# Best Container Security Tools for Medium-Sized Businesses

  *By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)*

   Products classified in the overall Container Security category are similar in many regards and help companies of all sizes solve their business problems. However, medium-sized business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Medium-Sized Business Container Security to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2&#39;s buying advisors to find the right solutions within the Medium-Sized Business Container Security category.

In addition to qualifying for inclusion in the Container Security Tools category, to qualify for inclusion in the Medium-Sized Business Container Security Tools category, a product must have at least 10 reviews left by a reviewer from a medium-sized business.


## Category Overview

**Total Products under this Category:** 74


## Trust & Credibility Stats

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 4,100+ Authentic Reviews
- 74+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


---

**Sponsored**

### Upwind

Upwind is the runtime-first cloud security platform that secures your deployments, configurations, and applications by providing real-time visibility from the inside out. We’ve built a unified fabric that maps your environment as it runs - revealing what’s truly at risk, what’s actively happening, and how to respond quickly and effectively. With Upwind, security, dev, and ops teams move faster, stay focused, and fix risks that matter most.


[Visit company website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=1594&amp;secure%5Bdisplayable_resource_id%5D=1594&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=page_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=1594&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=1333227&amp;secure%5Bresource_id%5D=1594&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fcontainer-security-tools%2Fmid-market&amp;secure%5Btoken%5D=3a2a4bf7ca102646720eed08526b4070b2c1f18bf18cec0de68330fd3cd13181&amp;secure%5Burl%5D=https%3A%2F%2Fwww.upwind.io&amp;secure%5Burl_type%5D=custom_url)

---

## Top-Rated Products (Ranked by G2 Score)
  ### 1. [Wiz](https://www.g2.com/products/wiz-wiz/reviews)
  Wiz transforms cloud security for customers – including more than 50% of the Fortune 100 – by enabling a new operating model. With Wiz, organizations can democratize security across the development lifecycle, empowering them to build fast and securely. Its Cloud Native Application Protection Platform (CNAPP) consolidates CSPM, KSPM, CWPP, Vulnerability management, IaC scanning, CIEM, DSPM into a single platform. Wiz drives visibility, risk prioritization, and business agility. Protecting Your Cloud Environments Requires a Unified, Cloud Native Platform. Wiz connects to every cloud environment, scans every layer, and covers every aspect of your cloud security - including elements that normally require installing agents. Its comprehensive approach has all of these cloud security solutions built in. Hundreds of organizations worldwide, including 50 percent of the Fortune 100, to rapidly identify and remove critical risks in cloud environments. Its customers include Salesforce, Slack, Mars, BMW, Avery Dennison, Priceline, Cushman &amp; Wakefield, DocuSign, Plaid, and Agoda, among others. Wiz is backed by Sequoia, Index Ventures, Insight Partners, Salesforce, Blackstone, Advent, Greenoaks, Lightspeed and Aglaé. Visit https://www.wiz.io for more information.


  **Average Rating:** 4.7/5.0
  **Total Reviews:** 772

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10)
- **Security Auditing:** 9.1/10 (Category avg: 8.3/10)
- **Network Segmentation:** 7.7/10 (Category avg: 7.9/10)
- **Workload Protection:** 8.0/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Wiz](https://www.g2.com/sellers/wiz-76a0133b-42e5-454e-b5da-860e503471db)
- **Company Website:** https://www.wiz.io/
- **Year Founded:** 2020
- **HQ Location:** New York, US
- **Twitter:** @wiz_io (22,550 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/wizsecurity/ (3,248 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** CISO, Security Engineer
  - **Top Industries:** Financial Services, Information Technology and Services
  - **Company Size:** 54% Enterprise, 39% Mid-Market


#### Pros & Cons

**Pros:**

- Features (113 reviews)
- Security (107 reviews)
- Ease of Use (104 reviews)
- Visibility (87 reviews)
- Easy Setup (68 reviews)

**Cons:**

- Improvement Needed (35 reviews)
- Feature Limitations (34 reviews)
- Learning Curve (34 reviews)
- Improvements Needed (29 reviews)
- Complexity (27 reviews)

