# Cloud Compliance Tools *By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)* Cloud compliance software is used to ensure regulatory standards and provide compliance controls for networks and cloud infrastructure. These tools help improve visibility over cloud workloads and network flows. These workloads require continuous compliance for protection against server malware, container threats, and network intrusion. Companies use cloud compliance software to ensure continuous visibility over their cloud assets and reduce the risk of cloud-based threats. Properly implemented cloud compliance software will ensure a business’ security posture remains optimal at all times. There is overlap regarding functionality between cloud compliance solutions and [cloud workload protection platforms](https://www.g2.com/categories/cloud-workload-protection-platforms) in their goal of protecting cloud infrastructure. But many cloud workload protection platforms will not provide the same level of continuous monitoring and compliance auditing capabilities. To qualify for inclusion in the Cloud Compliance category, a product must: - Enforce cloud security compliance policies - Assess cloud security risk and facilitate compliance auditing - Continuously monitor cloud infrastructure for security risks ## Category Overview **Total Products under this Category:** 150 ## Trust & Credibility Stats **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 14,900+ Authentic Reviews - 150+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Best Cloud Compliance Software At A Glance - **Leader:** [Vanta](https://www.g2.com/products/vanta/reviews) - **Highest Performer:** [Scytale](https://www.g2.com/products/scytale-g2/reviews) - **Easiest to Use:** [Delve](https://www.g2.com/products/delve-delve/reviews) - **Top Trending:** [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - **Best Free Software:** [Sprinto](https://www.g2.com/products/sprinto-inc/reviews) --- **Sponsored** ### Scrut Automation Scrut Automation is a leading compliance automation platform designed for fast-growing businesses looking to streamline security, risk, and compliance without disrupting operations. It centralizes compliance functions, automates evidence collection, and simplifies audits, helping security teams reduce compliance efforts by up to 80%. Scrut supports 60+ out-of-the-box frameworks, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS, with the flexibility to add custom frameworks for unique regulatory needs. With 100+ integrations, Scrut seamlessly integrates into your security and IT ecosystem, automating compliance, eliminating manual work, and improving risk visibility. Join 1700+ industry leaders who trust Scrut for simplified compliance and risk management. Schedule a demo today. [Book a Demo](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=1861&secure%5Bdisplayable_resource_id%5D=1861&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=page_category&secure%5Bplacement_resource_ids%5D%5B%5D=1861&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=167976&secure%5Bresource_id%5D=1861&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fcloud-compliance%3Fopen_modal_url%3D%252Fproducts%252Fstacklet-platform%252Fwishlists%253Fhost_path%253D%25252Fcategories%25252Fcloud-compliance%2526source%253Dcategory&secure%5Btoken%5D=617d1f66da0bae6a174fbc242cca52e982ad049168326a19f9a286ec38d20f18&secure%5Burl%5D=https%3A%2F%2Fwww.scrut.io%2Fbook-a-demo%3Futm_source%3Dg2%2Bads%26utm_medium%3Dg2%26utm_campaign%3Dg2%2Bclicks&secure%5Burl_type%5D=book_demo) --- ## Top-Rated Products (Ranked by G2 Score) ### 1. [Vanta](https://www.g2.com/products/vanta/reviews) Vanta is the leading Agentic Trust Platform helping 15k+ companies—like Atlassian, Duolingo, Golden State Warriors, and Icelandair—start and scale their security programs and build trust with buyers. Vanta saves security teams time and improves program visibility by automating 35+ compliance frameworks, such as SOC 2 and ISO 27001, and GRC workflows, like risk management. **Average Rating:** 4.6/5.0 **Total Reviews:** 2,408 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.4/10 (Category avg: 9.0/10) - **Auditing:** 9.1/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.6/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Vanta](https://www.g2.com/sellers/vanta) - **Company Website:** https://www.vanta.com/ - **Year Founded:** 2018 - **HQ Location:** San Francisco, California - **Twitter:** @TrustVanta (4,558 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/vanta-security/ (1,624 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 56% Small-Business, 38% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (798 reviews) - Compliance (606 reviews) - Integrations (463 reviews) - Automation (457 reviews) - Time-saving (446 reviews) **Cons:** - Integration Issues (207 reviews) - Pricing Issues (178 reviews) - Expensive (173 reviews) - Limited Integrations (172 reviews) - Missing Features (165 reviews) ### 2. [Wiz](https://www.g2.com/products/wiz-wiz/reviews) Wiz transforms cloud security for customers – including more than 50% of the Fortune 100 – by enabling a new operating model. With Wiz, organizations can democratize security across the development lifecycle, empowering them to build fast and securely. Its Cloud Native Application Protection Platform (CNAPP) consolidates CSPM, KSPM, CWPP, Vulnerability management, IaC scanning, CIEM, DSPM into a single platform. Wiz drives visibility, risk prioritization, and business agility. Protecting Your Cloud Environments Requires a Unified, Cloud Native Platform. Wiz connects to every cloud environment, scans every layer, and covers every aspect of your cloud security - including elements that normally require installing agents. Its comprehensive approach has all of these cloud security solutions built in. Hundreds of organizations worldwide, including 50 percent of the Fortune 100, to rapidly identify and remove critical risks in cloud environments. Its customers include Salesforce, Slack, Mars, BMW, Avery Dennison, Priceline, Cushman & Wakefield, DocuSign, Plaid, and Agoda, among others. Wiz is backed by Sequoia, Index Ventures, Insight Partners, Salesforce, Blackstone, Advent, Greenoaks, Lightspeed and Aglaé. Visit https://www.wiz.io for more information. **Average Rating:** 4.7/5.0 **Total Reviews:** 771 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.0/10 (Category avg: 9.0/10) - **Auditing:** 8.6/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.9/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Wiz](https://www.g2.com/sellers/wiz-76a0133b-42e5-454e-b5da-860e503471db) - **Company Website:** https://www.wiz.io/ - **Year Founded:** 2020 - **HQ Location:** New York, US - **Twitter:** @wiz_io (22,550 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/wizsecurity/ (3,248 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CISO, Security Engineer - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 54% Enterprise, 39% Mid-Market #### Pros & Cons **Pros:** - Features (113 reviews) - Security (107 reviews) - Ease of Use (104 reviews) - Visibility (87 reviews) - Easy Setup (68 reviews) **Cons:** - Improvement Needed (35 reviews) - Feature Limitations (34 reviews) - Learning Curve (34 reviews) - Improvements Needed (29 reviews) - Complexity (27 reviews) ### 3. [Sprinto](https://www.g2.com/products/sprinto-inc/reviews) Sprinto is the world's first Autonomous Trust Platform, detecting change across your posture, determining what's at risk, and acting across compliance, vendor risk, AI governance, and more, so your organization stays trustworthy without the operational chaos. Sprinto is trusted by 3,000+ companies across 75 countries, including Emergent, CodeRabbit, Anaconda, and Whatfix. The platform supports 200+ global standards, including SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, and ISO 42001, for AI governance across 300+ integrations. **Average Rating:** 4.8/5.0 **Total Reviews:** 1,610 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.5/10 (Category avg: 9.0/10) - **Auditing:** 9.4/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.1/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Sprinto