Star Rating
Languages Supported
Pricing Options

Cloud Compliance reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Best Cloud Compliance Software

    Cloud compliance software is used to ensure regulatory standards and provide compliance controls for networks and cloud infrastructure. These tools help improve visibility over cloud workloads and network flows. These workloads require continuous compliance for protection against server malware, container threats, and network intrusion. Companies use cloud compliance software to ensure continuous visibility over their cloud assets and reduce the risk of cloud-based threats. Properly implemented cloud compliance software will ensure a business’ security posture remains optimal at all times.

    There is overlap regarding functionality between cloud compliance solutions and cloud workload protection platforms in their goal of protecting cloud infrastructure. But many cloud workload protection platforms will not provide the same level of continuous monitoring and compliance auditing capabilities.

    To qualify for inclusion in the Cloud Compliance category, a product must:

    Enforce cloud security compliance policies
    Assess cloud security risk and facilitate compliance auditing
    Continuously monitor cloud infrastructure for security risks

    Top 10 Cloud Compliance Software

    • AlienVault USM (from AT&T Cybersecurity)
    • CloudGuard Dome 9
    • CloudGuard IaaS
    • Lacework
    • Nutanix Beam
    • Symantec Control Compliance Suite
    • Threat Stack
    • Orca Security
    • AWS Security Hub
    • Tugboat Logic

    Compare Cloud Compliance Software

    G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.
    Sort By:
    Results: 74
    View Grid®
    Adv. Filters
    (107)4.4 out of 5
    Optimized for quick response

    AlienVault USM Anywhere is a cloud-based security management solution that accelerates and centralizes threat detection, incident response, and compliance management for your cloud, hybrid cloud, and on-premises environments. USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physica

    (51)4.5 out of 5

    Using Dome9, organizations can visualize and assess their security posture, detect mis-configurations, model and actively enforce security best practices, and protect against identity theft and data loss in the cloud.

    (57)4.3 out of 5

    CloudGuard IaaS Cloud Network Security (vSEC) for private and public cloud platforms is designed to protect assets in the cloud against the most sophisticated threats.

    (19)4.6 out of 5

    Lacework automates security and compliance across AWS, Azure, GCP, and private clouds, providing a comprehensive view of risks across cloud workloads and containers. Lacework’s unified cloud security platform provides unprecedented visibility, automates intrusion detection, delivers one-click investigation, and simplifies cloud compliance.

    (25)4.3 out of 5

    Beam is a multi-cloud governance service that provides organizations with deep visibility and rich analytics detailing cloud consumption patterns, along with one-click fixes for cost optimization and security compliance across their cloud environments. Beam proactively identifies idle and underutilized resources, and delivers specific recommendations to right-size infrastructure services to ensure optimal cloud consumption. Beam’s machine intelligence driven reserved instance purchase recommenda

    Identify security gaps and pinpoint vulnerabilities to prioritize remediation and reduce risk and automate compliance assessments for over 100 regulations, mandates, and best practice frameworks including GDPR, HIPAA, NIST, PCI and SWIFT.

    (32)4.4 out of 5

    Threat Stack is the leader in cloud security & compliance for infrastructure and applications, helping companies securely leverage the business benefits of the cloud with proactive risk identification and real-time threat detection across cloud workloads. The Threat Stack Cloud Security Platform® helps organizations improve operational efficiency by bridging the gap between security, development, and operations. By delivering full stack security observability across the cloud management con

    (17)4.6 out of 5
    Optimized for quick response

    Orca Security gives you instant-on, workload-level security for AWS, Azure, and GCP - without the gaps in coverage and operational costs of agents. Orca’s deep cloud inspection, powered by SideScanning™, identifies vulnerabilities, malware, misconfigurations, secret keys, weak and leaked passwords, lateral movement risk, and high-risk data such as PII. Delivered as SaaS, Orca reads your workloads’ run-time block storage out-of-band, then cross-references it with cloud context pulled directly

    (14)4.2 out of 5

    AWS Security Hub gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts.

    (13)4.8 out of 5
    Entry Level Price:$499/mo Module

    Tugboat Logic is the Security Assurance Platform that takes the misery & mystery out of security and compliance by automating the process of building and maintaining your InfoSec program. How we help: 1. Define your InfoSec program 2. Implement security controls 3. Prove it to auditors & customers This helps accelerate audit readiness, and improve security assurance with your customers, so that you can sell more!

    (15)4.1 out of 5

    Azure Security Center provides security management and threat protection across your hybrid cloud workloads. It allows you to prevent, detect, and respond to security threats with increased visibility.

    (13)4.8 out of 5

    Vanta simplifies the complex, time-consuming, and tedious process of preparing for a SOC 2 audit. With our easy-to-use gap assessment, risk assessment, and remediation tools, Vanta cuts its customers’ SOC 2 prep time by two to six months, depending on company size - saving them significant time, stress, and money. When your company is ready for that SOC 2 audit, you have the benefit of working with the Vanta partner audit firm of your choice. Each audit partner has agreed to a fixed discount f

    (12)5.0 out of 5

    StackRox helps enterprises secure their Kubernetes environments at scale. The StackRox Kubernetes Security Platform enables security and DevOps teams to enforce their compliance and security policies across the entire container life cycle, from build to deploy to runtime. StackRox integrates with existing DevOps and security tools, enabling teams to quickly operationalize container and Kubernetes security. StackRox customers span cloud-native startups, Global 2000 enterprises, and government age

    (58)4.2 out of 5

    Qualys' integrated approach to IT security and compliance enables organizations of all sizes to successfully achieve both vulnerability management and policy compliance initiatives cohesively. Our solutions empower various roles within the organization to meet your unique requirements. Built on top of Qualys’ Infrastructure and Core Services, the Qualys Cloud Suite incorporates the following applications, all of which are delivered via the cloud: • AssetView • Vulnerability Management • Con

