Top 10 Cloud Security Software
December 09, 2023 | Editor: Michael Stromann
Cloud Security Software protects entire enterprise network, including LAN, remote/home workers, private and public cloud environments. It may include such services as cloud firewall, identity management, data loss protection (DLP), user behavior analytics (UEBA), secure access to cloud apps (SASE, CASB), software-defined Wide Area Network (SD-WAN).
Cisco Umbrella offers flexible cloud-delivered security when and how you need it. It combines multiple security functions into one solution, so you can enrich your incident response data and easily extend protection to devices and locations anywhere.
Zscaler is working to make the internet safe for business. Go beyond basic internet security with our 100% cloud solution. Zero hardware and zero backhauling.
Complete security for all cloud applications. Use leading machine learning and UEBA capabilities to establish behavioral fingerprints for advanced risk calculation.
Netskope is the leader in cloud based security services. Our cloud security brokers empower your business by providing complete visibility & protection. Netskope automatically discovers and gives you analytics and policy enforcement in real-time and across any app, whether you manage it or not. That’s how cloud security solutions should work.
High-performance, integrated security solutions for global organizations and providers of all sizes.
Palo Alto Networks Prisma is securing the cloud from the inside out by providing the most comprehensive cloud security in the industry. With Prisma, organizations can protect their users, applications and data, regardless of where they’re located.
Symantec Enterprise Cloud delivers data-centric hybrid security for the largest, most complex organizations in the world – on devices, in private data centers, and in the cloud.
Defend SMBs, enterprises and governments from advanced cyber attacks with SonicWall's award-winning firewalls and cyber security solutions.
Skyhigh enables the entire Cloud Adoption Lifecycle, providing unparalleled visibility, usage analytics, and policy enforcement. Gain complete visibility into all cloud services in use and an objective risk assessment across data, business, and legal risk. Identify security breaches and insider threats, analyze usage patterns to understand demand for cloud services, and consolidate subscriptions. Seamlessly enforce security policies including encryption, data loss prevention, and coarse and granular access control
Protect multicloud and hybrid environments with comprehensive security across the full lifecycle, from development to runtime, with Microsoft Defender for Cloud.
iboss Zero Trust SSE reduces risk by allowing only trusted users to securely and directly connect to protected resources from anywhere
Lookout Cloud Security Platform is the only cloud-native solution that delivers zero trust security by reducing risk, and protecting your corporate data on any device, any app, any location.
From code to cloud, Check Point CloudGuard offers unified cloud native security across your applications, workloads, and network-giving you the confidence to automate security, prevent threats, and manage posture-at cloud speed and scale.
Cloud-based cybersecurity platform for every part of your company. We protect email, data, cloud apps, devices, and even users.
Latest news about Cloud Security Software
2023. Palo Alto Networks buys Dig Security for $400M
Palo Alto Networks has announced its acquisition of Dig, an Israeli startup specializing in data security posture management (DSPM). Dig's expertise lies in helping organizations comprehend the whereabouts of their assets across various cloud environments, aiding security teams in understanding data movement and identifying areas that require enhanced security measures in the event of a breach. Following the acquisition, Dig's tools will be integrated into Palo Alto Prisma, which is dedicated to cloud security. This integration aims to empower customers by providing effective management of security for their diverse data repositories in contemporary cloud applications, thereby minimizing the risk of data breaches.
2023. Sweet Security raises $12M for its cloud security suite
Tel Aviv-based cloud security startup, Sweet Security, has successfully secured $12 million in a seed funding round. Sweet Security specializes in furnishing enterprises with an up-to-the-minute security suite designed for cloud environments. This suite is intended to assist security teams in swiftly thwarting attacks on cloud workloads. Central to Sweet Security's solution is the utilization of eBPF technology, which facilitates the execution of isolated programs within the Linux kernel. Through this approach, these programs can gather metrics related to network traffic and resource utilization without imposing significant overhead. The significant overhead associated with traditional solutions has led numerous companies to forego implementing existing cloud security measures. By leveraging eBPF and other innovative technologies, Sweet Security aims to maintain minimal resource consumption while simultaneously offering real-time insights into a company's vulnerability landscape.