Technology Private Limited](https://www.g2.com/sellers/sprinto-technology-private-limited) - **Company Website:** https://sprinto.com/ - **Year Founded:** 2020 - **HQ Location:** San Francisco, US - **Twitter:** @sprintoHQ (13,304 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/sprinto-com (460 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 56% Small-Business, 42% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (418 reviews) - Customer Support (346 reviews) - Compliance (324 reviews) - Helpful (320 reviews) - Compliance Management (275 reviews) **Cons:** - Integration Issues (74 reviews) - Limited Integrations (42 reviews) - Limited Customization (41 reviews) - Unclear Guidance (41 reviews) - Software Bugs (40 reviews) ### 4. [Drata](https://www.g2.com/products/drata/reviews) Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining compliance workflows end-to-end to ensure audit readiness. Drata helps thousands of companies streamline their compliance efforts through continuous, automated control monitoring and evidence collection, resulting in lower costs and time spent preparing for annual audits and better overall security posture. Drata's supported frameworks include: SOC 2, ISO 27001, HIPAA, GDPR, PCI DSS, CCPA, CCM, CMMC, ISO 27701, ISO 27017, ISO 27018, Cyber Essentials, Microsoft SSPA, NIST 800-53, NIST CSF, NIST AI, FFIEC, NIST 800-171, and Custom Frameworks. Drata is backed by ICONIQ Growth, GGV Capital, SVCI (Silicon Valley CISO Investments), Okta Ventures, Salesforce Ventures, Cowboy Ventures, Leaders Fund, SV Angel, and many key industry leaders. **Average Rating:** 4.7/5.0 **Total Reviews:** 1,138 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.3/10 (Category avg: 9.0/10) - **Auditing:** 9.1/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Drata](https://www.g2.com/sellers/drata) - **Company Website:** https://drata.com/ - **Year Founded:** 2020 - **HQ Location:** San Diego, US - **Twitter:** @DrataHQ (1,509 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/drata/ (690 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 52% Small-Business, 43% Mid-Market #### Pros & Cons **Pros:** - Customer Support (161 reviews) - Ease of Use (148 reviews) - Compliance (130 reviews) - Time-saving (106 reviews) - Integrations (103 reviews) **Cons:** - Limited Integrations (47 reviews) - Improvements Needed (42 reviews) - Integration Issues (41 reviews) - Lack of Clarity (31 reviews) - Missing Features (24 reviews) ### 5. [Scrut Automation](https://www.g2.com/products/scrut-automation/reviews) Scrut Automation is a leading compliance automation platform designed for fast-growing businesses looking to streamline security, risk, and compliance without disrupting operations. It centralizes compliance functions, automates evidence collection, and simplifies audits, helping security teams reduce compliance efforts by up to 80%. Scrut supports 60+ out-of-the-box frameworks, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS, with the flexibility to add custom frameworks for unique regulatory needs. With 100+ integrations, Scrut seamlessly integrates into your security and IT ecosystem, automating compliance, eliminating manual work, and improving risk visibility. Join 1700+ industry leaders who trust Scrut for simplified compliance and risk management. Schedule a demo today. **Average Rating:** 4.9/5.0 **Total Reviews:** 1,297 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.6/10 (Category avg: 9.0/10) - **Auditing:** 9.5/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Scrut Automation](https://www.g2.com/sellers/scrut-automation) - **Company Website:** https://www.scrut.io/ - **Year Founded:** 2022 - **HQ Location:** Palo Alto, US - **Twitter:** @scrutsocial (120 Twitter followers) - **LinkedIn® Page:** https://in.linkedin.com/company/scrut-automation (230 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 50% Small-Business, 48% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (276 reviews) - Customer Support (249 reviews) - Compliance Management (225 reviews) - Helpful (216 reviews) - Compliance (190 reviews) **Cons:** - Improvement Needed (69 reviews) - Technical Issues (52 reviews) - Missing Features (44 reviews) - UX Improvement (44 reviews) - Learning Curve (41 reviews) ### 6. [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews) Sysdig Secure is the real-time cloud-native application protection platform (CNAPP) trusted by organizations of all sizes around the world.. Built by the creators of Falco and Wireshark, Sysdig uniquely delivers runtime-powered visibility and agentic AI to stop cloud attacks instantly, not after the damage is done. With Sysdig, you can: - Stop threats in 2 seconds and respond in minutes - Cut vulnerability noise by 95% with runtime prioritization - Detect real risk instantly across workloads, identities, and misconfigurations - Close permissions gaps in under 2 minutes Sysdig Secure consolidates CSPM, CWPP, CIEM, vulnerability management, and threat detection into a single open, real-time platform. Unlike other CNAPPs, Sysdig connects signals across runtime, identity, and posture to eliminate blind spots, reduce tool sprawl, and accelerate innovation without compromise. No guesswork. No black boxes. Just cloud security, the right way. Learn more at https://sysdig.com **Average Rating:** 4.8/5.0 **Total Reviews:** 110 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.6/10 (Category avg: 9.0/10) - **Auditing:** 9.6/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.6/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Sysdig](https://www.g2.com/sellers/sysdig-715eaed9-9743-4f27-bd2b-d3730923ac3e) - **Company Website:** https://www.sysdig.com - **Year Founded:** 2013 - **HQ Location:** San Francisco, California - **Twitter:** @Sysdig (10,256 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3592486/ (640 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Engineer - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 46% Enterprise, 40% Mid-Market #### Pros & Cons **Pros:** - Security (33 reviews) - Vulnerability Detection (32 reviews) - Threat Detection (31 reviews) - Detection Efficiency (30 reviews) - Features (23 reviews) **Cons:** - Feature Limitations (10 reviews) - Complexity (9 reviews) - Missing Features (8 reviews) - Difficult Learning (7 reviews) - Feature Complexity (7 reviews) ### 7. [Secureframe](https://www.g2.com/products/secureframe/reviews) Secureframe empowers businesses to build trust with customers by simplifying information security and compliance through AI and automation. Thousands of organizations such as AngelList, Nasdaq, Coda, and Remote trust Secureframe to help them obtain and maintain compliance with global information security standards. **Average Rating:** 4.7/5.0 **Total Reviews:** 791 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.4/10 (Category avg: 9.0/10) - **Auditing:** 9.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.7/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Secureframe](https://www.g2.com/sellers/secureframe) - **Company Website:** https://secureframe.com/ - **Year Founded:** 2020 - **HQ Location:** San Francisco, US - **Twitter:** @secureframe (2,236 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/secureframe/ (125 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CEO, CTO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 66% Small-Business, 30% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (663 reviews) - Compliance (560 reviews) - Automation (422 reviews) - Security (406 reviews) - Integrations (390 reviews) **Cons:** - Integration Issues (188 reviews) - Limited Integrations (145 reviews) - Limited Customization (141 reviews) - Improvements Needed (110 reviews) - Missing Features (109 reviews) ### 8. [Delve](https://www.g2.com/products/delve-delve/reviews) Delve is an AI-native compliance platform that helps 100s of fast-growing companies get compliant with frameworks like SOC 2, HIPAA, ISO 27001, GDPR, PCI-DSS, HITRUST, and more. Delve's AI platform streamlines compliance from months of busywork down to days. AI is integrated throughout the process to automate code and infrastructure scanning, identify risks