Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing.
Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background.
The pricing is pretty high.
Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background.
The pricing is pretty high.
Prisma Cloud by Palo Alto Networks is a cloud security solution used for cloud security posture management, cloud workload protection, container security, and code security. It provides visibility, monitoring, and alerting for security issues in multi-cloud environments.
The purchasing process was easy and quick. It is a very economical solution.
Our licensing fees are $18,000 USD per year.
The purchasing process was easy and quick. It is a very economical solution.
Our licensing fees are $18,000 USD per year.
Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.
I'm not privy to that information, but I know it's probably close to a million dollars a year.
We are using the free version of the Azure Security Center.
I'm not privy to that information, but I know it's probably close to a million dollars a year.
We are using the free version of the Azure Security Center.
Orca Security is praised for its comprehensive coverage, seamless integration, and insightful reporting, with users noting the need for improvements in the UI, scan process speed, and reporting capabilities. On the other hand, Wiz is favored for its UI, collaboration tools, and robust security features, and customization options.
The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing.
I wish the pricing was more transparent.
The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing.
I wish the pricing was more transparent.
Vulnerability Management, Detection, and Response (VMDR) is a cornerstone product of the Qualys TruRisk Platform and a global leader in the enterprise-grade vulnerability management (VM) vendor space. With VMDR, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure their actual risk exposure over time.
Usually every implementation is different and the quote is in function of number of assets.
When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself.
Usually every implementation is different and the quote is in function of number of assets.
When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself.
Tenable Nessus is a vulnerability management solution that aims to empower organizations to be aware of threats that both they and their customers face. It is the most deployed scanner in the vulnerability management industry. Organizations that use this product have access to the largest continuously updated global library of vulnerability and configuration checks. They can stay ahead of threats that Tenable Nessus’s competitors may be unable to spot. Additionally, Tenable Nessus supports a greater number of technologies than its competitors.
The pricing is much more manageable versus other products.
The price of Tenable Nessus is much more competitive versus other solutions on the market.
The pricing is much more manageable versus other products.
The price of Tenable Nessus is much more competitive versus other solutions on the market.
Get a risk-based view of your IT, security and compliance posture so you can quickly identify, investigate and prioritize your most critical assets and vulnerabilities.
It is slightly more expensive than other solutions in the same sphere.
The licensing costs for this solution are approximately $100,000 US, and I think that covers everything.
It is slightly more expensive than other solutions in the same sphere.
The licensing costs for this solution are approximately $100,000 US, and I think that covers everything.
Managed in the cloud and powered by Tenable Nessus, Tenable Vulnerability Management (formerly Tenable.io) provides the industry's most comprehensive vulnerability coverage with real-time continuous assessment of your organization. Built-in prioritization, threat intelligence and real-time insight help you understand your exposures and proactively prioritize remediations.
There are additional features that can be licensed for an additional cost.
The solution is not too expensive.
There are additional features that can be licensed for an additional cost.
The solution is not too expensive.
Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.
The price of the solution is less than the competitors.
I do not have experience with the pricing of the solution.
The price of the solution is less than the competitors.
I do not have experience with the pricing of the solution.
AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
The price of the solution is not very competitive but it is reasonable.
The price of AWS Security Hub is average compared to other solutions.
Amazon Guard Duty is a continuous cloud security monitoring service that consistently monitors and administers several data sources. These include AWS CloudTrail data events for EKS (Elastic Kubernetes Service) audit logs, VPC (Virtual Private Cloud) flow logs, DNS (Domain Name System) logs, S3 (Simple Cloud Storage), and AWS CloudTrail event logs.
Amazon GuardDuty intuitively uses threat intelligence data - such as lists of malicious domains and IP addresses - and ML (machine learning) to quickly discover suspicious and problematic activity in a user's AWS ecosystem. Activities may include concerns such as interactions with malicious IP addresses or domains, exposed credentials usage, or changes and/or escalation of privileges.
