Top 10 Cloud Security Software

Last updated: May 22, 2023

Cloud Security Software address protecting sensitive data and meeting compliance requirements in cloud apps and platforms. CASB (cloud access security broker) is cloud based software that sits between cloud service users and cloud applications, and monitors all activity and enforces security policies.
Zscaler is working to make the internet safe for business. Go beyond basic internet security with our 100% cloud solution. Zero hardware and zero backhauling.
Skyhigh enables the entire Cloud Adoption Lifecycle, providing unparalleled visibility, usage analytics, and policy enforcement. Gain complete visibility into all cloud services in use and an objective risk assessment across data, business, and legal risk. Identify security breaches and insider threats, analyze usage patterns to understand demand for cloud services, and consolidate subscriptions. Seamlessly enforce security policies including encryption, data loss prevention, and coarse and granular access control
Netskope is the leader in cloud based security services. Our cloud security brokers empower your business by providing complete visibility & protection. Netskope automatically discovers and gives you analytics and policy enforcement in real-time and across any app, whether you manage it or not. That’s how cloud security solutions should work.
Palo Alto Networks Prisma is securing the cloud from the inside out by providing the most comprehensive cloud security in the industry. With Prisma, organizations can protect their users, applications and data, regardless of where they’re located.
Bitglass is a cloud access security broker and the leader in total data protection. We enable enterprises to migrate to SaaS applications. With cloud apps, your corporate data leaves the network. Keep cloud data secure and compliant anywhere it goes. BYOD demands a balance between security and employee productivity. Learn how MDM falls short and how Bitglass can help.
Complete security for all cloud applications. Use leading machine learning and UEBA capabilities to establish behavioral fingerprints for advanced risk calculation.
High-performance, integrated security solutions for global organizations and providers of all sizes.
Cisco Umbrella offers flexible cloud-delivered security when and how you need it. It combines multiple security functions into one solution, so you can enrich your incident response data and easily extend protection to devices and locations anywhere.
Cloud-delivered network security service enforces comprehensive internet security and data compliance policies, regardless of location or device.
Microsoft Cloud App Security is a multimode Cloud Access Security Broker (CASB). It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud services.
  on Live Enterprise
CipherCloud enables cloud adoption while ensuring security, compliance and control. Delivers comprehensive and precise visibility into all cloud applications in use and assesses their risk based on business, data & compliance criteria. Ensures all data protection policies are enforced, prevents unauthorized access, with data loss prevention, encryption, tokenization, and key management.
BetterCloud secures user interactions across your digital workplace. SaaS Management and Security that is customized to your business.
McAfee MVISION provides visibility and control over data and security policy management across SaaS, PaaS, and IaaS environments.

Latest news about Cloud Security Software

2023. IBM acquires Polar Security for $60M to automate cloud data management

IBM has completed the acquisition of Polar Security, an Israeli startup that has developed a platform specializing in "data security posture management." Polar's technology offers an agentless approach to auditing and monitoring the flow of cloud data across cloud applications and within a company's network. As the adoption of cloud services continues to grow, the complexity of managing data has increased significantly. This includes the challenges of identifying and tracking data storage locations, monitoring data usage, managing access permissions, adapting to new services, and ensuring compliance with varying regulations across different countries. Polar is just one among several startups that are working on tools to tackle these challenges. Other notable companies in this space include Laminar, CrowdStrike, Check Point, Zscaler, and more.

2023. Google brings generative AI to cybersecurity

Google has introduced Cloud Security AI Workbench, a suite of cybersecurity tools that uses a specialized AI language model called Sec-PaLM. This model is derived from Google's PaLM model but has been optimized for security purposes by incorporating security intelligence, such as research on software vulnerabilities, malware, threat indicators, and behavioral threat actor profiles. The Cloud Security AI Workbench offers various AI-powered tools, including Mandiant's Threat Intelligence AI, which uses Sec-PaLM to identify, summarize, and respond to security threats. VirusTotal, another Google property, will also utilize Sec-PaLM to help subscribers analyze and explain the behavior of malicious scripts. Additionally, Sec-PaLM will aid customers of Chronicle, Google's cloud cybersecurity service, in searching security events and engaging in "conservative" interactions with the results.