proactively, autofill security questionnaires, and more. We also provide white-glove onboarding, 1:1 Slack support, and end-to-end audit management for every engagement. Hypergrowth companies like Bland, 11x, and Lovable use Delve for automating compliance. Delve is backed by Y Combinator, General Catalyst, Funders Club, and more. **Average Rating:** 4.7/5.0 **Total Reviews:** 134 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.4/10 (Category avg: 9.0/10) - **Auditing:** 9.4/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.2/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Delve](https://www.g2.com/sellers/delve-7f4853c3-d5f3-426c-a6ff-2fc37d20a2ce) - **Company Website:** https://www.delve.co - **Year Founded:** 2023 - **HQ Location:** San Francisco, US - **LinkedIn® Page:** https://www.linkedin.com/company/getdelve (40 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software - **Company Size:** 34% Small-Business, 1% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (84 reviews) - Easy Setup (77 reviews) - Compliance (76 reviews) - Response Time (32 reviews) - Integrations (28 reviews) **Cons:** - Software Bugs (19 reviews) - Improvements Needed (14 reviews) - Limited Integrations (11 reviews) - Insufficient Information (8 reviews) - Lack of Clarity (8 reviews) ### 9. [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) Microsoft Defender for Cloud is a cloud native application protection platform for multicloud and hybrid environments with comprehensive security across the full lifecycle, from development to runtime. **Average Rating:** 4.4/5.0 **Total Reviews:** 279 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.8/10 (Category avg: 9.0/10) - **Auditing:** 8.7/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft) - **Year Founded:** 1975 - **HQ Location:** Redmond, Washington - **Twitter:** @microsoft (13,105,844 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (227,697 employees on LinkedIn®) - **Ownership:** MSFT **Reviewer Demographics:** - **Who Uses This:** Saas Consultant, Software Engineer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 39% Mid-Market, 35% Enterprise #### Pros & Cons **Pros:** - Security (121 reviews) - Comprehensive Security (92 reviews) - Cloud Security (71 reviews) - Vulnerability Detection (63 reviews) - Threat Detection (57 reviews) **Cons:** - Complexity (27 reviews) - Expensive (24 reviews) - Delayed Detection (22 reviews) - False Positives (19 reviews) - Improvement Needed (19 reviews) ### 10. [Thoropass](https://www.g2.com/products/thoropass/reviews) Thoropass is a modern compliance audit firm that helps organizations of all sizes build and prove trust with high-quality audits, expert guidance, and integrated security services. Combining deep auditor expertise with intuitive technology, Thoropass delivers a streamlined path to achieving and maintaining compliance with frameworks including SOC 1, SOC 2, ISO 27001, ISO 42001, HIPAA, HITRUST, GDPR, CMMC, Cyber Essentials, PCI DSS, and others. As a licensed CPA firm and CREST-accredited provider, Thoropass brings a level of credibility and rigor that scales from fast-growing startups to complex, regulated enterprises. Our auditors, security engineers, and compliance experts partner closely with customers to simplify evidence collection, reduce audit friction, and ensure results that stand up to regulator, partner, and customer scrutiny. Beyond audits, Thoropass supports the full trust-building lifecycle with penetration testing, risk assessment, access reviews, AI governance assessments, and questionnaire automation—helping teams unify compliance operations without relying on multiple vendors. Organizations choose Thoropass for our responsive expert support, consistent audit outcomes, and a service experience built for modern security and compliance teams. Thoropass is trusted by thousands of companies to prove compliance, strengthen security posture, and confidently meet the expectations of customers, auditors, and regulators. **Average Rating:** 4.7/5.0 **Total Reviews:** 575 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.2/10 (Category avg: 9.0/10) - **Auditing:** 9.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Thoropass](https://www.g2.com/sellers/thoropass) - **Company Website:** https://thoropass.com/?utm_source=adwords&utm_medium=ppc&utm_campaign=Brand+NA&utm_term=b_thoropass - **Year Founded:** 2019 - **HQ Location:** New York - **Twitter:** @thoropass (381 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/thoropass/ (232 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CEO, CTO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 71% Small-Business, 25% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (115 reviews) - Helpful (108 reviews) - Customer Support (89 reviews) - Compliance (70 reviews) - Team Helpfulness (54 reviews) **Cons:** - Lack of Clarity (18 reviews) - Integration Issues (17 reviews) - Audit Issues (15 reviews) - Improvements Needed (14 reviews) - Limited Integrations (14 reviews) ### 11. [Orca Security](https://www.g2.com/products/orca-security/reviews) The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google Cloud, Kubernetes, Alibaba Cloud, and Oracle Cloud. Orca offers the industry’s most comprehensive cloud security solution in a single platform — eliminating the need to deploy and maintain multiple point solutions. Orca is agentless-first, and connects to your environment in minutes using Orca’s patented SideScanning™ technology that provides deep and wide visibility into your cloud environment, without requiring agents. In addition, Orca can integrate with third-party agents for runtime visibility and protection for critical workloads. Orca is at the forefront of leveraging Generative AI for simplified investigations and accelerated remediation – reducing required skill levels and saving cloud security, DevOps, and development teams time and effort, while significantly improving security outcomes. As a Cloud Native Application Protection Platform (CNAPP), Orca consolidates many point solutions in one platform, including: CSPM, CWPP, CIEM, Vulnerability Management, Container and Kubernetes Security, DSPM, API Security, CDR, Multi-cloud Compliance, Shift Left Security, and AI-SPM. **Average Rating:** 4.6/5.0 **Total Reviews:** 238 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.9/10 (Category avg: 9.0/10) - **Auditing:** 8.6/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Orca Security](https://www.g2.com/sellers/orca-security) - **Company Website:** https://orca.security - **Year Founded:** 2019 - **HQ Location:** Portland, Oregon - **Twitter:** @orcasec (4,832 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/35573984/ (495 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Engineer, CISO - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 48% Mid-Market, 41% Enterprise #### Pros & Cons **Pros:** - Ease of Use (37 reviews) - Features (33 reviews) - Security (29 reviews) - User Interface (22 reviews) - Visibility (22 reviews) **Cons:** - Improvement Needed (15 reviews) - Feature Limitations (12 reviews) - Limited Features (10 reviews) - Missing Features (10 reviews) - Ineffective Alerts (9 reviews) ### 12. [Microsoft Purview Compliance Manager](https://www.g2.com/products/microsoft-purview-compliance-manager/reviews) Microsoft Purview Compliance Manager is a comprehensive compliance management solution designed to help organizations simplify the complexities of regulatory adherence and risk management. By offering a centralized platform, it enables businesses to assess, monitor, and improve their compliance posture across various standards and regulations. This tool is particularly beneficial for organizations operating in multicloud environments, providing continuous assessments and actionable insights to maintain compliance effectively. Key Features and Functionality: - Intuitive Management: Compliance Manager offers end-to-end compliance management capabilities, including easy onboarding, workflow management, control implementation, and evidence cataloging. - Scalable Assessments: Users can access over 320 ready-to-use, customizable regulatory assessment templates that cater to multicloud compliance