Best Cloud Infrastructure Entitlement Management (CIEM) Software

Lauren Worth
LW
Researched and written by Lauren Worth

Cloud infrastructure entitlement management (CIEM) software, also sometimes referred to as cloud permissions management software, is a security solution that manages user privileges or "entitlements" in cloud environments. The software controls access to applications, infrastructure, and resources in the cloud environment using the principle of least privileges (POLP). The least privilege policy is an integral part of the zero trust policy that limits the attack surface of security threats by restricting access in the cloud landscape.

CIEM software manages user accounts, defines user roles, and provides access control to ensure only the right users have access to resources, which reduces unauthorized access. Companies with complex cloud landscapes, as well as numerous teams and users, can use CIEM software to secure their cloud environments and ensure compliance. Security and IT operations teams use this tool to control access privileges and monitor the cloud environment for unauthorized access.

CIEM solutions have some features that overlap with identity and access management (IAM) software as both provide authentication and access control. However, they have distinct purposes. IAM focuses on user authentication, authorization, and access control across an organization's IT systems, both on-premises and in the cloud. CIEM extends its scope to include cloud infrastructure and endpoint management, addressing the broader challenges of managing cloud resources, securing endpoints, and ensuring cloud security and compliance.

To qualify for inclusion in the Cloud Infrastructure Entitlement Management (CIEM) category, a product must:

Provide visibility into all cloud assets and access privileges
Remove any unused privileges
Continuously monitor the environments, detect any violations, and perform automatic remediation
Show More
Show Less

Best Cloud Infrastructure Entitlement Management (CIEM) Software At A Glance

Leader:
Wiz
Wiz
Highest Performer:
Sonrai Security
Sonrai Security
Easiest to Use:
Sysdig Secure
Sysdig Secure
Top Trending:
SailPoint
SailPoint
Best Free Software:
Wiz
Wiz
Show More
Show Less

G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.

  • Segment
  • Rating
  • Language
  • Pricing
No filters applied
  • Segment
  • Rating
  • Language
  • Pricing
Clear Filter
More Filters
Market Segments
All Segments
Mid Market
Enterprise
Avg. Customer Review
Language
Pricing
Sort by
Clear All
22 Listings in Cloud Infrastructure Entitlement Management (CIEM) Available
  • Sort By:
    G2 Score

Wiz

(775)4.7 out of 5
2nd Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
View top Consulting Services for Wiz
OverviewPros and Cons
Product Description

Wiz transforms cloud security for customers – including more than 50% of the Fortune 100 – by enabling a new operating model. With Wiz, organizations can democratize security across the developme

Users: CISO, Security Engineer · Industries: Financial Services, Information Technology and Services · Market Segment: 54% Enterprise, 39% Mid-Market
Pros and ConsSeller Details
ProsFeatures, Security, Ease of Use, Visibility, Easy Setup
ConsImprovement Needed, Feature Limitations, Learning Curve, Improvements Needed, Complexity
Seller Details
Year Founded
2020
HQ Location
New York, US
Company Website
https://www.wiz.io/
Twitter
@wiz_io
LinkedIn® Page
https://www.linkedin.com/company/wizsecurity/

Cortex Cloud

(111)4.1 out of 5
8th Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
OverviewPros and Cons
Product Description

Cortex Cloud by Palo Alto Networks, the next version of Prisma Cloud, understands a unified security approach is essential for effectively addressing AppSec, CloudSec, and SecOps. Connecting cloud sec

Industries: Information Technology and Services, Computer & Network Security · Market Segment: 39% Enterprise, 32% Mid-Market
Pros and ConsSeller Details
ProsEase of Use, Features, Security, Visibility, Cloud Integration
ConsExpensive, Difficult Learning, Learning Curve, Pricing Issues, Complex Setup
Seller Details
Year Founded
2005
HQ Location
Santa Clara, CA
Company Website
https://www.paloaltonetworks.com
Twitter
@PaloAltoNtwks
LinkedIn® Page
https://www.linkedin.com/company/30086/
Ownership
NYSE: PANW
G2 Advertising
Sponsored
G2 Advertising
Get 2x conversion than Google Ads with G2 Advertising!
G2 Advertising places your product in premium positions on high-traffic pages and on targeted competitor pages to reach buyers at key comparison moments.
Learn More

Sysdig Secure

(111)4.8 out of 5
1st Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
OverviewPros and Cons
Product Description

Sysdig Secure is the real-time cloud-native application protection platform (CNAPP) trusted by organizations of all sizes around the world.. Built by the creators of Falco and Wireshark, Sysdig unique

Users: Security Engineer · Industries: Financial Services, Information Technology and Services · Market Segment: 46% Enterprise, 40% Mid-Market
Pros and ConsSeller Details
ProsSecurity, Vulnerability Detection, Threat Detection, Detection Efficiency, Features
ConsFeature Limitations, Complexity, Missing Features, Difficult Learning, Feature Complexity
Seller Details
Year Founded
2013
HQ Location
San Francisco, California
Company Website
https://www.sysdig.com
Twitter
@Sysdig
LinkedIn® Page
https://www.linkedin.com/company/3592486/

