The 20 Coolest Cloud Security Companies Of The 2024 Cloud 100

As part of CRN’s Cloud 100, here are 20 cloud security companies you should know about in 2024.

Amid the intensifying cloud threat landscape, the importance of safeguarding cloud infrastructure has become uncontroversial across the industry. As just one indicator of the threat environment, cloud exploitation cases surged by 95 percent in 2022 from the prior year, according to CrowdStrike findings. But while most partners and customers now know that it’s crucial to protect public cloud environments such as Amazon Web Services, Microsoft Azure and Google Cloud, doing so remains a major challenge thanks to the massive complexity involved. The same is true for securing the use of data within cloud-based SaaS apps.

As a result, many customers are indeed doubling down on their investment into cloud security. Gartner has forecast that cloud security will remain the fastest-growing area of security and risk management spending in 2024, as it was in 2023. Cloud security spending for 2024 is predicted to climb 24.7 percent to reach $7 billion, the research firm reported. Adding in application security — a category that increasingly overlaps with cloud security — contributes an additional $6.67 billion in spending forecasted for 2024, according to Gartner.

In response to these demands, cloud security remains one of the prime areas of product innovation within the broader cybersecurity space. CRN has been closely following numerous vendors across the cloud security market, ranging from emerging startups offering new approaches to protecting the cloud, to major vendors with a complete CNAPP (cloud-native application protection platform) offering — considered a must-have for many organizations.

As part of CRN’s Cloud 100, here are 20 cloud security companies you should know about in 2024.

Aqua Security

Dror Davidoff

Co-Founder, CEO

Recent product updates from Aqua Security included the launch of a KBOM (Kubernetes Bill of Materials) to provide visibility into the components of a Kubernetes cluster, enabling greater security and ability to address vulnerabilities. Meanwhile, Aqua also recently unveiled GenAI-powered capabilities such as its new AI-Guided Remediation, which can generate detailed remediation steps automatically.

Check Point Software Technologies

Gil Shwed

Co-FounderA, CEO

Cloud security moves by Check Point Software Technologies included the unveiling of a new risk management engine, enabling improved cybersecurity risk prioritization on its CloudGuard CNAPP (cloud-native application protection platform). The Effective Risk Management offering combines with other tools on the CloudGuard platform to provide “smart” risk prioritization, Check Point said.

CrowdStrike

George Kurtz

Co-Founder, CEO

For its Falcon Cloud Security offering, CrowdStrike introduced a number of notable updates including its “1-Click XDR” capability. The tool works by automatically identifying unprotected cloud workloads and then deploying the company’s Falcon agent to secure them, CrowdStrike said.

Dazz

Merav Bahat

Co-Founder, CEO

Dazz offers a cloud security platform focused on improved prioritization and remediation of cloud vulnerabilities, which stands in contrast to tools that are mainly geared toward generating alerts, the company has said. The startup’s Unified Remediation Platform brings together data from numerous detection tools, correlates related issues and traces the issues back to their root causes.

Fortinet

Ken Xie

Co-Founder, Chairman, CEO

Recent cloud security moves by Fortinet included launching a collaboration with fast-growing cloud security posture management vendor Wiz. The two companies unveiled the launch of a jointly integrated offering bringing together capabilities for enhanced protection of cloud workloads.

Lacework

Jay Parikh

CEO

Recent product enhancements from Lacework included the debut of CIEM (cloud infrastructure entitlement management) capabilities that utilize the company’s Polygraph machine learning engine. The offering provides dynamic discovery of cloud identities—across users, groups, roles and resources—to uncover cases of excessive privilege.

Netskope

Sanjay Beri

Co-Founder, CEO

Key capabilities from secure access service edge vendor Netskope include CASB (cloud access security broker), which provides protection for the use of cloud-based SaaS apps and data. Netskope’s CASB offering aims to prevent threats ranging from theft of corporate data by malicious insiders to accidental disclosure of sensitive data using GenAI apps.

Orca Security

Gil Geron

Co-Founder, CEO

For its Orca Cloud Security Platform, the company debuted AI-driven cloud asset search that utilizes large language models (LLMs) to enable question-and-answer functionality around assets in the cloud. In addition to security teams, the capability can also be used by developers, cloud architects and any others who are looking for a faster way to get visibility into their cloud environments, Orca said.