2023. IBM acquires Polar Security for $60M to automate cloud data management
IBM has completed the acquisition of Polar Security, an Israeli startup that has developed a platform specializing in "data security posture management." Polar's technology offers an agentless approach to auditing and monitoring the flow of cloud data across cloud applications and within a company's network. As the adoption of cloud services continues to grow, the complexity of managing data has increased significantly. This includes the challenges of identifying and tracking data storage locations, monitoring data usage, managing access permissions, adapting to new services, and ensuring compliance with varying regulations across different countries. Polar is just one among several startups that are working on tools to tackle these challenges. Other notable companies in this space include Laminar, CrowdStrike, Check Point, Zscaler, and more.
2023. Google brings generative AI to cybersecurity
Google has introduced Cloud Security AI Workbench, a suite of cybersecurity tools that uses a specialized AI language model called Sec-PaLM. This model is derived from Google's PaLM model but has been optimized for security purposes by incorporating security intelligence, such as research on software vulnerabilities, malware, threat indicators, and behavioral threat actor profiles. The Cloud Security AI Workbench offers various AI-powered tools, including Mandiant's Threat Intelligence AI, which uses Sec-PaLM to identify, summarize, and respond to security threats. VirusTotal, another Google property, will also utilize Sec-PaLM to help subscribers analyze and explain the behavior of malicious scripts. Additionally, Sec-PaLM will aid customers of Chronicle, Google's cloud cybersecurity service, in searching security events and engaging in "conservative" interactions with the results.
2023. Coro raises $75M to grow its all-in-one cybersecurity platform
Coro, a startup which provides a one-stop shop AI-based cybersecurity platform has raised $75 million. The primary objective of Coro is to offer a comprehensive cloud-based SaaS solution that caters to all the cybersecurity software requirements of businesses. The key areas of focus include device monitoring, overseeing user activities, email, networks, data, and applications, as well as addressing any malicious activity detected. Coro's intended audience is mid-sized businesses that typically face a challenge in selecting software products due to their intermediate size. These businesses are often too large to benefit from SMB products but lack the necessary infrastructure and financial resources to adopt enterprise-level products.
2023. Push Security raises $15M to help SaaS users lower their online vulnerability
Push Security, a startup that enables employee's cloud security not by blocking online activity and app usage, but by monitoring when users are making iffy choices with web-based apps and showing how to fix them, has raised $15M. Push utilizes various methods to ensure secure app usage. Firstly, it observes how employees interact with apps and sends automated suggestions to them when it detects they are using them in insecure ways, such as selecting weak passwords. Secondly, it sends notifications to IT and security teams, providing them with a summary of the app activity to keep them informed. Lastly, it adds the app to a dashboard for the teams to monitor and alerts them when the app poses a threat due to its own security vulnerabilities, and blocks those that are considered to be particularly risky.
2023. Cloud security vendor Mitiga lands $45M
Mitiga, a cloud security firm specializing in subscription-based services for cloud and software-as-a-service (SaaS) attack preparedness, has successfully secured $45 million in Series A funding. Mitiga employs a cutting-edge approach to cloud incident response, utilizing cloud forensics data analysis for investigations. It effectively stores forensics data from diverse cloud platforms and SaaS applications. By leveraging a comprehensive library of cloud attack scenarios, Mitiga proactively searches for potential attacks within the forensics data, while simultaneously managing and coordinating real-time responses. While Mitiga stands out in the industry, several other competing vendors, including Wiz, Sentra, Dig Security, Laminar, and Opus Security, have also recently secured funding to offer cloud asset security services.