Orca Security

(233)4.6 out of 5
Entry Level Price:Contact Us
4th Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
View top Consulting Services for Orca Security
OverviewPros and Cons
Product Description

The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google C

Users: Security Engineer, CISO · Industries: Computer Software, Information Technology and Services · Market Segment: 49% Mid-Market, 39% Enterprise
Pros and ConsSeller Details
ProsEase of Use, Features, Security, User Interface, Visibility
ConsImprovement Needed, Feature Limitations, Limited Features, Missing Features, Ineffective Alerts
Seller Details
Year Founded
2019
HQ Location
Portland, Oregon
Company Website
https://orca.security
Twitter
@orcasec
LinkedIn® Page
https://www.linkedin.com/company/35573984/

Microsoft Entra Permissions Management

(16)4.3 out of 5
7th Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
OverviewSeller Details
Product Description

CloudKnox Permissions Management is a cloud infrastructure entitlement management (CIEM) solution that provides comprehensive visibility into permissions assigned to all identities – users and workloa

Market Segment: 50% Small-Business, 25% Mid-Market
Seller Details
Year Founded
1975
HQ Location
Redmond, Washington
Company Website
https://www.microsoft.com/
Twitter
@microsoft
LinkedIn® Page
https://www.linkedin.com/company/microsoft/
Ownership
MSFT
Phone
+1 (877) 276-2464

SailPoint

(168)4.5 out of 5
6th Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
View top Consulting Services for SailPoint
OverviewPros and Cons
Product Description

SailPoint is the leader in identity security for the modern enterprise. Harnessing the power of AI and machine learning, SailPoint automates the management and control of access, delivering only the r

Users: Software Engineer · Industries: Financial Services, Information Technology and Services · Market Segment: 76% Enterprise, 18% Mid-Market
Pros and ConsSeller Details
ProsEase of Use, Features, Security, Identity Management, Integrations
ConsImprovement Needed, Poor Customer Support, Missing Features, Expensive, Difficult Learning
Seller Details
Year Founded
2004
HQ Location
Austin, TX
Company Website
https://www.sailpoint.com
Twitter
@SailPoint
LinkedIn® Page
https://www.linkedin.com/company/47456/
Phone
(512) 346-2000

Sonrai Security

(25)4.6 out of 5
Free trial available
3rd Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
OverviewPros and Cons
Product Description

Sonrai Security is a leading cloud privileged access management solutions provider. With a mission to empower enterprises of all sizes to innovate securely and confidently, Sonrai Security delivers id

Industries: Information Technology and Services · Market Segment: 40% Enterprise, 40% Mid-Market
Pros and ConsSeller Details
ProsCloud Security, Security, Cloud Management, Ease of Use, Cloud Technology
ConsComplexity, Expensive, Feature Limitations, Improvement Needed, Limited Customization
Seller Details
Year Founded
2017
HQ Location
New York, US
Company Website
https://sonraisecurity.com
LinkedIn® Page
https://www.linkedin.com/company/sonrai-security

Tenable Cloud Security

(37)4.6 out of 5
View top Consulting Services for Tenable Cloud Security
OverviewPros and Cons
Product Description

Tenable Cloud Security is an actionable cloud security platform that exposes and closes priority security gaps caused by misconfigurations, risky entitlements and vulnerabilities. Organizations use it

Industries: Information Technology and Services, Computer Software · Market Segment: 57% Mid-Market, 38% Enterprise
Pros and ConsSeller Details
ProsCompliance, Detailed Analysis, Ease of Use, Features, Integrations
ConsComplex Setup, Expensive, Feature Limitations, Difficult Setup, Implementation Difficulty
Seller Details
HQ Location
Columbia, MD
Company Website
https://www.tenable.com/
Twitter
@TenableSecurity
LinkedIn® Page
https://www.linkedin.com/company/25452/
Ownership
NASDAQ: TENB

FortiCNAPP

(386)4.4 out of 5
5th Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
View top Consulting Services for FortiCNAPP
OverviewPros and Cons
Product Description

FortiCNAPP (formerly Lacework) is an AI-powered Cloud-Native Application Protection Platform that delivers unified security across your multi-cloud and hybrid environments. Built to protect the entire

Users: Security Engineer, Security Analyst · Industries: Information Technology and Services, Computer Software · Market Segment: 62% Mid-Market, 26% Enterprise
Pros and ConsSeller Details
ProsSecurity, Vulnerability Detection, Alert Management, Cloud Security, Ease of Use
ConsDifficult Setup, Poor Documentation, Complex Setup, Setup Difficulty, Complex Configuration
Seller Details
Year Founded
2000
HQ Location
Sunnyvale, CA
Company Website
https://www.fortinet.com
Twitter
@Fortinet
LinkedIn® Page
https://www.linkedin.com/company/6460/
Ownership
NASDAQ: FTNT