  ### 2. [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews)
  Sysdig Secure is the real-time cloud-native application protection platform (CNAPP) trusted by organizations of all sizes around the world.. Built by the creators of Falco and Wireshark, Sysdig uniquely delivers runtime-powered visibility and agentic AI to stop cloud attacks instantly, not after the damage is done. With Sysdig, you can: - Stop threats in 2 seconds and respond in minutes - Cut vulnerability noise by 95% with runtime prioritization - Detect real risk instantly across workloads, identities, and misconfigurations - Close permissions gaps in under 2 minutes Sysdig Secure consolidates CSPM, CWPP, CIEM, vulnerability management, and threat detection into a single open, real-time platform. Unlike other CNAPPs, Sysdig connects signals across runtime, identity, and posture to eliminate blind spots, reduce tool sprawl, and accelerate innovation without compromise. No guesswork. No black boxes. Just cloud security, the right way. Learn more at https://sysdig.com


  **Average Rating:** 4.8/5.0
  **Total Reviews:** 110

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.1/10)
- **Security Auditing:** 9.6/10 (Category avg: 8.3/10)
- **Network Segmentation:** 9.1/10 (Category avg: 7.9/10)
- **Workload Protection:** 9.4/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Sysdig](https://www.g2.com/sellers/sysdig-715eaed9-9743-4f27-bd2b-d3730923ac3e)
- **Company Website:** https://www.sysdig.com
- **Year Founded:** 2013
- **HQ Location:** San Francisco, California
- **Twitter:** @Sysdig (10,256 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/3592486/ (640 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** Security Engineer
  - **Top Industries:** Financial Services, Information Technology and Services
  - **Company Size:** 46% Enterprise, 40% Mid-Market


#### Pros & Cons

**Pros:**

- Security (33 reviews)
- Vulnerability Detection (32 reviews)
- Threat Detection (31 reviews)
- Detection Efficiency (30 reviews)
- Features (23 reviews)

**Cons:**

- Feature Limitations (10 reviews)
- Complexity (9 reviews)
- Missing Features (8 reviews)
- Difficult Learning (7 reviews)
- Feature Complexity (7 reviews)

  ### 3. [Orca Security](https://www.g2.com/products/orca-security/reviews)
  The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google Cloud, Kubernetes, Alibaba Cloud, and Oracle Cloud. Orca offers the industry’s most comprehensive cloud security solution in a single platform — eliminating the need to deploy and maintain multiple point solutions. Orca is agentless-first, and connects to your environment in minutes using Orca’s patented SideScanning™ technology that provides deep and wide visibility into your cloud environment, without requiring agents. In addition, Orca can integrate with third-party agents for runtime visibility and protection for critical workloads. Orca is at the forefront of leveraging Generative AI for simplified investigations and accelerated remediation – reducing required skill levels and saving cloud security, DevOps, and development teams time and effort, while significantly improving security outcomes. As a Cloud Native Application Protection Platform (CNAPP), Orca consolidates many point solutions in one platform, including: CSPM, CWPP, CIEM, Vulnerability Management, Container and Kubernetes Security, DSPM, API Security, CDR, Multi-cloud Compliance, Shift Left Security, and AI-SPM.


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 237

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10)
- **Security Auditing:** 8.9/10 (Category avg: 8.3/10)
- **Network Segmentation:** 7.7/10 (Category avg: 7.9/10)
- **Workload Protection:** 7.8/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Orca Security](https://www.g2.com/sellers/orca-security)
- **Company Website:** https://orca.security
- **Year Founded:** 2019
- **HQ Location:** Portland, Oregon
- **Twitter:** @orcasec (4,832 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/35573984/ (495 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** Security Engineer, CISO
  - **Top Industries:** Information Technology and Services, Computer Software
  - **Company Size:** 48% Mid-Market, 41% Enterprise


#### Pros & Cons

**Pros:**

- Ease of Use (37 reviews)
- Features (33 reviews)
- Security (29 reviews)
- User Interface (22 reviews)
- Visibility (22 reviews)

**Cons:**

- Improvement Needed (15 reviews)
- Feature Limitations (12 reviews)
- Limited Features (10 reviews)
- Missing Features (10 reviews)
- Ineffective Alerts (9 reviews)

  ### 4. [Hybrid Cloud Security](https://www.g2.com/products/trend-micro-hybrid-cloud-security/reviews)
  In today&#39;s complex digital landscape, securing your cloud environment is paramount. The management and security of your hybrid and multi-cloud setup pose increasing challenges. Trend&#39;s Cloud Security provides essential visibility, allowing you and your teams to secure every aspect of your transformation and eliminate disruptive security silos. Automate security policies, deployments, monitoring, and compliance audits seamlessly from a single console, ensuring the automatic protection of all workloads from both known and unknown threats. With Cloud-Native Application Protection and robust platform capabilities, Trend empowers you to proactively address vulnerabilities and defend against threats. Gain centralized visibility, continuous asset discovery, and contextualized risk assessments, equipping your team with everything necessary to stay ahead of potential cloud security risks.