2023. Push Security raises $15M to help SaaS users lower their online vulnerability

Push Security, a startup that enables employee's cloud security not by blocking online activity and app usage, but by monitoring when users are making iffy choices with web-based apps and showing how to fix them, has raised $15M. Push utilizes various methods to ensure secure app usage. Firstly, it observes how employees interact with apps and sends automated suggestions to them when it detects they are using them in insecure ways, such as selecting weak passwords. Secondly, it sends notifications to IT and security teams, providing them with a summary of the app activity to keep them informed. Lastly, it adds the app to a dashboard for the teams to monitor and alerts them when the app poses a threat due to its own security vulnerabilities, and blocks those that are considered to be particularly risky.

2023. Cloud security vendor Mitiga lands $45M

Mitiga, a cloud security firm that offers a subscription-based service to help companies prepare for cloud and software-as-a-service (SaaS) attacks, has raised $45 million in a Series A. Mitiga takes a “modern” approach to cloud incident response. The service analyzes cloud forensics data for investigation, storing forensics data from various clouds and software-as-a-service apps. Using a library of cloud attack scenarios, Mitiga hunts for attacks in the forensics data, managing and orchestrating the response in real time. Of course, there’s no shortage of rival vendors offering services to secure organizations’ cloud assets: Wiz, Sentra, Dig Security, Laminar and Opus Security - also raised funding recently.

2023. Cloud security startup Wiz raises $300M

Wiz, which claims that it’s the world’s largest cybersecurity unicorn, has raised $300 million in a Series D round. Wiz is a cloud security platform that, like other similar platforms, assesses the risk factors of infrastructure hosted in public cloud services such as AWS, Azure, and Google Cloud to prevent hackers from gaining control of assets and obtaining sensitive customer data. To achieve this, the company utilizes a security graph that connects data across different areas that need protection, including the network, identity, secrets, and workloads. Unlike the traditional agent-based security model, Wiz uses an agentless, API-centered approach to seamlessly scan cloud workloads, leading to a more efficient and faster solution for identifying and resolving security issues. The Wiz security graph is at the core of the product and replaces contextless alerts, helping to find security holes and issues much more effectively than other solutions.

2023. Cisco to acquire Multicloud Security startup Valtix

Configuring security across multiple cloud infrastructure vendors can be a challenging task for many organizations, as very few rely on a single vendor. Over the weekend, Cisco revealed its intention to acquire Valtix, a startup that helps companies secure their environments across multiple clouds. Cisco's prior investment in the company suggests that it has had a close look at both the product and the company personnel. Since 2020, Cisco has been a strategic investor in Valtix and supports the company's mission to simplify network security and safeguard workloads, irrespective of the cloud they are created or consumed in.

2023. Gem Security wants to secure your cloud infrastructure, raises $11M

Gem Security, the Israeli-based startup that is building a cloud threat detection, investigation and response (TDIR) platform, is coming out of stealth today and announced an $11 million seed funding round. With support for all of the major cloud platforms like AWS, Azure, Google Cloud and Kubernetes, Gem Security promises to provide security teams with a single streamlined tool to discover all their cloud assets and the real-time threat detection and contextualized alerts to ensure that they remain secure, in part by automating a large part of a company’s cloud security operations.

2022. Microsoft launches new security services aimed at protecting code in the cloud

Microsoft has announced Defender Cloud Security Posture Management and Defender for DevOps, two new offerings within the company’s Defender for Cloud service (previously Azure Defender) aimed at managing software development and runtime security across multicloud, multiple-pipeline environments. Currently available in public preview, they work with GitHub and Azure DevOps to start, with additional product integrations to come down the line. Defender CSPM leverages AI algorithms to perform contextual risk analyses of software dev environments. Resulting recommendations and insights are piped into source code management platforms like GitHub and Azure DevOps to drive remediation efforts; alternatively, users can create workflows connected to security recommendations to trigger automated remediation.

2022. Google is acquiring security intelligence firm Mandiant for $5.4B

Google is to acquire security intelligence company Mandiant, giving it access to security data gathering capabilities, as well as a team of hundreds of security consultants. The company will become part of Google Cloud upon closing. Mandiant is on a mission to make every organization secure from cyber threats and confident in their readiness. Mandiant's uniquely dynamic view of the attack lifecycle combines machine, adversary and operational cyber threat intelligence to understand and proactively protect against the relevant threats facing your organization.

