Amazon Guard Duty is a continuous cloud security monitoring service that consistently monitors and administers several data sources. These include AWS CloudTrail data events for EKS (Elastic Kubernetes Service) audit logs, VPC (Virtual Private Cloud) flow logs, DNS (Domain Name System) logs, S3 (Simple Cloud Storage), and AWS CloudTrail event logs.
Amazon GuardDuty intuitively uses threat intelligence data - such as lists of malicious domains and IP addresses - and ML (machine learning) to quickly discover suspicious and problematic activity in a user's AWS ecosystem. Activities may include concerns such as interactions with malicious IP addresses or domains, exposed credentials usage, or changes and/or escalation of privileges.
GuardDuty is able to easily determine problematic AWS EC2 (Elastic Compute Cloud) instances delivering malware or mining bitcoin. It is also able to trace AWS account access history for evidence of destabilization. such as suspicious API calls resulting in changing password policies to minimize password strength or anomalous infrastructure deployments in new or different never-used regions.
We use a pay-as-you-use license, which is competitively priced in the market.
I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it.
We use a pay-as-you-use license, which is competitively priced in the market.
I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it.
Mend.io is a software composition analysis tool that secures what developers create. The solution provides an automated reduction of the software attack surface, reduces developer burdens, and accelerates app delivery. Mend.io provides open-source analysis with its in-house and other multiple sources of software vulnerabilities. In addition, the solution offers license and policy violation alerts, has great pipeline integration, and, since it is a SaaS (software as a service), it doesn’t require you to physically maintain servers or data centers for any implementation. Not only does Mend.io reduce enterprise application security risk, it also helps developers meet deadlines faster.
We are paying a lot of money to use WhiteSource. In our company, it is not easy to argue that it is worth the price. ​
The version that we are using, WhiteSource Bolt, is a free integration with Azure DevOps.
We are paying a lot of money to use WhiteSource. In our company, it is not easy to argue that it is worth the price. ​
The version that we are using, WhiteSource Bolt, is a free integration with Azure DevOps.
Illumio Zero Trust Segmentation is a cloud and data center security solution that helps stop breaches from spreading across hybrid and multi cloud IT environments. The solution is designed to stop ransomware, contain cyber attacks, and reduce risk. With Illumio Zero Trust Segmentation, users can understand relationships and communications to map exposure risk of systems and data, identify the right security posture and secure applications through least-privilege policies, and ensure a Zero Trust security posture.
There is a subscription needed to use Illumio Adaptive Security Platform and we pay every three years. Overall the solution is expensive.
The product's pricing is around 10,000-15,000 USD. The pricing is on a yearly basis.
There is a subscription needed to use Illumio Adaptive Security Platform and we pay every three years. Overall the solution is expensive.
The product's pricing is around 10,000-15,000 USD. The pricing is on a yearly basis.
Sonatype Lifecycle is an open-source security and dependency management software that uses only one tool to automatically find open-source vulnerabilities at every stage of the System Development Life Cycle (SDLC). Users can now minimize security vulnerabilities, permitting organizations to enhance development workflow. Sonatype Lifecycle gives the user complete control over their software supply chain, allowing them to regain wasted time fighting risks in the SDLC. In addition, this software unifies the ability to define rules, actions, and policies that work best for your organizations and teams.
Its pricing is competitive within the market. It's not very cheap, it's not very expensive.
We're pretty happy with the price, for what it is delivering for us and the value we're getting from it.
Its pricing is competitive within the market. It's not very cheap, it's not very expensive.
We're pretty happy with the price, for what it is delivering for us and the value we're getting from it.
Sysdig Falco is a powerful open-source behavioral activity monitoring tool designed for containerized environments. Its primary use case is to enhance security and threat detection in cloud-native infrastructures.
Apiiro is the leader in application security posture management (ASPM), unifying risk visibility, prioritization, and remediation with deep code analysis and runtime context.
Upwind optimizes work processes and enhances team productivity. Users highlight its project management, task tracking, and automation capabilities along with real-time collaboration and tool integrations. Advanced analytics, customizable dashboards, and intuitive data visualization are appreciated. Users suggest improvements in mobile functionality, stability, speed, and customer support, noting a learning curve and occasional software bugs.
Uptycs enhances security in cloud-based environments with endpoint detection, compliance, and threat response. Users value its Kubernetes monitoring, real-time incident response, and integration ease. Praised for visibility, log management, and automated compliance, Uptycs receives suggestions for better integration options, setup clarity, enhanced threat detection, and improved customer service.
Ox Security is used for digital security management, focusing on threat detection, vulnerability management, and compliance monitoring. Users appreciate its real-time insights, automation features, and ease of integration. While its intuitive dashboard and customer support are strengths, some users desire more customization and system performance improvements.
Users appreciate Anchore Enterprise for scanning container images for security vulnerabilities and compliance issues. They value its CI/CD pipeline integration, automated assessments, detailed reporting, policy enforcement, and comprehensive analysis. While scalability and deployment ease are praised, users also note the need for better stability, performance, and more in-depth documentation.
AccuKnox Platform provides robust security and compliance for Kubernetes workloads. It offers real-time threat detection, policy enforcement, and container security management. Users appreciate its ease of deployment, seamless integration, and effective monitoring. With granular visibility, control, and automation, AccuKnox enhances security measures, making it ideal for various cloud environments.
Sonrai Security enhances cloud security and compliance by identifying risks, managing access policies, monitoring environments, and ensuring data integrity. Users value its cloud governance, data protection, deep visibility, and automated workflows. Integration capabilities with other systems could improve and some find the setup process complex with occasional delays in support responses.