requirements, covering both Microsoft and non-Microsoft products or services. - Built-in Capabilities: The platform includes features such as compliance scoring, control mapping, versioning, and continuous control assessments to reduce compliance risks. - Continuous Control Assessment: Compliance Manager provides ongoing status updates and automatic credit results for technical controls by scanning the environment and detecting system settings. - Continuous Regulatory Updates: The solution keeps organizations informed with the latest guidance on regulatory, product, or control mapping changes, facilitating appropriate improvement actions to meet certification requirements. - Common Control Mapping: It allows organizations to scale their compliance programs by satisfying multiple requirements across various regulations and standards with a single action, eliminating redundant updates. - Compliance Score: Organizations receive a quantifiable measure of their compliance status, helping prioritize impactful actions. This risk-based score can be filtered for specific regulations, standards, or solution categories. Primary Value and Problem Solved: Microsoft Purview Compliance Manager addresses the challenge of managing complex compliance requirements across diverse regulatory landscapes. By providing a unified platform with automated assessments, real-time insights, and actionable guidance, it empowers organizations to: - Simplify Compliance Processes: Streamline the management of compliance activities through centralized workflows and automated assessments. - Reduce Risk: Identify and mitigate compliance risks proactively with continuous monitoring and up-to-date regulatory information. - Enhance Efficiency: Save time and resources by leveraging pre-built templates and automated tools, reducing the manual effort involved in compliance management. - Maintain Audit Readiness: Keep comprehensive records and evidence of compliance activities, facilitating smoother audits and demonstrating adherence to regulatory standards. In summary, Microsoft Purview Compliance Manager serves as a vital tool for organizations seeking to navigate the complexities of compliance management efficiently, ensuring they meet regulatory obligations while minimizing associated risks. **Average Rating:** 4.3/5.0 **Total Reviews:** 25 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.8/10 (Category avg: 9.0/10) - **Auditing:** 8.7/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.0/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft) - **Year Founded:** 1975 - **HQ Location:** Redmond, Washington - **Twitter:** @microsoft (13,105,844 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (227,697 employees on LinkedIn®) - **Ownership:** MSFT **Reviewer Demographics:** - **Top Industries:** Information Technology and Services - **Company Size:** 48% Mid-Market, 36% Small-Business #### Pros & Cons **Pros:** - Security Protection (2 reviews) - Analytics (1 reviews) - Centralization Management (1 reviews) - Cloud Services (1 reviews) - Collaboration (1 reviews) **Cons:** - Complexity Issues (1 reviews) - Complex Setup (1 reviews) - Expensive (1 reviews) - Learning Curve (1 reviews) - Learning Difficulty (1 reviews) ### 13. [Scytale](https://www.g2.com/products/scytale-g2/reviews) Scytale is the only AI GRC platform and human experts that drive real compliance outcomes - from getting compliant to staying compliant, and building trust across every framework. Trusted by 1,000+ companies worldwide, Scytale replaces fragmented testing with continuous control visibility, automating evidence, control cross-mapping, and risk management across 80+ security, privacy, and AI frameworks, including SOC 2, ISO 27001, GDPR, SOX ITGC, ISO 42001, and many more. Scytale is a full-scope trust and compliance platform with everything you need to run your GRC program in one central hub, including: an agentic GRC network, a Trust Center, AI-integrated offensive security and expert GRC services. **Average Rating:** 4.8/5.0 **Total Reviews:** 587 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.1/10 (Category avg: 9.0/10) - **Auditing:** 9.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.7/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Scytale AI](https://www.g2.com/sellers/scytale-ai) - **Company Website:** https://scytale.ai/ - **Year Founded:** 2021 - **HQ Location:** New York, US - **Twitter:** @scytale_ai (76 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/scytale-ai/ (145 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 72% Small-Business, 21% Mid-Market #### Pros & Cons **Pros:** - Helpful (162 reviews) - Ease of Use (148 reviews) - Compliance (102 reviews) - Customer Support (94 reviews) - Team Helpfulness (85 reviews) **Cons:** - Integration Issues (45 reviews) - Limited Integrations (35 reviews) - Evidence Collection (23 reviews) - Missing Features (22 reviews) - Software Bugs (19 reviews) ### 14. [Oneleet](https://www.g2.com/products/oneleet/reviews) Oneleet is the all-in-one security and compliance platform that gets companies genuinely secure while achieving SOC 2, ISO 27001, HIPAA and other compliance certifications faster than traditional approaches. Unlike compliance platforms that focus on checkbox evidence collection, Oneleet implements real security first. Compliance follows automatically as a natural outcome of effective cybersecurity, not as a separate goal. Most companies face a false choice: painful but effective security, or painless but ineffective compliance theater. Traditional compliance platforms require juggling multiple vendors, managing fragmented tools, spending months with consultants, and doing manual evidence collection to achieve a certificate that doesn't actually make you secure. Oneleet consolidates what previously required half a dozen vendors into one integrated platform: penetration testing by real security experts (not just vulnerability scans), code scanning with SAST and DAST, cloud security posture management, attack surface monitoring, mobile device management, security training and awareness, policy generation and management, and continuous compliance monitoring. Because we build everything ourselves and control the entire stack, we deploy comprehensive security with a click. No blind spots. No integration gaps. No vendor sprawl. We guarantee audit outcomes because our standards are higher than auditors' standards. We use AI extensively but responsibly, automating threat modeling and risk assessments while keeping humans in the loop to ensure quality. Clients never see AI hallucinations. We take full responsibility for the entire security journey, from initial setup through audit completion and continuous monitoring. Companies achieve compliance readiness faster with Oneleet, not by doing less, but by making real security easier. We ship all the tools you would normally spend weeks or months setting up and adopting. Our customers regularly win deals they previously lost due to inadequate security postures. Oneleet is the fastest growing compliance company in the sector. A large number of Oneleet's newer clients come from platforms like Vanta and Drata. With Oneleet's all-in-one bundle pricing its ROI is significantly higher than that of Vanta, Drata and Delve. Companies that switch from Vanta, Drata, or Delve to Oneleet report faster audits, higher approval rates, and less manual effort. Vanta and Drata rely heavily on manual evidence collection and vendor integrations, creating delays and gaps. Delve emphasizes AI automation but often sacrifices accuracy—its generated outputs are frequently rejected or require manual fixes. Oneleet achieves both precision and speed by combining full-stack automation with expert oversight, producing the industry’s lowest audit-rejection rate and the fastest path to verified security. Oneleet serves SMBs and growth-stage companies that need compliance certifications to close enterprise deals, but want to be genuinely secure, not just certified on paper. Founded by professional penetration testers who spent over a decade breaching Fortune 500s and startups, we built Oneleet to end the disconnect between compliance and security. **Average Rating:** 4.9/5.0 **Total Reviews:** 136 **User Satisfaction Scores:** - **Compliance Monitoring:** 10.0/10 (Category avg: 9.0/10) - **Auditing:** 10.