  **Average Rating:** 4.5/5.0
  **Total Reviews:** 181

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.1/10)
- **Security Auditing:** 9.1/10 (Category avg: 8.3/10)
- **Network Segmentation:** 6.7/10 (Category avg: 7.9/10)
- **Workload Protection:** 9.2/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Trend Micro](https://www.g2.com/sellers/trend-micro)
- **Year Founded:** 1988
- **HQ Location:** Tokyo
- **LinkedIn® Page:** https://www.linkedin.com/company/4312/ (8,090 employees on LinkedIn®)
- **Ownership:** OTCMKTS:TMICY
- **Total Revenue (USD mm):** $1,515

**Reviewer Demographics:**
  - **Who Uses This:** Cyber Security Engineer, Cyber Security Associate
  - **Top Industries:** Computer &amp; Network Security, Information Technology and Services
  - **Company Size:** 43% Mid-Market, 34% Enterprise


#### Pros & Cons

**Pros:**

- Security (9 reviews)
- Security Protection (7 reviews)
- Compliance (6 reviews)
- Cloud Security (4 reviews)
- Comprehensive Security (4 reviews)

**Cons:**

- Complexity (6 reviews)
- Complex Setup (4 reviews)
- Feature Complexity (4 reviews)
- Learning Curve (4 reviews)
- Difficult Learning (3 reviews)

  ### 5. [Cortex Cloud](https://www.g2.com/products/cortex-cloud/reviews)
  Cortex Cloud by Palo Alto Networks, the next version of Prisma Cloud, understands a unified security approach is essential for effectively addressing AppSec, CloudSec, and SecOps. Connecting cloud security and SOC workflows enables teams to achieve holistic visibility, trace risk across the lifecycle, and correlate real-time threat activity with development and runtime contexts. Cortex Cloud is a unified platform built on three core pillars: data integration, AI-driven intelligence, and automation. Now you can safeguard applications, data, and infrastructure across multicloud and hybrid environments with a unified data model that consolidates telemetry from code, runtime, identity, and endpoints, all into a single data source. Empower teams with precise, AI-powered insights and 2200+ machine learning models to identify and stop zero-day threats with real-time advanced threat detection and response. And automate with 1000+ prebuilt playbooks across your cloud stack to reduce manual workloads, accelerate remediations, and cut response times tenfold. Cortex Cloud delivers more than tools—it transforms how organizations secure their cloud environments.


  **Average Rating:** 4.1/5.0
  **Total Reviews:** 109

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.0/10 (Category avg: 9.1/10)
- **Security Auditing:** 8.3/10 (Category avg: 8.3/10)
- **Network Segmentation:** 7.7/10 (Category avg: 7.9/10)
- **Workload Protection:** 7.7/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks)
- **Company Website:** https://www.paloaltonetworks.com
- **Year Founded:** 2005
- **HQ Location:** Santa Clara, CA
- **Twitter:** @PaloAltoNtwks (128,686 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (21,355 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 38% Enterprise, 31% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (49 reviews)
- Features (45 reviews)
- Security (43 reviews)
- Visibility (38 reviews)
- Cloud Integration (34 reviews)

**Cons:**

- Expensive (31 reviews)
- Difficult Learning (30 reviews)
- Learning Curve (29 reviews)
- Pricing Issues (24 reviews)
- Complex Setup (21 reviews)

  ### 6. [SentinelOne Singularity Cloud Security](https://www.g2.com/products/sentinelone-singularity-cloud-security/reviews)
  Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their remediation tasks with evidence-backed Verified Exploit Paths™. The efficient and scalable runtime protection, proven over 5 years and trusted by many of the world’s leading cloud enterprises, harnesses local, autonomous AI engines to detect and thwart runtime threats in real-time. CNAPP data and workload telemetry is recorded to SentinelOne’s unified security lake, for easy access and investigation.