2023. Cloud security startup Wiz raises $300M
Wiz, recognized as the world's largest cybersecurity unicorn, has successfully raised $300 million in a Series D funding round. Wiz operates as a cloud security platform, similar to other platforms in the field, by assessing risk factors associated with infrastructure hosted on public cloud services like AWS, Azure, and Google Cloud. The primary goal is to prevent hackers from compromising assets and accessing sensitive customer data. Wiz utilizes a security graph that interconnects various data points across critical areas requiring protection, including network, identity, secrets, and workloads. Setting itself apart from the traditional agent-based security model, Wiz adopts an agentless, API-centered approach, enabling seamless scanning of cloud workloads. This approach delivers a more efficient and prompt solution for identifying and resolving security issues. The Wiz security graph lies at the heart of the product, replacing contextless alerts and significantly enhancing the effectiveness of discovering security vulnerabilities and concerns compared to alternative solutions.
2023. Cisco to acquire Multicloud Security startup Valtix
Configuring security measures across various cloud infrastructure vendors can pose challenges for organizations, especially when they rely on multiple vendors. Cisco recently announced its plans to acquire Valtix, a startup that specializes in assisting companies in securing their environments across multiple clouds. Cisco's previous investment in Valtix indicates its thorough evaluation of both the product and the company's personnel. Since 2020, Cisco has been a strategic investor in Valtix, aligning with the company's mission to simplify network security and protect workloads, regardless of the cloud environment in which they are created or utilized.
2023. CyberSmart raises $15M for an all-in-one cybersecurity and insurance solution for SMBs
CyberSmart, a startup based in the U.K., has successfully concluded a Series B funding round, raising $15.4 million. The company offers an all-in-one platform that combines cybersecurity technology with cyber insurance coverage for small and medium businesses. CyberSmart's flagship product, Active Protect, serves as a foundational security tool that can be easily installed and utilized without requiring IT experts for integration or management. As the number of cyber threats targeting SMBs continues to rise, startups like CyberSmart, Cowbell, Guardz, ActZero, and others have emerged, offering a range of solutions that combine security and insurance or focus on specific types of security incidents such as ransomware. By integrating cybersecurity and insurance offerings, these companies aim to address the growing need for comprehensive protection in the SMB sector.
2022. Microsoft launches new security services aimed at protecting code in the cloud
Microsoft has recently introduced two new additions to its Defender for Cloud service, namely, Defender Cloud Security Posture Management (CSPM) and Defender for DevOps. These offerings are designed to address the challenges of managing software development and ensuring runtime security in complex multicloud and multi-pipeline environments. Currently, these offerings are available for public preview and are compatible with GitHub and Azure DevOps. Further integrations with additional products are expected in the future. Defender CSPM utilizes advanced AI algorithms to conduct comprehensive risk assessments of software development environments. The resulting insights and recommendations are seamlessly integrated into source code management platforms such as GitHub and Azure DevOps, enabling effective remediation actions. Alternatively, users can create automated workflows connected to security recommendations to trigger automated remediation processes.
2022. Coro secures $60M for an all-in, SaaS-based cyber protection platform aimed at SMBs
Coro, a startup focused on developing a comprehensive cybersecurity platform targeting mid-market companies, has secured $60 million in funding. The company intends to use this investment to further address the specific needs of this market segment. Coro's all-in-one platform offers functionalities for monitoring devices, users, email, networks, data, and apps, while also providing remediation for any detected malicious activity. With a pricing of $7 per user per month, Coro claims to automate and handle up to 95% of the security workload typically encountered in a business setting.
2022. Virtual CISO startup Cynomi raises $3.5M to help SMBs automate cybersecurity
Cynomi, an Israeli cybersecurity startup, has secured $3.5 million in seed funding for its innovative virtual CISO platform tailored to small and medium-sized businesses (SMBs) and service providers. Typically, virtual CISO (vCISO) services involve engaging outsourced or on-demand security professionals who function remotely as part-time contractors, offering cybersecurity expertise and guidance to organizations. Cynomi takes a unique approach by eliminating the human element and leveraging artificial intelligence (AI) technology to emulate a human CISO, thereby automating previously manual operations. With this platform, Cynomi revolutionizes the cybersecurity landscape, providing SMBs and service providers with AI-powered assistance and guidance for enhanced security measures.
