# Best Enterprise Cloud Compliance Software *By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)* Products classified in the overall Cloud Compliance category are similar in many regards and help companies of all sizes solve their business problems. However, enterprise business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Enterprise Business Cloud Compliance to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2's buying advisors to find the right solutions within the Enterprise Business Cloud Compliance category. In addition to qualifying for inclusion in the Cloud Compliance Software category, to qualify for inclusion in the Enterprise Business Cloud Compliance Software category, a product must have at least 10 reviews left by a reviewer from an enterprise business. ## Category Overview **Total Products under this Category:** 151 ## Trust & Credibility Stats **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 14,900+ Authentic Reviews - 151+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Best Cloud Compliance Software At A Glance - **Best for Small Businesses:** [Vanta](https://www.g2.com/products/vanta/reviews) - **Best for Mid-Market:** [Vanta](https://www.g2.com/products/vanta/reviews) - **Best for Enterprise:** [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - **Highest User Satisfaction:** [Sprinto](https://www.g2.com/products/sprinto-inc/reviews) - **Best Free Software:** [Sprinto](https://www.g2.com/products/sprinto-inc/reviews) --- **Sponsored** ### Decrypt Compliance Decrypt Compliance is a licensed CPA firm that provides independent cybersecurity and compliance audit services for cloud-native startups and high-growth technology companies. The firm operates as both a public accounting practice and an accredited certification body, specializing in frameworks that help organizations demonstrate security, privacy, and governance to their customers. Decrypt’s services are designed for technology-driven companies that need formal certifications to meet customer and regulatory expectations. Typical use cases include obtaining SOC 2 reports for customer assurance, achieving ISO 27001 certification to support enterprise sales, or aligning with ISO 42001 for artificial intelligence governance. By working with Decrypt, companies address customer questions about trust and risk management while building a compliance foundation that scales with business growth. As a firm rooted in Silicon Valley, Decrypt combines the rigor of traditional audit practice with a modern, technology-enabled approach. Audits are conducted by professionals who are fluent across multiple frameworks, reducing the complexity of working with separate specialists for each certification. The process emphasizes readiness, efficiency, and accuracy, ensuring that organizations receive credible results that can be confidently shared with customers and partners. Our work is guided by three core values that directly shape the client experience: Responsiveness, Responsibility, and Resilience: - Responsive: Clients can expect clear, concise communication, timely updates, and proactive guidance that anticipates next steps. This minimizes uncertainty and keeps projects moving without last-minute surprises - Responsible: As independent assessors, we adhere to the highest professional standards, hold ourselves and others accountable to commitments, and provide transparent judgments — including acknowledging what we don’t yet know - Resilient: We evaluate challenges objectively, adapt quickly to unexpected issues, and commit to continuous improvement so that clients receive reliable results even in complex or fast-changing environments Key Features and Value Propositions: - Independent audit and certification services across SOC 2, ISO 27001, ISO 42001, and related frameworks. - Cross-trained audit professionals who streamline multi-framework engagements into a unified process. - Technology-enabled methodology that incorporates AI throughout the entire audit process, not just for evidence requests, to streamline review, highlight risks, and deliver timely certifications. Decrypt Compliance is licensed as a CPA firm in the state of California (License #9491). [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=1861&secure%5Bdisplayable_resource_id%5D=1861&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=page_category&secure%5Bplacement_resource_ids%5D%5B%5D=1861&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=1343508&secure%5Bresource_id%5D=1861&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fcloud-compliance%2Fsmall-business&secure%5Btoken%5D=db9cedfc18b08fcae77d2b06457b09b40f55196cebf73f96e7461bbfd3dbd0a3&secure%5Burl%5D=https%3A%2F%2Fdecrypt.cpa&secure%5Burl_type%5D=company_website&secure%5Bvisitor_segment%5D=180) --- ## Top-Rated Products (Ranked by G2 Score) ### 1. [Wiz](https://www.g2.com/products/wiz-wiz/reviews) Wiz transforms cloud security for customers – including more than 50% of the Fortune 100 – by enabling a new operating model. With Wiz, organizations can democratize security across the development lifecycle, empowering them to build fast and securely. Its Cloud Native Application Protection Platform (CNAPP) consolidates CSPM, KSPM, CWPP, Vulnerability management, IaC scanning, CIEM, DSPM into a single platform. Wiz drives visibility, risk prioritization, and business agility. Protecting Your Cloud Environments Requires a Unified, Cloud Native Platform. Wiz connects to every cloud environment, scans every layer, and covers every aspect of your cloud security - including elements that normally require installing agents. Its comprehensive approach has all of these cloud security solutions built in. Hundreds of organizations worldwide, including 50 percent of the Fortune 100, to rapidly identify and remove critical risks in cloud environments. Its customers include Salesforce, Slack, Mars, BMW, Avery Dennison, Priceline, Cushman & Wakefield, DocuSign, Plaid, and Agoda, among others. Wiz is backed by Sequoia, Index Ventures, Insight Partners, Salesforce, Blackstone, Advent, Greenoaks, Lightspeed and Aglaé. Visit https://www.wiz.io for more information. **Average Rating:** 4.7/5.0 **Total Reviews:** 773 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.0/10 (Category avg: 9.0/10) - **Auditing:** 8.6/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.9/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Wiz](https://www.g2.com/sellers/wiz-76a0133b-42e5-454e-b5da-860e503471db) - **Company Website:** https://www.wiz.io/ - **Year Founded:** 2020 - **HQ Location:** New York, US - **Twitter:** @wiz_io (22,550 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/wizsecurity/ (3,248 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CISO, Security Engineer - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 54% Enterprise, 39% Mid-Market #### Pros & Cons **Pros:** - Features (113 reviews) - Security (107 reviews) - Ease of Use (104 reviews) - Visibility (87 reviews) - Easy Setup (68 reviews) **Cons:** - Improvement Needed (35 reviews) - Feature