  **Average Rating:** 4.9/5.0
  **Total Reviews:** 113

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.9/10 (Category avg: 9.1/10)
- **Security Auditing:** 9.9/10 (Category avg: 8.3/10)
- **Network Segmentation:** 9.8/10 (Category avg: 7.9/10)
- **Workload Protection:** 9.8/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [SentinelOne](https://www.g2.com/sellers/sentinelone)
- **Company Website:** https://www.sentinelone.com
- **Year Founded:** 2013
- **HQ Location:** Mountain View, CA
- **Twitter:** @SentinelOne (57,607 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2886771/ (3,183 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Financial Services
  - **Company Size:** 60% Mid-Market, 31% Enterprise


#### Pros & Cons

**Pros:**

- Security (27 reviews)
- Ease of Use (20 reviews)
- Vulnerability Detection (19 reviews)
- Cloud Management (16 reviews)
- Cloud Security (15 reviews)

**Cons:**

- Complexity (5 reviews)
- Ineffective Alerts (5 reviews)
- Complex Setup (4 reviews)
- Difficult Configuration (4 reviews)
- Poor UI (4 reviews)

  ### 7. [Chainguard](https://www.g2.com/products/chainguard/reviews)
  Chainguard Containers are a guarded catalog of minimal, zero-CVE container images with a best-in-class CVE remediation SLA (7 days for critical severity, 14 days for high, medium and low) that helps customers build and deploy software better. Modern software development practices and deployment pipelines require secure, up-to-date containerized applications for cloud-native applications. Chainguard builds minimal images that contain only the components required to build and run your containers entirely from source in hardened build infrastructure. Aimed at engineering organizations and security teams alike, Chainguard Containers reduce costly engineering toil around vulnerability management, enhance the security posture of applications by eliminating attack surface, and unlock revenue by simplifying compliance with key frameworks and customer requirements. Chainguard Containers – Value Pillars • Reduce cost of engineering toil: Engineers are a precious resource meant for building innovative platforms and products, not non-strategic / un-differentiated toil like patching vulnerabilities • Secure foundation for open source software: Minimal, trusted, and secure open source components for every developer and every stack • Achieve and maintain continuous compliance: Easily operate in compliance frameworks such as FedRAMP, cATO, StateRAMP, PCI-DSS, HIPAA, SOC2, NIS2, and CMMC • Accelerate revenue by building better products faster: Enable engineers to deliver new products and better features, securely with speed Chainguard Containers – Key Capabilities • Best-in-class CVE remediation SLA: Count on an industry-leading remediation SLA of 7 days for critical CVEs and 14 days for high, medium, and low • Secure-by-default, transparent by design: Adopt trusted, zero-CVE container images with full build-time generated SBOMs and digitally signed attestations for total transparency • FIPS and STIGs to simplify continuous compliance: Maintain compliance for critical frameworks like FedRAMP, PCI-DSS, and SOC 2 with hardened images that come with kernel-independent FIPS validation and OS-Level STIGs by default • 1,300+ purpose-built images that are always up to date: Choose from our growing catalog of minimal container images rebuilt from source daily with “nano-updates,” eliminating major OS version upgrades


  **Average Rating:** 4.8/5.0
  **Total Reviews:** 51

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.1/10)
- **Security Auditing:** 8.8/10 (Category avg: 8.3/10)
- **Network Segmentation:** 7.4/10 (Category avg: 7.9/10)
- **Workload Protection:** 8.4/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Chainguard](https://www.g2.com/sellers/chainguard)
- **Company Website:** https://www.chainguard.dev/
- **Year Founded:** 2021
- **HQ Location:** Kirkland, WA
- **Twitter:** @chainguard_dev (6,257 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/chainguard-dev/ (657 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Computer Software, Computer &amp; Network Security
  - **Company Size:** 43% Enterprise, 31% Small-Business


#### Pros & Cons

**Pros:**

- Ease of Use (9 reviews)
- Customer Support (8 reviews)
- Security (5 reviews)
- Comprehensive Security (4 reviews)
- Container Security (4 reviews)

**Cons:**

- Missing Features (3 reviews)
- Complex Setup (2 reviews)
- Difficult Learning (2 reviews)
- Expensive (2 reviews)
- Integration Issues (2 reviews)

  ### 8. [FortiCNAPP](https://www.g2.com/products/forticnapp/reviews)
  FortiCNAPP (formerly Lacework) is an AI-powered Cloud-Native Application Protection Platform that delivers unified security across your multi-cloud and hybrid environments. Built to protect the entire application lifecycle—from development to runtime—it combines posture management, workload protection, identity security, and threat detection into one integrated platform. By leveraging machine learning and behavioral analytics, FortiCNAPP helps security teams detect unknown threats, reduce noise, and accelerate response. Integrated with the Fortinet Security Fabric, it provides full-stack visibility across cloud, network, and endpoint environments—empowering teams to operate with confidence, reduce complexity, and scale securely.


