# Best Container Security Tools *By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)* Container security tools are used to secure multiple components of containerized applications or files, along with their infrastructure and connected networks. Containers are a popular way to format units of software during application development, most commonly used by DevOps teams. After development, they are orchestrated, deployed, and networked. Security is essential during all stages of container usage. [Container security](https://research.g2.com/blog/g2-on-cloud-security-conquering-container-security) software is used to manage access, test security, and protect cloud computing infrastructure running containerized applications. Management features will help administrators determine who can access containerized data or integrate with containerized applications. Testing capabilities will assist in developing security policies, discovering zero-day vulnerabilities, and simulating attacks from common threat sources. Some [application security software](https://www.g2.com/categories/application-security) include the ability to defend and test the security of containerized applications. But container-specific security tools provide increased security, monitoring, and networking, for microservices and containerized applications. To qualify for inclusion in the Container Security category, a product must: - Integrate security with DevOps tools - Monitor and secure container networks or pipelines - Enforce access and security policies - Provide runtime protection capabilities --- ## What Are the Most Common Questions About Container Security Tools? *AI-generated · Last updated: May 26, 2026* ### Which container security software offers the most detailed reports? Based on G2 reviews, [Wiz](https://www.g2.com/products/wiz-wiz/reviews) stands out for detailed reporting and contextual visibility in container security workflows. According to verified users, Wiz gives teams a unified view of vulnerabilities, misconfigurations, cloud resources, and attack paths, with findings that are easier to interpret and prioritize. G2 reviewers mention strong dashboards, security graphs, compliance reporting, and actionable remediation guidance that help both technical teams and leadership understand what to fix first. Reviews also note that reporting can still be improved in some cases, but overall users consistently describe Wiz as giving deep, high-context insights across container, code, and cloud environments. ### Which platform offers AI-powered container threat detection? Based on G2 reviews, [Wiz](https://www.g2.com/products/wiz-wiz/reviews) is the most frequently mentioned option for AI-powered container threat detection in this dataset. According to verified users, Wiz combines AI-assisted search, AI workflows, and AI-driven security guidance with visibility into runtime risks, vulnerabilities, and toxic combinations across cloud and container environments. G2 reviewers mention using Wiz AI to answer security questions, guide remediation, support threat and forensics workflows, and help teams understand what to fix first. Reviews also highlight container-related issue detection and runtime protection, making it a strong fit for teams that want AI assistance layered into broader container and cloud security operations. ### Best software for compliance-focused container security? Based on G2 reviews, buyers looking for compliance-focused container security often prioritize platforms that combine vulnerability visibility, policy guidance, and audit support. According to verified users, products in this category help teams monitor container risks while supporting frameworks such as SOC 2, PCI, and other compliance requirements. G2 reviewers mention strengths like compliance dashboards, continuous monitoring, policy mapping, and clearer audit preparation. Reviewers also value platforms that reduce security noise so teams can focus on remediation that matters for governance and certification readiness. For container security programs with compliance goals, recent G2 reviews point to a few products that are repeatedly associated with audit readiness, posture visibility, and actionable risk tracking. **Here are some of the top-rated products on G2:** - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) – used for container issues, compliance reporting, cloud posture visibility, and faster audit preparation - [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews) – supports compliance monitoring and runtime security for Kubernetes and containerized workloads - [Minimus](https://www.g2.com/products/minimus/reviews) – helps teams use minimal, hardened images that simplify compliance validation and audit preparation ### Best platforms for securing Kubernetes workloads? Based on G2 reviews, securing Kubernetes workloads usually means combining runtime visibility, vulnerability management, and policy enforcement in one place. According to verified users, the strongest products in this category help teams monitor clusters in real time, identify risky workload behavior, and prioritize fixes without adding too much noise. G2 reviewers mention Kubernetes-specific visibility, runtime detection, compliance monitoring, and support for containerized environments as key buying factors. They also highlight the value of platforms that connect Kubernetes security to broader cloud and development workflows. Recent review data points to several frequently cited options for organizations that need stronger protection for Kubernetes workloads at scale. **Here are some of the top-rated products on G2:** - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) – gives teams visibility into Kubernetes risks, runtime findings, and container vulnerabilities within a broader cloud security workflow - [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews) – focuses on real-time Kubernetes runtime threat detection, compliance monitoring, and workload protection - [Calico](https://www.g2.com/products/calico-2025-10-31/reviews) – helps secure Kubernetes traffic with network policies, zero-trust controls, and workload visibility ### Top platforms for securing container images? Based on G2 reviews, container image security buyers often look for platforms that reduce vulnerability noise before deployment and fit easily into existing workflows. According to verified users, the most discussed strengths in this area include hardened or minimal images, image scanning, daily rebuilds, SBOM visibility, and easier remediation. G2 reviewers mention that image-focused tools can cut down the volume of low-value CVE triage, while broader cloud security platforms help teams understand image risk alongside runtime and infrastructure context. Reviews show that teams value products that improve release confidence, reduce maintenance effort, and make vulnerability management more manageable across development and production environments. **Here are some of the top-rated products on G2:** - [Minimus](https://www.g2.com/products/minimus/reviews) – provides minimal, hardened images that reduce vulnerability alerts and simplify secure deployments - [Chainguard](https://www.g2.com/products/chainguard/reviews) – helps teams use secure-by-default images with strong SBOM transparency and lower CVE overhead - [Echo](https://www.g2.com/products/echo-echo/reviews) – offers secure replacement images that reviewers say dramatically reduce container CVEs with minimal workflow changes ### Top-rated container security platforms for large enterprises? Based on G2 reviews, large enterprises tend to favor container security platforms that offer broad visibility, workflow integration, and support for complex multi-cloud or Kubernetes environments. According to verified users, enterprise buyers value tools that help consolidate multiple security functions, reduce operational noise, and provide context-rich findings for different teams. G2 reviewers mention needs such as centralized dashboards, policy controls, runtime monitoring, compliance support, and integration across cloud, code, and container layers. Reviews also suggest that enterprise teams appreciate platforms that scale across many assets while still helping prioritize the most meaningful risks. Recent G2 feedback highlights a few products most often associated with enterprise-scale container security operations. **Here are some of the top-rated products on G2:** - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) – used by enterprise teams for broad multi-cloud visibility, prioritized findings, and consolidated security operations - [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews) – supports enterprise container and Kubernetes runtime security with compliance and remediation workflows - [CrowdStrike Falcon Cloud Security](https://www.g2.com/products/crowdstrike-falcon-cloud-security/reviews) – brings workload, container, and cloud security visibility into a unified enterprise platform ### Top tools for scanning containers for vulnerabilities? Based on G2 reviews, teams scanning containers for vulnerabilities want tools that surface meaningful findings without overwhelming developers and security teams. According to verified users, the most useful products combine image or workload scanning with prioritization, remediation guidance, and visibility into which vulnerabilities actually matter. G2 reviewers mention benefits such as easier vulnerability management, cleaner scan results, support for container and dependency scanning, and better coordination between security and engineering. Some buyers also favor products that reduce the number of vulnerabilities in the first place through hardened images, while others want broader cloud and runtime visibility tied to scan outputs. Recent reviews consistently point to a few well-cited options. **Here are some of the top-rated products on G2:** - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) – helps teams spot container vulnerabilities alongside cloud misconfigurations and prioritize remediation - [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews) – scans container images, dependencies, and runtime workloads with remediation guidance - [Aikido Security](https://www.g2.com/products/aikido-security/reviews) – provides automated container scanning within an all-in-one workflow for vulnerability detection and remediation ### Which is the best container security platform for DevOps teams? Based on G2 reviews, [Wiz](https://www.g2.com/products/wiz-wiz/reviews) is the strongest fit here because reviewers frequently describe it as easy to deploy, highly actionable, and well integrated into development and remediation workflows. According to verified users, Wiz helps DevOps and engineering teams understand cloud and container risks in context, prioritize what is actually exploitable, and shift fixes earlier into the lifecycle. G2 reviewers mention integrations with developer tools, CI/CD processes, Jira automation, repositories, and code-to-cloud visibility that make collaboration easier across security and engineering. They also note that smaller teams benefit from the filtered, lower-noise approach, even if the platform can feel information-dense at first. ### Which container security tool integrates with CI/CD pipelines? Based on G2 reviews, [Wiz](https://www.g2.com/products/wiz-wiz/reviews) is the most frequently evidenced answer for CI/CD integration in this dataset. According to verified users, Wiz supports shift-left security by scanning before deployment, connecting with repositories, and fitting into workflows that include automation and issue routing. G2 reviewers mention Wiz CLI scans, integrations with GitHub, Jira automation, connectors for repositories, and support for code-to-cloud visibility that helps teams catch container and infrastructure issues earlier. While several products reference CI/CD support, Wiz appears most consistently in recent reviews for combining pipeline integration with broader visibility, prioritization, and remediation context across container and cloud security use cases. ### Best tools for runtime container security monitoring? Based on G2 reviews, buyers evaluating runtime container security monitoring usually prioritize real-time visibility into running workloads, suspicious behavior, and actionable alerts. According to verified users, the best-fit products help teams monitor Kubernetes and container environments continuously while connecting runtime findings with vulnerability and compliance workflows. G2 reviewers mention runtime threat detection, workload monitoring, threat prevention, and runtime visibility as especially valuable for reducing blind spots after deployment. They also favor platforms that make it easier to understand which issues are truly urgent rather than flooding teams with raw alert volume. Recent G2 reviews most often associate the following products with runtime-focused container security use cases. **Here are some of the top-rated products on G2:** - [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews) – specializes in real-time runtime threat detection and monitoring for containers and Kubernetes workloads - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) – offers runtime protection and context-rich visibility into container and cloud risks - [CrowdStrike Falcon Cloud Security](https://www.g2.com/products/crowdstrike-falcon-cloud-security/reviews) – provides real-time workload and container monitoring with unified cloud security visibility ## How Many Container Security Tools Products Does G2 Track? **Total Products under this Category:** 73 ### Category Stats (Jun 2026) - **Average Rating**: 4.53/5 The average rating of products in this category, based on all submitted ratings - **New Reviews This Quarter**: 56 - **Buyer Segments**: Enterprise 72% │ Mid-Market 15% │ Small-Business 13% Represents the distribution of reviewers across all products in this category. - **Top Trending Product**: Orca Security (+0.69%) - Among all products in this category, Orca Security recorded the largest rating increase compared to last month *Last updated: June 09, 2026* ## How Does G2 Rank Container Security Tools Products? **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 4,000+ Authentic Reviews - 73+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Which Container Security Tools Is Best for Your Use Case? - **Leader:** [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - **Highest Performer:** [Minimus](https://www.g2.com/products/minimus/reviews) - **Easiest to Use:** [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - **Top Trending:** [Aikido Security](https://www.g2.com/products/aikido-security/reviews) - **Best Free Software:** [Wiz](https://www.g2.com/products/wiz-wiz/reviews) --- **Sponsored** ### Aikido Security Aikido Security is the developer-first security platform that unifies code, cloud, protection, and attack testing in one suite of best-in-class products. Built by developers for developers, Aikido helps teams of any size ship secure software faster, automate protection, and simulate real-world attacks with AI-driven precision. The platform’s proprietary AI cuts noise by 95%, delivers one-click fixes, and saves developers 10+ hours per week. Aikido Intel proactively uncovers vulnerabilities in open source packages before disclosure, helping secure more than 50,000 organizations worldwide, including Revolut, Niantic, Visma, Montblanc, and GoCardless. [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=1594&secure%5Bdisplayable_resource_id%5D=1594&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=page_category&secure%5Bplacement_resource_ids%5D%5B%5D=1594&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=1259627&secure%5Bresource_id%5D=1594&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fcontainer-security-tools&secure%5Btoken%5D=a53458e4bed8a4cbb91c18bf8d63193570ca593508e24fcef53b6f423299aa52&secure%5Burl%5D=https%3A%2F%2Fwww.aikido.dev%2Fcode%2Fcontainer-image-scanning%3Futm_source%3Dg2%26utm_campaign%3Dg2-promoted-listing-container-security%26utm_medium%3Dcpc&secure%5Burl_type%5D=custom_url) --- ## What Are the Top-Rated Container Security Tools Products in 2026? ### 1. [Wiz](https://www.g2.com/products/wiz-wiz/reviews) Wiz transforms cloud security for customers – including more than 50% of the Fortune 100 – by enabling a new operating model. With Wiz, organizations can democratize security across the development lifecycle, empowering them to build fast and securely. Its Cloud Native Application Protection Platform (CNAPP) consolidates CSPM, KSPM, CWPP, Vulnerability management, IaC scanning, CIEM, DSPM into a single platform. Wiz drives visibility, risk prioritization, and business agility. Protecting Your Cloud Environments Requires a Unified, Cloud Native Platform. Wiz connects to every cloud environment, scans every layer, and covers every aspect of your cloud security - including elements that normally require installing agents. Its comprehensive approach has all of these cloud security solutions built in. Hundreds of organizations worldwide, including 50 percent of the Fortune 100, to rapidly identify and remove critical risks in cloud environments. Its customers include Salesforce, Slack, Mars, BMW, Avery Dennison, Priceline, Cushman & Wakefield, DocuSign, Plaid, and Agoda, among others. Wiz is backed by Sequoia, Index Ventures, Insight Partners, Salesforce, Blackstone, Advent, Greenoaks, Lightspeed and Aglaé. Visit https://www.wiz.io for more information. **Average Rating:** 4.7/5.0 **Total Reviews:** 790 **How Do G2 Users Rate Wiz?** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10) - **Security Auditing:** 9.1/10 (Category avg: 8.3/10) - **Network Segmentation:** 7.7/10 (Category avg: 7.9/10) - **Workload Protection:** 8.0/10 (Category avg: 8.0/10) **Who Is the Company Behind Wiz?** - **Seller:** [Wiz](https://www.g2.com/sellers/wiz-76a0133b-42e5-454e-b5da-860e503471db) - **Company Website:** https://www.wiz.io/ - **Year Founded:** 2020 - **HQ Location:** New York, US - **Twitter:** @wiz_io (24,728 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/wizsecurity/ (3,383 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CISO, Security Engineer - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 54% Enterprise, 38% Mid-Market #### What Are Wiz's Pros and Cons? **Pros:** - Features (110 reviews) - Security (107 reviews) - Ease of Use (104 reviews) - Visibility (86 reviews) - Easy Setup (67 reviews) **Cons:** - Improvement Needed (35 reviews) - Learning Curve (34 reviews) - Feature Limitations (33 reviews) - Improvements Needed (28 reviews) - Complexity (27 reviews) ### 2. [Chainguard](https://www.g2.com/products/chainguard/reviews) Chainguard Containers are a guarded catalog of minimal, zero-CVE container images with a best-in-class CVE remediation SLA (7 days for critical severity, 14 days for high, medium and low) that helps customers build and deploy software better. Modern software development practices and deployment pipelines require secure, up-to-date containerized applications for cloud-native applications. Chainguard builds minimal images that contain only the components required to build and run your containers entirely from source in hardened build infrastructure. Aimed at engineering organizations and security teams alike, Chainguard Containers reduce costly engineering toil around vulnerability management, enhance the security posture of applications by eliminating attack surface, and unlock revenue by simplifying compliance with key frameworks and customer requirements. Chainguard Containers – Value Pillars • Reduce cost of engineering toil: Engineers are a precious resource meant for building innovative platforms and products, not non-strategic / un-differentiated toil like patching vulnerabilities • Secure foundation for open source software: Minimal, trusted, and secure open source components for every developer and every stack • Achieve and maintain continuous compliance: Easily operate in compliance frameworks such as FedRAMP, cATO, StateRAMP, PCI-DSS, HIPAA, SOC2, NIS2, and CMMC • Accelerate revenue by building better products faster: Enable engineers to deliver new products and better features, securely with speed Chainguard Containers – Key Capabilities • Best-in-class CVE remediation SLA: Count on an industry-leading remediation SLA of 7 days for critical CVEs and 14 days for high, medium, and low • Secure-by-default, transparent by design: Adopt trusted, zero-CVE container images with full build-time generated SBOMs and digitally signed attestations for total transparency • FIPS and STIGs to simplify continuous compliance: Maintain compliance for critical frameworks like FedRAMP, PCI-DSS, and SOC 2 with hardened images that come with kernel-independent FIPS validation and OS-Level STIGs by default • 1,300+ purpose-built images that are always up to date: Choose from our growing catalog of minimal container images rebuilt from source daily with “nano-updates,” eliminating major OS version upgrades **Average Rating:** 4.8/5.0 **Total Reviews:** 53 **How Do G2 Users Rate Chainguard?** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.1/10) - **Security Auditing:** 8.8/10 (Category avg: 8.3/10) - **Network Segmentation:** 7.4/10 (Category avg: 7.9/10) - **Workload Protection:** 8.4/10 (Category avg: 8.0/10) **Who Is the Company Behind Chainguard?** - **Seller:** [Chainguard](https://www.g2.com/sellers/chainguard) - **Company Website:** https://www.chainguard.dev/ - **Year Founded:** 2021 - **HQ Location:** Kirkland, WA - **Twitter:** @chainguard_dev (6,311 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/chainguard-dev/ (693 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Computer & Network Security - **Company Size:** 43% Enterprise, 32% Small-Business #### What Are Chainguard's Pros and Cons? **Pros:** - Ease of Use (5 reviews) - Comprehensive Security (4 reviews) - Customer Support (4 reviews) - Container Security (3 reviews) - Easy Integrations (3 reviews) **Cons:** - Complex Setup (2 reviews) - Difficult Learning (2 reviews) - Expensive (2 reviews) - Integration Issues (2 reviews) - Missing Features (2 reviews) ### 3. [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews) Sysdig Secure is the real-time cloud-native application protection platform (CNAPP) trusted by organizations of all sizes around the world.. Built by the creators of Falco and Wireshark, Sysdig uniquely delivers runtime-powered visibility and agentic AI to stop cloud attacks instantly, not after the damage is done. With Sysdig, you can: - Stop threats in 2 seconds and respond in minutes - Cut vulnerability noise by 95% with runtime prioritization - Detect real risk instantly across workloads, identities, and misconfigurations - Close permissions gaps in under 2 minutes Sysdig Secure consolidates CSPM, CWPP, CIEM, vulnerability management, and threat detection into a single open, real-time platform. Unlike other CNAPPs, Sysdig connects signals across runtime, identity, and posture to eliminate blind spots, reduce tool sprawl, and accelerate innovation without compromise. No guesswork. No black boxes. Just cloud security, the right way. Learn more at https://sysdig.com **Average Rating:** 4.8/5.0 **Total Reviews:** 110 **How Do G2 Users Rate Sysdig Secure?** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.1/10) - **Security Auditing:** 9.6/10 (Category avg: 8.3/10) - **Network Segmentation:** 9.1/10 (Category avg: 7.9/10) - **Workload Protection:** 9.3/10 (Category avg: 8.0/10) **Who Is the Company Behind Sysdig Secure?** - **Seller:** [Sysdig](https://www.g2.com/sellers/sysdig-715eaed9-9743-4f27-bd2b-d3730923ac3e) - **Company Website:** https://www.sysdig.com - **Year Founded:** 2013 - **HQ Location:** San Francisco, California - **Twitter:** @Sysdig (10,287 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3592486/ (627 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Security Engineer - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 47% Enterprise, 40% Mid-Market #### What Are Sysdig Secure's Pros and Cons? **Pros:** - Security (32 reviews) - Vulnerability Detection (30 reviews) - Threat Detection (29 reviews) - Detection Efficiency (28 reviews) - Visibility (23 reviews) **Cons:** - Feature Limitations (10 reviews) - Complexity (9 reviews) - Difficult Learning (7 reviews) - Feature Complexity (7 reviews) - Learning Curve (7 reviews) ### 4. [Aikido Security](https://www.g2.com/products/aikido-security/reviews) Aikido Security is the developer-first security platform that unifies code, cloud, protection, and attack testing in one suite of best-in-class products. Built by developers for developers, Aikido helps teams of any size ship secure software faster, automate protection, and simulate real-world attacks with AI-driven precision. The platform’s proprietary AI cuts noise by 95%, delivers one-click fixes, and saves developers 10+ hours per week. Aikido Intel proactively uncovers vulnerabilities in open source packages before disclosure, helping secure more than 50,000 organizations worldwide, including Revolut, Niantic, Visma, Montblanc, and GoCardless. **Average Rating:** 4.6/5.0 **Total Reviews:** 141 **How Do G2 Users Rate Aikido Security?** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10) - **Security Auditing:** 9.0/10 (Category avg: 8.3/10) - **Network Segmentation:** 7.6/10 (Category avg: 7.9/10) - **Workload Protection:** 10.0/10 (Category avg: 8.0/10) **Who Is the Company Behind Aikido Security?