Best Cloud Security Software for Amazon Web Services (AWS) - Page 2
View:
Compare the Top Cloud Security Software that integrates with Amazon Web Services (AWS) as of December 2025 - Page 2
Sort By:
This a list of Cloud Security software that integrates with Amazon Web Services (AWS). Use the filters on the left to add additional filters for products that have integrations with Amazon Web Services (AWS). View the products that work with Amazon Web Services (AWS) in the table below.
-
1
Daito
Daito
Daito is a web-based 2FA authenticator for small teams and big companies alike. Securely share access, no phone is needed. Daito does only one thing, manage TOTP 2FA tokens for you and thus offers a fully isolated system, separate from your password manager. Keep your 2FA token management separate from your password management and prevent worst-case scenarios. What do you do when you store usernames, passwords, 2FA seeds, and 2FA tokens in your password manager and this password manager gets breached? The authenticator is web-first and web-only. Access and manage your company's 2FA tokens from any browser and OS. Save money and the accompanying hassle of managing company phones. No more worrying about lost, malfunctioning, or missing devices. Give IT teams and admins full control, and limit regular users. Prevent 2FA seed leakage by limiting access only to generated 2FA tokens, not the underlying seed codes.Starting Price: $19 per month -
2
NirvaShare
Nirvato Software
At times, when external identities such as customers, partners, etc who are not part of your organization's identity store do bring up a challenge in sharing and collaborating files securely. This is where NirvaShare can take care of dealing with access, security and compliance while sharing cloud storage files with external users. Besides cloud platform deployments, NirvaShare can also be deployable to your on-premise environment pointing to your existing S3 compatible or other supported file storage systems making it easy to share files with internal and external users. While sharing file or folders, set access rights to your users such as who can download, upload, delete, etc. Easily associate groups and users from your ActiveDirectory or from any other identity providers. NirvaShare is designed to handle large files with size ranging in several tens of gigabytes for upload and download with unbelievably minimal resource consumption.Starting Price: $4 per user per month -
3
Cloudanix
Cloudanix
Cloudanix provides CSPM, CIEM, CWPP, and CNAPP capabilities across all major cloud providers in a single dashboard. Our risk scoring helps prioritize security threats to minimize alert fatigue from your DevOps and InfoSec teams. Our adaptive notifications ensure that the right alert reaches the right team member. 1-click JIRA integration, inbuilt review workflows, and other collaborative features increase team productivity by large. Cloudanix provides a library of automated remediation options to reduce the amount of time required to fix a problem. The solution is agentless and onboards in five minutes. Our pricing is resource based which means there are no minimums and you can bring all your different AWS accounts under our single Dashboard. We are backed by YCombinator and some amazing investors who have built and run infrastructure and security companies in the past. There is no minimum to start using Cloudanix to secure your cloud infrastructureStarting Price: $99/month -
4
Stream Security
Stream Security
Stay ahead of exposure risks & threat actors with real-time detection of config change impacts and automated threat investigations fused to posture and all activities. Track all changes, and detect critical exposure and toxic combinations before attackers do. Leverage AI to effectively address and fix issues using your preferred methods. Utilize any of your preferred SOAR tools to respond in real time or use our suggested code snippets. Harden and prevent external exposure & lateral movement risks, focus on risks that are truly exploitable. Detect toxic combinations of posture and vulnerabilities. Detect gaps from segmentation intent and implement zero-trust. Answer any cloud-related question fast with context. Maintain compliance, and prevent deviation from taking hold. We integrate with your existing investment. We can share more about our security policies and work with your security teams to deliver any specific requirements for your organization.Starting Price: $8,000 per year -
5
Amazon Security Lake
Amazon
Amazon Security Lake automatically centralizes security data from AWS environments, SaaS providers, on-premises, and cloud sources into a purpose-built data lake stored in your account. With Security Lake, you can get a more complete understanding of your security data across your entire organization. You can also improve the protection of your workloads, applications, and data. Security Lake has adopted the Open Cybersecurity Schema Framework (OCSF), an open standard. With OCSF support, the service normalizes and combines security data from AWS and a broad range of enterprise security data sources. Use your preferred analytics tools to analyze your security data while retaining complete control and ownership over that data. Centralize data visibility from cloud and on-premises sources across your accounts and AWS Regions. Streamline your data management at scale by normalizing your security data to an open standard.Starting Price: $0.75 per GB per month -
6
TotalCloud
Qualys