Limitations (34 reviews) - Learning Curve (34 reviews) - Improvements Needed (29 reviews) - Complexity (27 reviews) ### 2. [Orca Security](https://www.g2.com/products/orca-security/reviews) The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google Cloud, Kubernetes, Alibaba Cloud, and Oracle Cloud. Orca offers the industry’s most comprehensive cloud security solution in a single platform — eliminating the need to deploy and maintain multiple point solutions. Orca is agentless-first, and connects to your environment in minutes using Orca’s patented SideScanning™ technology that provides deep and wide visibility into your cloud environment, without requiring agents. In addition, Orca can integrate with third-party agents for runtime visibility and protection for critical workloads. Orca is at the forefront of leveraging Generative AI for simplified investigations and accelerated remediation – reducing required skill levels and saving cloud security, DevOps, and development teams time and effort, while significantly improving security outcomes. As a Cloud Native Application Protection Platform (CNAPP), Orca consolidates many point solutions in one platform, including: CSPM, CWPP, CIEM, Vulnerability Management, Container and Kubernetes Security, DSPM, API Security, CDR, Multi-cloud Compliance, Shift Left Security, and AI-SPM. **Average Rating:** 4.6/5.0 **Total Reviews:** 241 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.9/10 (Category avg: 9.0/10) - **Auditing:** 8.6/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Orca Security](https://www.g2.com/sellers/orca-security) - **Company Website:** https://orca.security - **Year Founded:** 2019 - **HQ Location:** Portland, Oregon - **Twitter:** @orcasec (4,834 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/35573984/ (495 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Engineer, CISO - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 47% Mid-Market, 42% Enterprise #### Pros & Cons **Pros:** - Ease of Use (37 reviews) - Features (33 reviews) - Security (29 reviews) - User Interface (22 reviews) - Visibility (22 reviews) **Cons:** - Improvement Needed (15 reviews) - Feature Limitations (12 reviews) - Limited Features (10 reviews) - Missing Features (10 reviews) - Ineffective Alerts (9 reviews) ### 3. [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) Microsoft Defender for Cloud is a cloud native application protection platform for multicloud and hybrid environments with comprehensive security across the full lifecycle, from development to runtime. **Average Rating:** 4.4/5.0 **Total Reviews:** 279 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.8/10 (Category avg: 9.0/10) - **Auditing:** 8.7/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft) - **Year Founded:** 1975 - **HQ Location:** Redmond, Washington - **Twitter:** @microsoft (13,114,353 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (227,697 employees on LinkedIn®) - **Ownership:** MSFT **Reviewer Demographics:** - **Who Uses This:** Saas Consultant, Software Engineer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 39% Mid-Market, 35% Enterprise #### Pros & Cons **Pros:** - Security (121 reviews) - Comprehensive Security (92 reviews) - Cloud Security (71 reviews) - Vulnerability Detection (63 reviews) - Threat Detection (57 reviews) **Cons:** - Complexity (27 reviews) - Expensive (24 reviews) - Delayed Detection (22 reviews) - False Positives (19 reviews) - Improvement Needed (19 reviews) ### 4. [Flexera One](https://www.g2.com/products/flexera-one/reviews) Flexera One is a SaaS-based IT management solution designed with and for organizations like yours with highly complex hybrid environments. With Flexera One, you can visualize your entire estate and make data-driven decisions from on-premise to SaaS to the cloud. IT Visibility Flexera One’s IT Visibility solution delivers the most comprehensive and clear view of your IT estate. Discovery and normalization—gain consistent, reliable data and take control of assets to draw valuable insights across software, hardware, SaaS and cloud. Data enrichment—enhance your IT inventory data with market intelligence that improves your decision-making abilities, via Technopedia—the largest and most trusted IT asset information source in the world. Unified data visualization—simplify the view of your environment with clear understanding and analytic that provide context for business initiatives spanning your entire IT estate. IT Asset Management Flexera One’s IT asset management (ITAM) starts with knowing what you have in your IT ecosystem—across hardware, software, SaaS, cloud, containers, clusters and virtual technologies. Optimized for today’s digital business, find the evidence required to determine license consumption, such as IBM sub-capacity requirements. Software asset management— Flexera One is the only SAM solution to solve the exponentiality of licensing with depth, breadth, algorithms and automation required to truly create a trusted and accurate license position. Hardware asset management— manage the hardware you own or lease, no matter where it is. Make critical hardware lifecycle decisions to support user productivity, business continuity and make the most of your hardware investments. SaaS management— get a current and complete picture of SaaS usage to support your business stakeholders while optimizing SaaS spend with all your vendors. Take action by discovering shadow SaaS, removing redundant applications and optimizing subscriptions based on actual usage automatically. Software request and reharvest— proactively reduce the sprawl and provide end users with a catalog of approved software, SaaS and cloud instances–helping you get them within guard rails while enabling the business to be agile and innovative. Reclaim unused technology to avoid future costs. Integrate with ITSM providers so you can meet users where they are and provide a seamless end-user experience. Cloud Cost Optimization Flexera One offers a unique approach to cloud cost optimization that enables cloud governance teams to work collaboratively with business units and cloud resource owners to optimize spend. With Flexera One, you get a comprehensive set of cloud cost optimization capabilities designed to easily reduce costs across your entire cloud environment. Cloud Cost Management— Get visibility into cloud usage and costs for all your cloud accounts. You can evaluate and report on your most cost-effective regions and instance sizes, and dive deep into public and private cloud costs by application, category, business unit, cost center, department or team. You also can allocate costs for chargeback and showback with complete backup and justification. Cloud Governance— Flexera One offers a powerful policies engine that enables your cloud governance teams to manage and control hybrid cloud use with out-of-the-box and custom policies to automate governance of costs, operations, security and compliance. Cloud Migration and Modernization Successful IT modernization requires proper analysis, prioritization