** - **Seller:** [Aikido Security](https://www.g2.com/sellers/aikido-security) - **Company Website:** https://aikido.dev - **Year Founded:** 2022 - **HQ Location:** Ghent, Belgium - **Twitter:** @AikidoSecurity (11,579 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/aikido-security/ (241 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CTO, Founder - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 70% Small-Business, 18% Mid-Market #### What Are Aikido Security's Pros and Cons? **Pros:** - Ease of Use (78 reviews) - Security (55 reviews) - Features (52 reviews) - Easy Integrations (47 reviews) - Easy Setup (47 reviews) **Cons:** - Missing Features (19 reviews) - Expensive (17 reviews) - Limited Features (16 reviews) - Pricing Issues (15 reviews) - Lacking Features (14 reviews) ### 5. [Orca Security](https://www.g2.com/products/orca-security/reviews) The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google Cloud, Kubernetes, Alibaba Cloud, and Oracle Cloud. Orca offers the industry’s most comprehensive cloud security solution in a single platform — eliminating the need to deploy and maintain multiple point solutions. Orca is agentless-first, and connects to your environment in minutes using Orca’s patented SideScanning™ technology that provides deep and wide visibility into your cloud environment, without requiring agents. In addition, Orca can integrate with third-party agents for runtime visibility and protection for critical workloads. Orca is at the forefront of leveraging Generative AI for simplified investigations and accelerated remediation – reducing required skill levels and saving cloud security, DevOps, and development teams time and effort, while significantly improving security outcomes. As a Cloud Native Application Protection Platform (CNAPP), Orca consolidates many point solutions in one platform, including: CSPM, CWPP, CIEM, Vulnerability Management, Container and Kubernetes Security, DSPM, API Security, CDR, Multi-cloud Compliance, Shift Left Security, and AI-SPM. **Average Rating:** 4.6/5.0 **Total Reviews:** 270 **How Do G2 Users Rate Orca Security?** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10) - **Security Auditing:** 8.9/10 (Category avg: 8.3/10) - **Network Segmentation:** 7.7/10 (Category avg: 7.9/10) - **Workload Protection:** 7.8/10 (Category avg: 8.0/10) **Who Is the Company Behind Orca Security?** - **Seller:** [Orca Security](https://www.g2.com/sellers/orca-security) - **Company Website:** https://orca.security - **Year Founded:** 2019 - **HQ Location:** Portland, Oregon - **Twitter:** @orcasec (4,835 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/35573984/ (515 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Security Engineer, CISO - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 48% Enterprise, 42% Mid-Market #### What Are Orca Security's Pros and Cons? **Pros:** - Ease of Use (13 reviews) - Vulnerability Scanning (13 reviews) - Features (11 reviews) - Visibility (11 reviews) - Comprehensive Security (9 reviews) **Cons:** - Security Vulnerabilities (6 reviews) - Dashboard Issues (5 reviews) - Delayed Detection (5 reviews) - False Positives (5 reviews) - Improvement Needed (5 reviews) ### 6. [Cortex Cloud](https://www.g2.com/products/cortex-cloud/reviews) Cortex Cloud by Palo Alto Networks, the next version of Prisma Cloud, understands a unified security approach is essential for effectively addressing AppSec, CloudSec, and SecOps. Connecting cloud security and SOC workflows enables teams to achieve holistic visibility, trace risk across the lifecycle, and correlate real-time threat activity with development and runtime contexts. Cortex Cloud is a unified platform built on three core pillars: data integration, AI-driven intelligence, and automation. Now you can safeguard applications, data, and infrastructure across multicloud and hybrid environments with a unified data model that consolidates telemetry from code, runtime, identity, and endpoints, all into a single data source. Empower teams with precise, AI-powered insights and 2200+ machine learning models to identify and stop zero-day threats with real-time advanced threat detection and response. And automate with 1000+ prebuilt playbooks across your cloud stack to reduce manual workloads, accelerate remediations, and cut response times tenfold. Cortex Cloud delivers more than tools—it transforms how organizations secure their cloud environments. **Average Rating:** 4.1/5.0 **Total Reviews:** 110 **How Do G2 Users Rate Cortex Cloud?** - **Has the product been a good partner in doing business?:** 8.0/10 (Category avg: 9.1/10) - **Security Auditing:** 8.3/10 (Category avg: 8.3/10) - **Network Segmentation:** 7.7/10 (Category avg: 7.9/10) - **Workload Protection:** 7.7/10 (Category avg: 8.0/10) **Who Is the Company Behind Cortex Cloud?** - **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks) - **Company Website:** https://www.paloaltonetworks.com - **Year Founded:** 2005 - **HQ Location:** Santa Clara, CA - **Twitter:** @PaloAltoNtwks (128,943 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (22,313 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 38% Enterprise, 31% Mid-Market #### What Are Cortex Cloud's Pros and Cons? **Pros:** - Ease of Use (49 reviews) - Features (45 reviews) - Security (43 reviews) - Visibility (38 reviews) - Cloud Integration (34 reviews) **Cons:** - Expensive (31 reviews) - Difficult Learning (30 reviews) - Learning Curve (29 reviews) - Pricing Issues (24 reviews) - Complex Setup (21 reviews) ### 7. [Red Hat Advanced Cluster Security for Kubernetes](https://www.g2.com/products/red-hat-advanced-cluster-security-for-kubernetes/reviews) Red Hat Advanced Cluster Security for Kubernetes is a comprehensive, Kubernetes-native security solution designed to enhance the security of cloud-native applications throughout their lifecycle. It provides robust protection for containerized workloads across various environments, including on-premises, public clouds, and hybrid platforms. By integrating seamlessly with Kubernetes and DevOps tools, RHACS enables organizations to proactively identify and mitigate security risks, ensuring compliance and reducing operational overhead. Key Features and Functionality: - Visibility: Offers a holistic view of Kubernetes environments, encompassing images, pods, deployments, namespaces, and configurations. - Vulnerability Management: Continuously scans container images and Kubernetes components to detect and prioritize vulnerabilities, facilitating prompt remediation. - Compliance: Assesses adherence to security and regulatory frameworks such as CIS, PCI, NIST, and HIPAA, providing interactive dashboards and audit reports. - Network Segmentation: Visualizes network traffic and enforces Kubernetes-native network policies to minimize exposure and enhance security posture. - Risk Profiling: Ranks deployments based on risk levels by analyzing vulnerabilities, configuration issues, and runtime behaviors, aiding in prioritization of security efforts. - Configuration Management: Identifies and rectifies misconfigurations, ensuring best practices are followed to harden Kubernetes environments. - Runtime Detection and Response: Monitors system-level events to detect anomalous activities, enabling swift response to potential threats. Primary Value and Problem Solved: RHACS addresses the critical need for robust security in Kubernetes environments by providing comprehensive tools to identify, assess, and mitigate security risks throughout the application lifecycle. It empowers organizations to implement security best practices, maintain compliance with industry standards, and respond effectively to threats, thereby reducing operational risks and enhancing the overall security posture of cloud-native applications. **Average Rating:** 5.0/5.0 **Total Reviews:** 12 **How Do G2 Users Rate Red Hat Advanced Cluster Security for Kubernetes?** - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.1/10) **Who Is the Company Behind Red Hat Advanced Cluster Security for Kubernetes?** - **Seller:** [Red Hat](https://www.g2.com/sellers/red-hat) - **Year Founded:** 1993 - **HQ Location:** Raleigh, NC - **Twitter:** @RedHat (300,613 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3545/ (19,413 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 42% Mid-Market, 33% Small-Business ### 8. [Minimus](https://www.g2.com/products/minimus/reviews) Minimus images radically reduce the amount of vulnerabilities that impact your cloud environment. Minimus is founded by the Twistlock team that pioneered container security and authored NIST SP 800-190. Minimus builds images from scratch, directly from upstream project sources, with only the minimal software needed to run the app, dramatically reducing their attack surface. Minimus images are OCI compliant and you deploy by changing a single line in deployment files. Minimus eliminates time consuming and low value remediation work for devs, is easy for ops to deploy and manage using their existing tools, and provides security with remarkably clear risk reduction and nearly instant time to value. Minimus solves the endless treadmill of cloud software vulnerabilities by simply preventing them from existing. Minimus provides secure, minimal container and VM images, rebuilt from scratch daily to eliminate over 95% of CVEs.

