Best Cloud Infrastructure Entitlement Management (CIEM) Software

Lauren Worth
LW
Researched and written by Lauren Worth

Cloud infrastructure entitlement management (CIEM) software, also sometimes referred to as cloud permissions management software, is a security solution that manages user privileges or "entitlements" in cloud environments. The software controls access to applications, infrastructure, and resources in the cloud environment using the principle of least privileges (POLP). The least privilege policy is an integral part of the zero trust policy that limits the attack surface of security threats by restricting access in the cloud landscape.

CIEM software manages user accounts, defines user roles, and provides access control to ensure only the right users have access to resources, which reduces unauthorized access. Companies with complex cloud landscapes, as well as numerous teams and users, can use CIEM software to secure their cloud environments and ensure compliance. Security and IT operations teams use this tool to control access privileges and monitor the cloud environment for unauthorized access.

CIEM solutions have some features that overlap with identity and access management (IAM) software as both provide authentication and access control. However, they have distinct purposes. IAM focuses on user authentication, authorization, and access control across an organization's IT systems, both on-premises and in the cloud. CIEM extends its scope to include cloud infrastructure and endpoint management, addressing the broader challenges of managing cloud resources, securing endpoints, and ensuring cloud security and compliance.

To qualify for inclusion in the Cloud Infrastructure Entitlement Management (CIEM) category, a product must:

Provide visibility into all cloud assets and access privileges
Remove any unused privileges
Continuously monitor the environments, detect any violations, and perform automatic remediation
Show More
Show Less

Best Cloud Infrastructure Entitlement Management (CIEM) Software At A Glance

Leader:
Wiz
Wiz
Highest Performer:
Sonrai Security
Sonrai Security
Easiest to Use:
Sysdig Secure
Sysdig Secure
Top Trending:
SailPoint
SailPoint
Best Free Software:
Wiz
Wiz
Show LessShow More
Easiest to Use:
Sysdig Secure
Sysdig Secure
Top Trending:
SailPoint
SailPoint
Best Free Software:
Wiz
Wiz

G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.

  • Segment
  • Rating
  • Language
  • Pricing
No filters applied
  • Segment
  • Rating
  • Language
  • Pricing
Clear Filter
More Filters
Market Segments
All Segments
Mid Market
Enterprise
Avg. Customer Review
Language
Pricing
Sort by
Clear All
22 Listings in Cloud Infrastructure Entitlement Management (CIEM) Available
  • Sort By:
    G2 Score
Wiz
(772)4.7 out of 5
2nd Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
View top Consulting Services for Wiz
OverviewPros and Cons
Product Description

Wiz transforms cloud security for customers – including more than 50% of the Fortune 100 – by enabling a new operating model. With Wiz, organizations can democratize security across the developme

Users: CISO, Security Engineer · Industries: Financial Services, Information Technology and Services · Market Segment: 54% Enterprise, 39% Mid-Market
Pros and ConsSeller Details
ProsFeatures, Security, Ease of Use, Visibility, Easy Setup
ConsImprovement Needed, Feature Limitations, Learning Curve, Improvements Needed, Complexity
Seller Details
Seller
Wiz
Company Website
Year Founded
2020
HQ Location
New York, US
Twitter
@wiz_io
22,232 Twitter followers
LinkedIn® Page
www.linkedin.com
3,248 employees on LinkedIn®
Cortex Cloud
(111)4.1 out of 5
8th Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
OverviewPros and Cons
Product Description

Cortex Cloud by Palo Alto Networks, the next version of Prisma Cloud, understands a unified security approach is essential for effectively addressing AppSec, CloudSec, and SecOps. Connecting cloud sec

Industries: Information Technology and Services, Computer & Network Security · Market Segment: 39% Enterprise, 32% Mid-Market
Pros and ConsSeller Details
ProsEase of Use, Features, Security, Visibility, Cloud Integration
ConsExpensive, Difficult Learning, Learning Curve, Pricing Issues, Complex Setup
Seller Details
Seller
Palo Alto Networks
Company Website
Year Founded
2005
HQ Location
Santa Clara, CA
Twitter
@PaloAltoNtwks
128,289 Twitter followers
LinkedIn® Page
www.linkedin.com
18,396 employees on LinkedIn®
G2 Advertising
Sponsored
G2 Advertising
Get 2x conversion than Google Ads with G2 Advertising!
G2 Advertising places your product in premium positions on high-traffic pages and on targeted competitor pages to reach buyers at key comparison moments.
Learn More
Sysdig Secure
(111)4.8 out of 5
1st Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
OverviewPros and Cons
Product Description