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 10.0/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Oneleet](https://www.g2.com/sellers/oneleet) - **Company Website:** https://www.oneleet.com/ - **Year Founded:** 2022 - **HQ Location:** Atlanta, US - **LinkedIn® Page:** http://www.linkedin.com/company/oneleet (34 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Engineer - **Top Industries:** Computer Software, Medical Devices - **Company Size:** 15% Small-Business, 11% Mid-Market #### Pros & Cons **Pros:** - Security (302 reviews) - Compliance (251 reviews) - Ease of Use (228 reviews) - Helpful (210 reviews) - Compliance Management (199 reviews) **Cons:** - Integration Issues (22 reviews) - Limited Customization (21 reviews) - Limited Integrations (17 reviews) - Lack of Integration (14 reviews) - Lack of Customization (13 reviews) ### 15. [CrowdStrike Falcon Cloud Security](https://www.g2.com/products/crowdstrike-falcon-cloud-security/reviews) Crowdstrike Falcon Cloud Security is the only CNAPP to stop breaches in the cloud Built for today’s hybrid and multi-cloud environments, Falcon Cloud Security protects the entire cloud attack surface - from code to runtime - by combining continuous agentless visibility with real-time detection and response. At runtime, Falcon Cloud Security delivers best-in-class cloud workload protection and real-time cloud detection and response (CDR) to stop active threats across hybrid environments. Integrated with the CrowdStrike Falcon platform, it correlates signals across endpoint, identity, and cloud to detect sophisticated cross-domain attacks that point solutions miss—enabling teams to respond faster and stop breaches in progress. To reduce risk before attacks occur, Falcon Cloud Security also delivers agentless-driven posture management that proactively shrinks the cloud attack surface. Unlike typical solutions, Crowdstrike enriches cloud risk detections with adversary intelligence and graph-based context, enabling security teams to prioritize exploitable exposures and prevent breaches before they happen. Customers using Falcon Cloud Security consistently see measurable results: 89% faster cloud detection and response 100x reduction in false positives by prioritizing exploitable, business-critical risk 83% reduction in cloud security licenses due to elimination of redundant tools **Average Rating:** 4.6/5.0 **Total Reviews:** 83 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.7/10 (Category avg: 9.0/10) - **Auditing:** 9.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike) - **Company Website:** https://www.crowdstrike.com - **Year Founded:** 2011 - **HQ Location:** Sunnyvale, CA - **Twitter:** @CrowdStrike (110,215 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,258 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 45% Enterprise, 43% Mid-Market #### Pros & Cons **Pros:** - Security (49 reviews) - Cloud Security (37 reviews) - Detection Efficiency (34 reviews) - Vulnerability Detection (31 reviews) - Ease of Use (29 reviews) **Cons:** - Expensive (17 reviews) - Improvements Needed (14 reviews) - Improvement Needed (13 reviews) - Feature Complexity (8 reviews) - Learning Curve (8 reviews) ### 16. [AWS Control Tower](https://www.g2.com/products/aws-control-tower/reviews) AWS Control Tower is a managed service that simplifies the setup and governance of secure, multi-account AWS environments. It automates the creation of a well-architected landing zone, incorporating best practices for security, compliance, and operations. By orchestrating various AWS services, AWS Control Tower enables organizations to establish a standardized and secure cloud environment efficiently. Key Features and Functionality: - Landing Zone: Automates the setup of a secure, multi-account AWS environment based on best practices, including identity management, logging, and security controls. - Account Factory: Provides a configurable account template to standardize the provisioning of new AWS accounts with pre-approved configurations, facilitating consistent and compliant account creation. - Control Catalog: Offers a centralized repository of over 750 preconfigured controls, allowing organizations to enforce governance policies across their AWS environment. These controls include preventive, detective, and proactive measures to maintain compliance and security. - Dashboard: Provides a centralized interface for monitoring the compliance status of accounts and organizational units, offering visibility into noncompliant resources and overall governance posture. Primary Value and Problem Solved: AWS Control Tower addresses the complexity of managing multiple AWS accounts by providing a centralized, automated solution for establishing and maintaining a secure and compliant cloud environment. It reduces the time and effort required to set up multi-account environments, enforces consistent governance policies, and enhances visibility into compliance status. This enables organizations to focus on innovation and business objectives while ensuring their AWS infrastructure adheres to best practices and regulatory requirements. **Average Rating:** 3.9/5.0 **Total Reviews:** 20 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.1/10 (Category avg: 9.0/10) - **Auditing:** 9.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.3/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Amazon Web Services (AWS)](https://www.g2.com/sellers/amazon-web-services-aws-3e93cc28-2e9b-4961-b258-c6ce0feec7dd) - **Year Founded:** 2006 - **HQ Location:** Seattle, WA - **Twitter:** @awscloud (2,223,984 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/amazon-web-services/ (156,424 employees on LinkedIn®) - **Ownership:** NASDAQ: AMZN **Reviewer Demographics:** - **Company Size:** 45% Mid-Market, 41% Enterprise ### 17. [Cortex Cloud](https://www.g2.com/products/cortex-cloud/reviews) Cortex Cloud by Palo Alto Networks, the next version of Prisma Cloud, understands a unified security approach is essential for effectively addressing AppSec, CloudSec, and SecOps. Connecting cloud security and SOC workflows enables teams to achieve holistic visibility, trace risk across the lifecycle, and correlate real-time threat activity with development and runtime contexts. Cortex Cloud is a unified platform built on three core pillars: data integration, AI-driven intelligence, and automation. Now you can safeguard applications, data, and infrastructure across multicloud and hybrid environments with a unified data model that consolidates telemetry from code, runtime, identity, and endpoints, all into a single data source. Empower teams with precise, AI-powered insights and 2200+ machine learning models to identify and stop zero-day threats with real-time advanced threat detection and response. And automate with 1000+ prebuilt playbooks across your cloud stack to reduce manual workloads, accelerate remediations, and cut response times tenfold. Cortex Cloud delivers more than tools—it transforms how organizations secure their cloud environments. **Average Rating:** 4.1/5.0 **Total Reviews:** 110 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.0/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.5/10 (Category avg: 9.0/10) - **Auditing:** 8.6/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.1/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks) - **Company Website:** https://www.paloaltonetworks.com - **Year Founded:** 2005 - **HQ Location:** Santa Clara, CA - **Twitter:** @PaloAltoNtwks (128,686 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (21,355 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 38% Enterprise, 31% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (49 reviews) - Features (45 reviews) - Security (43 reviews) - Visibility (38 reviews) - Cloud Integration (34 reviews) **Cons:** - Expensive (31 reviews) - Difficult Learning (30 reviews) - Learning Curve (29 reviews) - Pricing Issues (24 reviews) - Complex Setup (21 reviews) ### 18. [Red Hat Advanced Cluster Security for