  **Average Rating:** 4.4/5.0
  **Total Reviews:** 383

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.1/10)
- **Security Auditing:** 8.8/10 (Category avg: 8.3/10)
- **Network Segmentation:** 7.9/10 (Category avg: 7.9/10)
- **Workload Protection:** 8.5/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet)
- **Company Website:** https://www.fortinet.com
- **Year Founded:** 2000
- **HQ Location:** Sunnyvale, CA
- **Twitter:** @Fortinet (151,464 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,112 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** Security Engineer, Security Analyst
  - **Top Industries:** Information Technology and Services, Computer Software
  - **Company Size:** 62% Mid-Market, 26% Enterprise


#### Pros & Cons

**Pros:**

- Security (8 reviews)
- Vulnerability Detection (7 reviews)
- Alert Management (6 reviews)
- Cloud Security (6 reviews)
- Ease of Use (6 reviews)

**Cons:**

- Difficult Setup (5 reviews)
- Poor Documentation (5 reviews)
- Complex Setup (4 reviews)
- Setup Difficulty (4 reviews)
- Complex Configuration (3 reviews)

  ### 9. [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
  Aikido Security is the developer-first security platform that unifies code, cloud, protection, and attack testing in one suite of best-in-class products. Built by developers for developers, Aikido helps teams of any size ship secure software faster, automate protection, and simulate real-world attacks with AI-driven precision. The platform’s proprietary AI cuts noise by 95%, delivers one-click fixes, and saves developers 10+ hours per week. Aikido Intel proactively uncovers vulnerabilities in open source packages before disclosure, helping secure more than 50,000 organizations worldwide, including Revolut, Niantic, Visma, Montblanc, and GoCardless.


  **Average Rating:** 4.6/5.0
  **Total Reviews:** 139

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10)
- **Security Auditing:** 9.0/10 (Category avg: 8.3/10)
- **Network Segmentation:** 7.6/10 (Category avg: 7.9/10)
- **Workload Protection:** 10.0/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Aikido Security](https://www.g2.com/sellers/aikido-security)
- **Company Website:** https://aikido.dev
- **Year Founded:** 2022
- **HQ Location:** Ghent, Belgium
- **Twitter:** @AikidoSecurity (6,307 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/aikido-security/ (175 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** CTO, Founder
  - **Top Industries:** Computer Software, Information Technology and Services
  - **Company Size:** 71% Small-Business, 17% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (78 reviews)
- Security (55 reviews)
- Features (52 reviews)
- Easy Integrations (47 reviews)
- Easy Setup (47 reviews)

**Cons:**

- Missing Features (19 reviews)
- Expensive (17 reviews)
- Limited Features (16 reviews)
- Pricing Issues (15 reviews)
- Lacking Features (14 reviews)

  ### 10. [Calico](https://www.g2.com/products/calico-2025-10-31/reviews)
  The Calico platform, built on the most trusted open-source technologies in Kubernetes — Calico Open Source, Istio, Envoy, and eBPF — provides a single management plane for secure networking and observability for AI workloads. It can be deployed as Calico Cloud, a fully-managed SaaS platform, or Calico Enterprise, a self-managed platform. Calico works with popular managed Kubernetes services such as AKS, EKS, and GKE, as well as self-managed Kubernetes distributions including Red Hat OpenShift, SUSE/Rancher, VMware Tanzu, and Mirantis. Calico is the only platform with a pluggable data plane architecture enabling support for multiple data planes, including eBPF, nftables, standard Linux, VPP, and Windows. Calico secures 1 million+ clusters daily, and is used by leading companies, including NVIDIA, RBC, Bloomberg, Chipotle, GoDaddy, and Upwork.


