JaredDeanVP Cloud Operations at VVL systems
Anonymous UserCloud and Automation Manager at a comms service provider
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The best feature is time to value. With very minimal effort, you are able to have a cohesive view into your security posture on one or multiple cloud accounts, particularly if you are dealing with multicloud. If you have Azure and AWS deployments, you might have multiple subscriptions in Azure and usually multiple accounts in AWS. You may even be doing some GCP work (around Google Cloud Platform). It's very difficult to manage a common set of policies, even less reporting, across multiple subscriptions, accounts, and cloud environments. What BMC Helix Cloud Security does is provide a unified view or single pane of glass as to your baseline. Then, it also facilitates the ability for Level 1 or 2 operations support to take action and report on security vulnerabilities."
"The cool feature of Helix Cloud Security is that you can do all that — understand and remediate issues — in one dashboard, based on the different policies that are available for security, out-of-the-box."
"It's also multi-cloud. You can look at several cloud providers: AWS, Azure, or GCP."
"The features that I've found most valuable are its container security aspect. I also like its vulnerability management tools."
"The DevOps for infrastructure capabilities has saved time for our developers by automating processes and reducing provisioning time. Task time has been reduced by 40 percent."
"vRA has enabled us to derive value from the cloud faster. It is five to six times faster than traditional solutions."
"We provided the ability to request virtual machines to our end users. Before, this was a very manual process, which took engineers to do. Now, it's an automated process."
"A lot of its DevOps for infrastructure capabilities improve reliability. Much effort was put in by some customers, like a large automobile manufacturer, a large telecom, and two large banks, to achieve a certain level of capabilities in this space. These DevOps for infrastructure capabilities have saved time for developers. In one use case for a large marketplace, a typical release cycle took about 80 hours and was brought down to three hours by automating deployment for developers. The quicker that deployments happen, the faster that they can do their product release cycles."
"Having an enterprise service catalog and being able to automate various parts of our infrastructure are among the most important components."
"Every organization out there doesn't rely on just one control body. They use FISMA control. They may use HIPAA, CIS, PCI, or SOX, then blend them. One of the things that is now in big demand for BMC Helix Cloud Security is content. That's the next journey in its lifespan, making it easier for the community to share and collaborate on content for security controls that can be measured and remediated."
"We've had some with issues connectors. The connectors have seemed to have caused a little bit of trouble, perhaps with the APIs trying to scan the environment. The only time I've had to reach out to tech support was for that. It seems it may not have been scanning correctly or I wasn't seeing data within a specific time. But we've set up a couple of connectors in the past couple of weeks and they actually scanned the AWS environment and we had data within about 10 minutes. It's working a lot faster and I think they're making improvements as they go."
"The UI could be more user-friendly."
"They should concentrate on navigation and service improvements."
"The initial setup was complex from beginning to delivery. The current version is a bit more complex than version 7 to deploy."
"VMware needs to make it to where it is not as custom. Right now, you spend a lot of time making the services work. In order to get it up and running initially, that takes time."
"With the workflow aspect, which has manual intervention, a policy needs to be approved by somebody. There could be better management of that piece with better templates. It is like a workflow engine, but does not have enough example templates to do certain things. A lot of people waste a lot of time trying to figure out the same thing, and everybody is trying to figure out the same thing, e.g., how to make a MySQL cluster in a Windows environment?"
"It needs to be more dynamic with variable customization to make new workloads more reliable. It also needs to be faster. We are exploring vRA version 8 right now and maybe what I'm requesting is available in the new version, but we haven't yet explored it fully."
"It is a subscription model with term licensing that is usually yearly. This includes, not only the product, but support and maintenance. It is based on cloud assets. Therefore, if you have 100 cloud assets, those cloud assets are measured based on evaluation or transactions. For example, if I'm evaluating that cloud asset for CIS compliance, PCI compliance, and AWS best practices, that asset gets evaluated three times, as those are three transactions. However, the license model is based on peak asset usage. So, over a year, if you deploy 100, 1000, 500, and then 2000 assets, you will be charged for the 2000 peak of assets managed by Helix Cloud Security."
"The pricing is based on an annual subscription, upfront, and it's based on cloud assets. Whether your assets are in Azure and AWS combined, the tool tells you how many assets are being scanned and that's the number used for pricing."
"From a budget point of view, the pricing is a bit on the higher side."
"It is pricey for what you get."
"Customers say this solution is costlier compared to its competitors."
"The pricing is very high."
Earn 20 points
BMC Helix Cloud Security (formerly TrueSight Cloud Security) automates cloud resource configuration security checks and remediation across AWS, Azure, and Google Cloud. With Helix Cloud Security, configurations of cloud resources and containers are managed consistently, securely, and with an audit trail. Because it is SaaS, there is nothing to install. You can literally begin automating your cloud security posture management in minutes.
• Automated cloud configuration security
posture management (CSPM) using Center
for Internet Security (CIS) policies for
cloud assets on AWS, Azure, and GCP
• Automated remediation - no coding or scripting required
• Ready-to-use policy packs for CIS, PCI, and GDPR, and support for custom security and compliance policies
• Full-stack container configuration security, including Kubernetes pods, host, Docker daemon,
image, and Docker container
• Integration with incident & change
• Alerts, reports, exception management, RBAC, and multi-tenancy
VMware vRealize Automation automates the delivery of personalized infrastructure, applications and custom IT services.
This cloud automation software lets you deploy across a multi-vendor hybrid cloud infrastructure, giving you both flexibility and investment protection for current and future technology choices.
Agility Through Automation
Automate the end-to-end delivery and management of infrastructure, and accelerate application deployment and releases.
Choice Through Flexibility
Provision and manage multivendor, multicloud infrastructure and applications by leveraging existing infrastructure, tools and processes.
Personalization Through Governance Policies
Ensure that users receive the right size resource or application at the appropriate service level for the jobs they need to perform.
Efficiency Through Cost Containment
Provide consistent, automated delivery and management of IT services and reduce time-consuming, manual processes. Reclaim inactive resources for reuse with automated reclamation, providing cost savings.
BMC Helix Cloud Security is ranked 9th in Cloud Workload Security with 3 reviews while VMware vRealize Automation (vRA) is ranked 3rd in Cloud Management with 5 reviews. BMC Helix Cloud Security is rated 8.4, while VMware vRealize Automation (vRA) is rated 8.4. The top reviewer of BMC Helix Cloud Security writes "Gives you a cohesive view into your security posture on cloud accounts". On the other hand, the top reviewer of VMware vRealize Automation (vRA) writes "Automated deployment for developers, saving time on their release cycles". BMC Helix Cloud Security is most compared with Turbonomic, Prisma Cloud by Palo Alto Networks, VMware vRealize Operations (vROps), Dome9 and Zscaler Internet Access, whereas VMware vRealize Automation (vRA) is most compared with VMware vRealize Operations (vROps), vCloud Director, SaltStack, Ansible and OpenShift.
See our list of .
We monitor all Cloud Workload Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.