Most Helpful Review
Find out what your peers are saying about Dome9 vs. Threat Stack Cloud Security Platform and other solutions. Updated: January 2021.
456,719 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Dome9 has improved our organization; we have a centralized view of all of our assets, our visible assets our ECs, our inventories. And then all the policies are centralized, and it is easier to manage because everything is one component console."
"People implementing this solution are concerned with addressing a significant risk, and within the AWS realm, this tool does de-risk substantially."
"All of the features are very useful in today's market."
"The reporting against compliance is an important feature that helps you comply with policies and standards within your organization."
"Assets Management as it provide complete visibility of our workload inkling EC2 instance or Serverless"
"It helps us to analyze vulnerabilities way before they get installed in production and the web. It gives us more security in the production environment."
"This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc."
"On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures."
"It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts... We just went through a SOX audit and those were pivotal."
"We're using it on container to see when activity involving executables happens, and that's great."
"Every other security tool we've looked is good at containers, or at Kubernetes, is good at AWS, or at instance monitoring. But nobody is good at tying all of those things together, and that's really where Threat Stack shines."
"There has been a measurable decrease in the meantime to remediation... because we have so many different tech verticals already collated in one place, our ability to respond is drastically different than it used to be."
"We like the ability of the host security module to monitor the processes running on our servers to help us monitor activity."
"The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see."
"With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products."
"The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production... We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that."
"I would like to see Test B functions at the application access level."
"I would like to see some AI on the back-end, just to assist with doing analysis and making recommendations."
"Dome9 should also support deployments that are on-premises and in a hybrid cloud."
"The price of this solution should be reduced so that it is more affordable to scale."
"It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues."
"Automatic remediation requires read/write access. When providing read/write access to third-party applications, this can add risk. It should have some options of triggering API calls to the cloud platform, which in turn, can make the required changes."
"We were demotivated by the lack of native automation modules for the Terraform and Ansible tools."
"The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point."
"The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now..."
"The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area... The API does not mimic the features of the UI as far as reporting and pulling data out go. There's a big discrepancy there."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
"The reports aren't very good. We've automated the report generation via the API and replaced almost all the reports that they generate for us using API calls instead."
"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."
"The API - which has grown quite a bit, so we're still learning it and I can't say whether it still needs improvement - was an area that had been needing it."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
Pricing and Cost Advice
"It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
"The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
"I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
"Right now, we have licenses on 500 machines, and they are not cheap."
"The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
"In the beginning, the price of Dome9 was cheap, whereas now it is not."
"Pricing seems to be in line with the market structure. It's fine."
"It is very expensive compared to some other products. The pricing is definitely high."
"I'm happy with the amount that we spend for the product that we get and the overall service that we get. It's not cheap, but I'm still happy with the spend."
"We find the licensing and pricing very easy to understand and a good value for the services provided."
"It came in cheaper than Trend Micro when we purchased it a few years ago."
"What we're paying now is somewhere around $15 to $20 per agent per month, if I recall correctly. The other cost we have is SecOps."
Questions from the Community
Top Answer: All of the features are very useful in today's market.
Top Answer: Dome9 should also support deployments that are on-premises and in a hybrid cloud. This solution needs DLP support.
I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
Top Answer: Thank you I’m not really interested in being sold to. I’m asking about what works, what doesn’t and pricing models. I don’t want any demos.
out of 23 in Cloud Workload Security
Average Words per Review
out of 23 in Cloud Workload Security
Average Words per Review
Compared 37% of the time.
Compared 16% of the time.
Compared 9% of the time.
Compared 4% of the time.
Compared 3% of the time.
Compared 22% of the time.
Compared 15% of the time.
Compared 11% of the time.
Compared 7% of the time.
Compared 6% of the time.
Also Known As
|Dome9 Flex||Threat Stack, CSP,|
|Check Point||Threat Stack|
CloudGuard Dome9 is a comprehensive software platform for public cloud security and compliance orchestration. Using Dome9, organizations can visualize and assess their security posture, detect misconfigurations, model and actively enforce security best practices, and protect against identity theft and data loss in the cloud. Dome9 delivers security capabilities across Amazon Web Services, Microsoft Azure, and Google Cloud Platform (GCP). Learn more about Cloud Security Orchestration (Dome9)
Threat Stack Cloud Security Platform® is purpose-built to support organizations running in the cloud and the unique requirements of a cloud-based or hybrid infrastructure. In order to protect your sensitive data (the crown jewels) you need to know who is doing what, where and when – at all times. With continuous cloudand up-to-the-second alerting, you’ll always have the complete visibility you need to detect anomalous activity and know what occurred immediately.
Learn more about Dome9
Learn more about Threat Stack Cloud Security Platform
|Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners||StatusPage.io, Walkbase, Spanning, DNAnexus, Jobcase, Nextcapital, Smartling, Veracode, 6sense|
Financial Services Firm60%
Computer Software Company10%
Computer Software Company37%
Comms Service Provider16%
Financial Services Firm6%
Computer Software Company31%
Comms Service Provider12%
Financial Services Firm9%
Dome9 is ranked 2nd in Cloud Workload Security with 13 reviews while Threat Stack Cloud Security Platform is ranked 5th in Cloud Workload Security with 6 reviews. Dome9 is rated 8.4, while Threat Stack Cloud Security Platform is rated 8.4. The top reviewer of Dome9 writes "Security visibility accuracy is tremendous, letting us see who is trying to access what". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". Dome9 is most compared with Prisma Cloud by Palo Alto Networks, Prisma SaaS by Palo Alto Networks, Check Point CloudGuard SaaS, Microsoft Cloud App Security and Qualys VM, whereas Threat Stack Cloud Security Platform is most compared with Lacework, Prisma Cloud by Palo Alto Networks, Amazon GuardDuty, Tenable.io Container Security and Qualys VM. See our Dome9 vs. Threat Stack Cloud Security Platform report.
See our list of best Cloud Workload Security vendors.
We monitor all Cloud Workload Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.