Palo Alto Networks CEO Nikesh Arora On Why 'The Current Paradigm Is Broken' In Cybersecurity | CRN

Palo Alto Networks

Nikesh Arora

Chairman, CEO

Palo Alto Networks unveiled what it called the biggest release yet for its cloud security platform, Prisma Cloud, including an array of new features that provide greater intelligence and context to security teams as well as developers. The “Darwin” release for Prisma Cloud includes new capabilities to help organizations better prioritize their cloud security risks while giving customers a much-improved user interface.

Qualys

Sumedh Thakar

President, CEO

Key cloud security offerings from Qualys include visibility, security and management for public cloud workloads. Other capabilities include remediation prioritization for cloud vulnerabilities as well as monitoring and assessment of cloud accounts and services.

SentinelOne

Tomer Weingarten

Co-Founder, CEO

SentinelOne recently unveiled a major new release of its Singularity platform, dubbed Unity, which ties together numerous parts of its platform including cloud security for improved threat detection and response. Meanwhile, the vendor unveiled its new Cloud Data Security portfolio, which includes products such as Threat Detection for Amazon S3 and Threat Detection for NetApp.

Skyhigh Security

Gee Rittenhouse

CEO

Skyhigh Security’s products for cloud security include CASB (cloud access security broker), which offers data protection, controls and threat protection for usage of cloud apps. Skyhigh’s CASB offering provides “comprehensive multimode coverage” and real-time control of cloud services, according to the company.

Snyk

Peter McKay

CEO

Among Snyk’s key capabilities in the cloud include infrastructure-as-code security, which helps developers and security teams prevent cloud misconfigurations. The offering provides developers with security feedback as well as recommended code fixes in-line throughout the software development life cycle and cloud environments.

Sonrai Security

Brendan Hannigan

Co-Founder, CEO

Sonrai Security’s cloud security offering brings a specialized focus on the importance of identities and permissions in the cloud. The company’s approach is to use its Sonrai Graph to deliver a real-time view across identities and activities within an organization’s cloud deployment along with providing built-in recommendations for remediation.

Sysdig

Suresh Vasudevan

CEO

Recent additions to Sysdig’s CNAPP (cloud-native application protection platform) included what it called the “first” cloud attack path analysis that’s available in real time. The capabilities enable identification of “unseen but imminent” threats as well as in-progress attacks, the company said. Other updates included agentless scanning and enhanced cloud visibility through a new cloud inventory.

Tenable

Amit Yoran

Chairman, CEO

Through its recent acquisition of Ermetic, Tenable now offers cloud identity and permissions management technology as well as a complete cloud-native application protection platform (CNAPP) offering. Other key capabilities include infrastructure-as-code security and attack path analysis.

Uptycs

Ganesh Pai

Co-Founder, CEO

Uptycs—which said it is the “first” vendor to unify CNAPP (cloud-native application protection platform) and XDR (extended detection and response)—recently unveiled the launch of its new Cross-Cloud Anomaly Detection Engine. The tool provides analysis of massive quantities of events in “near-real time” to enable rapid response to cloud threats.

Trend Micro

Eva Chen

Co-Founder, CEO

Trend Micro recently introduced cloud risk management onto its cybersecurity platform, Trend Vision One, in order to provide enhanced visibility of cloud security threats. The offering leverages Trend Micro’s external attack surface management capabilities to spot previously unknown risks across cloud services.

Wiz

Assaf Rappaport

Co-Founder, CEO

After finding widespread interest in its agentless snapshot scans of cloud environments, Wiz added the ability to pinpoint threats that are impacting cloud workloads in real time with the introduction of its Runtime Sensor. The cloud threat detection and response offering needs only a “lightweight” agent to provide its functionality, Wiz said.

Zscaler

Jay Chaudhry

Founder, Chairman, CEO

Security service edge company Zscaler expanded its portfolio of cloud security products with new tools including Zscaler Resilience, which the company called the “first” cloud resilience offering for SSE in the industry. Zscaler Resilience works by enabling organizations to keep interconnections to apps intact during a major security incident.