2021. Public cloud security startup Laminar emerges from stealth with $37M

Laminar, a platform that provides full data observability across entire public cloud is coming out of stealth with $37 million. There are a number of tech companies that have identified the shortcomings of cloud services when it comes to cybersecurity, making for a variety of approaches to solving that problem. In the realm of public cloud services, others providing solutions include the likes of Netskope (which earlier this year was valued at $7.5 billion, speaking to the business opportunity here); Microsoft (which most recently beefed up its cloud-based cybersecurity profile with the acquisition of CloudKnox earlier this year); vArmour (which is approaching an IPO); and many, many more. Laminar’s belief is that it has built technology that is faster and easier to use, and is more geared to the realities of how cloud services are designed: apps and services are built and run across multiple public clouds (in Laminar’s case its main activity today is centered around Azure, Google Cloud and AWS, Avraham told me).

2021. Monad emerges from stealth with $17M to solve the cybersecurity big data problem

Cloud security startup Monad, which offers a platform for extracting and connecting data from various security tools, has launched from stealth with $17 million in Series A. Monad was founded on the belief that enterprise cybersecurity is a growing data management challenge, as organizations try to understand and interpret the masses of information that’s siloed within disconnected logs and databases. Once an organization has extracted data from their security tools, Monad’s Security Data Platform enables them to centralize that data within a data warehouse of choice, and normalize and enrich the data so that security teams have the insights they need to secure their systems and data effectively.

2021. Cloud security platform Netskope raises $300M

Netskope, focused on Secure Access Service Edge architecture, announced a $300 million investment round. Netskope takes a data-centric approach to cloud security, protecting data and users everywhere. The Netskope Security Cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and delivers data-centric security from one of the world’s largest and fastest security networks. The company just completed a “three-year journey building the largest cloud network that is 15 milliseconds from anyone in the world”.

2021. Mitiga raises $25M to help organizations respond to cyberattacks

Israeli cloud security startup Mitiga has raised $25 million in a Series A round. Mitiga, unlike other companies in the cybersecurity space, isn’t looking to prevent cyberattacks, which the startup claims are inevitable no matter how much protection is in place. Rather, it’s looking to help organizations manage their incident response, particularly as they transition to hybrid and multicloud environments.

2021. Uptycs secures $50M to expand its security platform

Uptycs, a startup that uses data to help understand and prevent security attacks, announced a $50 million Series C. Part of the reason for the company’s success over the last year was that the pandemic generated more customer interest as people moved to work from home, the SolarWinds hack happened and companies were moving to the cloud faster. But the company has not been sitting still in terms of the platform. It has begun expanding on that vision to include all four main areas of security, including being proactive, reactive, predictive and protective.

2021. AppOmni raises $40M for tools to secure enterprise SaaS apps

AppOmni, a startup which has built a platform to help monitor SaaS apps and their activity, provide guidance to warn or block when things might go wrong and fix problems when they do occur - has raised $40 million in a Series B. The company today integrates with more than 100 connectors, platforms used by developers and IT teams at companies to manage the apps that their businesses use, such as tools like Splunk and Sumo Logic. Through this, AppOmni is able to aggregate and normalize event data around those apps, in addition to deeper monitoring in cases where it can integrate with apps themselves (those integrations to date include some of the most popular apps that enterprises use today, including Salesforce and Slack, Zoom, Microsoft 365, Box and GitHub).

2021. Grip Security raises $6M to improve SaaS security

Grip Security, that provides enterprises with full visibility into their SaaS portfolios through enforceable endpoint-centric access controls and new data governance capabilities that work across devices and locations, has raised a $6 million seed round. Most of the popular cloud access security brokers (CASBs) today were founded around 10 years ago and then later acquired by other major players like Microsoft, Cisco and Proofpoint. But Grip Security argues that the problems with protecting SaaS today is fundamentally different from those 10 years ago. The promise of Grip Security is that after a quick installation, enterprises get full visibility into which applications their employees actually use. Yaari wasn’t quite ready to give away the secret sauce of how Grip does this, though. But he noted that this is a non-intrusive solution.