    (20)4.1 out of 5

    AWS Artifact provides on-demand access to AWS’ security and compliance reports and select online agreements. Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls. Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and t

    (19)4.6 out of 5

    Cybersecurity and Compliance Made Easy... Apptega helps businesses of all sizes accelerate and automate compliance efforts, monitor program performance, and always be audit-ready—all while fortifying your cybersecurity. Choose your frameworks, including PCI, SOC 2, NIST, ISO, CIS v7, GDPR, HIPAA, CCPA and more, and manage your program with: -Automated Cybersecurity Framework Crosswalks -Real-Time Compliance Scoring -Project Management -Workflow & Task Management -Collaboration -Budgeting -P

    (20)3.6 out of 5

    Tripwire is a provider of advanced threat, security and compliance solutions to confidently detect, prevent and respond to cybersecurity threats

    (8)3.1 out of 5

    AWS Control Tower automates the set-up of a baseline environment, or landing zone, that is a secure, well-architected multi-account AWS environment. The configuration of the landing zone is based on best practices that have been established by working with thousands of enterprise customers to create a secure environment that makes it easier to govern AWS workloads with rules for security, operations, and compliance.

    (6)4.1 out of 5

    The CloudCheckr Cloud Management Platform (CMP) offers a single pane of glass view to help modern enterprises manage and optimize their public cloud. DevOps, SecOps, and FinOps teams from hundreds of global enterprises and service providers rely on CloudCheckr to manage their Azure, AWS, and Google Cloud investments so they can quickly optimize spend, eliminate waste, and improve security and compliance throughout their cloud journey. CloudCheckr enables users to save money, time, and effort t

    (7)4.9 out of 5

    Fugue is enterprise cloud security developed for engineers, by engineers. Fugue prevents cloud misconfiguration and ensures continuous compliance with enterprise security policies. Fugue provides full visibility into the security posture of AWS, Azure and Google Cloud Platform. With Fugue you have intelligent guardrails that use baseline enforcement to eliminate policy violations and cloud misconfiguration. Fugue’s API enables teams to “shift left” and use CI/CD pipelines to validate infrastruct

    (5)4.4 out of 5

    Threat detection and prevention through advanced cloud security

    Your Automated Trusted Advisor

    (4)4.9 out of 5

    Akku is an Identity and Access Management (IAM) solution that is packed with features including single sign-on, password policy enforcement, IP- and device-based restrictions, multi-factor authentication and YouTube filtering. It provides enterprises with complete control over data access and privacy on the cloud while ensuring that they stay compliant to statutory industry standards. Akku also offers a dedicated deployment support service, without the need for a third-party system integrator,

    (4)4.9 out of 5

    Aptible is building trust on the internet by empowering organizations to make information security a core competency. Our platform makes it easy for B2B SaaS teams to achieve compliance, automate compliance operations, and build trust with customers and prospects. The Aptible platform offers a compliance monitoring, workflow automation, and sales enablement solution so companies can achieve, maintain, and prove best-in-class compliance without the manual work. It also offers a solution that prov

    (6)4.0 out of 5

    (33)3.8 out of 5
    Optimized for quick response

    Make managing cloud cost across multiple cloud platforms simple for your organization with Flexera. Flexera’s Cloud Management Platform offers a robust set of capabilities designed to remove the complexity associated with managing cloud cost and workloads across any cloud or server.

    (3)4.5 out of 5

    An Innovative SaaS Platform That Delivers Verifiable Cloud Network Security, Advanced IAM Protection And Comprehensive Compliance And Governance

    (3)5.0 out of 5

    Expanse provides a comprehensive, continuously-updated view of all Internet-connected assets that belong to an organization. IT operations and security teams use this insight to reduce risk posed by unknown or unmonitored assets–on their network and in the cloud–and to minimize their global attack surface.

    (3)5.0 out of 5
    Entry Level Price:Free 1 User

    JupiterOne Centralizes cloud security operations into a single, searchable hub where you can manage compliance, create rules, perform access reviews, complete vulnerability management analysis, gather evidence and documentation for security assessments and reviews and more. JupiterOne integrates with more than 3-dozen tools, softwares and services, as well as provides and open API for bringing over your own data. All of the data is aggregated and JupiterOne applies classifications for the type

    (4)4.2 out of 5

    BMC Helix Cloud Security automates cloud configuration security checks and remediation - no coding required! - so that the IaaS and PaaS services your stakeholders use are configured securely, consistently, and with an audit trail. Automated, ready-to-use remediation removes manpower bottlenecks to close security gaps quickly. Closed-loop integration to incident and change management keeps everything running smoothly, while enabling scrum teams to easily manage their security posture within go

    Select Grid® View
    Select Company Size
    G2 Grid® for Cloud Compliance
    Filter Grid®
    Filter Grid®
    Select Grid® View
    Select Company Size
    Check out the G2 Grid® for the top Cloud Compliance Software products. G2 scores products and sellers based on reviews gathered from our user community, as well as data aggregated from online sources and social networks. Together, these scores are mapped on our proprietary G2 Grid®, which you can use to compare products, streamline the buying process, and quickly identify the best products based on the experiences of your peers.
    High Performers
    Qualys Cloud Platform.
    Nutanix Beam
    AlienVault USM (from AT&T Cybersecurity)
    Threat Stack
    CloudGuard IaaS
    Azure Security Center
    AWS Artifact
    Symantec Control Compliance Suite
    AWS Security Hub
    Tugboat Logic
    CloudGuard Dome 9
    Orca Security
    Market Presence