GuardDuty is able to easily determine problematic AWS EC2 (Elastic Compute Cloud) instances delivering malware or mining bitcoin. It is also able to trace AWS account access history for evidence of destabilization. such as suspicious API calls resulting in changing password policies to minimize password strength or anomalous infrastructure deployments in new or different never-used regions.
We use a pay-as-you-use license, which is competitively priced in the market.
I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it.
We use a pay-as-you-use license, which is competitively priced in the market.
I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it.
Aqua Security stops cloud native attacks, preventing them before they happen and stopping them when they happen. Dedicated cloud native threat research and the most loved cloud native security open source community in the world put innovation at your fingertips so you can transform your business. Born cloud native, The Aqua Platform is the most integrated Cloud Native Application Protection Platform (CNAPP), securing from day one and protecting in real-time. Aqua has been stopping real cloud native attacks on hundreds of thousands of production nodes across the world since 2015.
Aqua Security is not cheap, and it's not very expensive, such as Splunk, they are in the middle.
The pricing of this solution could be improved.
Aqua Security is not cheap, and it's not very expensive, such as Splunk, they are in the middle.
The pricing of this solution could be improved.
Illumio Zero Trust Segmentation is a cloud and data center security solution that helps stop breaches from spreading across hybrid and multi cloud IT environments. The solution is designed to stop ransomware, contain cyber attacks, and reduce risk. With Illumio Zero Trust Segmentation, users can understand relationships and communications to map exposure risk of systems and data, identify the right security posture and secure applications through least-privilege policies, and ensure a Zero Trust security posture.
There is a subscription needed to use Illumio Adaptive Security Platform and we pay every three years. Overall the solution is expensive.
The product's pricing is around 10,000-15,000 USD. The pricing is on a yearly basis.
There is a subscription needed to use Illumio Adaptive Security Platform and we pay every three years. Overall the solution is expensive.
The product's pricing is around 10,000-15,000 USD. The pricing is on a yearly basis.
Akamai Guardicore Segmentation is a software-based microsegmentation solution that provides the simplest, fastest, and most intuitive way to enforce Zero Trust principles. It enables you to prevent malicious lateral movement in your network through precise segmentation policies, visuals of activity within your IT environment, and network security alerts. Akamai Guardicore Segmentation works across your data centers, multicloud environments, and endpoints. It is faster to deploy than infrastructure segmentation approaches and provides you with unparalleled visibility and control of your network.
Compared to the pricing we were seeing from both Illumio and Edgewise, Guardicore was very competitive.
Guardicore Centra provides better value for money than NSX, was the other solution that we looked at, which was too expensive for what it does.
Compared to the pricing we were seeing from both Illumio and Edgewise, Guardicore was very competitive.
Guardicore Centra provides better value for money than NSX, was the other solution that we looked at, which was too expensive for what it does.
JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].
Appgate SDP is a network access control tool for local and remote access, multifactor authentication, and micro-segmentation. It is a flexible, robust, and configurable tool with good documentation, interface improvements, and ease of deployment.
It is a pretty expensive tool. It is maybe about $20,000 per year for a hundred users or so.
We pay $100 per user per month. One license for the site is around $17.
It is a pretty expensive tool. It is maybe about $20,000 per year for a hundred users or so.
We pay $100 per user per month. One license for the site is around $17.
The Skybox Security Suite platform combines firewall and network device data with vulnerability and threat intelligence, prioritizing security issues in the context of your unique environment. Powerful attack vector analytics reduce response times and risks, bringing firewall, vulnerability and threat management processes for complex networks under control.
The pricing is high, and the licensing model needs more flexibility.
The pricing has increased exorbitantly in the last few years, so now it is questionable. Now, it makes me want to review other products.
The pricing is high, and the licensing model needs more flexibility.
The pricing has increased exorbitantly in the last few years, so now it is questionable. Now, it makes me want to review other products.