  **Average Rating:** 4.5/5.0
  **Total Reviews:** 42

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10)
- **Security Auditing:** 8.9/10 (Category avg: 8.3/10)
- **Network Segmentation:** 9.3/10 (Category avg: 7.9/10)
- **Workload Protection:** 8.8/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Tigera](https://www.g2.com/sellers/tigera)
- **Company Website:** https://www.tigera.io
- **Year Founded:** 2016
- **HQ Location:** San Jose, CA
- **Twitter:** @tigeraio (1,959 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10614868 (129 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Information Technology and Services, Financial Services
  - **Company Size:** 36% Enterprise, 36% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (19 reviews)
- Security (15 reviews)
- Customer Support (14 reviews)
- Features (11 reviews)
- Policy Management (11 reviews)

**Cons:**

- Complex Setup (7 reviews)
- Complexity (6 reviews)
- Difficult Configuration (6 reviews)
- Difficult Learning (6 reviews)
- Difficult Setup (6 reviews)

  ### 11. [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews)
  Microsoft Defender for Cloud is a cloud native application protection platform for multicloud and hybrid environments with comprehensive security across the full lifecycle, from development to runtime.


  **Average Rating:** 4.4/5.0
  **Total Reviews:** 278

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.1/10)
- **Security Auditing:** 9.1/10 (Category avg: 8.3/10)
- **Network Segmentation:** 9.5/10 (Category avg: 7.9/10)
- **Workload Protection:** 9.2/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft)
- **Year Founded:** 1975
- **HQ Location:** Redmond, Washington
- **Twitter:** @microsoft (13,105,844 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (227,697 employees on LinkedIn®)
- **Ownership:** MSFT

**Reviewer Demographics:**
  - **Who Uses This:** Saas Consultant, Software Engineer
  - **Top Industries:** Information Technology and Services, Computer &amp; Network Security
  - **Company Size:** 39% Mid-Market, 35% Enterprise


#### Pros & Cons

**Pros:**

- Security (121 reviews)
- Comprehensive Security (92 reviews)
- Cloud Security (71 reviews)
- Vulnerability Detection (63 reviews)
- Threat Detection (57 reviews)

**Cons:**

- Complexity (27 reviews)
- Expensive (24 reviews)
- Delayed Detection (22 reviews)
- False Positives (19 reviews)
- Improvement Needed (19 reviews)

  ### 12. [Snyk](https://www.g2.com/products/snyk/reviews)
  Snyk (pronounced sneak) is a developer security platform for securing custom code, open source dependencies, containers, and cloud infrastructure all from a single platform. Snyk’s developer security solutions enable modern applications to be built securely, empowering developers to own and build security for the whole application, from code &amp; open source to containers &amp; cloud infrastructure. Secure while you code in your IDE: find issues quickly using the scanner, fix issues easily with remediation advice, verify the updated code. Integrate your source code repositories to secure applications: integrate a repository to find issues, prioritize with context, fix &amp; merge. Secure your containers as you build, throughout the SDLC: start fixing containers as soon as your write a Dockerfile, continuously monitor container images throughout their lifecycle, and prioritize with context. Secure build and deployment pipelines: Integrate natively with your CI/CD tool, configure your rules, find &amp; fix issues in your application, and monitor your applications. Secure your apps quickly with Snyk’s vulnerability scanning and automated fixes - Try for Free!


  **Average Rating:** 4.5/5.0
  **Total Reviews:** 131

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.1/10)
- **Security Auditing:** 7.9/10 (Category avg: 8.3/10)
- **Network Segmentation:** 6.9/10 (Category avg: 7.9/10)
- **Workload Protection:** 7.4/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Snyk](https://www.g2.com/sellers/snyk)
- **HQ Location:** Boston, Massachusetts
- **Twitter:** @snyksec (20,978 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10043614/ (1,207 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Who Uses This:** Software Engineer
  - **Top Industries:** Computer Software, Information Technology and Services
  - **Company Size:** 44% Mid-Market, 35% Small-Business


#### Pros & Cons

**Pros:**

- Vulnerability Detection (3 reviews)
- Vulnerability Identification (3 reviews)
- Easy Integrations (2 reviews)
- Features (2 reviews)
- Integrations (2 reviews)

**Cons:**

- False Positives (2 reviews)
- Poor Interface Design (2 reviews)
- Scanning Issues (2 reviews)
- Software Bugs (2 reviews)
- Code Management (1 reviews)

  ### 13. [Aqua Security](https://www.g2.com/products/aqua-security/reviews)
  Aqua Security sees and stops attacks across the entire cloud native application lifecycle in a single, integrated platform. From software supply chain security for developers to cloud security and runtime protection for security teams, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry’s most comprehensive Cloud Native Application Protection Platform (CNAPP). Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries.