Kubernetes](https://www.g2.com/products/red-hat-advanced-cluster-security-for-kubernetes/reviews) Red Hat Advanced Cluster Security for Kubernetes is a comprehensive, Kubernetes-native security solution designed to enhance the security of cloud-native applications throughout their lifecycle. It provides robust protection for containerized workloads across various environments, including on-premises, public clouds, and hybrid platforms. By integrating seamlessly with Kubernetes and DevOps tools, RHACS enables organizations to proactively identify and mitigate security risks, ensuring compliance and reducing operational overhead. Key Features and Functionality: - Visibility: Offers a holistic view of Kubernetes environments, encompassing images, pods, deployments, namespaces, and configurations. - Vulnerability Management: Continuously scans container images and Kubernetes components to detect and prioritize vulnerabilities, facilitating prompt remediation. - Compliance: Assesses adherence to security and regulatory frameworks such as CIS, PCI, NIST, and HIPAA, providing interactive dashboards and audit reports. - Network Segmentation: Visualizes network traffic and enforces Kubernetes-native network policies to minimize exposure and enhance security posture. - Risk Profiling: Ranks deployments based on risk levels by analyzing vulnerabilities, configuration issues, and runtime behaviors, aiding in prioritization of security efforts. - Configuration Management: Identifies and rectifies misconfigurations, ensuring best practices are followed to harden Kubernetes environments. - Runtime Detection and Response: Monitors system-level events to detect anomalous activities, enabling swift response to potential threats. Primary Value and Problem Solved: RHACS addresses the critical need for robust security in Kubernetes environments by providing comprehensive tools to identify, assess, and mitigate security risks throughout the application lifecycle. It empowers organizations to implement security best practices, maintain compliance with industry standards, and respond effectively to threats, thereby reducing operational risks and enhancing the overall security posture of cloud-native applications. **Average Rating:** 5.0/5.0 **Total Reviews:** 12 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 10.0/10 (Category avg: 9.0/10) - **Auditing:** 10.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 10.0/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Red Hat](https://www.g2.com/sellers/red-hat) - **Year Founded:** 1993 - **HQ Location:** Raleigh, NC - **Twitter:** @RedHat (299,757 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3545/ (19,305 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 42% Mid-Market, 33% Small-Business ### 19. [Coro Cybersecurity](https://www.g2.com/products/coro-cybersecurity/reviews) Coro is the easy cybersecurity company. We designed an all-in-one platform that every lean IT team will master. While other solutions scare people into buying complicated, confusing products, we lead with elegant simplicity. Coro is fast to deploy, easy to use, and designed not to waste your time. Once you install Coro, you’ll hardly think about us. That’s the point. Coro automatically detects and fixes security problems, so IT teams don’t have to spend time investigating or troubleshooting. We’re also one of the fastest-growing tech companies in North America, just ask Deloitte. Designed primarily for lean IT teams, Coro’s platform is particularly beneficial for organizations that may lack extensive IT resources or dedicated cybersecurity teams. With the increasing complexity of cyber threats, these businesses often find it challenging to maintain adequate security measures. Coro addresses this gap by automating the detection and remediation of security threats, allowing businesses to focus on their core operations without the constant worry of potential breaches or security incidents. One of Coro's key benefits is its intuitive, user-friendly interface, which simplifies the management of cybersecurity protocols. This ease of use is particularly advantageous for organizations with limited IT expertise, as it minimizes the need for extensive training or technical knowledge. Additionally, Coro’s continuous monitoring and reporting features provide businesses with valuable insights into their security posture, enabling them to make informed decisions about their cybersecurity strategies. Another impressive features is how comprehensive, yet powerful, it's all-in-one platform is. Using advanced AI technology, it detects and remediates over 92% of threats automatically, ensuring potential vulnerabilities are identified and addressed in real-time, significantly reducing the risk of data breaches and other cyber incidents. Their impressive performance has been recognised by G2 with a 94% approval rating from users and SE Labs, who awarded them three AAA ratings for their EDR, Email and Cloud modules. Overall, Coro’s cybersecurity platform represents a significant advancement in the field of cybersecurity. By automating threat detection and remediation, offering customizable solutions, and providing a user-friendly experience, Coro empowers organizations to effectively defend against the evolving landscape of cyber threats. Its recognition as one of the fastest-growing cybersecurity companies in North America further underscores its commitment to delivering innovative and effective security solutions. **Average Rating:** 4.7/5.0 **Total Reviews:** 231 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.5/10 (Category avg: 9.0/10) - **Auditing:** 9.0/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Coronet](https://www.g2.com/sellers/coronet) - **Company Website:** https://www.coro.net - **Year Founded:** 2014 - **HQ Location:** Chicago, IL - **Twitter:** @coro_cyber (1,892 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/coronet (295 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, IT Director - **Top Industries:** Non-Profit Organization Management, Financial Services - **Company Size:** 57% Mid-Market, 36% Small-Business #### Pros & Cons **Pros:** - Ease of Use (99 reviews) - Security (68 reviews) - Customer Support (67 reviews) - Protection (55 reviews) - Easy Setup (49 reviews) **Cons:** - Performance Issues (32 reviews) - Improvements Needed (20 reviews) - False Positives (19 reviews) - Inaccuracy (19 reviews) - Limited Features (16 reviews) ### 20. [SentinelOne Singularity Cloud Security](https://www.g2.com/products/sentinelone-singularity-cloud-security/reviews) Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their remediation tasks with evidence-backed Verified Exploit Paths™. The efficient and scalable runtime protection, proven over 5 years and trusted by many of the world’s leading cloud enterprises, harnesses local, autonomous AI engines to detect and thwart runtime threats in real-time. CNAPP data and workload telemetry is recorded to SentinelOne’s unified security lake, for easy access and investigation. **Average Rating:** 4.9/5.0 **Total Reviews:** 113 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.9/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.9/10 (Category avg: 9.0/10) - **Auditing:** 9.8/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.8/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [SentinelOne](https://www.g2.com/sellers/sentinelone) - **Company Website:** https://www.sentinelone.com - **Year Founded:** 2013 - **HQ Location:** Mountain View, CA - **Twitter:** @SentinelOne (57,607 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2886771/ (3,183 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Financial Services - **Company Size:** 60% Mid-Market, 31% Enterprise #### Pros & Cons **Pros:** - Security (27 reviews) - Ease of Use (20 reviews) - Vulnerability Detection (19 reviews) - Cloud Management (16 reviews) - Cloud Security (15 reviews) **Cons:** - Complexity (5 reviews) - Ineffective Alerts (5 reviews) - Complex Setup (4 reviews) - Difficult Configuration (4 reviews) - Poor UI (4 reviews) ### 21. [AWS Artifact](https://www.g2.com/products/aws-artifact/reviews) AWS Artifact provides on-demand access to AWS’ security and compliance reports and select online