Lacework is a cloud security platform whose Polygraph Data Platform automates cloud security at scale so customers can innovate with speed and safety. Lacework is the only security platform that can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. As a breach detection and investigation tool, Lacework provides information on when and how a breach happened, including the users, machines, and applications involved in the breach. By using machine learning and behavioral analytics, the solution can automatically learn what's normal for your environment and reveal any abnormal behavior. In addition, Lacework gives you continuous visibility to find vulnerabilities, misconfigurations, and malicious activity across your cloud environment.
The licensing fee was approximately $80,000 USD, per year.
The licensing fee was approximately $80,000 USD, per year.
Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.
It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution.
Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges.
It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution.
Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges.
CrowdStrike Falcon Cloud Security is a platform of cloud security solutions aimed at protecting organizations from breaches while simplifying cloud security management. The unified platform combines several cloud security functionalities for comprehensive protection. Built on the CrowdStrike Falcon Platform, it leverages the powerful agent and technology used in CrowdStrike's renowned endpoint protection solutions, extending its capabilities seamlessly to cloud environments.
The pricing is fair for what you get. I'd rate them a solid nine out of ten in terms of pricing.
I am not the one who handled the pricing. A different team worked on it, but it is pretty expensive.
The pricing is fair for what you get. I'd rate them a solid nine out of ten in terms of pricing.
I am not the one who handled the pricing. A different team worked on it, but it is pretty expensive.
Cisco Secure Workload is a cloud and data security solution that offers a zero-trust policy of keeping an organization’s application workloads safe and secure throughout the entire on-premise and cloud data center ecosystems.
The pricing is a bit higher than we anticipated.
The price is outrageous. If you have money to throw at the product, then do it.
The pricing is a bit higher than we anticipated.
The price is outrageous. If you have money to throw at the product, then do it.
Trend Vision One- Cloud Security is a cloud security solution that offers comprehensive threat protection, monitoring, and visibility for cloud environments. Users appreciate its ability to centralize security management across multiple platforms, ensuring compliance and reducing the risk of data breaches. With advanced features like data encryption, network security, and data loss prevention, Trend Vision One- Cloud Security offers strong performance and ease of use. This solution has helped companies improve efficiency, streamline processes, and enhance productivity.
It's a slightly expensive product.
We make use of the full licensing version.
It's a slightly expensive product.
We make use of the full licensing version.
Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.
I use the open-source version of this product. Pricing is not relevant.
It is expensive. Our license expired, and our company is not thinking to renew because of our budget.
I use the open-source version of this product. Pricing is not relevant.
It is expensive. Our license expired, and our company is not thinking to renew because of our budget.
In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights, a unique AI architecture, and open source Falco. Sysdig delivers live visibility by correlating signals across cloud workloads, identities, and services to uncover hidden attack paths. By knowing what is running, teams can prioritize the vulnerabilities, misconfigurations, permissions, and threats that matter most. From prevention to defense, Sysdig helps enterprises move faster and focus on what matters: innovation.
The solution's pricing depends on the agents...In short, the price depends on the environment of its user.
It is quite costly compared to other tools.
The solution's pricing depends on the agents...In short, the price depends on the environment of its user.
It is quite costly compared to other tools.
XM Cyber is a leading hybrid cloud security company that’s changing the way innovative organizations approach cyber risk. Our attack path management platform continuously uncovers hidden attack paths to your critical assets across cloud and on-prem environments, so you can cut them off at key junctures and eradicate risk with a fraction of the effort. This overcomes the big disconnect that security teams experience when they’re presented with endless alerts, yet can’t see which exposures impact risk the most, how they come together to be exploited by an attacker, or how to efficiently eliminate them. This approach is a complete game-changer, which is why some of the world’s largest, most complex organizations choose XM Cyber to help eradicate risk. Founded by top executives from the Israeli cyber intelligence community, XM Cyber has offices in North America, Europe, and Israel.
We have to pay standard licensing fees.
We have to pay standard licensing fees.