  **Average Rating:** 4.2/5.0
  **Total Reviews:** 57

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.1/10)
- **Security Auditing:** 8.0/10 (Category avg: 8.3/10)
- **Network Segmentation:** 7.2/10 (Category avg: 7.9/10)
- **Workload Protection:** 8.6/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [Aqua Security Software Ltd](https://www.g2.com/sellers/aqua-security-software-ltd)
- **Year Founded:** 2015
- **HQ Location:** Burlington, US
- **Twitter:** @AquaSecTeam (7,681 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/aquasecteam/ (499 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Computer Software, Financial Services
  - **Company Size:** 56% Enterprise, 39% Mid-Market


#### Pros & Cons

**Pros:**

- Security (19 reviews)
- Ease of Use (18 reviews)
- Features (12 reviews)
- Detection (10 reviews)
- Vulnerability Identification (9 reviews)

**Cons:**

- Missing Features (9 reviews)
- Lack of Features (6 reviews)
- Limited Features (6 reviews)
- Difficult Navigation (4 reviews)
- Improvement Needed (4 reviews)

  ### 14. [ARMO Platform](https://www.g2.com/products/armo-platform/reviews)
  ARMO Platform is the only runtime-driven, open-source first, cloud security platform. It is the only security platform that continuously minimizes cloud attack surface based on runtime insights, while actively detecting and responding to cyberattacks with real risk context. Using an eBPF-based runtime sensor to record application behavior and related activities, ARMO Platform enables DevOps, security, and platform teams to eliminate the security noise and go from thousands of irrelevant alerts to focus on the most important and exploitable threats. This allows those teams to shift from managing hypothetical security issues to mitigating actual risks and providing them with the means to remediate them. ARMO is an open-source-driven company and the creator of Kubescape, a leading open-source Kubernetes security project, now an official CNCF project. To learn more about ARMO Platform please visit: https://www.armosec.io/


  **Average Rating:** 4.5/5.0
  **Total Reviews:** 44

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.1/10)
- **Security Auditing:** 9.2/10 (Category avg: 8.3/10)
- **Network Segmentation:** 7.9/10 (Category avg: 7.9/10)
- **Workload Protection:** 9.2/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [ARMO](https://www.g2.com/sellers/armo)
- **Year Founded:** 2019
- **HQ Location:** Tel Aviv, IL
- **Twitter:** @armosec (3,092 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/armosec/ (88 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Computer Software, Information Technology and Services
  - **Company Size:** 59% Small-Business, 36% Mid-Market


#### Pros & Cons

**Pros:**

- Ease of Use (20 reviews)
- Security (19 reviews)
- Features (16 reviews)
- Vulnerability Detection (12 reviews)
- Comprehensive Security (11 reviews)

**Cons:**

- Learning Curve (10 reviews)
- Integration Issues (9 reviews)
- Difficult Learning (7 reviews)
- Limited Integrations (6 reviews)
- Missing Features (6 reviews)

  ### 15. [F5 Distributed Cloud App Infrastructure Protection (AIP)](https://www.g2.com/products/f5-distributed-cloud-app-infrastructure-protection-aip/reviews)
  Distributed Cloud AIP, formerly known as Threat Stack, is the leader in cloud security and compliance for application infrastructures, helping companies securely leverage the business benefits of the cloud with proactive risk identification and high-efficacy threat detection across cloud workloads. Distributed Cloud AIP’s application infrastructure protection helps organizations improve operational efficiency by delivering full stack security observability across the cloud management console, host, container, orchestration, managed containers, and serverless layers. Distributed Cloud AIP helps organizations efficiently detect known risks at scale and quickly uncover anomalies throughout the environment. Distributed Cloud AIP helps organizations stay secure through comprehensive security monitoring with a combination of industry-leading telemetry collection, a robust ruleset for known threats, and ThreatML for vulnerability and anomaly detection. Security Services Customers also have the option of leveraging our human expertise with Distributed Cloud AIP Insights and Managed Security Services, our in-house Security Operations Center (SOC) that provides 24/7/365 monitoring of your cloud environment. Through both options, Distributed Cloud AIP aims to deliver visibility and response capabilities across the full stack, allowing organizations to leverage the benefits of modern computing environments, securely. Coupled with other F5 Distributed Cloud Services, customers get application and infrastructure protection. Because applications and APIs are only as secure as the infrastructure they run on. To learn more, visit https://www.f5.com/cloud/products/app-infrastructure-protection


