2022 SC Awards Finalists: Best Cloud Workload Protection Solution

Orca Security’s agentless platform for AWS, Azure, and Google Cloud offers comprehensive CWPP capabilities, detecting cloud vulnerabilities, malware, sensitive data at risk, IAM risks, and lateral movement risks. Orca delivers an agentless cloud security solution that instantly offers 100% coverage and visibility into cloud workloads — whether VMs, serverless or containers — without the performance impact, security gaps and operational costs of agents. The Orca platform also pioneered combining CSPM, CWPP and CIEM capabilities in a single solution. This unified data model not only reduces cloud security complexity, but also enables Orca to leverage broad contextual intelligence to prioritize alerts and recognize when seemingly unrelated issues can be combined to create dangerous attack paths.

Prisma Cloud is a cloud-native application protection platform with broad security and compliance coverage. It secures infrastructure, applications, data, and entitlements across the world’s largest clouds (public, private and hybrid), as well as on-prem and air-gapped deployments, with DevOps integrations to secure workloads and infrastructure-as-code early in development. The Prisma Cloud Platform provides cloud workload protection capabilities at any scale for the five key market needs across hosts, containers, Kubernetes, and serverless workloads.

Purpose-built for securing Kubernetes orchestrated container workloads, SentinelOne’s Singularity Cloud Workload Security provides a rich set of capabilities, including advanced runtime protection, full remote shell to any pod, full remediation, and full visibility across the cloud environment. SentinelOne’s Singularity platform extends distributed, autonomous endpoint protection, detection, and response to workloads running in public clouds, private clouds, and on-prem data centers.

VMware Carbon Black Workload integrates directly with VMware vSphere to help customers scale response with confidence, speed, and accuracy, and breaks down siloes on the journey to Zero Trust. Carbon Black Workload delivers advanced protection purpose-built for securing modern and traditional workloads to reduce attack surface and strengthen security posture. This innovative solution combines prioritized vulnerability reporting and foundational workload hardening with industry-leading prevention, detection and response capabilities to protect workloads running in virtualized, private and hybrid cloud environments.

Wiz provides comprehensive protection across workloads and cloud environments via a single API connection that eliminates deployment complexity and ongoing maintenance and ensures 100 percent workload coverage. This approach provides complete visibility into every virtual machine, container/Kubernetes, or serverless functions across cloud providers. Wiz discovers vulnerabilities across host operating system, container images and serverless functions and details each CVE, end-of-life applications, unpatched OSs, and more. Wiz has a single, unified policy framework that integrates into any CI/CD pipeline and simplifies preventing vulnerable images from ever reaching production. The product also continuously enforces container immutability. Cluster APIs are interrogated directly to precisely map cluster architecture and configuration connections.