The Salt Security API Protection Platform secures the APIs at the heart of all your modern applications. The platform collects API traffic across your entire application landscape and makes use of AI/ML and a big data engine to discover all your APIs and their exposed data, stop attacks, and eliminate vulnerabilities at their source.
Take control of your cloud security program with Tenable Cloud Security (formerly Tenable.cs) low-impact cloud agentless scanning, automated threat detection and risk prioritization. Developed by the leader in vulnerability management, Tenable Cloud Security enables security teams to continuously assess the security posture of cloud environments, offering full visibility across multi-cloud environments and helping you prioritize efforts based on business risk.
The tool's pricing is fair.
The tool's pricing is fair.
Alert Logic is a cloud-based security and compliance solution that provides threat detection and response, log management, and compliance automation. Its primary use case is to manage lag and protect the network, identify configuration issues related to security and cloud infrastructure, and serve as the primary SIEM tool before escalating tickets.
It scales pretty well, except in matters of price.
While the pricing and licensing through the AWS Marketplace is straightforward, scaling it out for larger environments has become an issue.
It scales pretty well, except in matters of price.
While the pricing and licensing through the AWS Marketplace is straightforward, scaling it out for larger environments has become an issue.
Threat Stack Cloud Security Platform is a CWPP (Cloud Workload Protection Platform) that provides your organization with comprehensive security for modern applications and APIs. It is designed specifically for monitoring cloud environments, vulnerabilities, covering workloads, infrastructure, and compliance. The solution offers application infrastructure protection for all layers of your infrastructure stack and delivers the necessary observability for proactive and targeted remediation action. In addition, it is platform-independent and easily adapts to various environments. Threat Stack Cloud Security Platform works best for companies who want real-time protection against active external threats and need to reduce alert investigation time. It is ideal for small, medium, or large-sized organizations.
It is a cost-effective choice versus other solutions on the market.
Pricing seems to be in line with the market structure. It's fine.
It is a cost-effective choice versus other solutions on the market.
Pricing seems to be in line with the market structure. It's fine.
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can be reviewed directly or as part of detailed assessment reports which are available via the Amazon Inspector console or API.
It's priced according to market standards for its services.
The pricing is very transparent and clear.
It's priced according to market standards for its services.
The pricing is very transparent and clear.
Singularity Cloud Workload Security is SentinelOne’s real-time CWPP for hybrid cloud workloads running in VMs, servers, containers, and Kubernetes across AWS, Azure, Google Cloud, data center, and more. It delivers real-time, AI-powered detection and automated response to runtime threats such as ransomware, zero-day exploits, fileless attacks, and crypto-mining malware. Our cloud-native CWPP agent is architected on the eBPF (Extended Berkeley Packet Filter) framework since 2019 for maximum operational stability, resource efficiency, and security performance in low overhead. No kernel dependency hassles, and no kernel panics. Deployment is easy, and fits most DevOps provisioning methods. Singularity Cloud Workload Security is trusted by many of the world’s most iconic brands, to protect their cloud operations from disruption.
As a partner, we receive a discount on the licenses.
It's a fair price for what you get. We are happy with the price as it stands.
As a partner, we receive a discount on the licenses.
It's a fair price for what you get. We are happy with the price as it stands.
Zscaler CSPM automates security and compliance in the cloud, delivering continuous visibility and enforcing adherence to the most comprehensive set of security policies and compliance frameworks. Offered as a multi-tenant SaaS, the product enables seamless integration with customer cloud infrastructure, quick data collection, comprehensive dashboards and reports. Zscaler CSPM supports integrations with CI/CD pipelines and ticketing systems, enables auto-remediation, and supports private benchmarks. Customers can easily enforce their corporate information security standards across AWS, Azure, and Office365 environments to prevent misconfiguration-related data breaches.
When comparing it to other security solutions, it offers effective protection at a lower cost.
In the long run, cloud services are not inherently costly.
When comparing it to other security solutions, it offers effective protection at a lower cost.
In the long run, cloud services are not inherently costly.