and planning. Flexera One’s Cloud Migration and Modernization provides the actionable intelligence you need to optimize your cloud modernization and migration—no matter where you are on your cloud journey. Cloud Migration Planning— Flexera one gives you the actionable intelligence needed to optimize your on-premises to cloud migration journey from start to finish with full context visibility into business services. Cloud Cost Assessment — Flexera One provides comprehensive workload assessments to show you which cloud type, provider, custom instance choice, buying type and resource provisioning are best for your workload, budget and performance requirements—all to optimize your cloud cost savings. Workload Placement — Cloud migration and modernization provides comprehensive workload assessments for full visibility into your current workloads, so you can prioritize and identify which providers are best for your performance requirements to ensure successful migration of workloads to the cloud. **Average Rating:** 4.3/5.0 **Total Reviews:** 118 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.4/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.9/10 (Category avg: 9.0/10) - **Auditing:** 9.1/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Flexera](https://www.g2.com/sellers/flexera) - **Year Founded:** 2008 - **HQ Location:** Itasca, IL - **Twitter:** @flexera (4,738 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/574962/ (2,045 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Analyst, Software Engineer - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 73% Enterprise, 16% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (54 reviews) - Features (47 reviews) - Integrations (37 reviews) - Product Quality (36 reviews) - Visibility (35 reviews) **Cons:** - Complexity (37 reviews) - Difficult Learning (35 reviews) - Learning Curve (31 reviews) - Complex Setup (26 reviews) - Difficult Setup (23 reviews) ### 5. [Check Point CloudGuard Network Security](https://www.g2.com/products/check-point-cloudguard-network-security/reviews) CloudGuard Network Security is a comprehensive cloud security solution designed to protect public, private, and hybrid cloud environments from a wide array of cyber threats. This platform focuses on delivering advanced threat protection, ensuring that organizations can confidently transition to the cloud while maintaining robust security measures. With an impressive malware catch rate, CloudGuard is engineered to defend against various types of attacks, including ransomware and other malicious software. Targeted at enterprises and organizations that are increasingly adopting cloud technologies, CloudGuard Network Security is particularly beneficial for IT teams and security professionals who require a reliable and efficient way to manage security across multiple environments. The solution is ideal for businesses looking to enhance their cloud security posture without compromising on agility or operational efficiency. By integrating seamlessly with leading Infrastructure as Code (IaC) tools, CloudGuard automates network security processes, making it easier for teams to implement security measures within their continuous integration and continuous deployment (CI/CD) workflows. One of the standout features of CloudGuard is its advanced protection capabilities. The platform includes a suite of security features such as a firewall, data loss prevention (DLP), intrusion prevention system (IPS), application control, IPsec VPN, URL filtering, antivirus, anti-bot protection, threat extraction, and threat emulation. These tools work in concert to provide a multi-layered defense strategy that addresses various attack vectors, ensuring that organizations can mitigate risks effectively. Additionally, CloudGuard's automated network security capabilities support IaC and CI/CD practices, allowing organizations to streamline their security processes through the use of APIs and automation. This enables security teams to focus on more strategic initiatives rather than being bogged down by manual tasks. The unified security management feature further enhances the solution by providing consistent visibility and policy management across hybrid-cloud and on-premises environments. Users can access logging, reporting, and control from a single interface, simplifying the management of security policies and improving overall operational efficiency. Overall, CloudGuard Network Security stands out in the cloud security landscape by offering a robust, integrated solution that not only protects against emerging threats but also enhances the agility and efficiency of security operations. Its comprehensive feature set and automation capabilities make it a valuable asset for organizations navigating the complexities of cloud security. **Average Rating:** 4.5/5.0 **Total Reviews:** 170 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.7/10 (Category avg: 9.0/10) - **Auditing:** 8.8/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies) - **Company Website:** https://www.checkpoint.com/ - **Year Founded:** 1993 - **HQ Location:** Redwood City, CA - **Twitter:** @CheckPointSW (70,998 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,356 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Engineer, Network Engineer - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 41% Enterprise, 30% Mid-Market #### Pros & Cons **Pros:** - Security (42 reviews) - Ease of Use (28 reviews) - Threat Detection (28 reviews) - Threat Protection (28 reviews) - Cloud Integration (22 reviews) **Cons:** - Complexity (26 reviews) - Difficult Setup (25 reviews) - Difficult Learning (24 reviews) - Difficult Configuration (23 reviews) - Difficult Learning Curve (22 reviews) ### 6. [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews) Sysdig Secure is the real-time cloud-native application protection platform (CNAPP) trusted by organizations of all sizes around the world.. Built by the creators of Falco and Wireshark, Sysdig uniquely delivers runtime-powered visibility and agentic AI to stop cloud attacks instantly, not after the damage is done. With Sysdig, you can: - Stop threats in 2 seconds and respond in minutes - Cut vulnerability noise by 95% with runtime prioritization - Detect real risk instantly across workloads, identities, and misconfigurations - Close permissions gaps in under 2 minutes Sysdig Secure consolidates CSPM, CWPP, CIEM, vulnerability management, and threat detection into a single open, real-time platform. Unlike other CNAPPs, Sysdig connects signals across runtime, identity, and posture to eliminate blind spots, reduce tool sprawl, and accelerate innovation without compromise. No guesswork. No black boxes. Just cloud security, the right way. Learn more at https://sysdig.com **Average Rating:** 4.8/5.0 **Total Reviews:** 111 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.6/10 (Category avg: 9.0/10) - **Auditing:** 9.6/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.6/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Sysdig](https://www.g2.com/sellers/sysdig-715eaed9-9743-4f27-bd2b-d3730923ac3e) - **Company