Prisma Cloud by Palo Alto Networks is a cloud security solution used for cloud security posture management, cloud workload protection, container security, and code security. It provides visibility, monitoring, and alerting for security issues in multi-cloud environments.
The purchasing process was easy and quick. It is a very economical solution.
Our licensing fees are $18,000 USD per year.
The purchasing process was easy and quick. It is a very economical solution.
Our licensing fees are $18,000 USD per year.
Snyk is a user-friendly security solution that enables users to safely develop and use open source code. Users can create automatic scans that allow them to keep a close eye on their code and prevent bad actors from exploiting vulnerabilities. This enables users to find and remove vulnerabilities soon after they appear.
We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon
You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it.
We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon
You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it.
Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.
The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing.
I wish the pricing was more transparent.
The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing.
I wish the pricing was more transparent.
Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.
I'm not privy to that information, but I know it's probably close to a million dollars a year.
We are using the free version of the Azure Security Center.
I'm not privy to that information, but I know it's probably close to a million dollars a year.
We are using the free version of the Azure Security Center.
Vulnerability Management, Detection, and Response (VMDR) is a cornerstone product of the Qualys TruRisk Platform and a global leader in the enterprise-grade vulnerability management (VM) vendor space. With VMDR, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure their actual risk exposure over time.
Usually every implementation is different and the quote is in function of number of assets.
When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself.
Usually every implementation is different and the quote is in function of number of assets.
When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself.
Get a risk-based view of your IT, security and compliance posture so you can quickly identify, investigate and prioritize your most critical assets and vulnerabilities.
It is slightly more expensive than other solutions in the same sphere.
The licensing costs for this solution are approximately $100,000 US, and I think that covers everything.
It is slightly more expensive than other solutions in the same sphere.
The licensing costs for this solution are approximately $100,000 US, and I think that covers everything.
Amazon Guard Duty is a continuous cloud security monitoring service that consistently monitors and administers several data sources. These include AWS CloudTrail data events for EKS (Elastic Kubernetes Service) audit logs, VPC (Virtual Private Cloud) flow logs, DNS (Domain Name System) logs, S3 (Simple Cloud Storage), and AWS CloudTrail event logs.
Amazon GuardDuty intuitively uses threat intelligence data - such as lists of malicious domains and IP addresses - and ML (machine learning) to quickly discover suspicious and problematic activity in a user's AWS ecosystem. Activities may include concerns such as interactions with malicious IP addresses or domains, exposed credentials usage, or changes and/or escalation of privileges.
GuardDuty is able to easily determine problematic AWS EC2 (Elastic Compute Cloud) instances delivering malware or mining bitcoin. It is also able to trace AWS account access history for evidence of destabilization. such as suspicious API calls resulting in changing password policies to minimize password strength or anomalous infrastructure deployments in new or different never-used regions.
We use a pay-as-you-use license, which is competitively priced in the market.
I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it.
We use a pay-as-you-use license, which is competitively priced in the market.
I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it.
Aqua Security stops cloud native attacks, preventing them before they happen and stopping them when they happen. Dedicated cloud native threat research and the most loved cloud native security open source community in the world put innovation at your fingertips so you can transform your business. Born cloud native, The Aqua Platform is the most integrated Cloud Native Application Protection Platform (CNAPP), securing from day one and protecting in real-time. Aqua has been stopping real cloud native attacks on hundreds of thousands of production nodes across the world since 2015.
Aqua Security is not cheap, and it's not very expensive, such as Splunk, they are in the middle.
The pricing of this solution could be improved.
Aqua Security is not cheap, and it's not very expensive, such as Splunk, they are in the middle.
The pricing of this solution could be improved.
Illumio Zero Trust Segmentation is a cloud and data center security solution that helps stop breaches from spreading across hybrid and multi cloud IT environments. The solution is designed to stop ransomware, contain cyber attacks, and reduce risk. With Illumio Zero Trust Segmentation, users can understand relationships and communications to map exposure risk of systems and data, identify the right security posture and secure applications through least-privilege policies, and ensure a Zero Trust security posture.
There is a subscription needed to use Illumio Adaptive Security Platform and we pay every three years. Overall the solution is expensive.