Founded in 2022 by the team behind container security pioneer Twistlock, Minimus has raised a $51 million seed round from YL Ventures and Mayfield. The company is headquartered in Baton Rouge with offices in New York, Tel Aviv, and Portland, OR. **Average Rating:** 5.0/5.0 **Total Reviews:** 48 **How Do G2 Users Rate Minimus?** - **Security Auditing:** 8.8/10 (Category avg: 8.3/10) - **Network Segmentation:** 8.1/10 (Category avg: 7.9/10) - **Workload Protection:** 8.3/10 (Category avg: 8.0/10) **Who Is the Company Behind Minimus?** - **Seller:** [Minimus](https://www.g2.com/sellers/minimus) - **HQ Location:** N/A - **LinkedIn® Page:** https://linkedin.com/company/minimusio (73 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Consumer Services - **Company Size:** 75% Enterprise, 25% Small-Business ### 9. [SentinelOne Singularity Cloud Security](https://www.g2.com/products/sentinelone-singularity-cloud-security/reviews) Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their remediation tasks with evidence-backed Verified Exploit Paths™. The efficient and scalable runtime protection, proven over 5 years and trusted by many of the world’s leading cloud enterprises, harnesses local, autonomous AI engines to detect and thwart runtime threats in real-time. CNAPP data and workload telemetry is recorded to SentinelOne’s unified security lake, for easy access and investigation. **Average Rating:** 4.9/5.0 **Total Reviews:** 113 **How Do G2 Users Rate SentinelOne Singularity Cloud Security?** - **Has the product been a good partner in doing business?:** 9.9/10 (Category avg: 9.1/10) - **Security Auditing:** 9.9/10 (Category avg: 8.3/10) - **Network Segmentation:** 9.8/10 (Category avg: 7.9/10) - **Workload Protection:** 9.8/10 (Category avg: 8.0/10) **Who Is the Company Behind SentinelOne Singularity Cloud Security?** - **Seller:** [SentinelOne](https://www.g2.com/sellers/sentinelone) - **Company Website:** https://www.sentinelone.com - **Year Founded:** 2013 - **HQ Location:** Mountain View, CA - **Twitter:** @SentinelOne (57,847 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2886771/ (3,162 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Financial Services - **Company Size:** 60% Mid-Market, 31% Enterprise #### What Are SentinelOne Singularity Cloud Security's Pros and Cons? **Pros:** - Security (27 reviews) - Ease of Use (20 reviews) - Vulnerability Detection (19 reviews) - Cloud Management (16 reviews) - Cloud Security (15 reviews) **Cons:** - Complexity (5 reviews) - Ineffective Alerts (5 reviews) - Complex Setup (4 reviews) - Difficult Configuration (4 reviews) - Poor UI (4 reviews) ### 10. [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) Microsoft Defender for Cloud is a cloud native application protection platform for multicloud and hybrid environments with comprehensive security across the full lifecycle, from development to runtime. **Average Rating:** 4.4/5.0 **Total Reviews:** 282 **How Do G2 Users Rate Microsoft Defender for Cloud?** - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.1/10) - **Security Auditing:** 9.1/10 (Category avg: 8.3/10) - **Network Segmentation:** 9.5/10 (Category avg: 7.9/10) - **Workload Protection:** 9.2/10 (Category avg: 8.0/10) **Who Is the Company Behind Microsoft Defender for Cloud?** - **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft) - **Year Founded:** 1975 - **HQ Location:** Redmond, Washington - **Twitter:** @microsoft (13,095,907 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (231,632 employees on LinkedIn®) - **Ownership:** MSFT **Who Uses This Product?** - **Who Uses This:** Saas Consultant, Software Engineer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 39% Mid-Market, 35% Enterprise #### What Are Microsoft Defender for Cloud's Pros and Cons? **Pros:** - Security (120 reviews) - Comprehensive Security (91 reviews) - Cloud Security (70 reviews) - Vulnerability Detection (62 reviews) - Threat Detection (56 reviews) **Cons:** - Complexity (26 reviews) - Expensive (23 reviews) - Delayed Detection (21 reviews) - Improvement Needed (19 reviews) - False Positives (18 reviews) ### 11. [Google Container Security](https://www.g2.com/products/google-container-security/reviews) Containerization allows development teams to move fast, deploy software efficiently, and operate at an unprecedented scale. **Average Rating:** 4.4/5.0 **Total Reviews:** 13 **How Do G2 Users Rate Google Container Security?** - **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 9.1/10) - **Security Auditing:** 9.1/10 (Category avg: 8.3/10) - **Network Segmentation:** 9.5/10 (Category avg: 7.9/10) - **Workload Protection:** 8.7/10 (Category avg: 8.0/10) **Who Is the Company Behind Google Container Security?** - **Seller:** [Google](https://www.g2.com/sellers/google) - **Year Founded:** 1998 - **HQ Location:** Mountain View, CA - **Twitter:** @google (31,908,816 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1441/ (341,888 employees on LinkedIn®) - **Ownership:** NASDAQ:GOOG **Who Uses This Product?** - **Company Size:** 54% Small-Business, 23% Mid-Market #### What Are Google Container Security's Pros and Cons? **Pros:** - Container Security (3 reviews) - Cloud Integration (2 reviews) - Scanning Technology (2 reviews) - Security (2 reviews) - Comprehensive Security (1 reviews) **Cons:** - Complexity (2 reviews) - Complex Setup (2 reviews) - Difficult Learning (1 reviews) - Expensive (1 reviews) - Insufficient Information (1 reviews) ### 12. [AlgoSec Horizon](https://www.g2.com/products/algosec-horizon/reviews) AlgoSec, a global cybersecurity leader, empowers organizations to securely accelerate application delivery up to 10 times faster by automating application connectivity and security policy across the hybrid network environment. With two decades of expertise securing hybrid networks, over 2200 of the world's most complex organizations trust AlgoSec to help secure their most critical workloads. AlgoSec Horizon platform utilizes advanced AI capabilities, enabling users to automatically discover and identify their business applications across multi-clouds, and remediate risks more effectively. It serves as a single source for visibility into security and compliance issues across the hybrid network environment, to ensure ongoing adherence to internet security standards, industry, and internal regulations. Additionally, organizations can leverage intelligent change automation to streamline security change processes, thus improving security and agility. Learn how AlgoSec enables application owners, information security experts, SecOps and cloud security teams to deploy business applications faster while maintaining security at www.algosec.com. **Average Rating:** 4.5/5.0 **Total Reviews:** 218 **How Do G2 Users Rate AlgoSec Horizon?** - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.1/10) - **Security Auditing:** 8.8/10 (Category avg: 8.3/10) - **Network Segmentation:** 8.8/10 (Category avg: 7.9/10) **Who Is the Company Behind AlgoSec Horizon?** - **Seller:** [AlgoSec](https://www.g2.com/sellers/algosec) - **Company Website:** https://www.algosec.com - **Year Founded:** 2004 - **HQ Location:** Ridgefield Park, New Jersey - **Twitter:** @AlgoSec (2,422 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/algosec/ (566 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Security Engineer, Network Security Engineer - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 51% Enterprise, 29% Mid-Market #### What Are AlgoSec Horizon's Pros and Cons? **Pros:** - Ease of Use (13 reviews) - Policy Management (11 reviews) - Risk Management (8 reviews) - Automation (7 reviews) - Useful (7 reviews) **Cons:** - Improvement Needed (8 reviews) - Integration Issues (5 reviews) - Difficult Setup (4 reviews) - Improvements Needed (4 reviews) - Time-Consumption (4 reviews) ### 13. [Snyk](https://www.g2.com/products/snyk/reviews) Snyk (pronounced sneak) is a developer security platform for securing custom code, open source dependencies, containers, and cloud infrastructure all from a single platform. Snyk’s developer security solutions enable modern applications to be built securely, empowering developers to own and build security for the whole application, from code & open source to containers & cloud infrastructure. Secure while you code in your IDE: find issues quickly using the scanner, fix issues easily with remediation advice, verify the updated code. Integrate your source code repositories to secure applications: integrate a repository to find issues, prioritize with context, fix & merge. Secure your containers as you build, throughout the SDLC: start fixing containers as soon as your write a Dockerfile, continuously monitor container images throughout their lifecycle, and prioritize with context. Secure build and deployment pipelines: Integrate natively with your CI/CD tool, configure your rules, find & fix issues in your application, and monitor your applications. Secure your apps quickly with Snyk’s vulnerability scanning and automated fixes - Try for Free! **Average Rating:** 4.5/5.0 **Total Reviews:** 132 **How Do G2 Users Rate Snyk?** - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.1/10) - **Security Auditing:** 7.9/10 (Category avg: 8.3/10) - **Network Segmentation:** 6.9/10 (Category avg: 7.9/10) - **Workload Protection:** 7.4/10 (Category avg: 8.0/10) **Who Is the Company Behind Snyk?** - **Seller:** [Snyk](https://www.g2.com/sellers/snyk) - **HQ Location:** Boston, Massachusetts - **Twitter:** @snyksec (21,079 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/10043614/ (1,370 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Software Engineer - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 45% Mid-Market, 35% Small-Business #### What Are Snyk's Pros and Cons? **Pros:** - Easy Integrations (5 reviews) - Vulnerability Detection (5 reviews) - Ease of Use (4 reviews) - User Interface (4 reviews) - Vulnerability Identification (4 reviews) **Cons:** - Expensive (3 reviews) - False Positives (3 reviews) - Poor Interface Design (2 reviews) - Pricing Issues (2 reviews) - Scanning Issues (2 reviews) ### 14. [TrendAI Vision One - Cloud Security](https://www.g2.com/products/trendai-vision-one-cloud-security/reviews) In today's complex digital landscape, securing your cloud environment is paramount. The management and security of your hybrid and multi-cloud setup pose increasing challenges. Trend's Cloud Security provides essential visibility, allowing you and your teams to secure every aspect of your transformation and eliminate disruptive security silos. Automate security policies, deployments, monitoring, and compliance audits seamlessly from a single console, ensuring the automatic protection of all workloads from both known and unknown threats. With Cloud-Native Application Protection and robust platform capabilities, Trend empowers you to proactively address vulnerabilities and defend against threats. Gain centralized visibility, continuous asset discovery, and contextualized risk assessments, equipping your team with everything necessary to stay ahead of potential cloud security risks. **Average Rating:** 4.5/5.0 **Total Reviews:** 181 **How Do G2 Users Rate TrendAI Vision One - Cloud Security?** - **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.1/10) - **Security Auditing:** 9.1/10 (Category avg: 8.3/10) - **Network Segmentation:** 6.7/10 (Category avg: 7.9/10) - **Workload Protection:** 9.2/10 (Category avg: 8.0/10) **Who Is the Company Behind TrendAI Vision One - Cloud Security?** - **Seller:** [Trend Micro](https://www.g2.com/sellers/trend-micro) - **Year Founded:** 1988 - **HQ Location:** Tokyo - **LinkedIn® Page:** https://www.linkedin.com/company/4312/ (8,040 employees on LinkedIn®) - **Ownership:** OTCMKTS:TMICY - **Total Revenue (USD mm):** $1,515 **Who Uses This Product?** - **Who Uses This:** Cyber Security Associate, Cyber Security Engineer - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 43% Mid-Market, 34% Enterprise #### What Are TrendAI Vision One - Cloud Security's Pros and Cons? **Pros:** - Security (9 reviews) - Security Protection (7 reviews) - Compliance (6 reviews) - Cloud Security (4 reviews) - Comprehensive Security (4 reviews) **Cons:** - Complexity (6 reviews) - Complex Setup (4 reviews) - Feature Complexity (4 reviews) - Learning Curve (4 reviews) - Difficult Learning (3 reviews) ### 15. [Calico](https://www.g2.com/products/calico-2025-10-31/reviews) The Calico platform, built on the most trusted open-source technologies in Kubernetes — Calico Open Source, Istio, Envoy, and eBPF — provides a single management plane for secure networking and observability for AI workloads. It can be deployed as Calico Cloud, a fully-managed SaaS platform, or Calico Enterprise, a self-managed platform. Calico works with popular managed Kubernetes services such as AKS, EKS, and GKE, as well as self-managed Kubernetes distributions including Red Hat OpenShift, SUSE/Rancher, VMware Tanzu, and Mirantis. Calico is the only platform with a pluggable data plane architecture enabling support for multiple data planes, including eBPF, nftables, standard Linux, VPP, and Windows. Calico secures 1 million+ clusters daily, and is used by leading companies, including NVIDIA, RBC, Bloomberg, Chipotle, GoDaddy, and Upwork. **Average Rating:** 4.5/5.0 **Total Reviews:** 42 **How Do G2 Users Rate Calico?** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10) - **Security Auditing:** 8.9/10 (Category avg: 8.3/10) - **Network Segmentation:** 9.3/10 (Category avg: 7.9/10) - **Workload Protection:** 8.8/10 (Category avg: 8.0/10) **Who Is the Company Behind Calico?** - **Seller:** [Tigera](https://www.g2.com/sellers/tigera) - **Company Website:** https://www.tigera.io - **Year Founded:** 2016 - **HQ Location:** San Jose, CA - **Twitter:** @tigeraio (1,953 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/10614868 (125 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Financial Services - **Company Size:** 36% Enterprise, 36% Mid-Market #### What Are Calico's Pros and Cons? **Pros:** - Ease of Use (19 reviews) - Security (15 reviews) - Customer Support (14 reviews) - Features (11 reviews) - Policy Management (11 reviews) **Cons:** - Complex Setup (7 reviews) - Complexity (6 reviews) - Difficult Configuration (6 reviews) - Difficult Learning (6 reviews) - Difficult Setup (6 reviews) ### 16. [FortiCNAPP](https://www.g2.com/products/forticnapp/reviews) FortiCNAPP (formerly Lacework) is an AI-powered Cloud-Native Application Protection Platform that delivers unified security across your multi-cloud and hybrid environments. Built to protect the entire application lifecycle—from development to runtime—it combines posture management, workload protection, identity security, and threat detection into one integrated platform. By leveraging machine learning and behavioral analytics, FortiCNAPP helps security teams detect unknown threats, reduce noise, and accelerate response. Integrated with the Fortinet Security Fabric, it provides full-stack visibility across cloud, network, and endpoint environments—empowering teams to operate with confidence, reduce complexity, and scale securely. **Average Rating:** 4.4/5.0 **Total Reviews:** 383 **How Do G2 Users Rate FortiCNAPP?** - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.1/10) - **Security Auditing:** 8.8/10 (Category avg: 8.3/10) - **Network Segmentation:** 7.9/10 (Category avg: 7.9/10) - **Workload Protection:** 8.5/10 (Category avg: 8.0/10) **Who Is the Company Behind FortiCNAPP?** - **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet) - **Company Website:** https://www.fortinet.com - **Year Founded:** 2000 - **HQ Location:** Sunnyvale, CA - **Twitter:** @Fortinet (151,429 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,279 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Security Engineer, Security Analyst - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 62% Mid-Market, 26% Enterprise #### What Are FortiCNAPP's Pros and Cons? **Pros:** - Security (8 reviews) - Vulnerability Detection (7 reviews) - Alert Management (6 reviews) - Cloud Security (6 reviews) - Ease of Use (6 reviews) **Cons:** - Difficult Setup (5 reviews) - Poor Documentation (5 reviews) - Complex Setup (4 reviews) - Setup Difficulty (4 reviews) - Complex Configuration (3 reviews) ### 17. [Cloudanix](https://www.g2.com/products/cloudanix/reviews) Cloudanix is a Ycombinator-backed security platform for your code, cloud, identities, and workloads. Cloudanix provides solutions for your multi-environments which may include multi-clouds, multi-accounts, multi-regions, multi-runtimes, etc. Cloudanix enables organizations across industries and geographies from startups to enterprises to not just identify and mitigate, but also remediate risks and threats. Onboarding takes less than 30 minutes and just 1 click. **Average Rating:** 4.9/5.0 **Total Reviews:** 15 **How Do G2 Users Rate Cloudanix?