Website:** https://www.sysdig.com - **Year Founded:** 2013 - **HQ Location:** San Francisco, California - **Twitter:** @Sysdig (10,280 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3592486/ (640 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Engineer - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 46% Enterprise, 39% Mid-Market #### Pros & Cons **Pros:** - Security (33 reviews) - Vulnerability Detection (32 reviews) - Threat Detection (31 reviews) - Detection Efficiency (30 reviews) - Features (23 reviews) **Cons:** - Feature Limitations (10 reviews) - Complexity (9 reviews) - Missing Features (8 reviews) - Difficult Learning (7 reviews) - Feature Complexity (7 reviews) ### 7. [AlgoSec Horizon](https://www.g2.com/products/algosec-horizon/reviews) AlgoSec, a global cybersecurity leader, empowers organizations to securely accelerate application delivery up to 10 times faster by automating application connectivity and security policy across the hybrid network environment. With two decades of expertise securing hybrid networks, over 2200 of the world's most complex organizations trust AlgoSec to help secure their most critical workloads. AlgoSec Horizon platform utilizes advanced AI capabilities, enabling users to automatically discover and identify their business applications across multi-clouds, and remediate risks more effectively. It serves as a single source for visibility into security and compliance issues across the hybrid network environment, to ensure ongoing adherence to internet security standards, industry, and internal regulations. Additionally, organizations can leverage intelligent change automation to streamline security change processes, thus improving security and agility. Learn how AlgoSec enables application owners, information security experts, SecOps and cloud security teams to deploy business applications faster while maintaining security at www.algosec.com. **Average Rating:** 4.5/5.0 **Total Reviews:** 215 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.9/10 (Category avg: 9.0/10) - **Auditing:** 9.1/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.0/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [AlgoSec](https://www.g2.com/sellers/algosec) - **Company Website:** https://www.algosec.com - **Year Founded:** 2004 - **HQ Location:** Ridgefield Park, New Jersey - **Twitter:** @AlgoSec (2,426 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/algosec/ (559 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Engineer - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 51% Enterprise, 29% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (15 reviews) - Policy Management (13 reviews) - Risk Management (9 reviews) - Automation (8 reviews) - Useful (8 reviews) **Cons:** - Improvement Needed (8 reviews) - Integration Issues (6 reviews) - Difficult Setup (5 reviews) - Complex Setup (4 reviews) - Expensive (4 reviews) ### 8. [Cortex Cloud](https://www.g2.com/products/cortex-cloud/reviews) Cortex Cloud by Palo Alto Networks, the next version of Prisma Cloud, understands a unified security approach is essential for effectively addressing AppSec, CloudSec, and SecOps. Connecting cloud security and SOC workflows enables teams to achieve holistic visibility, trace risk across the lifecycle, and correlate real-time threat activity with development and runtime contexts. Cortex Cloud is a unified platform built on three core pillars: data integration, AI-driven intelligence, and automation. Now you can safeguard applications, data, and infrastructure across multicloud and hybrid environments with a unified data model that consolidates telemetry from code, runtime, identity, and endpoints, all into a single data source. Empower teams with precise, AI-powered insights and 2200+ machine learning models to identify and stop zero-day threats with real-time advanced threat detection and response. And automate with 1000+ prebuilt playbooks across your cloud stack to reduce manual workloads, accelerate remediations, and cut response times tenfold. Cortex Cloud delivers more than tools—it transforms how organizations secure their cloud environments. **Average Rating:** 4.1/5.0 **Total Reviews:** 110 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.0/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.5/10 (Category avg: 9.0/10) - **Auditing:** 8.6/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.1/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks) - **Company Website:** https://www.paloaltonetworks.com - **Year Founded:** 2005 - **HQ Location:** Santa Clara, CA - **Twitter:** @PaloAltoNtwks (128,788 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (21,355 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 38% Enterprise, 31% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (49 reviews) - Features (45 reviews) - Security (43 reviews) - Visibility (38 reviews) - Cloud Integration (34 reviews) **Cons:** - Expensive (31 reviews) - Difficult Learning (30 reviews) - Learning Curve (29 reviews) - Pricing Issues (24 reviews) - Complex Setup (21 reviews) ### 9. [Check Point CloudGuard CNAPP](https://www.g2.com/products/check-point-cloudguard-cnapp/reviews) CloudGuard CNAPP provides you with more context to drive actionable security and smarter prevention, from code-to-cloud, across the application lifecycle. CloudGuard’s prevention-first approach protects applications and workloads throughout the software development lifecycle, and includes an effective risk management engine, with automated remediation prioritization, to allow users to focus on the security risks that matter. With CloudGuard's unified & modular platform , customers receive: Enhanced Cloud Security Posture Management Deep Workload Security Visibility at Scale with No Agents Enforcement of Least Privilege with Cloud Infrastructure Entitlement Management (CIEM) Runtime Protection for Cloud Workloads (CWPP) Context-Based Web Application and API Protection (WAF) Shift CNAPP Left to Secure Applications in the CI/CD Pipeline Context Graph Visualization & Cloud Detection and Response For more information on CloudGuard CNAPP, visit https://www.checkpoint.com/cloudguard/cnapp/ **Average Rating:** 4.5/5.0 **Total Reviews:** 168 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.1/10 (Category avg: 9.0/10) - **Auditing:** 8.9/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.7/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies) - **Year Founded:** 1993 - **HQ Location:** Redwood City, CA - **Twitter:** @CheckPointSW (70,998 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,356 employees on LinkedIn®) - **Ownership:** NASDAQ:CHKP **Reviewer Demographics:** - **Who Uses This:** Security Engineer, Software Engineer - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 48% Enterprise, 37% Mid-Market #### Pros & Cons **Pros:** - Security (45 reviews) - Cloud Security (35 reviews) - Ease of Use (30 reviews) - Cloud Integration (29 reviews) - Comprehensive