2021. Cequence adds $60M Series C to improve API security
Cequence Security, a company that recently concluded a $17 million Series B funding round, initially focused on safeguarding business logic. While it continues to address that aspect, Cequence has now redirected its attention to API security, resulting in the announcement of a $60 million Series C funding round. The startup observed an increasing number of vulnerabilities arising from APIs among its customers, prompting them to pivot the Cequence analytics engine towards identifying and addressing such vulnerabilities. By examining approximately 150 data points, Cequence assesses whether the detected activity raises concerns.
2021. Public cloud security startup Laminar emerges from stealth with $37M
Laminar, an emerging platform that offers comprehensive data observability for the entire public cloud, has emerged from stealth mode with an impressive $37 million in funding. Several technology companies have recognized the shortcomings of cloud services in terms of cybersecurity, leading to various approaches to address this issue. Within the domain of public cloud services, there are other providers offering solutions, including Netskope (valued at $7.5 billion earlier this year, highlighting the business opportunity in this space), Microsoft (which recently strengthened its cloud-based cybersecurity portfolio through the acquisition of CloudKnox), vArmour (approaching an IPO), and numerous others. Laminar firmly believes that it has developed technology that is faster, easier to use, and more aligned with the inherent nature of cloud services. Its platform is designed to cater to the reality that applications and services are built and operated across multiple public clouds (with a primary focus on Azure, Google Cloud, and AWS, according to Avraham, the company's spokesperson).
2021. Forcepoint to acquire cloud security startup Bitglass
Forcepoint is to acquire Bitglass, a cloud security startup. This acquisition is expected to boost the efforts of the platform security vendor in making advanced data security and threat protection technologies more accessible and user-friendly for organizations. Bitglass, founded in 2013, has developed the Security Service Edge platform, which combines various technologies to secure access to and usage of sensitive data and intellectual property in web and cloud traffic, as well as private data center applications. Forcepoint acknowledged the inclusion of Cloud Access Security Broker, Secure Web Gateway, Zero Trust Network Access, Cloud Security Posture Management products, and Data Loss Prevention capabilities in this platform. Before the acquisition, Bitglass was one of the few Cloud Access Security Broker vendors that had not been acquired yet, alongside Netskope. Notably, Bitglass and Netskope had engaged in legal battles over allegations of patent infringement and theft of confidential information during the past year.
2021. Monad emerges from stealth with $17M to solve the cybersecurity big data problem
Cloud security startup Monad has emerged from stealth mode, announcing its Series A funding round of $17 million. The company provides a platform designed to extract and integrate data from diverse security tools. Monad recognizes the growing data management challenge in enterprise cybersecurity, as organizations grapple with the abundance of information stored in disparate logs and databases. By extracting data from these security tools, Monad's Security Data Platform allows organizations to centralize and enhance the data within their preferred data warehouse. Through normalization and enrichment processes, security teams gain valuable insights to effectively secure their systems and data.
2021. Microsoft is buying cybersecurity startup RiskIQ
Microsoft has announced its acquisition of RiskIQ, a cybersecurity company based in San Francisco, for a reported $500 million. RiskIQ specializes in providing organizations with threat intelligence and cloud-based software-as-a-service solutions. The company extensively analyzes the web, gathering information about websites, networks, domain name records, certificates, and WHOIS registration data. By offering customers visibility into assets, devices, and services beyond their firewall, RiskIQ enables organizations to secure their assets and reduce their vulnerability to malicious actors. Notably, RiskIQ's data played a significant role in the discovery and understanding of Magecart, a collective term for groups that inject credit card-stealing malware into vulnerable websites.