Build your cloud management journey by combining TotalCloud’s building blocks in any way you desire, with no-code automation. Do away with the need to script, without losing out on the flexibility of coding. Create, deploy and execute any solution with agility, saving 90% engineering effort. TotalCloud’s powerful workflow engine caters to small and large, complex infrastructures all the same. Gain full visibility into every account & region simultaneously though a single dashboard. Clone solutions or actions across every account through a single-click so you can scale effortlessly. Leverage the benefits of flexible triggers, filters, approvals and actions to achieve any use case. Achieve use cases across clouds with cloud-agnostic solutions & workflows. We’ve built several solutions so you don’t have to start from scratch, and we’re building more every day. -
7
Praetorian Chariot
Praetorian
Chariot is the first all-in-one offensive security platform that comprehensively catalogs Internet-facing assets, contextualizes their value, identifies and validates real compromise paths, tests your detection response program, and generates policy-as-code rules to prevent future exposures from occurring. As a concierge managed service, we operate as an extension of your team to reduce the burden of day-to-day blocking and tackling. Dedicated offensive security experts are assigned to your account to assist you through the full attack lifecycle. We remove the noise by verifying the accuracy and importance of every risk before ever submitting a ticket to your team. Part of our core value is only signaling when it matters and guaranteeing zero false positives. Gain the upper-hand over attackers by partnering Praetorian. We put you back on the offensive by combining security expertise with technology automation to continuously focus and improve your defensive. -
8
Cloudnosys
Cloudnosys
Cloudnosys is an AI-powered cloud security, compliance, and automation platform for AWS, Azure, and GCP. It enables organizations to secure their multi-cloud environments through continuous monitoring, intelligent threat detection, and automated remediation of security and compliance risks. The platform scans cloud infrastructure across services such as IAM, VPC, S3, CloudTrail, and GCP-native components to detect misconfigurations, vulnerabilities, and policy violations in real time. Cloudnosys supports key regulatory and industry frameworks including PCI-DSS, HIPAA, FISMA, and AWS CIS Benchmarks, helping organizations meet compliance requirements quickly and efficiently. Cloudnosys is regionally compliant and supports regulatory mandates across the United States, European Union, MENA region, Brazil, and other jurisdictions, making it suitable for organizations operating in multiple geographies with varying data governance and compliance needs. -
9
Cynet empowers MSPs and MSSPs with a comprehensive, fully managed cybersecurity platform that consolidates essential security functions into a single, easy-to-use solution. Cynet simplifies cybersecurity management, reduces operational overhead, and lowers costs by eliminating the need for multiple vendors and complex integrations. The platform provides multi-layered breach protection, offering robust security for endpoints, networks, and SaaS/Cloud environments. Cynet’s advanced automation streamlines incident response, ensuring rapid detection, prevention, and resolution of threats. Additionally, the platform is backed by Cynet’s 24/7 Security Operations Center (SOC), where the expert CyOps team delivers around-the-clock monitoring and support to safeguard all client environments. By partnering with Cynet, You can offer your clients advanced, proactive cybersecurity services while optimizing efficiency. Discover how Cynet can transform your security offerings today.
-
10
Tenable Cloud Security
Tenable
The actionable cloud security platform. Reduce risk by rapidly exposing and closing priority security gaps caused by misconfigurations, risky entitlements and vulnerabilities–in one powerful cloud native application protection platform (CNAPP). CNAPP solutions replace a patchwork of siloed products that often cause more problems than they solve, such as multiple false positives and excessive alerts. Those products usually provide only partial coverage and often create overhead and friction with the products they’re supposed to work with. Most importantly, CNAPPs allow businesses to monitor the health of cloud native applications as a whole rather than individually monitoring cloud infrastructure and application security. -
11
Sophos Cloud Optix
Sophos
Asset and network traffic visibility for AWS, Azure, and Google Cloud. Risk-based prioritization of security issues with guided remediation. Optimize spend for multiple cloud services on a single screen. Get automatic identification and risk-profiling of security and compliance risks, with contextual alerts grouping affected resources, detailed remediation steps, and guided response. Track cloud services side by side on a single screen for improved visibility, receive independent recommendations to reduce spend, and identify indicators of compromise. Automate compliance assessments, save weeks of effort mapping Control IDs from overarching compliance tools to Cloud Optix, and produce audit-ready reports instantly. Seamlessly integrate security and compliance checks at any stage of the development pipeline to detect misconfigurations and embedded secrets, passwords, and keys. -
12
Valtix Security Service
Valtix
