The 20 Coolest Cloud Security Companies Of The 2024 Cloud 100
As part of CRN’s Cloud 100, here are 20 cloud security companies you should know about in 2024.
Amid the intensifying cloud threat landscape, the importance of safeguarding cloud infrastructure has become uncontroversial across the industry. As just one indicator of the threat environment, cloud exploitation cases surged by 95 percent in 2022 from the prior year, according to CrowdStrike findings. But while most partners and customers now know that it’s crucial to protect public cloud environments such as Amazon Web Services, Microsoft Azure and Google Cloud, doing so remains a major challenge thanks to the massive complexity involved. The same is true for securing the use of data within cloud-based SaaS apps.
As a result, many customers are indeed doubling down on their investment into cloud security. Gartner has forecast that cloud security will remain the fastest-growing area of security and risk management spending in 2024, as it was in 2023. Cloud security spending for 2024 is predicted to climb 24.7 percent to reach $7 billion, the research firm reported. Adding in application security — a category that increasingly overlaps with cloud security — contributes an additional $6.67 billion in spending forecasted for 2024, according to Gartner.
In response to these demands, cloud security remains one of the prime areas of product innovation within the broader cybersecurity space. CRN has been closely following numerous vendors across the cloud security market, ranging from emerging startups offering new approaches to protecting the cloud, to major vendors with a complete CNAPP (cloud-native application protection platform) offering — considered a must-have for many organizations.
As part of CRN’s Cloud 100, here are 20 cloud security companies you should know about in 2024.
Aqua Security
Dror Davidoff
Co-Founder, CEO
Recent product updates from Aqua Security included the launch of a KBOM (Kubernetes Bill of Materials) to provide visibility into the components of a Kubernetes cluster, enabling greater security and ability to address vulnerabilities. Meanwhile, Aqua also recently unveiled GenAI-powered capabilities such as its new AI-Guided Remediation, which can generate detailed remediation steps automatically.
Check Point Software Technologies
Gil Shwed
Co-FounderA, CEO
Cloud security moves by Check Point Software Technologies included the unveiling of a new risk management engine, enabling improved cybersecurity risk prioritization on its CloudGuard CNAPP (cloud-native application protection platform). The Effective Risk Management offering combines with other tools on the CloudGuard platform to provide “smart” risk prioritization, Check Point said.
CrowdStrike
George Kurtz
Co-Founder, CEO
For its Falcon Cloud Security offering, CrowdStrike introduced a number of notable updates including its “1-Click XDR” capability. The tool works by automatically identifying unprotected cloud workloads and then deploying the company’s Falcon agent to secure them, CrowdStrike said.
Dazz
Merav Bahat
Co-Founder, CEO
Dazz offers a cloud security platform focused on improved prioritization and remediation of cloud vulnerabilities, which stands in contrast to tools that are mainly geared toward generating alerts, the company has said. The startup’s Unified Remediation Platform brings together data from numerous detection tools, correlates related issues and traces the issues back to their root causes.
Fortinet
Ken Xie
Co-Founder, Chairman, CEO
Recent cloud security moves by Fortinet included launching a collaboration with fast-growing cloud security posture management vendor Wiz. The two companies unveiled the launch of a jointly integrated offering bringing together capabilities for enhanced protection of cloud workloads.
Lacework
Jay Parikh
CEO
Recent product enhancements from Lacework included the debut of CIEM (cloud infrastructure entitlement management) capabilities that utilize the company’s Polygraph machine learning engine. The offering provides dynamic discovery of cloud identities—across users, groups, roles and resources—to uncover cases of excessive privilege.
Netskope
Sanjay Beri
Co-Founder, CEO
Key capabilities from secure access service edge vendor Netskope include CASB (cloud access security broker), which provides protection for the use of cloud-based SaaS apps and data. Netskope’s CASB offering aims to prevent threats ranging from theft of corporate data by malicious insiders to accidental disclosure of sensitive data using GenAI apps.