agreements. Reports available in AWS Artifact include our Service Organization Control (SOC) reports, Payment Card Industry (PCI) reports, and certifications from accreditation bodies across geographies and compliance verticals that validate the implementation and operating effectiveness of AWS security controls. Agreements available in AWS Artifact include the Business Associate Addendum (BAA) and the Nondisclosure Agreement (NDA). **Average Rating:** 4.1/5.0 **Total Reviews:** 18 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.3/10) **Seller Details:** - **Seller:** [Amazon Web Services (AWS)](https://www.g2.com/sellers/amazon-web-services-aws-3e93cc28-2e9b-4961-b258-c6ce0feec7dd) - **Year Founded:** 2006 - **HQ Location:** Seattle, WA - **Twitter:** @awscloud (2,223,984 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/amazon-web-services/ (156,424 employees on LinkedIn®) - **Ownership:** NASDAQ: AMZN **Reviewer Demographics:** - **Top Industries:** Information Technology and Services - **Company Size:** 45% Small-Business, 40% Enterprise #### Pros & Cons **Pros:** - Security Protection (1 reviews) **Cons:** - Not User-Friendly (1 reviews) - Poor Interface Design (1 reviews) ### 22. [Flexera One](https://www.g2.com/products/flexera-one/reviews) Flexera One is a SaaS-based IT management solution designed with and for organizations like yours with highly complex hybrid environments. With Flexera One, you can visualize your entire estate and make data-driven decisions from on-premise to SaaS to the cloud. IT Visibility Flexera One’s IT Visibility solution delivers the most comprehensive and clear view of your IT estate. Discovery and normalization—gain consistent, reliable data and take control of assets to draw valuable insights across software, hardware, SaaS and cloud. Data enrichment—enhance your IT inventory data with market intelligence that improves your decision-making abilities, via Technopedia—the largest and most trusted IT asset information source in the world. Unified data visualization—simplify the view of your environment with clear understanding and analytic that provide context for business initiatives spanning your entire IT estate. IT Asset Management Flexera One’s IT asset management (ITAM) starts with knowing what you have in your IT ecosystem—across hardware, software, SaaS, cloud, containers, clusters and virtual technologies. Optimized for today’s digital business, find the evidence required to determine license consumption, such as IBM sub-capacity requirements. Software asset management— Flexera One is the only SAM solution to solve the exponentiality of licensing with depth, breadth, algorithms and automation required to truly create a trusted and accurate license position. Hardware asset management— manage the hardware you own or lease, no matter where it is. Make critical hardware lifecycle decisions to support user productivity, business continuity and make the most of your hardware investments. SaaS management— get a current and complete picture of SaaS usage to support your business stakeholders while optimizing SaaS spend with all your vendors. Take action by discovering shadow SaaS, removing redundant applications and optimizing subscriptions based on actual usage automatically. Software request and reharvest— proactively reduce the sprawl and provide end users with a catalog of approved software, SaaS and cloud instances–helping you get them within guard rails while enabling the business to be agile and innovative. Reclaim unused technology to avoid future costs. Integrate with ITSM providers so you can meet users where they are and provide a seamless end-user experience. Cloud Cost Optimization Flexera One offers a unique approach to cloud cost optimization that enables cloud governance teams to work collaboratively with business units and cloud resource owners to optimize spend. With Flexera One, you get a comprehensive set of cloud cost optimization capabilities designed to easily reduce costs across your entire cloud environment. Cloud Cost Management— Get visibility into cloud usage and costs for all your cloud accounts. You can evaluate and report on your most cost-effective regions and instance sizes, and dive deep into public and private cloud costs by application, category, business unit, cost center, department or team. You also can allocate costs for chargeback and showback with complete backup and justification. Cloud Governance— Flexera One offers a powerful policies engine that enables your cloud governance teams to manage and control hybrid cloud use with out-of-the-box and custom policies to automate governance of costs, operations, security and compliance. Cloud Migration and Modernization Successful IT modernization requires proper analysis, prioritization and planning. Flexera One’s Cloud Migration and Modernization provides the actionable intelligence you need to optimize your cloud modernization and migration—no matter where you are on your cloud journey. Cloud Migration Planning— Flexera one gives you the actionable intelligence needed to optimize your on-premises to cloud migration journey from start to finish with full context visibility into business services. Cloud Cost Assessment — Flexera One provides comprehensive workload assessments to show you which cloud type, provider, custom instance choice, buying type and resource provisioning are best for your workload, budget and performance requirements—all to optimize your cloud cost savings. Workload Placement — Cloud migration and modernization provides comprehensive workload assessments for full visibility into your current workloads, so you can prioritize and identify which providers are best for your performance requirements to ensure successful migration of workloads to the cloud. **Average Rating:** 4.3/5.0 **Total Reviews:** 118 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.4/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.9/10 (Category avg: 9.0/10) - **Auditing:** 9.1/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Flexera](https://www.g2.com/sellers/flexera) - **Year Founded:** 2008 - **HQ Location:** Itasca, IL - **Twitter:** @flexera (4,728 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/574962/ (2,045 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Analyst, Software Engineer - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 73% Enterprise, 16% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (54 reviews) - Features (47 reviews) - Integrations (37 reviews) - Product Quality (36 reviews) - Visibility (35 reviews) **Cons:** - Complexity (37 reviews) - Difficult Learning (35 reviews) - Learning Curve (31 reviews) - Complex Setup (26 reviews) - Difficult Setup (23 reviews) ### 23. [Check Point CloudGuard Network Security](https://www.g2.com/products/check-point-cloudguard-network-security/reviews) CloudGuard Network Security is a comprehensive cloud security solution designed to protect public, private, and hybrid cloud environments from a wide array of cyber threats. This platform focuses on delivering advanced threat protection, ensuring that organizations can confidently transition to the cloud while maintaining robust security measures. With an impressive malware catch rate, CloudGuard is engineered to defend against various types of attacks, including ransomware and other malicious software. Targeted at enterprises and organizations that are increasingly adopting cloud technologies, CloudGuard Network Security is particularly beneficial for IT teams and security professionals who require a reliable and efficient way to manage security across multiple environments. The solution is ideal for businesses looking to enhance their cloud security posture without compromising on agility or operational efficiency. By integrating seamlessly with leading Infrastructure as Code (IaC) tools, CloudGuard automates network security processes, making it easier for teams to implement security measures within their continuous integration and continuous deployment (CI/CD) workflows. One of the standout features of CloudGuard is its advanced protection capabilities. The platform includes a suite of security features such as a firewall, data loss prevention (DLP), intrusion prevention system (IPS), application control, IPsec VPN, URL filtering, antivirus, anti-bot protection, threat extraction, and threat emulation. These tools work in concert to provide a multi-layered defense strategy that addresses various attack vectors, ensuring that organizations can mitigate risks effectively. Additionally, CloudGuard's automated network security capabilities support IaC and CI/CD practices, allowing organizations to streamline their security processes through the use of APIs and automation. This enables security teams to focus on more strategic initiatives rather than being bogged down by manual tasks. The unified security management feature further enhances the solution by providing consistent visibility and policy management across hybrid-cloud and on-premises environments. Users can access logging, reporting, and control from a single interface, simplifying the management of security policies and improving overall operational efficiency. Overall, CloudGuard Network Security stands out in the cloud security landscape by offering a robust, integrated solution that not only protects against emerging threats but also enhances the agility and efficiency of security operations. Its comprehensive feature set and automation capabilities make it a valuable asset for organizations navigating the complexities of cloud security. **Average Rating:** 4.5/5.0 **Total Reviews:** 170 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.7/10 (Category avg: 9.0/10) - **Auditing:** 8.8/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies) - **Company Website:** https://www.checkpoint.com/ - **Year Founded:** 1993 - **HQ Location:** Redwood City, CA - **Twitter:** @CheckPointSW (70,978 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,356 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Network Engineer, Security Engineer - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 41% Enterprise, 30% Mid-Market #### Pros & Cons **Pros:** - Security (42 reviews) - Ease of Use (28 reviews) - Threat Detection (28 reviews) - Threat Protection (28 reviews) - Cloud Integration (22 reviews) **Cons:** - Complexity (26 reviews) - Difficult Setup (25 reviews) - Difficult Learning (24 reviews) - Difficult Configuration (23 reviews) - Difficult Learning Curve (22 reviews) ### 24. [Copla](https://www.g2.com/products/copla/reviews) Copla offers an advanced cybersecurity compliance platform for financial institutions, focusing on DORA while also supporting a range of other industry frameworks. Our platform simplifies compliance with predefined and customizable workflows that eliminate manual tasks. Employees are engaged in real-time compliance checks and evidence gathering via our chatbot Copla Stream, reducing bottlenecks and streamlining the process. Compliance evidence is automatically stored in a central location, making audits faster and always regulator-ready. Features like data extraction, risk assessment, vulnerability scanning, penetration testing, and continuous monitoring ensure businesses stay secure and compliant. We also provide business continuity planning and awareness training to strengthen security posture. Copla includes fractional CISO services, offering expert guidance and strategic leadership to help organizations navigate complex compliance and risk management challenges. With fully guided DORA implementation, compliance analysis, and robust risk management workflows, our platform empowers financial institutions to reduce compliance workloads by up to 80% and save over 60K EUR, ensuring efficient and secure operations. **Average Rating:** 4.9/5.0 **Total Reviews:** 83 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 9.2/10 (Category avg: 9.0/10) - **Auditing:** 9.5/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 9.3/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Copla](https://www.g2.com/sellers/copla) - **Company Website:** https://www.copla.com - **Year Founded:** 2023 - **HQ Location:** N/A - **LinkedIn® Page:** https://www.linkedin.com/company/cyber-upgrade/ (41 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Financial Services, Accounting - **Company Size:** 78% Small-Business, 27% Mid-Market #### Pros & Cons **Pros:** - Compliance (41 reviews) - Ease of Use (41 reviews) - Time-saving (30 reviews) - Auditing (28 reviews) - Evidence Collection (26 reviews) **Cons:** - Difficult Setup (12 reviews) - Integration Issues (11 reviews) - Complex Setup (9 reviews) - UX Improvement (9 reviews) - Learning Curve (8 reviews) ### 25. [AWS Security Hub](https://www.g2.com/products/aws-security-hub/reviews) AWS Security Hub is a cloud security posture management service that provides a comprehensive view of your security state within AWS. It aggregates, organizes, and prioritizes security alerts and compliance status across AWS accounts, services, and integrated third-party products. By continuously monitoring your environment against industry standards and best practices, Security Hub enables you to identify and remediate security issues efficiently, ensuring a robust security posture. Key Features and Functionality: - Aggregated Security Findings: Consolidates security alerts from AWS services like Amazon GuardDuty, Amazon Inspector, Amazon Macie, and AWS Firewall Manager, as well as from third-party security tools, into a single, unified dashboard. - Automated Compliance Checks: Performs continuous security best practice checks against your AWS resources, assessing compliance with standards such as the AWS Foundational Security Best Practices and the Center for Internet Security (CIS) AWS Foundations Benchmark. - Centralized Management: Offers a unified view of security findings across multiple AWS accounts and regions, simplifying security operations and enhancing visibility. - Prioritization and Insights: Correlates and enriches security findings to provide actionable insights, enabling you to prioritize critical issues and respond effectively. - Automated Response and Remediation: Integrates with AWS services and third-party tools to automate security workflows, reducing response times and improving operational efficiency. Primary Value and Problem Solved: AWS Security Hub addresses the challenge of managing and maintaining a secure cloud environment by providing centralized visibility and control over security findings. It simplifies the detection and remediation of security issues by aggregating data from various sources, automating compliance checks, and offering actionable insights. This unified approach reduces the complexity of security operations, enhances compliance with industry standards, and enables organizations to respond to threats more swiftly and effectively. **Average Rating:** 4.4/5.0 **Total Reviews:** 24 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.7/10 (Category avg: 9.3/10) - **Compliance Monitoring:** 8.8/10 (Category avg: 9.0/10) - **Auditing:** 9.2/10 (Category avg: 8.9/10) - **Cloud Gap Analytics:** 8.8/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Amazon Web Services (AWS)](https://www.g2.com/sellers/amazon-web-services-aws-3e93cc28-2e9b-4961-b258-c6ce0feec7dd) - **Year Founded:** 2006 - **HQ Location:** Seattle, WA - **Twitter:** @awscloud (2,223,984 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/amazon-web-services/ (156,424 employees on LinkedIn®) - **Ownership:** NASDAQ: AMZN **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 45% Enterprise, 34% Mid-Market #### Pros & Cons **Pros:** - Compliance (1 reviews) - Ease of Use (1 reviews) - Easy Implementation (1 reviews) - Integrations (1 reviews) - Reporting (1 reviews) **Cons:** - Complexity Issues (1 reviews) - Cost Management (1 reviews) - Expensive (1 reviews) - Inadequate Reporting (1 reviews) - Learning Curve (1 reviews) ## Parent Category [Cloud Security Software](https://www.g2.com/categories/cloud-security) ## Related Categories - [Cloud Workload Protection Platforms](https://www.g2.com/categories/cloud-workload-protection-platforms) - [Cloud Security Posture Management (CSPM) Software](https://www.g2.com/categories/cloud-security-posture-management-cspm) - [Security Compliance Software](https://www.g2.com/categories/security-compliance)