Never maintain security infrastructure again. Valtix protects your applications and services with the first multi-cloud Network Security Platform delivered as a Service. Network security that adapts to your apps – means enterprises can move faster. No infrastructure for you to maintain – eliminate cost of netsec infrastructure maintenance. Cloud consumption model – only pay for what netsec is used, and account for it accordingly. Valtix continuously discovers enterprise cloud applications, infrastructures, and security groups across clouds and accounts. Valtix distributed deep packet inspection data planes are automatically provisioned and the requisite networking changes are made in each enterprise account in minutes to prevent attacks and enforce security. Valtix replaces appliance-based network security with an agentless, cloud-native approach. -
13
Cyral
Cyral
Granular visibility and policy enforcement across all your data endpoints. Designed to support your infrastructure-as-code workflows and orchestration. Dynamically scales to your workloads, with sub millisecond latency. Easily clicks with all your tools with no changes to your applications. Enhance cloud security with granular data access policies. Extend Zero Trust to the data cloud. Protect your organization from data breaches. Increase trust with your customers and provide assurance. Cyral is built to handle the unique performance, deployment and availability challenges of the data cloud. With Cyral you see the full picture. Cyral’s data cloud sidecar is a featherweight and stateless interception service that enables real time observability into all data cloud activity, and granular access controls. Highly performant and scalable interception. Prevention of threats and malicious access to your data that would go otherwise undetected.Starting Price: $50 per month -
14
NVADR
RedHunt Labs
Discover, track and secure your exposed assets. You provide us the seed information, such as your company domain(s). Using 'NVADR', we discover your perimeter attack surface and monitor for sensitive data leakage. A comprehensive vulnerability assessment is performed on the discovered assets and security issues with an actual impact are identified. Continuously monitor the Internet for code / secret information leakage notify you as any such information about your organization is leaked. A detailed report is provided with analytics, stats and visualizations for your organization's Attack Surface. Comprehensively discover your Internet Facing Assets using our Asset Discover Platform, NVADR. Identify verified and correlated shadow IT hosts along with their detailed profile. Easily track your assets in a Centrally Managed Inventory complimented with auto-tagging and Assets classification. Get notification of newly discovered assets as well as attack vectors affecting your assets. -
15
Solvo
Solvo
Solvo creates a unique security configuration based on each environment. Solvo enforces the least-privilege configuration that was created for you. Solvo enables you to view and control your infrastructure inventory, security posture and risks. Migrating your workloads from an on-prem data center to the cloud? Building a cloud-native application? We know that the security part can be tedious. But don’t let it prevent you from doing it right. Historically, cloud infrastructure misconfigurations have been detected in the production environment. That means that from the moment your detection system discovers the misconfiguration, you are racing against time to mitigate damage and remediate the issue. At Solvo, we believe that cloud security issues should be detected and remediated as early as possible. We’re bringing shift-left to cloud security.Starting Price: $99 per month -
16
Trend Micro PortalProtect
Trend Micro
Many organizations use Microsoft SharePoint to connect with employees, partners, and customers for real-time collaboration. SharePoint capabilities enable businesses to move beyond simple content repositories, helping employees build team sites, create intranet and extranet portals, utilize wikis and blogs, and create social communities. These dynamic collaboration environments help improve your productivity, but they also increase your security risks, especially when opened to external parties. Trend Micro PortalProtect secures your collaborations with a dedicated layer of protection that guards against malware, malicious links, and other threats that SharePoint administrators are often unaware of. Its web reputation technology blocks malicious links from entering your web portals, while its powerful content filtering scans both files and web components of SharePoint. -
17
DisruptOps
FireMon
DisruptOps is a cloud security operations platform that monitors, alerts and responds to security risk in real-time across your public cloud infrastructure. DisruptOps breaks down barriers between development, security & operations teams, enabling everyone to become an active defender of your cloud infrastructure, working from your existing tools. DisruptOps delivers critical issues directly to the right responders inside the tools you already use, like Slack, Teams & Jira, enabling everyone to be an active defender, even when it’s not their full-time job. DisruptOps brings security operations into your DevOps workflow, empowering your teams to find & fix issues before they become incidents. Immediate visibility into your risks and threats, critical issues routed to the right responders, security context and expert guidance to remediate issues. Insights to plan & track your risk reduction and playbooks with pre-built response actions that save time. -
18
DuploCloud
DuploCloud