2021. Cloud security platform Netskope raises $300M
Netskope, a company specializing in Secure Access Service Edge (SASE) architecture, has recently announced a significant investment round amounting to $300 million. Netskope adopts a data-centric approach to cloud security, prioritizing the protection of data and users across all platforms. With the Netskope Security Cloud, users benefit from unparalleled visibility and real-time data and threat protection while accessing cloud services, websites, and private applications from any location and device. Netskope stands out by leveraging its extensive knowledge of the cloud and employing data-centric security measures through one of the world's largest and fastest security networks. The company has successfully completed a three-year endeavor to construct a vast cloud network that ensures a mere 15-millisecond distance to users worldwide.
2021. Mitiga raises $25M to help organizations respond to cyberattacks
Israeli cloud security startup Mitiga has secured $25 million in funding through a Series A round. Mitiga, in contrast to other players in the cybersecurity industry, does not aim to prevent cyberattacks, as the startup believes they are bound to happen regardless of the level of protection in place. Instead, its focus is on assisting organizations in handling their incident response, especially during the shift towards hybrid and multicloud environments.
2021. Uptycs secures $50M to expand its security platform
Uptycs, a startup specializing in leveraging data to comprehend and prevent security attacks, has announced the completion of a $50 million Series C funding round. The company's recent success can be attributed in part to increased customer interest generated by the pandemic-induced shift to remote work, the SolarWinds hack incident, and accelerated cloud adoption by organizations. However, Uptycs has not been idle in terms of platform development. It has expanded its vision to encompass all four key aspects of security: proactivity, reactivity, predictiveness, and protectiveness. This broadened approach aims to provide comprehensive security solutions to address diverse security challenges effectively.
2021. AppOmni raises $40M for tools to secure enterprise SaaS apps
Securing $40 million in a Series B funding round, AppOmni is a startup that has developed a platform designed to monitor SaaS apps and their activities. The platform offers proactive guidance, issuing warnings or blocking potential issues, and resolving problems as they arise. Currently, AppOmni integrates with over 100 connectors and platforms utilized by developers and IT teams in managing their business applications, including popular tools such as Splunk and Sumo Logic. This enables AppOmni to aggregate and standardize event data from these apps. Additionally, it provides deeper monitoring capabilities by integrating directly with certain applications themselves, with existing integrations including widely used enterprise apps like Salesforce, Slack, Zoom, Microsoft 365, Box, and GitHub.
2021. Grip Security raises $6M to improve SaaS security
Securing a $6 million seed round, Grip Security offers enterprises comprehensive visibility into their SaaS portfolios with enforceable endpoint-centric access controls and innovative data governance capabilities that function across devices and locations. While many popular cloud access security brokers (CASBs) emerged approximately a decade ago and were subsequently acquired by major players like Microsoft, Cisco, and Proofpoint, Grip Security emphasizes that today's challenges in SaaS protection are fundamentally different. The unique proposition of Grip Security lies in its ability to provide enterprises with immediate insights into the applications utilized by their employees, although the intricate details of their methodology remain undisclosed. Nevertheless, Grip Security assures that its solution is non-intrusive, ensuring seamless implementation and operation.
2021. Lookout acquires CipherCloud to deliver security from endpoint to cloud
Lookout, a cybersecurity company, has completed the acquisition of CipherCloud, a prominent cloud-native security company specializing in the emerging Secure Access Service Edge (SASE) market. By integrating Lookout's Mobile Endpoint Security with CipherCloud's SASE technologies, Lookout now possesses a distinctive capability to offer the industry's first end-to-end platform, securing an organization's entire data path from endpoints to the cloud. CipherCloud's solutions cover various developing SASE categories, such as Cloud Access Security Broker (CASB), Zero-Trust Network Access (ZTNA), Secure Web Gateway (SWG), and Data Loss Prevention (DLP). These combined solutions provide comprehensive visibility, data security, threat protection, and compliance for cloud-based applications. Notably, numerous major global enterprises and government institutions rely on CipherCloud to safeguard and protect their cloud information.