2021. Xage introduces Zero Trust remote access cloud solution for hard-to-secure environments

Xage, a security startup that has been building a solution to help protect these hard-to-secure operations, announced a Zero Trust remote access cloud solution. This involves controlling access device by device and person by person by determining who can do what based on them authenticating themselves and proving who they are. It doesn’t rely on knowledge of a device password or a VPN zone password. The solution goes further with a secure traversal tunnel, which relies on a tamper-proof certificate to prevent hackers from getting from the operations side of the house — whether that’s a utility grid, water supply or oil and gas pipeline — to the IT side where they could then begin to muck about with the operational technology.

2021. Google’s BeyondCorp Enterprise security platform is now generally available

Google announced that BeyondCorp Enterprise, the zero trust security platform modeled after how Google itself keeps its network safe without relying on a VPN, is now generally available. BeyondCorp Enterprise builds out Google’s existing BeyondCorp Remote Access offering with additional enterprise features. Google describes it as “a zero trust solution that enables secure access with integrated threat and data protection.” As part of BeyondCorp Enterprise, businesses get an end-to-end zero trust solution that includes everything from DDoS protection and phishing-resistant authentication, to the new security features in the Chrome browser and the core continuous authorization features that protect every interaction between users and resources protected by BeyondCorp.

2021. Cloud security startup Lacework has raised $525M

Lacework, the cloud security startup providing solution built on top of Snowflake platform, has raised $525 million Series D bringing its overall funding to over $1 billion. The company reported that revenue grew 300% year over year for the second straight year. One of the reasons for such widespread interest from investors and customers is the breadth of the company’s security solution. It enables companies to build securely in the cloud, and we span across multiple different categories of markets, which enable the customers to do that. That encompasses a range of services, including configuration and compliance, security for infrastructure as code, build time and runtime vulnerability scanning and runtime security for cloud native environments like Kubernetes and containers.

2020. Orca Security raises $55M for its cloud-native security platform

Israeli cloud security firm Orca Security has raised a $55 million Series B funding. What makes Orca stand out is not just its focus on cloud-native technologies but what it calls its SideScanning technology. This enables it to map a company’s cloud environment and reconstruct its file system by looking at how workloads interact with the block storage services they use. Based on this, in combination with the cloud metadata it collects, it can map and scan a company’s entire data estate and its cloud assets — and find potential security issues. Because of this system, Orca also immediately discovers new hosts in the cloud without anybody having to maintain this part of the system.

2020. FireEye acquires AI security expert Respond Software for $186M

Cybersecurity company FireEye has acquired Respond Software, a company that helps customers investigate and understand security incidents, while reducing the need for highly trained (and scarce) security analysts. FireEye had its eye on Respond’s Analyst product, which it plans to fold into its Mandiant Solutions platform. Like many companies today, FireEye is focused on using machine learning to help bolster its solutions and bring a level of automation to sorting through the data, finding real issues and weeding out false positives. The acquisition gives them a quick influx of machine learning-fueled software.

2020. Palo Alto Networks to acquire AI cybersecurity firm Expanse for $800M

Palo Alto Networks has acquired Expanse for $800 million. Expanse provides a service to help companies understand and protect their attack surface, where they could be most vulnerable to attack. It works by giving the security team a view of how the company’s security profile could look to an attacker trying to gain access. The plan is to fold Expanse into Palo Alto’s Cortex Suite, an AI-driven set of tools designed to detect and prevent attacks in an automated way. Expanse should provide Palo Alto with a highly valuable set of data to help feed the AI models.

2020. Axis Security raises $32M to help companies stay secure while working from home

Axis Security, that provides secure Access as a Service platform announced a $32 million Series B investment. Axis Security launched last year with the idea of helping customers enable contractors and third parties to remotely access a company’s systems in a safe way, but when the pandemic hit, they saw another use case, one which had been on their road map: helping keep systems secure when employees were working from home. The company’s product uses the notion of Zero Trust, which, as the name suggests, assumes you can’t trust anyone on your system, and work from there. Using a rules-based engine, customers can create a secure environment based on your role.