Security (29 reviews) **Cons:** - Improvement Needed (13 reviews) - Complexity (12 reviews) - Difficult Setup (10 reviews) - Integration Issues (10 reviews) - Poor Customer Support (10 reviews) ### 10. [CrowdStrike Falcon Cloud Security](https://www.g2.com/products/crowdstrike-falcon-cloud-security/reviews) Crowdstrike Falcon Cloud Security is the only CNAPP to stop breaches in the cloud Built for today’s hybrid and multi-cloud environments, Falcon Cloud Security protects the entire cloud attack surface - from code to runtime - by combining continuous agentless visibility with real-time detection and response. At runtime, Falcon Cloud Security delivers best-in-class cloud workload protection and real-time cloud detection and response (CDR) to stop active threats across hybrid environments. Integrated with the CrowdStrike Falcon platform, it correlates signals across endpoint, identity, and cloud to detect sophisticated cross-domain attacks that point solutions miss—enabling teams to respond faster and stop breaches in progress. To reduce risk before attacks occur, Falcon Cloud Security also delivers agentless-driven posture management that proactively shrinks the cloud attack surface. Unlike typical solutions, Crowdstrike enriches cloud risk detections with adversary intelligence and graph-based context, enabling security teams to prioritize exploitable exposures and prevent breaches before they happen. Customers using Falcon Cloud Security consistently see measurable results: 89% faster cloud detection and response 100x reduction in false positives by prioritizing exploitable, business-critical risk 83% reduction in cloud security licenses due to elimination of redundant tools **Average Rating:** 4.6/5.0 **Total Reviews:** 83 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.7/10 (Category avg: 9.0/10) - **Auditing:** 9.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike) - **Company Website:** https://www.crowdstrike.com - **Year Founded:** 2011 - **HQ Location:** Sunnyvale, CA - **Twitter:** @CrowdStrike (110,324 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,258 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 45% Enterprise, 43% Mid-Market #### Pros & Cons **Pros:** - Security (49 reviews) - Cloud Security (37 reviews) - Detection Efficiency (34 reviews) - Vulnerability Detection (31 reviews) - Ease of Use (29 reviews) **Cons:** - Expensive (17 reviews) - Improvements Needed (14 reviews) - Improvement Needed (13 reviews) - Feature Complexity (8 reviews) - Learning Curve (8 reviews) ### 11. [Hybrid Cloud Security](https://www.g2.com/products/trend-micro-hybrid-cloud-security/reviews) In today's complex digital landscape, securing your cloud environment is paramount. The management and security of your hybrid and multi-cloud setup pose increasing challenges. Trend's Cloud Security provides essential visibility, allowing you and your teams to secure every aspect of your transformation and eliminate disruptive security silos. Automate security policies, deployments, monitoring, and compliance audits seamlessly from a single console, ensuring the automatic protection of all workloads from both known and unknown threats. With Cloud-Native Application Protection and robust platform capabilities, Trend empowers you to proactively address vulnerabilities and defend against threats. Gain centralized visibility, continuous asset discovery, and contextualized risk assessments, equipping your team with everything necessary to stay ahead of potential cloud security risks. **Average Rating:** 4.5/5.0 **Total Reviews:** 181 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.1/10 (Category avg: 9.0/10) - **Auditing:** 9.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.1/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Trend Micro](https://www.g2.com/sellers/trend-micro) - **Year Founded:** 1988 - **HQ Location:** Tokyo - **LinkedIn® Page:** https://www.linkedin.com/company/4312/ (8,090 employees on LinkedIn®) - **Ownership:** OTCMKTS:TMICY - **Total Revenue (USD mm):** $1,515 **Reviewer Demographics:** - **Who Uses This:** Cyber Security Associate, Cyber Security Engineer - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 43% Mid-Market, 34% Enterprise #### Pros & Cons **Pros:** - Security (9 reviews) - Security Protection (7 reviews) - Compliance (6 reviews) - Cloud Security (4 reviews) - Comprehensive Security (4 reviews) **Cons:** - Complexity (6 reviews) - Complex Setup (4 reviews) - Feature Complexity (4 reviews) - Learning Curve (4 reviews) - Difficult Learning (3 reviews) ### 12. [Vanta](https://www.g2.com/products/vanta/reviews) Vanta is the leading Agentic Trust Platform helping 15k+ companies—like Atlassian, Duolingo, Golden State Warriors, and Icelandair—start and scale their security programs and build trust with buyers. Vanta saves security teams time and improves program visibility by automating 35+ compliance frameworks, such as SOC 2 and ISO 27001, and GRC workflows, like risk management. **Average Rating:** 4.6/5.0 **Total Reviews:** 2,411 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.4/10 (Category avg: 9.0/10) - **Auditing:** 9.1/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.6/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Vanta](https://www.g2.com/sellers/vanta) - **Company Website:** https://www.vanta.com/ - **Year Founded:** 2018 - **HQ Location:** San Francisco, California - **Twitter:** @TrustVanta (4,558 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/vanta-security/ (1,624 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 56% Small-Business, 38% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (798 reviews) - Compliance (606 reviews) - Integrations (463 reviews) - Automation (457 reviews) - Time-saving (446 reviews) **Cons:** - Integration Issues (207 reviews) - Pricing Issues (178 reviews) - Expensive (173 reviews) - Limited Integrations (172 reviews) - Missing Features (165 reviews) ### 13. [AWS Security Hub](https://www.g2.com/products/aws-security-hub/reviews) AWS Security Hub is a cloud security posture management service that provides a comprehensive view of your security state within AWS. It aggregates, organizes, and prioritizes security alerts and compliance status across AWS accounts, services, and integrated third-party products. By continuously monitoring your environment against industry standards and best practices, Security Hub enables you to identify and remediate security issues efficiently, ensuring a robust security posture. Key Features and Functionality: - Aggregated Security Findings: Consolidates security alerts from AWS services like Amazon GuardDuty, Amazon Inspector, Amazon Macie, and AWS Firewall Manager, as well as from third-party security tools, into a single, unified dashboard. - Automated Compliance Checks: Performs continuous security best practice checks against your AWS resources, assessing compliance with standards such as the AWS Foundational Security Best Practices and the Center for Internet Security (CIS) AWS Foundations Benchmark. - Centralized