2021. Xage introduces Zero Trust remote access cloud solution for hard-to-secure environments
Xage, a security startup specializing in safeguarding critical and challenging operational environments, has unveiled a Zero Trust remote access cloud solution. This innovative approach involves granting access on a device-by-device and person-by-person basis, ensuring authentication and verification of identities. It eliminates the reliance on device or VPN passwords, taking security measures a step further with a secure traversal tunnel. This tunnel employs a tamper-proof certificate to prevent unauthorized access from the operations side (such as utility grids, water supplies, or oil and gas pipelines) to the IT side, thus mitigating potential risks to operational technology.
2021. Google’s BeyondCorp Enterprise security platform is now generally available
Google has made an announcement stating that BeyondCorp Enterprise, their zero trust security platform, is now available to the general public. BeyondCorp Enterprise is designed based on Google's own secure network practices, eliminating the need for a VPN. It expands on Google's existing BeyondCorp Remote Access offering by incorporating enterprise-specific features. Google describes this platform as a "zero trust solution" that ensures secure access while integrating threat and data protection. With BeyondCorp Enterprise, businesses gain a comprehensive zero trust solution that encompasses various aspects such as DDoS protection, authentication resistant to phishing attacks, enhanced security features in the Chrome browser, and continuous authorization features that safeguard all user-resource interactions protected by BeyondCorp.
2021. Cloud security startup Lacework has raised $525M
Lacework, a cloud security startup that offers a solution built on the Snowflake platform, has raised $525 million in its Series D funding round, bringing its total funding to over $1 billion. The company reported a remarkable 300% year-over-year revenue growth for the second consecutive year. Investors and customers have shown significant interest due to the comprehensive nature of Lacework's security solution. It enables companies to securely build in the cloud and covers multiple market categories to meet diverse customer needs. This includes services such as configuration and compliance, infrastructure-as-code security, vulnerability scanning during build time and runtime, as well as runtime security for cloud-native environments like Kubernetes and containers.
2020. Orca Security raises $55M for its cloud-native security platform
Israeli cloud security firm, Orca Security, has successfully raised $55 million in Series B funding. Orca distinguishes itself not only through its focus on cloud-native technologies but also its innovative SideScanning technology. This unique approach allows Orca to map a company's cloud environment and reconstruct its file system by analyzing the interactions between workloads and the block storage services they utilize. Leveraging this information, combined with the cloud metadata it gathers, Orca can comprehensively scan and map an organization's entire data estate and cloud assets, effectively identifying potential security vulnerabilities. Furthermore, this system enables Orca to automatically detect new hosts in the cloud, eliminating the need for manual maintenance of this aspect of the system.
2020. Palo Alto Networks to acquire AI cybersecurity firm Expanse for $800M
Palo Alto Networks has completed the acquisition of Expanse for a total of $800 million. Expanse offers a valuable service that assists companies in comprehending and safeguarding their attack surface, identifying potential vulnerabilities to attacks. By providing the security team with insights into how the company's security profile might appear to an attacker attempting unauthorized access, Expanse enhances overall defense. The strategic integration plan involves incorporating Expanse into Palo Alto's Cortex Suite, a collection of AI-driven tools specifically designed for automated attack detection and prevention. Leveraging Expanse's extensive data resources, Palo Alto aims to further enhance its AI models, ultimately strengthening its overall security capabilities.
2020. Axis Security raises $32M to help companies stay secure while working from home
Axis Security, a provider of a secure Access-as-a-Service platform, has recently announced a $32 million Series B investment. Initially, Axis Security's focus was on assisting customers in securely enabling remote access for contractors and third parties to their systems. However, with the onset of the pandemic, they recognized an additional use case that aligned with their roadmap: enhancing system security while employees work from home. The company's product leverages the concept of Zero Trust, which operates on the assumption that no one on the system can be trusted, and builds security measures from that starting point. Using a rules-based engine, customers can create a secure environment tailored to individual roles within their organization.