2020. Palo Alto Networks to buy digital forensics consulting firm for $265M

Security software provider Palo Alto Networks has acquired The Crypsis Group, an incident response, risk management and digital forensics consulting firm, for a crisp $265 million. While the kinds of tools that Palo Alto provides are designed to prevent attacks, the fact is no set of tools is foolproof, and it’s always going to be a cat and mouse game between companies like Palo Alto and the attackers trying to breach their defenses. Crypsis can help figure out how a breach happened and ways to close up the cracks in the foundation to prevent access through that particular weak point in the future.

2020. Adaptive Shield raises $4M for its SaaS security platform

Adaptive Shield, a Tel Aviv-based security startup, has raised $4 million seed round. The company’s platform helps businesses protect their SaaS applications by regularly scanning their various setting for security issues. As companies adopt a large variety of SaaS applications, all with their own security settings and user privileges, security teams are often either overwhelmed or simply not focused on these SaaS tools because they aren’t the system owners and may not even have access to them. Adaptive Shield allows to log into SaaS services through its firewall. Currently, the company supports most of the standard SaaS enterprise applications you would expect, including GitHub, Office 365, Salesforce, Slack, SuccessFactors and Zoom. he company already has paying customers, including some Fortune 500 companies across a number of verticals.

2020. Open Raven raises $15M for its security tech to secure hybrid clouds

Cloud security startup Open Raven has closed on $15 million in new financing. Open Raven’s potential stems from the simple fact that a majority of all databases will be accessed from a cloud platform within the next two years. These databases may exist on several different service providers’ cloud computing platforms making it that much more difficult to secure and track the data as it’s accessed by different users. Put simply, data security tools weren’t built to handle this kind of data fluidity across multiple services. These instances of what Open Raven calls “data sprawl” can lead to misconfigurations that have become one of the biggest security threats

2020. BetterCloud scores $75M to lead the SaaSOps movement

In the middle of a crisis that has forced most companies to move workers home, being able to manage SaaS usage in this way is growing increasingly significant. BetterCloud, that gives IT visibility into its SaaS tools providing the means to discover, manage and secure those tools, announced a $75 million Series F. BetterCloud calls its solution SaaSOps that provides best practices of how SaaS applications are discovered, managed, and secured through centralized and automated operations (Ops), resulting in reduced friction, improved collaboration, and better employee experience. BetterCloud connects to more than 50+ SaaS applications and allows to consolidate administration into one centralized platform so you can save time on common tasks and focus on what’s most important.

2020. VMware to acquire Kubernetes security startup Octarine and fold it into Carbon Black

VMware announced today that it intends to buy early-stage Kubernetes security startup Octarine and fold it into Carbon Black, a security company it bought last year for $2.1 billion. Acquiring Octarine enables us to advance intrinsic security for containers (and Kubernetes environments), by embedding the Octarine technology into the VMware Carbon Black Cloud, and via deep hooks and integrations with the VMware Tanzu platform. VMware Carbon Black Cloud is a cloud native endpoint protection platform (EPP) that combines the intelligent system hardening and behavioral prevention needed to keep emerging threats at bay, using a single lightweight agent and an easy-to-use console.

2020. Bridgecrew raises $14M to automate cloud security

Bridgecrew, an early-stage startup that makes automated cloud security tooling aimed at engineers, announced a $14 million Series A. Bridgecrew was launched because its creators saw the huge bottleneck in security engineering, in DevSecOps. They found that a lot issues involved misconfigurations, and while there were security solutions out there to help, they were expensive, and they weren’t geared towards the engineers who were typically being charged with fixing the security issues. The company decided to solve that problem by coming up with a solution geared specifically for the way engineers think and operate. They do that by codifying the problem. When they encounter a new problem, they build a playbook and then that becomes part of the product.

2020. Palo Alto Networks to acquire CloudGenix for $420M

Palo Alto Networks has acquired CloudGenix for $420 million. CloudGenix delivers a software-defined wide area network (SD-WAN) that helps customers stay secure by setting policies to enforce compliance with company security protocols across distributed locations. This is especially useful for companies with a lot of branch offices or a generally distributed workforce, something just about everyone is dealing with at the moment as we find millions suddenly working from home.