Management: Offers a unified view of security findings across multiple AWS accounts and regions, simplifying security operations and enhancing visibility. - Prioritization and Insights: Correlates and enriches security findings to provide actionable insights, enabling you to prioritize critical issues and respond effectively. - Automated Response and Remediation: Integrates with AWS services and third-party tools to automate security workflows, reducing response times and improving operational efficiency. Primary Value and Problem Solved: AWS Security Hub addresses the challenge of managing and maintaining a secure cloud environment by providing centralized visibility and control over security findings. It simplifies the detection and remediation of security issues by aggregating data from various sources, automating compliance checks, and offering actionable insights. This unified approach reduces the complexity of security operations, enhances compliance with industry standards, and enables organizations to respond to threats more swiftly and effectively. **Average Rating:** 4.4/5.0 **Total Reviews:** 24 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.7/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.8/10 (Category avg: 9.0/10) - **Auditing:** 9.2/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.8/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Amazon Web Services (AWS)](https://www.g2.com/sellers/amazon-web-services-aws-3e93cc28-2e9b-4961-b258-c6ce0feec7dd) - **Year Founded:** 2006 - **HQ Location:** Seattle, WA - **Twitter:** @awscloud (2,225,864 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/amazon-web-services/ (156,424 employees on LinkedIn®) - **Ownership:** NASDAQ: AMZN **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 45% Enterprise, 34% Mid-Market #### Pros & Cons **Pros:** - Compliance (1 reviews) - Ease of Use (1 reviews) - Easy Implementation (1 reviews) - Integrations (1 reviews) - Reporting (1 reviews) **Cons:** - Complexity Issues (1 reviews) - Cost Management (1 reviews) - Expensive (1 reviews) - Inadequate Reporting (1 reviews) - Learning Curve (1 reviews) ### 14. [SentinelOne Singularity Cloud Security](https://www.g2.com/products/sentinelone-singularity-cloud-security/reviews) Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their remediation tasks with evidence-backed Verified Exploit Paths™. The efficient and scalable runtime protection, proven over 5 years and trusted by many of the world’s leading cloud enterprises, harnesses local, autonomous AI engines to detect and thwart runtime threats in real-time. CNAPP data and workload telemetry is recorded to SentinelOne’s unified security lake, for easy access and investigation. **Average Rating:** 4.9/5.0 **Total Reviews:** 113 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.9/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.9/10 (Category avg: 9.0/10) - **Auditing:** 9.8/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.8/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [SentinelOne](https://www.g2.com/sellers/sentinelone) - **Company Website:** https://www.sentinelone.com - **Year Founded:** 2013 - **HQ Location:** Mountain View, CA - **Twitter:** @SentinelOne (57,697 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2886771/ (3,183 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Financial Services - **Company Size:** 60% Mid-Market, 31% Enterprise #### Pros & Cons **Pros:** - Security (27 reviews) - Ease of Use (20 reviews) - Vulnerability Detection (19 reviews) - Cloud Management (16 reviews) - Cloud Security (15 reviews) **Cons:** - Complexity (5 reviews) - Ineffective Alerts (5 reviews) - Complex Setup (4 reviews) - Difficult Configuration (4 reviews) - Poor UI (4 reviews) ### 15. [Hyperproof](https://www.g2.com/products/hyperproof/reviews) Hyperproof is a modern, AI-powered GRC platform that empowers IT, security, and compliance teams to manage controls at scale, integrate their risk operations, and build trust with customers. With Hyperproof, you can scale compliance across your business, automate many controls and orchestrate the rest, connect controls to risks to protect your business, and unlock new business by automating security questionnaires and trust management. Leading organizations like Reddit, Fortinet, Appian, Outreach, and Thales trust Hyperproof. **Average Rating:** 4.5/5.0 **Total Reviews:** 212 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.8/10 (Category avg: 9.0/10) - **Auditing:** 8.6/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 5.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Hyperproof](https://www.g2.com/sellers/hyperproof) - **Company Website:** https://hyperproof.io/ - **Year Founded:** 2018 - **HQ Location:** Seattle, Washington, United States - **Twitter:** @Hyperproof (191 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/hyperproof (154 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 46% Mid-Market, 38% Enterprise #### Pros & Cons **Pros:** - Ease of Use (67 reviews) - Compliance Management (37 reviews) - Features (35 reviews) - Automation (33 reviews) - Compliance (32 reviews) **Cons:** - Learning Curve (17 reviews) - Learning Difficulty (13 reviews) - Limited Customization (13 reviews) - Not Intuitive (13 reviews) - Improvement Needed (12 reviews) ### 16. [Copla](https://www.g2.com/products/copla/reviews) Copla offers an advanced cybersecurity compliance platform for financial institutions, focusing on DORA while also supporting a range of other industry frameworks. Our platform simplifies compliance with predefined and customizable workflows that eliminate manual tasks. Employees are engaged in real-time compliance checks and evidence gathering via our chatbot Copla Stream, reducing bottlenecks and streamlining the process. Compliance evidence is automatically stored in a central location, making audits faster and always regulator-ready. Features like data extraction, risk assessment, vulnerability scanning, penetration testing, and continuous monitoring ensure businesses stay secure and compliant. We also provide business continuity planning and awareness training to strengthen security posture. Copla includes fractional CISO services, offering expert guidance and strategic leadership to help organizations navigate complex compliance and risk management challenges. With fully guided DORA implementation, compliance analysis, and robust risk management workflows, our platform empowers financial institutions to reduce compliance workloads by up to 80% and save over 60K EUR, ensuring efficient and secure operations. **Average Rating:** 4.9/5.0 **Total Reviews:** 82 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.2/10 (Category avg: 9.0/10) - **Auditing:** 9.5/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.3/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Copla](https://www.g2.com/sellers/copla) - **Company Website:** https://www.copla.com - **Year Founded:** 2023 - **HQ Location:** N/A - **LinkedIn® Page:** https://www.linkedin.com/company/cyber-upgrade/ (41 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Financial Services, Accounting - **Company Size:** 78% Small-Business, 27% Mid-Market #### Pros & Cons **Pros:** - Compliance (42 reviews) - Ease of Use (42 reviews) - Time-saving (30 reviews) - Auditing (29 reviews) - Evidence Collection (27 reviews) **Cons:** - Difficult Setup (12 reviews) - Integration Issues (11 reviews) - Complex Setup (9 reviews) - UX Improvement (9 reviews) - Learning Curve (8 reviews) ### 17. [Scrut Automation](https://www.g2.com/products/scrut-automation/reviews) Scrut Automation is a leading compliance automation platform designed for fast-growing businesses looking to streamline security, risk, and compliance without disrupting operations. It centralizes compliance functions, automates evidence collection, and simplifies audits, helping security teams reduce compliance efforts by up to 80%. Scrut supports 60+ out-of-the-box frameworks, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS, with the flexibility to add custom frameworks for unique regulatory needs. With 100+ integrations, Scrut seamlessly integrates into your security and IT ecosystem, automating compliance, eliminating manual work, and improving risk visibility. Join 1700+ industry leaders who trust Scrut for simplified compliance and risk management. Schedule a demo today. **Average Rating:** 4.9/5.0 **Total Reviews:** 1,298 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.6/10 (Category avg: 9.0/10) - **Auditing:** 9.5/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Scrut Automation](https://www.g2.com/sellers/scrut-automation) - **Company Website:** https://www.scrut.io/ - **Year Founded:** 2022 - **HQ Location:** Palo Alto, US - **Twitter:** @scrutsocial (120 Twitter followers) - **LinkedIn® Page:** https://in.linkedin.com/company/scrut-automation (230 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 50% Small-Business, 48% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (276 reviews) - Customer Support (249 reviews) - Compliance Management (225 reviews) - Helpful (216 reviews) - Compliance (190 reviews) **Cons:** - Improvement Needed (69 reviews) - Technical Issues (52 reviews) - Missing Features (44 reviews) - UX Improvement (44 reviews) - Learning Curve (41 reviews) ### 18. [FortiCNAPP](https://www.g2.com/products/forticnapp/reviews) FortiCNAPP (formerly Lacework) is an AI-powered Cloud-Native Application Protection Platform that delivers unified security across your multi-cloud and hybrid environments. Built to protect the entire application lifecycle—from development to runtime—it combines posture management, workload protection, identity security, and threat detection into one integrated platform. By leveraging machine learning and behavioral analytics, FortiCNAPP helps security teams detect unknown threats, reduce noise, and accelerate response. Integrated with the Fortinet Security Fabric, it provides full-stack visibility across cloud, network, and endpoint environments—empowering teams to operate with confidence, reduce complexity, and scale securely. **Average Rating:** 4.4/5.0 **Total Reviews:** 383 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.0/10 (Category avg: 9.0/10) - **Auditing:** 8.7/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.2/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet) - **Company Website:** https://www.fortinet.com - **Year Founded:** 2000 - **HQ Location:** Sunnyvale, CA - **Twitter:** @Fortinet (151,495 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,112 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Engineer, Security Analyst - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 62% Mid-Market, 26% Enterprise #### Pros & Cons **Pros:** - Security (8 reviews) - Vulnerability Detection (7 reviews) - Alert Management (6 reviews) - Cloud Security (6 reviews) - Ease of Use (6 reviews) **Cons:** - Difficult Setup (5 reviews) - Poor Documentation (5 reviews) - Complex Setup (4 reviews) - Setup Difficulty (4 reviews) - Complex Configuration (3 reviews) ### 19. [Drata](https://www.g2.com/products/drata/reviews) Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining compliance workflows end-to-end to ensure audit readiness. Drata helps thousands of companies streamline their compliance efforts through continuous, automated control monitoring and evidence collection, resulting in lower costs and time spent preparing for annual audits and better overall security posture. Drata's supported frameworks include: SOC 2, ISO 27001, HIPAA, GDPR, PCI DSS, CCPA, CCM, CMMC, ISO 27701, ISO 27017, ISO 27018, Cyber Essentials, Microsoft SSPA, NIST 800-53, NIST CSF, NIST AI, FFIEC, NIST 800-171, and Custom Frameworks. Drata is backed by ICONIQ Growth, GGV Capital, SVCI (Silicon Valley CISO Investments), Okta Ventures, Salesforce Ventures, Cowboy Ventures, Leaders Fund, SV Angel, and many key industry leaders. **Average Rating:** 4.7/5.0 **Total Reviews:** 1,146 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.3/10 (Category avg: 9.0/10) - **Auditing:** 9.1/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Drata](https://www.g2.com/sellers/drata) - **Company Website:** https://drata.com/ - **Year Founded:** 2020 - **HQ Location:** San Diego, US - **Twitter:** @DrataHQ (1,509 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/drata/ (690 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 52% Small-Business, 43% Mid-Market #### Pros & Cons **Pros:** - Customer Support (161 reviews) - Ease of Use (148 reviews) - Compliance (130 reviews) - Time-saving (106 reviews) - Integrations (103 reviews) **Cons:** - Limited Integrations (47 reviews) - Improvements Needed (42 reviews) - Integration Issues (41 reviews) - Lack of Clarity (31 reviews) - Missing Features (24 reviews) ### 20. [Aqua Security](https://www.g2.com/products/aqua-security/reviews) Aqua Security sees and stops attacks across the entire cloud native application lifecycle in a single, integrated platform. From software supply chain security for developers to cloud security and runtime protection for security teams, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry’s most comprehensive Cloud Native Application Protection Platform (CNAPP). Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. **Average Rating:** 4.2/5.0 **Total Reviews:** 57 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.2/10 (Category avg: 9.0/10) - **Auditing:** 7.3/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 7.2/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Aqua Security Software Ltd](https://www.g2.com/sellers/aqua-security-software-ltd) - **Year Founded:** 2015 - **HQ Location:** Burlington, US - **Twitter:** @AquaSecTeam (7,690 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/aquasecteam/ (499 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer Software, Financial Services - **Company Size:** 56% Enterprise, 39% Mid-Market #### Pros & Cons **Pros:** - Security (19 reviews) - Ease of Use (18 reviews) - Features (12 reviews) - Detection (10 reviews) - Vulnerability Identification (9 reviews) **Cons:** - Missing Features (9 reviews) - Lack of Features (6 reviews) - Limited Features (6 reviews) - Difficult Navigation (4 reviews) - Improvement Needed (4 reviews) ### 21. [LevelBlue USM Anywhere](https://www.g2.com/products/levelblue-usm-anywhere/reviews) LevelBlue USM Anywhere is a cloud-based security management solution that accelerates and centralizes threat detection, incident response, and compliance management for your cloud, hybrid cloud, and on-premises environments. USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physical IT infrastructure. With USM Anywhere, you can rapidly deploy sensors into your cloud and on-premises environments while centrally managing data collection, security analysis, and threat detection from the AlienVault Secure Cloud. Five Essential Security Capabilities in a Single SaaS Platform AlienVault USM Anywhere provides five essential security capabilities in a single SaaS solution, giving you everything you need for threat detection, incident response, and compliance management—all in a single pane of glass. With USM Anywhere, you can focus on finding and responding to threats, not managing software. An elastic, cloud-based security solution, USM Anywhere can readily scale to meet your threat detection needs as your hybrid cloud environment changes and grows. 1. Asset Discovery 2. Vulnerability Assessment 3. Intrusion Detection 4. Behavioral Monitoring 5. SIEM **Average Rating:** 4.4/5.0 **Total Reviews:** 102 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.7/10 (Category avg: 9.0/10) - **Auditing:** 8.3/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.1/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [LevelBlue](https://www.g2.com/sellers/levelblue-49a2e3c1-ca90-4308-b899-08973f657bae) - **HQ Location:** Dallas, Texas, United States - **LinkedIn® Page:** https://www.linkedin.com/company/levelbluecyber/ (638 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Financial Services - **Company Size:** 62% Mid-Market, 20% Small-Business ### 22. [Horangi Warden](https://www.g2.com/products/horangi-warden/reviews) Warden is a Cloud Security Posture Management (CSPM) solution that helps organizations using AWS, GCP, Ali Cloud, Huawei, or Azure infrastructure to configure their infrastructure according to globally recognized compliance standards, without requiring any cloud expertise. Reduce the headcount required to hire a cloud security team by 70% to do manual checks by automatically identifying and mapping infrastructure configurations to compliance standards like MAS TRM, OJK, SOC 2, GDPR, or your custom compliance needs, in a 10-minute no code set up. **Average Rating:** 4.4/5.0 **Total Reviews:** 52 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.0/10 (Category avg: 9.0/10) - **Auditing:** 8.7/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Horangi](https://www.g2.com/sellers/horangi) - **Year Founded:** 2016 - **HQ Location:** Singapore, Singapore - **Twitter:** @horangi (13 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/horangi/ (41 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Financial Services - **Company Size:** 43% Small-Business, 32% Mid-Market ### 23. [Qualys VMDR](https://www.g2.com/products/qualys-vmdr/reviews) Qualys VMDR is an all-in-one risk-based vulnerability management solution that quantifies cyber risk. It gives organizations unprecedented insights into their risk posture and provides actionable steps to reduce risk. It also gives cybersecurity and IT teams a shared platform to collaborate, and the power to quickly align and automate no-code workflows to respond to threats with automated remediation and integrations with ITSM solutions such as ServiceNow. **Average Rating:** 4.4/5.0 **Total Reviews:** 164 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 7.5/10 (Category avg: 9.0/10) - **Auditing:** 7.7/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 7.0/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Qualys](https://www.g2.com/sellers/qualys) - **Year Founded:** 1999 - **HQ Location:** Foster City, CA - **Twitter:** @qualys (34,191 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/8561/ (3,564 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Engineer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 51% Enterprise, 28% Mid-Market #### Pros & Cons **Pros:** - Customer Support (2 reviews) - Features (2 reviews) - Vulnerability Detection (2 reviews) - Vulnerability Identification (2 reviews) - Alerting System (1 reviews) **Cons:** - Complexity (2 reviews) - Complex Reporting (1 reviews) - Complex Setup (1 reviews) - Difficult Learning (1 reviews) - Feature Complexity (1 reviews) ### 24. [Tripwire Enterprise](https://www.g2.com/products/tripwire-enterprise/reviews) Tripwire Enterprise is a proven integrity management solution that provides superior security and continuous compliance. By combining file integrity monitoring (FIM) and security confirmation management (SCM) capabilities, Tripwire Enterprise helps you accurately identify security misconfigurations and indicators of compromise before it's too late. Get unparalleled visibility into your ecosystem with detailed insights into the current state and history of each monitored asset. Tripwire Enterprise helps you meet compliance needs (like PCI DSS, HIPAA, SOX, etc.) and go beyond basic FIM and SCM to heighten security of your environment. A Key Part of Fortra (the new face of HelpSystems) Tripwire is proud to be part of Fortra’s comprehensive cybersecurity portfolio. Fortra simplifies today’s complex cybersecurity landscape by bringing complementary products together to solve problems in innovative ways. These integrated, scalable solutions address the fast-changing challenges you face in safeguarding your organization. With the help of the powerful protection from Tripwire Enterprise and others, Fortra is your relentless ally, here for you every step of the way throughout your cybersecurity journey. **Average Rating:** 3.9/5.0 **Total Reviews:** 29 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.1/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.3/10 (Category avg: 9.0/10) - **Auditing:** 10.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.3/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Fortra](https://www.g2.com/sellers/fortra) - **Year Founded:** 1982 - **HQ Location:** Eden Prairie, Minnesota - **Twitter:** @fortraofficial (2,763 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/fortra (1,738 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Banking - **Company Size:** 65% Enterprise, 32% Mid-Market ## Parent Category [Cloud Security Software](https://www.g2.com/categories/cloud-security) ## Related Categories - [Cloud Workload Protection Platforms](https://www.g2.com/categories/cloud-workload-protection-platforms) - [Cloud Security Posture Management (CSPM) Software](https://www.g2.com/categories/cloud-security-posture-management-cspm) - [Security Compliance Software](https://www.g2.com/categories/security-compliance)