** - **Has the product been a good partner in doing business?:** 9.8/10 (Category avg: 9.1/10) - **Security Auditing:** 9.4/10 (Category avg: 8.3/10) - **Network Segmentation:** 8.1/10 (Category avg: 7.9/10) - **Workload Protection:** 9.7/10 (Category avg: 8.0/10) **Who Is the Company Behind Cloudanix?** - **Seller:** [Cloudanix](https://www.g2.com/sellers/cloudanix) - **Year Founded:** 2020 - **HQ Location:** Sunnyvale, CA - **Twitter:** @cloudanix (101 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cloudanix/ (21 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 67% Mid-Market, 33% Small-Business #### What Are Cloudanix's Pros and Cons? **Pros:** - Cloud Integration (5 reviews) - Ease of Use (5 reviews) - Features (5 reviews) - Cloud Technology (4 reviews) - Customer Support (4 reviews) **Cons:** - Inadequate Remediation (1 reviews) - Lack of Customization (1 reviews) - Lack of Remediation (1 reviews) - Limited Customization (1 reviews) - Poor Remediation (1 reviews) ### 18. [Aqua Security](https://www.g2.com/products/aqua-security/reviews) Aqua Security sees and stops attacks across the entire cloud native application lifecycle in a single, integrated platform. From software supply chain security for developers to cloud security and runtime protection for security teams, Aqua helps customers reduce risk while building the future of their businesses. The Aqua Platform is the industry’s most comprehensive Cloud Native Application Protection Platform (CNAPP). Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL with Fortune 1000 customers in over 40 countries. **Average Rating:** 4.2/5.0 **Total Reviews:** 57 **How Do G2 Users Rate Aqua Security?** - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.1/10) - **Security Auditing:** 8.0/10 (Category avg: 8.3/10) - **Network Segmentation:** 7.2/10 (Category avg: 7.9/10) - **Workload Protection:** 8.6/10 (Category avg: 8.0/10) **Who Is the Company Behind Aqua Security?** - **Seller:** [Aqua Security Software Ltd](https://www.g2.com/sellers/aqua-security-software-ltd) - **Year Founded:** 2015 - **HQ Location:** Burlington, US - **Twitter:** @AquaSecTeam (7,680 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/aquasecteam/ (466 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Financial Services - **Company Size:** 56% Enterprise, 39% Mid-Market #### What Are Aqua Security's Pros and Cons? **Pros:** - Security (18 reviews) - Ease of Use (15 reviews) - Detection (10 reviews) - Features (10 reviews) - Comprehensive Security (8 reviews) **Cons:** - Missing Features (7 reviews) - Lack of Features (5 reviews) - Improvement Needed (4 reviews) - Limited Features (4 reviews) - Complexity (3 reviews) ### 19. [Tenable Container Security](https://www.g2.com/products/tenable-container-security/reviews) Security integrated into DevOps. Protect containers in development and operations. **Average Rating:** 4.5/5.0 **Total Reviews:** 10 **How Do G2 Users Rate Tenable Container Security?** - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 9.1/10) - **Security Auditing:** 9.0/10 (Category avg: 8.3/10) - **Network Segmentation:** 8.8/10 (Category avg: 7.9/10) - **Workload Protection:** 9.3/10 (Category avg: 8.0/10) **Who Is the Company Behind Tenable Container Security?** - **Seller:** [Tenable](https://www.g2.com/sellers/tenable) - **HQ Location:** Columbia, MD - **Twitter:** @TenableSecurity (87,750 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/25452/ (2,350 employees on LinkedIn®) - **Ownership:** NASDAQ: TENB **Who Uses This Product?** - **Top Industries:** Information Technology and Services - **Company Size:** 40% Small-Business, 40% Mid-Market ### 20. [Wallarm API Security Platform](https://www.g2.com/products/wallarm-api-security-platform/reviews) Protect any API. In any environment. Against any threats. Wallarm is the platform security teams choose to protect cloud-native APIs. The Wallarm platform gives teams the ability to detect and block API attacks. Customers choose Wallarm because it delivers a complete inventory of their APIs, AI apps, and agentic AI, along with patented AI/ML API abuse detection, real-time blocking on day zero, and an API SOC-as-a-service. Whether you protect legacy or brand new cloud-native APIs, Wallarm’s multi-cloud platform delivers the capabilities to secure your business against emerging threats. -\> Robust protection for the entire API and AI portfolio Mitigate the OWASP API Top 10 threats and more; business logic abuse, bad bots, account takeover (ATO), and more. Get the robust API protection that no other tool can provide. -\> Native inline blocking Wallarm is built from the ground up for inline blocking. Why deploy API security that can’t actually defend against API attacks? -\> Unparalleled visibility into malicious traffic Gain full insights about attacks and attackers in the responsive Wallarm Console. Enjoy the Dashboard, search, and reporting capabilities, including visibility into API sessions. -\> Complete API inventory Wallarm API Discovery provides full visibility into all your APIs, AI apps, and AI agents, including sensitive data flows, risk posture, shadow APIs and change detection. -\> Understand Your Attack Surface You can’t protect what you don’t know about. Wallarm provides a comprehensive view of your API attack surface, including assessment of security controls and leaked sensitive API data. -\> Quick integrations Setup cross-team collaboration with seamless integrations to your SIEM/SOAR, messaging applications, and workflow management. **Average Rating:** 4.7/5.0 **Total Reviews:** 92 **How Do G2 Users Rate Wallarm API Security Platform?** - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.1/10) - **Security Auditing:** 9.7/10 (Category avg: 8.3/10) - **Network Segmentation:** 9.6/10 (Category avg: 7.9/10) - **Workload Protection:** 10.0/10 (Category avg: 8.0/10) **Who Is the Company Behind Wallarm API Security Platform?** - **Seller:** [Wallarm](https://www.g2.com/sellers/wallarm) - **Company Website:** https://wallarm.com/ - **Year Founded:** 2016 - **HQ Location:** San Francisco, California - **Twitter:** @wallarm (3,198 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/4871419/ (178 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CTO, CEO - **Top Industries:** Mechanical or Industrial Engineering, Information Technology and Services - **Company Size:** 44% Mid-Market, 42% Small-Business #### What Are Wallarm API Security Platform's Pros and Cons? **Pros:** - Protection (2 reviews) - Threat Detection (2 reviews) - API Deployment (1 reviews) - Cloud Integration (1 reviews) - Comprehensive Security (1 reviews) **Cons:** - API Issues (1 reviews) - Complex Configuration (1 reviews) - Complexity (1 reviews) - Complex Setup (1 reviews) - Difficult Learning (1 reviews) ### 21. [ARMO Platform](https://www.g2.com/products/armo-platform/reviews) ARMO Platform is the only runtime-driven, open-source first, cloud security platform. It is the only security platform that continuously minimizes cloud attack surface based on runtime insights, while actively detecting and responding to cyberattacks with real risk context. Using an eBPF-based runtime sensor to record application behavior and related activities, ARMO Platform enables DevOps, security, and platform teams to eliminate the security noise and go from thousands of irrelevant alerts to focus on the most important and exploitable threats. This allows those teams to shift from managing hypothetical security issues to mitigating actual risks and providing them with the means to remediate them. ARMO is an open-source-driven company and the creator of Kubescape, a leading open-source Kubernetes security project, now an official CNCF project. To learn more about ARMO Platform please visit: https://www.armosec.io/ **Average Rating:** 4.5/5.0 **Total Reviews:** 44 **How Do G2 Users Rate ARMO Platform?** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.1/10) - **Security Auditing:** 9.2/10 (Category avg: 8.3/10) - **Network Segmentation:** 7.9/10 (Category avg: 7.9/10) - **Workload Protection:** 9.2/10 (Category avg: 8.0/10) **Who Is the Company Behind ARMO Platform?