit and alert trail

Operational visibility

Security events, session changes, CRUD activity, request metrics, and audit-write failures are captured for review and response.