  **Average Rating:** 4.4/5.0
  **Total Reviews:** 44

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10)
- **Security Auditing:** 7.5/10 (Category avg: 8.3/10)
- **Network Segmentation:** 8.3/10 (Category avg: 7.9/10)
- **Workload Protection:** 6.7/10 (Category avg: 8.0/10)


**Seller Details:**

- **Seller:** [F5](https://www.g2.com/sellers/f5-f6451ada-8c47-43f5-b017-58663a045bc5)
- **HQ Location:** Seattle, Washington
- **Twitter:** @F5Networks (1,385 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/4841/ (6,133 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Computer Software, Information Technology and Services
  - **Company Size:** 70% Mid-Market, 20% Small-Business


  ### 16. [ActiveState](https://www.g2.com/products/activestate/reviews)
  ActiveState provides the world&#39;s largest library of secure open source: 79 million (Java, Javascript, Python, R, Go, etc.) vetted components across all major language ecosystems, including transitive dependencies and OS-level libraries—built from source to ensure every component is verified, vulnerability-free, and continuously updated. Software teams improve security posture while accelerating development velocity. We deliver five critical outcomes. Counter Supply Chain Risks at Their Source Significantly reduce the possibility of inheriting malicious code from pre-built binaries. Replace risky, unvetted public components with secure, verifiable packages built directly from source. Gain provenance over your artifacts, ensuring bad actors and malware never reach your environment. - Protection from compromised package ecosystems and build systems - Mitigate high-profile malware attacks such as the npm Shai-Hulud attack and other future threats Continuous Remediation for Your Open Source Inventory Shift from reactive patching to proactive immunity. Maintain a hardened security posture with safe-by-default open source and continuous remediation across your inventory. ActiveState artifacts reduce your attack surface and evolve to help close vulnerabilities before they become incidents. - Up to 99% reduction in CVEs compared to community open source artifacts - Achieve up to 90% reduction in MTTR for future vulnerabilities Apply Frictionless Security Policies Embed governance directly into developer workflows without impeding engineering or adding costly CI/CD bloat. ActiveState solutions slot seamlessly into existing tools and AI coding assistants, transforming security policy from a blocker into an enabler that reduces open source approval workflows from weeks and days to just hours and minutes. - Reduce open source approval workflows from weeks and days to hours and minutes Audit Ready Compliance, Always Achieve continuous compliance with instant, granular visibility into components, licenses, and dependencies across your organization. ActiveState delivers comprehensive SBOMs and metadata by default, ensuring you can meet complex standards and minimizing the scramble of audit preparation. - Full visibility into your open source usage, including transitive and OS level dependencies Reclaim Developer Velocity and Focus Minimize high-value engineering hours on dependency conflicts, environment setup, research and remediation. ActiveState components and artifacts are fully managed to ensure they are always up to date and safe to use so your team can focus entirely on shipping revenue-generating features. - Free up 4-8 developer hours per CVE - 68% reduction in scanner noise from false positives


  **Average Rating:** 4.1/5.0
  **Total Reviews:** 32

**User Satisfaction Scores:**

- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.1/10)


**Seller Details:**

- **Seller:** [ActiveState](https://www.g2.com/sellers/activestate-fd82e7c7-dea3-4ff5-9e96-cc5cd7d39a87)
- **Company Website:** https://www.activestate.com/
- **Year Founded:** 1997
- **HQ Location:** Vancouver, BC
- **Twitter:** @ActiveState (4,020 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/5052/ (70 employees on LinkedIn®)

**Reviewer Demographics:**
  - **Top Industries:** Computer Software, Computer &amp; Network Security
  - **Company Size:** 51% Small-Business, 29% Mid-Market


## Parent Category

[DevSecOps Software](https://www.g2.com/categories/devsecops)


## Related Categories

- [Cloud Workload Protection Platforms](https://www.g2.com/categories/cloud-workload-protection-platforms)
- [Cloud Compliance Software](https://www.g2.com/categories/cloud-compliance)
- [Cloud Security Posture Management (CSPM) Software](https://www.g2.com/categories/cloud-security-posture-management-cspm)