** - **Seller:** [ARMO](https://www.g2.com/sellers/armo) - **Year Founded:** 2019 - **HQ Location:** Tel Aviv, IL - **Twitter:** @armosec (3,088 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/armosec/ (96 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 59% Small-Business, 36% Mid-Market #### What Are ARMO Platform's Pros and Cons? **Pros:** - Ease of Use (8 reviews) - Features (8 reviews) - Security (8 reviews) - Deployment Ease (7 reviews) - Container Security (6 reviews) **Cons:** - Integration Issues (5 reviews) - Missing Features (4 reviews) - Difficult Configuration (3 reviews) - Complex Querying (2 reviews) - Complex Setup (2 reviews) ### 22. [Mend.io](https://www.g2.com/products/mend-io/reviews) Modern risk doesn't live in one layer, it lives between them. Mend.io is built for every risk, across AI and AppSec, securing the code layer, the AI layer, and the interactions between them. From discovery and red teaming to guardrails and runtime protection, Mend.io delivers continuous protection across the entire AI application lifecycle. Mend.io solutions include: 1. Mend AI secures the layer where modern risk actually lives—the interaction between code and AI. It continuously discovers AI components (agents, prompts, models), tests real behavioral risk through automated red teaming, and enforces in-app runtime guardrails for one continuous control system for the AI lifecycle. 2. Mend AppSec secures the modern code layer by continuously discovering and prioritizing risk across code, libraries, containers, and dependencies, giving teams the clarity they need to reduce exposure and ship secure software faster. 3. Mend Renovate secures the foundation of every codebase by automatically updating dependencies, rating the likelihood each update will succeed without breaking changes, and grouping them by confidence level so teams can resolve them faster. **Average Rating:** 4.3/5.0 **Total Reviews:** 105 **How Do G2 Users Rate Mend.io?** - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.1/10) - **Security Auditing:** 9.1/10 (Category avg: 8.3/10) - **Network Segmentation:** 8.3/10 (Category avg: 7.9/10) - **Workload Protection:** 7.5/10 (Category avg: 8.0/10) **Who Is the Company Behind Mend.io?** - **Seller:** [Mend](https://www.g2.com/sellers/mend-ab79a83a-6747-4682-8072-a3c176489d0b) - **Company Website:** https://mend.io - **Year Founded:** 2011 - **HQ Location:** Boston, Massachusetts - **Twitter:** @Mend_io (11,279 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2440656/ (256 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Software Engineer - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 38% Small-Business, 34% Mid-Market #### What Are Mend.io's Pros and Cons? **Pros:** - Scanning Efficiency (8 reviews) - Ease of Use (7 reviews) - Easy Integrations (6 reviews) - Scanning Technology (6 reviews) - Vulnerability Detection (6 reviews) **Cons:** - Integration Issues (6 reviews) - Limited Features (3 reviews) - Missing Features (3 reviews) - Complex Implementation (2 reviews) - Confusing Interface (2 reviews) ### 23. [CrowdSec](https://www.g2.com/products/crowdsec/reviews) CrowdSec is an open-source security stack that detects aggressive behaviors and prevents them from accessing your systems. Its user-friendly design and ease of integration into your current security infrastructure offer a low technical entry barrier and a high-security gain. Once an unwanted behavior is detected, it is automatically blocked. The aggressive IP, scenario triggered and the timestamp is sent for curation, to avoid poisoning & false positives. If verified, this IP is then redistributed to all CrowdSec users running the same scenario. By sharing the threat they faced, all users are protecting each other. **Average Rating:** 4.7/5.0 **Total Reviews:** 85 **How Do G2 Users Rate CrowdSec?** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.1/10) - **Security Auditing:** 0.0/10 (Category avg: 8.3/10) - **Network Segmentation:** 8.5/10 (Category avg: 7.9/10) - **Workload Protection:** 7.9/10 (Category avg: 8.0/10) **Who Is the Company Behind CrowdSec?** - **Seller:** [CrowdSec](https://www.g2.com/sellers/crowdsec) - **Year Founded:** 2020 - **HQ Location:** Paris, FR - **Twitter:** @Crowd_Security (19,493 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/crowdsec/?originalSubdomain=fr (30 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 69% Small-Business, 20% Mid-Market ### 24. [F5 Distributed Cloud App Infrastructure Protection (AIP)](https://www.g2.com/products/f5-distributed-cloud-app-infrastructure-protection-aip/reviews) Distributed Cloud AIP, formerly known as Threat Stack, is the leader in cloud security and compliance for application infrastructures, helping companies securely leverage the business benefits of the cloud with proactive risk identification and high-efficacy threat detection across cloud workloads. Distributed Cloud AIP’s application infrastructure protection helps organizations improve operational efficiency by delivering full stack security observability across the cloud management console, host, container, orchestration, managed containers, and serverless layers. Distributed Cloud AIP helps organizations efficiently detect known risks at scale and quickly uncover anomalies throughout the environment. Distributed Cloud AIP helps organizations stay secure through comprehensive security monitoring with a combination of industry-leading telemetry collection, a robust ruleset for known threats, and ThreatML for vulnerability and anomaly detection. Security Services Customers also have the option of leveraging our human expertise with Distributed Cloud AIP Insights and Managed Security Services, our in-house Security Operations Center (SOC) that provides 24/7/365 monitoring of your cloud environment. Through both options, Distributed Cloud AIP aims to deliver visibility and response capabilities across the full stack, allowing organizations to leverage the benefits of modern computing environments, securely. Coupled with other F5 Distributed Cloud Services, customers get application and infrastructure protection. Because applications and APIs are only as secure as the infrastructure they run on. To learn more, visit https://www.f5.com/cloud/products/app-infrastructure-protection **Average Rating:** 4.4/5.0 **Total Reviews:** 44 **How Do G2 Users Rate F5 Distributed Cloud App Infrastructure Protection (AIP)?** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.1/10) - **Security Auditing:** 7.5/10 (Category avg: 8.3/10) - **Network Segmentation:** 8.3/10 (Category avg: 7.9/10) - **Workload Protection:** 6.7/10 (Category avg: 8.0/10) **Who Is the Company Behind F5 Distributed Cloud App Infrastructure Protection (AIP)?** - **Seller:** [F5](https://www.g2.com/sellers/f5-f6451ada-8c47-43f5-b017-58663a045bc5) - **HQ Location:** Seattle, Washington - **Twitter:** @F5Networks (1,385 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/4841/ (6,165 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 70% Mid-Market, 20% Small-Business ### 25. [Qualys VMDR](https://www.g2.com/products/qualys-vmdr/reviews) Qualys VMDR is an all-in-one risk-based vulnerability management solution that quantifies cyber risk. It gives organizations unprecedented insights into their risk posture and provides actionable steps to reduce risk. It also gives cybersecurity and IT teams a shared platform to collaborate, and the power to quickly align and automate no-code workflows to respond to threats with automated remediation and integrations with ITSM solutions such as ServiceNow. **Average Rating:** 4.4/5.0 **Total Reviews:** 164 **How Do G2 Users Rate Qualys VMDR?** - **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.1/10) - **Security Auditing:** 8.3/10 (Category avg: 8.3/10) - **Network Segmentation:** 7.5/10 (Category avg: 7.9/10) - **Workload Protection:** 7.5/10 (Category avg: 8.0/10) **Who Is the Company Behind Qualys VMDR?** - **Seller:** [Qualys](https://www.g2.com/sellers/qualys) - **Year Founded:** 1999 - **HQ Location:** Foster City, CA - **Twitter:** @qualys (34,248 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/8561/ (3,627 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Security Engineer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 51% Enterprise, 28% Mid-Market #### What Are Qualys VMDR's Pros and Cons? **Pros:** - Vulnerability Detection (2 reviews) - Vulnerability Identification (2 reviews) - Alerting System (1 reviews) - Automation (1 reviews) - Cloud Integration (1 reviews) **Cons:** - Complexity (1 reviews) - Complex Reporting (1 reviews) - Complex Setup (1 reviews) - Difficult Learning (1 reviews) - Feature Complexity (1 reviews) ## What Is Container Security Tools? [DevSecOps Software](https://www.g2.com/categories/devsecops) ## What Software Categories Are Similar to Container Security Tools? - [Cloud Workload Protection Platforms](https://www.g2.com/categories/cloud-workload-protection-platforms) - [Cloud Compliance Software](https://www.g2.com/categories/cloud-compliance) - [Cloud Security Posture Management (CSPM) Software](https://www.g2.com/categories/cloud-security-posture-management-cspm)