No-code/low-code infrastructure automation for cloud security and compliance done right the first time. Use DuploCloud. Automated provisioning and orchestration across the network, compute, storage, containers, cloud-native services, continuous compliance and developer guardrails, with 24/7 support. DuploCloud accelerates time to compliance by natively integrating security controls into SecOps workflows the first time, including, monitoring and alerting for PCI-DSS, HIPAA, SOC 2 and GDPR. Easily migrate on-premises to cloud or cloud to cloud with seamless automation and unique data migration techniques to minimize downtime. DuploCloud’s no-code/low-code software platform is your DevSecOps expert, speeding time-to-market by translating high-level application specifications into detailed and fully managed cloud configurations. With pre-programmed knowledge of over 500 cloud services, the platform automatically creates and provisions all the necessary infrastructure-as-code for you app.Starting Price: $2,000 per month -
19
oak9
oak9
Visualize your IaC architecture and fix security design gaps before deployment. oak9 easily identifies security design gaps by reading Infrastructure as Code (e.g., Terraform) to understand what should be, then monitors for drift and offers actionable advice to quickly remediate. Build security into your application and avoid costly design gaps. Automatically catch and fix design gaps before deployment. Continuously and dynamically monitor infrastructure as code. oak9 lets you tailor security standards to your needs and intelligently learns the more you build, so you aren’t slowed by hundreds of false positives or non-relevant exceptions. You can focus on the functional capabilities of your application while oak9 assesses every change to your application architecture against your customized security blueprint to notify you in real-time of any risks. Seamlessly integrate into your CI/CD pipeline with real-time notifications and integrations with all the tools you already use. -
20
CyberArk Secure Cloud Access
CyberArk
CyberArk Secure Cloud Access protects cloud identities by managing access securely across multi-cloud environments without compromising user experience. It centralizes control with granular access policies and just-in-time privilege granting, helping reduce risk while maintaining productivity. Designed to integrate seamlessly with existing workflows, it ensures secure and efficient cloud access for developers, engineers, and administrators. -
21
CloudMatos
CloudMatos
MatosSphere brings a complete cloud compliance solution for your cloud infrastructure. Our cloud compliance solution provides you with the tools you need to secure your cloud environment and meet compliances. With our self-healing, self-secure and intelligent remediation, MatosSphere is the only cloud compliance and security platform you need to keep your cloud infrastructure safe and compliant. Contact us today to learn more about our cloud security and compliance solutions. Cloud security and compliance governance can be major challenges for customers with growing cloud adoption. As more companies migrate their workloads to public cloud environments, they may find it difficult to provision, manage and maintain secured, compliant and scalable infrastructure. The cloud resource footprint can evolve and increase quickly, making it difficult to have a business continuity plan in place.Starting Price: $500 per month -
22
Enigma Vault
Enigma Vault
Enigma Vault is your PCI level 1 compliant and ISO 27001 certified payment card, data, and file easy button for tokenization and encryption. Encrypting and tokenizing data at the field level is a daunting task. Enigma Vault takes care of all of the heavy liftings for you. Turn your lengthy and costly PCI audit into a simple SAQ. By storing tokens instead of sensitive card data, you greatly mitigate your security risk and PCI scope. Using modern methods and technologies, searching millions of encrypted values takes just milliseconds. Fully managed by us, we built a solution to scale with you and your needs. Enigma Vault encrypts and tokenizes data of all shapes and sizes. Enigma Vault offers true field-level protection; instead of storing sensitive data, you store a token. Enigma Vault provides the following services. Enigma Vault takes the mess out of crypto and PCI compliance. You no longer have to manage and rotate private keys nor deal with complex cryptography. -
23
P0 Security
P0 Security
Find and fix vulnerabilities, request and grant privileged access. You should never need to trade off infrastructure security against developer velocity. Process access escalations in minutes. No more tickets, better-scoped permissions, and automatic expiration. P0 Security enables engineers to request just-in-time, fine-grained access to any cloud resource, without becoming an expert in the language of cloud IAM. DevOps teams can automate provisioning and expiry of access, without needing to constantly update static IDP groups. Provide developers just-in-time, short-lived, and fine-grained access to a production stack (AWS, GCP, Kubernetes) for deploying or troubleshooting services. Automate periodic access reviews of your cloud environment, and accelerate compliance for SOC2 and ISO 27001, without overburdening your teams. Provide engineers and customer success teams just-in-time and short-lived access to customer data in a cloud environment, or in a data warehouse.Starting Price: $25 per month -
24
HTCD
HTCD