Bridgecrew is a comprehensive cloud security platform that helps organizations automate security and compliance across their cloud infrastructure. With its powerful capabilities, Bridgecrew enables teams to identify and remediate security issues in real-time, ensuring a secure and compliant cloud environment.
One of Bridgecrew's key features is its ability to continuously scan cloud infrastructure for misconfigurations, vulnerabilities, and compliance violations. It provides a centralized dashboard that displays the security posture of the entire cloud environment, allowing teams to quickly identify and prioritize security issues.
Bridgecrew also offers automated remediation capabilities, allowing teams to fix security issues with just a few clicks. It provides step-by-step instructions on how to remediate each issue, making it easy for even non-security experts to address vulnerabilities and misconfigurations.
Another notable feature of Bridgecrew is its integration with popular DevOps tools like GitHub, GitLab, and Jira. This allows teams to seamlessly incorporate security into their existing workflows, enabling them to catch and fix security issues early in the development process.
Bridgecrew also provides detailed reports and compliance documentation, making it easier for organizations to demonstrate their adherence to industry standards and regulations. It also offers continuous monitoring and alerting, ensuring that any new security issues are promptly detected and addressed.
Bridgecrew is a powerful cloud security platform that automates security and compliance across cloud infrastructure. With its continuous scanning, automated remediation, and integration capabilities, Bridgecrew helps organizations maintain a secure and compliant cloud environment.
IBM Guardium Vulnerability Assessment scans data infrastructures (databases, data warehouses and big data environments) to detect vulnerabilities, and suggests remedial actions. The solution identifies exposures such as missing patches, weak passwords, unauthorized changes and misconfigured privileges.
One thing not advantageous for it was that it was a little bit more expensive. I would rate it one out of five in terms of pricing.
One thing not advantageous for it was that it was a little bit more expensive. I would rate it one out of five in terms of pricing.
Organizations are embracing multiple public cloud platforms, resulting in increased complexity of management which impacts security and risk. Additionally, the built-in security tools that come with various cloud platforms are unique to each, compounding the challenge of consistently managing risk across all clouds in a multi-cloud world. This challenge renders security operations time consuming and ineffective. As the attack surface expands, organizations need to protect from not only from risks of configuration and management of the application elements themselves, but also from risks originating via cloud application programming interfaces (APIs) and UIs.
The Balbix breach avoidance platform, BreachControl, is the industry’s first system to leverage specialized artificial intelligence (AI) to provide comprehensive and continuous predictive assessment of breach risk.
PingSafe’s Cloud-Native Application Protection Platform (CNAPP) has all the necessary components to safeguard your multi-cloud environment and infrastructure. PingSafe's unified platform scans your entire cloud infrastructure through an attacker's lens and helps you remediate the most exploitable vulnerabilities with unmatched speed and scale.
It was reasonable pricing for me.
We have an enterprise license. It is affordable. I'm not sure, but I think we pay 150,000 rupees per month.
It was reasonable pricing for me.
We have an enterprise license. It is affordable. I'm not sure, but I think we pay 150,000 rupees per month.
Fugue is an infrastructure-level cloud operating system. It builds, operates, and terminates cloud infrastructure and services and automates the continuous enforcement of declared infrastructure configurations. Fugue completes the DevOps workflow by automating cloud lifecycle management via enforced and versionable infrastructure as code. Fugue is a single source of truth and trust for the cloud.
Easily identify cloud resource vulnerabilities, ensure compliance, and respond to threats faster.
Regarding the pricing for Sophos Cloud Optix, I would say that it was a very good price.
Regarding the pricing for Sophos Cloud Optix, I would say that it was a very good price.
Continuously visualize, detect, and block any attack path in your cloud and Kubernetes environment.
Gain the visibility, control and advanced data protection you need across your multi-cloud environments to secure sensitive content within cloud services and maintain best practices and standards compliance. Scan storage services to identify and protect sensitive data as well as detect malware.
Migrating workloads to the public cloud creates new threat surfaces which can be exploited by attackers and lead to theft of your customers' data.