Saviynt

(76)4.3 out of 5
OverviewPros and Cons
Product Description

Saviynt helps organizations transform their organization with identity security. Our AI-first platform enables enterprises to secure every identity — human, non-human, and AI — within any application

Industries: Information Technology and Services, Manufacturing · Market Segment: 79% Enterprise, 5% Mid-Market
Pros and ConsSeller Details
ProsEase of Use, Features, Easy Setup, Customer Support, Integrations
ConsDifficult Learning, Lack of Features, Limited Features, Poor Interface Design, Complexity
Seller Details
Year Founded
2010
HQ Location
El Segundo, US
Company Website
https://www.saviynt.com
Twitter
@saviynt
LinkedIn® Page
https://www.linkedin.com/company/saviynt

CrowdStrike Falcon Cloud Security

(83)4.6 out of 5
Entry Level Price:Contact Us
View top Consulting Services for CrowdStrike Falcon Cloud Security
OverviewPros and Cons
Product Description

Crowdstrike Falcon Cloud Security is the only CNAPP to stop breaches in the cloud Built for today’s hybrid and multi-cloud environments, Falcon Cloud Security protects the entire cloud attack surface

Industries: Information Technology and Services, Computer & Network Security · Market Segment: 46% Enterprise, 42% Mid-Market
Pros and ConsSeller Details
ProsSecurity, Cloud Security, Detection Efficiency, Vulnerability Detection, Ease of Use
ConsExpensive, Improvements Needed, Improvement Needed, Feature Complexity, Learning Curve
Seller Details
Year Founded
2011
HQ Location
Sunnyvale, CA
Company Website
https://www.crowdstrike.com
Twitter
@CrowdStrike
LinkedIn® Page
https://www.linkedin.com/company/2497653/
Ownership
NASDAQ: CRWD

BeyondTrust Entitle Just-in-Time Access

(12)4.3 out of 5
Entry Level Price:Contact Us
OverviewPros and Cons
Product Description

Entitle is a seamless way to grant employees granular and just-in-time access within Cloud and SaaS. Specializing in temporary admin escalations, break-glass access, granular access to PII, and acces

Market Segment: 75% Mid-Market, 17% Small-Business
Pros and ConsSeller Details
ProsDocumentation, Security, Access Control, Auditing, Capabilities
ConsComplex Queries, Complex Usability, Complex Usage, Difficult Setup, Admin Management Issues
Seller Details
Year Founded
1985
HQ Location
Johns Creek, GA
Company Website
https://www.beyondtrust.com
Twitter
@BeyondTrust
LinkedIn® Page
https://www.linkedin.com/company/294396/

CyberArk Secure Cloud Access

(6)4.9 out of 5
OverviewPros and Cons
Product Description

CyberArk Secure Cloud Access provisions Zero Standing Privileges (ZSP) across multi-cloud environments, scoping just enough permissions to adhere to the principle of least privilege access. CyberAr

Market Segment: 67% Mid-Market, 33% Enterprise
Pros and ConsSeller Details
ProsEase of Use, User Interface, Access Management, Easy Setup, Features
Seller Details
Year Founded
1999
HQ Location
Newton, MA
Company Website
https://www.cyberark.com
Twitter
@CyberArk
LinkedIn® Page
https://www.linkedin.com/company/26630/
Ownership
NASDAQ:CYBR
Phone
1-888-808-9005

CheckRed

(4)4.8 out of 5
OverviewSeller Details
Product Description

CheckRed is a complete cloud security platform (SSPM/CNAPP/CSPM/CIEM/CWPP/Compliance) covering all critical SaaS apps and cloud providers – all in a single, user-friendly, and affordable solution.

Market Segment: 75% Mid-Market, 25% Small-Business
Seller Details
HQ Location
5220 Spring Valley Rd Suite 604 Dallas,TX 75254
Company Website
https://checkred.com/
LinkedIn® Page
https://www.linkedin.com/company/checkred/

Trustle

(1)4.5 out of 5
OverviewPros and Cons
Product Description

Trustle goes beyond Cloud Infrastructure Entitlement Management (CIEM) to prioritize the most over-privileged users, and easily transition your entire organization to Just-In-Time Access to everything

Market Segment: 100% Mid-Market
Pros and ConsSeller Details
ProsCloud Services, Identity Management, Secure Access
Seller Details
Year Founded
2019
HQ Location
Boston, MA, USA
Company Website
https://trustle.com
LinkedIn® Page
https://www.linkedin.com/company/trustlesecurity
Filters
Filter
Clear Filter
More Filters
Market Segments
All Segments
Mid Market
Enterprise
Avg. Customer Review
Language
Pricing
Sort by
Clear All
  • Segment
Clear Filter
More Filters
Market Segments
All Segments
Mid Market
Enterprise
Avg. Customer Review
Language
Pricing
Sort by
Clear All
22 Listings in Cloud Infrastructure Entitlement Management (CIEM) Available
  • Sort By:
    G2 Score

Recommended For You

Automation Anywhere Agentic Process Automation
Demandbase One
Phrase Localization Platform
DigitalOcean
SAS Viya