The product's pricing is around 10,000-15,000 USD. The pricing is on a yearly basis.
There is a subscription needed to use Illumio Adaptive Security Platform and we pay every three years. Overall the solution is expensive.
The product's pricing is around 10,000-15,000 USD. The pricing is on a yearly basis.
Lacework is a cloud security platform whose Polygraph Data Platform automates cloud security at scale so customers can innovate with speed and safety. Lacework is the only security platform that can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. As a breach detection and investigation tool, Lacework provides information on when and how a breach happened, including the users, machines, and applications involved in the breach. By using machine learning and behavioral analytics, the solution can automatically learn what's normal for your environment and reveal any abnormal behavior. In addition, Lacework gives you continuous visibility to find vulnerabilities, misconfigurations, and malicious activity across your cloud environment.
The licensing fee was approximately $80,000 USD, per year.
The licensing fee was approximately $80,000 USD, per year.
Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.
It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution.
Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges.
It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution.
Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges.
Trend Vision One- Cloud Security is a cloud security solution that offers comprehensive threat protection, monitoring, and visibility for cloud environments. Users appreciate its ability to centralize security management across multiple platforms, ensuring compliance and reducing the risk of data breaches. With advanced features like data encryption, network security, and data loss prevention, Trend Vision One- Cloud Security offers strong performance and ease of use. This solution has helped companies improve efficiency, streamline processes, and enhance productivity.
It's a slightly expensive product.
We make use of the full licensing version.
It's a slightly expensive product.
We make use of the full licensing version.
CrowdStrike Falcon Cloud Security is a platform of cloud security solutions aimed at protecting organizations from breaches while simplifying cloud security management. The unified platform combines several cloud security functionalities for comprehensive protection. Built on the CrowdStrike Falcon Platform, it leverages the powerful agent and technology used in CrowdStrike's renowned endpoint protection solutions, extending its capabilities seamlessly to cloud environments.
The pricing is fair for what you get. I'd rate them a solid nine out of ten in terms of pricing.
I am not the one who handled the pricing. A different team worked on it, but it is pretty expensive.
The pricing is fair for what you get. I'd rate them a solid nine out of ten in terms of pricing.
I am not the one who handled the pricing. A different team worked on it, but it is pretty expensive.
Cisco Secure Workload is a cloud and data security solution that offers a zero-trust policy of keeping an organization’s application workloads safe and secure throughout the entire on-premise and cloud data center ecosystems.
The pricing is a bit higher than we anticipated.
The price is outrageous. If you have money to throw at the product, then do it.
The pricing is a bit higher than we anticipated.
The price is outrageous. If you have money to throw at the product, then do it.
NGINX App Protect application security solution combines the efficacy of advanced F5 web application firewall (WAF) technology with the agility and performance of NGINX Plus. The solution runs natively on NGINX Plus and addresses some of the most difficult challenges facing modern DevOps environments:
The licensing fees for this solution are pretty expensive for what it does, but there is no alternative.
Our licensing costs are about $40,000 a year.
The licensing fees for this solution are pretty expensive for what it does, but there is no alternative.
Our licensing costs are about $40,000 a year.
Red Hat Advanced Cluster Security for Kubernetes is a Kubernetes-native container security solution that enables your organization to more securely build, deploy, and run cloud-native applications from anywhere. With its built-in security across the entire software development life cycle, you can lower your operational costs, reduce operational risk, and increase developer productivity while improving your security posture immediately. In addition, Red Hat Advanced Cluster Security integrates with security tools and DevOps in an effort to help you mitigate threats and enforce security policies that minimize operational risk to your applications. It also enables you to provide developers with actionable, context-rich guidelines integrated into existing workflows, along with tooling to support developer productivity. The solution is suitable for small, medium, and large-sized companies.
The pricing model is moderate, meaning it is not very expensive.
Red Hat offers two pricing options for their solution: a separate price, and a bundled price under the OpenShift Platform Plus.
The pricing model is moderate, meaning it is not very expensive.
Red Hat offers two pricing options for their solution: a separate price, and a bundled price under the OpenShift Platform Plus.