HTCD is a cloud security SaaS built AI-first to materially upgrade your security posture. Access centralized visibility across your AWS and Azure environments—with 500+ OOTB policies for cloud security, infrastructure, network, SaaS, and compliance. All while retaining 100% ownership of your data. Create no-code detections in minutes. AI converts your questions to code for rapid results: Which CVEs can be exploited in my Azure environment? Show me S3 costs over the last 2 weeks ... and more. Get a prioritized view of security misconfigurations and vulnerabilities—solve the most pressing issues to reduce operational risk. AI reduces your response time by prioritizing in minutes what otherwise takes weeks. Get started in 15 minutes, free for 6 months for startups. -
25
Cloudxray
Cloudnosys
CloudXray is a cloud workload scanning solution that operates in two deployment modes; basic for misconfiguration detection and advanced for full malware, OS vulnerability, and misconfiguration scanning. The architecture consists of an orchestrator deployed in a single region and distributed scanners covering all discovered regions, making it fully compatible with both AWS and GCP environments. It uses an agentless approach to inspect workloads and volumes across your cloud account for malware, CVEs, and policy deviations. The solution provisions scanning instances on demand, integrates via roles and APIs, and provides continuous coverage of cloud resources without requiring persistent agents. CloudXray supports rapid deployment and is optimized for scalable, multi-region cloud workloads. It is designed to help organizations maintain a secure posture across compute instances, storage volumes, and OS layers by combining configuration assessment, vulnerability detection, and more. -
26
Darktrace
Darktrace
Darktrace is a cybersecurity platform powered by AI, providing a proactive approach to cyber resilience. Its ActiveAI Security Platform delivers real-time threat detection, autonomous responses to both known and novel threats, and comprehensive visibility into an organization’s security posture. By ingesting enterprise data from native and third-party sources, Darktrace correlates security incidents across business operations and detects previously unseen threats. This complete visibility and automation reduce containment time, eliminate alert fatigue, and significantly enhance the efficiency of security operations. -
27
Sonrai Security
Sonraí Security
Identity and Data Protection for AWS, Azure, Google Cloud, and Kubernetes. Sonrai’s public cloud security platform provides a complete risk model of all identity and data relationships, including activity and movement across cloud accounts, cloud providers, and 3rd party data stores. Uncover all identity and data relationships between administrators, roles, compute instances, serverless functions, and containers across multi-cloud accounts and 3rd-party data stores. Inside the platform, our critical resource monitor continuously monitors your critical data sitting inside object stores (e.g. AWS S3, Azure Blob) and database services (e.g. CosmosDB, Dynamo DB, RDS). Privacy and compliance controls are monitored across multiple cloud providers and 3rd party data stores. Resolutions are coordinated with relevant DevSecOps teams. -
28
CloudKnox
CloudKnox
Least Privilege Policy Enforcement for AWS, Azure, Google Cloud and VMware. CloudKnox delivers the only platform that enables the continuous creation, monitoring and enforcement of least privilege policies across your cloud infrastructure. Continuous protection of your critical cloud resources from accidents and malicious insiders. Discover Discover who is doing what, when, and where across your cloud infrastructure - in seconds. Manage Give identities “just-enough” and “just-in-time” privileges with the click of a button. Monitor Track user activity patterns and instantly receive detailed reports of anomalies and suspicious behavior. Respond Quickly and easily resolve insider threats across cloud platforms with a comprehensive, unified view of all identities, actions, and resources. -
29
Tenable One
Tenable
Tenable One radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to isolate and eradicate priority cyber exposures from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. The world’s only AI-powered exposure management platform. See every asset across your entire attack surface—from cloud environments to operational technologies, infrastructure to containers, and remote workers to modern web-apps with Tenable's market-leading vulnerability management sensors. With more than 20 trillion aspects of threat, vulnerability, misconfiguration and asset information, Tenable’s machine-learning powered predictions reduce remediation efforts by enabling you to focus first on the risks that matter most. Drive improvements required to reduce the probability of a business-impacting cyber event from occurring by communicating objective measures of risk. -
30
Bitglass
Bitglass
Bitglass delivers data and threat protection for any interaction, on any device, anywhere. Operating at cloud scale across a global network of over 200 points of presence, Bitglass delivers unrivaled performance and uptime to ensure secure business continuity for the largest organizations. Your company’s move to the cloud delivers flexibility and cost savings, but that doesn’t mean you should lose control of your data. Bitglass’ Next-Gen Cloud Access Security Broker (CASB) solution enables your enterprise to securely adopt any managed or unmanaged cloud app. The Bitglass Zero-day CASB Core dynamically adapts to the constantly evolving enterprise cloud footprint, delivering real-time data and threat protection. Bitglass Next-Gen CASB automatically learns and adapts to new cloud applications, new malware threats, new behaviors and new devices, delivering comprehensive protection for any application and any device.