Orca Security
Gil Geron
Co-Founder, CEO
For its Orca Cloud Security Platform, the company debuted AI-driven cloud asset search that utilizes large language models (LLMs) to enable question-and-answer functionality around assets in the cloud. In addition to security teams, the capability can also be used by developers, cloud architects and any others who are looking for a faster way to get visibility into their cloud environments, Orca said.
Palo Alto Networks
Nikesh Arora
Chairman, CEO
Palo Alto Networks unveiled what it called the biggest release yet for its cloud security platform, Prisma Cloud, including an array of new features that provide greater intelligence and context to security teams as well as developers. The “Darwin” release for Prisma Cloud includes new capabilities to help organizations better prioritize their cloud security risks while giving customers a much-improved user interface.
Qualys
Sumedh Thakar
President, CEO
Key cloud security offerings from Qualys include visibility, security and management for public cloud workloads. Other capabilities include remediation prioritization for cloud vulnerabilities as well as monitoring and assessment of cloud accounts and services.
SentinelOne
Tomer Weingarten
Co-Founder, CEO
SentinelOne recently unveiled a major new release of its Singularity platform, dubbed Unity, which ties together numerous parts of its platform including cloud security for improved threat detection and response. Meanwhile, the vendor unveiled its new Cloud Data Security portfolio, which includes products such as Threat Detection for Amazon S3 and Threat Detection for NetApp.
Skyhigh Security
Gee Rittenhouse
CEO
Skyhigh Security’s products for cloud security include CASB (cloud access security broker), which offers data protection, controls and threat protection for usage of cloud apps. Skyhigh’s CASB offering provides “comprehensive multimode coverage” and real-time control of cloud services, according to the company.
Snyk
Peter McKay
CEO
Among Snyk’s key capabilities in the cloud include infrastructure-as-code security, which helps developers and security teams prevent cloud misconfigurations. The offering provides developers with security feedback as well as recommended code fixes in-line throughout the software development life cycle and cloud environments.
Sonrai Security
Brendan Hannigan
Co-Founder, CEO
Sonrai Security’s cloud security offering brings a specialized focus on the importance of identities and permissions in the cloud. The company’s approach is to use its Sonrai Graph to deliver a real-time view across identities and activities within an organization’s cloud deployment along with providing built-in recommendations for remediation.
Sysdig
Suresh Vasudevan
CEO
Recent additions to Sysdig’s CNAPP (cloud-native application protection platform) included what it called the “first” cloud attack path analysis that’s available in real time. The capabilities enable identification of “unseen but imminent” threats as well as in-progress attacks, the company said. Other updates included agentless scanning and enhanced cloud visibility through a new cloud inventory.
Tenable
Amit Yoran
Chairman, CEO
Through its recent acquisition of Ermetic, Tenable now offers cloud identity and permissions management technology as well as a complete cloud-native application protection platform (CNAPP) offering. Other key capabilities include infrastructure-as-code security and attack path analysis.
Uptycs
Ganesh Pai
Co-Founder, CEO
Uptycs—which said it is the “first” vendor to unify CNAPP (cloud-native application protection platform) and XDR (extended detection and response)—recently unveiled the launch of its new Cross-Cloud Anomaly Detection Engine. The tool provides analysis of massive quantities of events in “near-real time” to enable rapid response to cloud threats.
Trend Micro
Eva Chen
Co-Founder, CEO
Trend Micro recently introduced cloud risk management onto its cybersecurity platform, Trend Vision One, in order to provide enhanced visibility of cloud security threats. The offering leverages Trend Micro’s external attack surface management capabilities to spot previously unknown risks across cloud services.
Wiz
Assaf Rappaport
Co-Founder, CEO
After finding widespread interest in its agentless snapshot scans of cloud environments, Wiz added the ability to pinpoint threats that are impacting cloud workloads in real time with the introduction of its Runtime Sensor. The cloud threat detection and response offering needs only a “lightweight” agent to provide its functionality, Wiz said.
Zscaler
Jay Chaudhry
Founder, Chairman, CEO
Security service edge company Zscaler expanded its portfolio of cloud security products with new tools including Zscaler Resilience, which the company called the “first” cloud resilience offering for SSE in the industry. Zscaler Resilience works by enabling organizations to keep interconnections to apps intact during a major security incident.