In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights, a unique AI architecture, and open source Falco. Sysdig delivers live visibility by correlating signals across cloud workloads, identities, and services to uncover hidden attack paths. By knowing what is running, teams can prioritize the vulnerabilities, misconfigurations, permissions, and threats that matter most. From prevention to defense, Sysdig helps enterprises move faster and focus on what matters: innovation.
The solution's pricing depends on the agents...In short, the price depends on the environment of its user.
It is quite costly compared to other tools.
The solution's pricing depends on the agents...In short, the price depends on the environment of its user.
It is quite costly compared to other tools.
Tenable.io Container Security is a container security platform that delivers end-to-end visibility of Docker container images, providing vulnerability assessment, malware detection, and policy enforcement before and after deployment. It also integrates into your DevOps pipeline to eliminate security blind spots without slowing down software development. In addition, Tenable.io Container Security provides proactive visibility and security so your organization can solve the security challenges of containers at the speed of DevOps.
It's best to be an institutional buyer and directly contact the sales team as they can provide over-the-top discounts for bulk orders.
I rate the product’s pricing a six out of ten.
It's best to be an institutional buyer and directly contact the sales team as they can provide over-the-top discounts for bulk orders.
I rate the product’s pricing a six out of ten.
Singularity Cloud Workload Security is SentinelOne’s real-time CWPP for hybrid cloud workloads running in VMs, servers, containers, and Kubernetes across AWS, Azure, Google Cloud, data center, and more. It delivers real-time, AI-powered detection and automated response to runtime threats such as ransomware, zero-day exploits, fileless attacks, and crypto-mining malware. Our cloud-native CWPP agent is architected on the eBPF (Extended Berkeley Packet Filter) framework since 2019 for maximum operational stability, resource efficiency, and security performance in low overhead. No kernel dependency hassles, and no kernel panics. Deployment is easy, and fits most DevOps provisioning methods. Singularity Cloud Workload Security is trusted by many of the world’s most iconic brands, to protect their cloud operations from disruption.
As a partner, we receive a discount on the licenses.
It's a fair price for what you get. We are happy with the price as it stands.
As a partner, we receive a discount on the licenses.
It's a fair price for what you get. We are happy with the price as it stands.
Sysdig Falco is a powerful open-source behavioral activity monitoring tool designed for containerized environments. Its primary use case is to enhance security and threat detection in cloud-native infrastructures.
Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers.
CoreOS Clair is open-source and free of charge.
CoreOS Clair is open-source and free of charge.
Trivy is the most popular open source security scanner, reliable, fast, and easy to use. Use Trivy to find vulnerabilities & IaC misconfigurations, SBOM discovery, Cloud scanning, Kubernetes security risks,and more.
Trivy is an open-source product.
Trivy is an open-source product.
Tigera is solving the networking and security problems inherent in deploying and enforcing policy in large private, public, and hybrid enterprise clouds. Tigera’s founders combine extensive networking and security experience with a track record of engagement with the cloud native, open source developer and user communities. With this as a starting point, Tigera has worked with those communities to create Canal, the combination and refinement of two existing cloud networking solutions – Project Calico and Flannel.
Your organization is deploying Kubernetes clusters to accelerate digital transformation. SUSE Rancher unifies these clusters to ensure consistent operations, workload management, and enterprise-grade security – from core to cloud to edge.
Kubescape is one of the fastest-growing Kubernetes security and compliance open source projects. Targeted at the DevSecOps practitioner or platform engineer, it includes risk analysis, security compliance, and misconfiguration scanning. It offers an easy-to-use CLI interface, flexible output formats, and much more. Bottom line, Kubescape saves Kubernetes users and admins precious time, effort, and resources.
Kubescape was created by ARMO and is a Cloud Native Computing Foundation (CNCF) sandbox project.
The first SBOM-powered platform that delivers continuous security with a frictionless developer experience.
ThreatMapper is an open-source, cloud-native, security observability platform. Scan for vulnerabilities, malware, compliance misconfigurations, exposed secrets and prioritize these critical cloud security alerts by exploitability. ThreatMapper works across all clouds and workload types, VMs, containers, Kubernetes, serverless, and more.