Sysdig Secure is the real-time cloud-native application protection platform (CNAPP) trusted by organizations of all sizes around the world.. Built by the creators of Falco and Wireshark, Sysdig unique

Users: Security Engineer · Industries: Financial Services, Information Technology and Services · Market Segment: 46% Enterprise, 40% Mid-Market
Pros and ConsSeller Details
ProsSecurity, Vulnerability Detection, Threat Detection, Detection Efficiency, Features
ConsFeature Limitations, Complexity, Missing Features, Difficult Learning, Feature Complexity
Seller Details
Seller
Sysdig
Company Website
Year Founded
2013
HQ Location
San Francisco, California
Twitter
@Sysdig
10,255 Twitter followers
LinkedIn® Page
www.linkedin.com
650 employees on LinkedIn®
Orca Security
(228)4.6 out of 5
Entry Level Price:Contact Us
4th Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
OverviewPros and Cons
Product Description

The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google C

Users: Security Engineer, CISO · Industries: Computer Software, Information Technology and Services · Market Segment: 50% Mid-Market, 38% Enterprise
Pros and ConsSeller Details
ProsEase of Use, Features, Security, User Interface, Visibility
ConsImprovement Needed, Feature Limitations, Limited Features, Missing Features, Ineffective Alerts
Seller Details
Seller
Orca Security
Company Website
Year Founded
2019
HQ Location
Portland, Oregon
Twitter
@orcasec
4,830 Twitter followers
LinkedIn® Page
www.linkedin.com
495 employees on LinkedIn®
Microsoft Entra Permissions Management
(16)4.3 out of 5
7th Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
OverviewSeller Details
Product Description

CloudKnox Permissions Management is a cloud infrastructure entitlement management (CIEM) solution that provides comprehensive visibility into permissions assigned to all identities – users and workloa

Market Segment: 50% Small-Business, 25% Enterprise
Seller Details
Seller
Microsoft
Year Founded
1975
HQ Location
Redmond, Washington
Twitter
@microsoft
13,090,136 Twitter followers
LinkedIn® Page
www.linkedin.com
226,132 employees on LinkedIn®
Ownership
MSFT
SailPoint
(168)4.5 out of 5
6th Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
OverviewPros and Cons
Product Description

SailPoint is the leader in identity security for the modern enterprise. Harnessing the power of AI and machine learning, SailPoint automates the management and control of access, delivering only the r

Users: Software Engineer · Industries: Financial Services, Information Technology and Services · Market Segment: 76% Enterprise, 18% Mid-Market
Pros and ConsSeller Details
ProsEase of Use, Features, Security, Identity Management, Integrations
ConsImprovement Needed, Poor Customer Support, Missing Features, Expensive, Difficult Learning
Seller Details
Seller
SailPoint
Company Website
Year Founded
2004
HQ Location
Austin, TX
Twitter
@SailPoint
15,046 Twitter followers
LinkedIn® Page
www.linkedin.com
3,441 employees on LinkedIn®
Sonrai Security
(25)4.6 out of 5
Free trial available
3rd Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
OverviewPros and Cons
Product Description

Sonrai Security is a leading cloud privileged access management solutions provider. With a mission to empower enterprises of all sizes to innovate securely and confidently, Sonrai Security delivers id

Industries: Information Technology and Services · Market Segment: 40% Enterprise, 40% Mid-Market
Pros and ConsSeller Details
ProsCloud Security, Security, Cloud Management, Ease of Use, Cloud Technology
ConsComplexity, Expensive, Feature Limitations, Improvement Needed, Limited Customization
Seller Details
Seller
Sonrai Security
Year Founded
2017
HQ Location
New York, US
LinkedIn® Page
www.linkedin.com
64 employees on LinkedIn®
Tenable Cloud Security
(37)4.6 out of 5
View top Consulting Services for Tenable Cloud Security
OverviewPros and Cons
Product Description

Tenable Cloud Security is an actionable cloud security platform that exposes and closes priority security gaps caused by misconfigurations, risky entitlements and vulnerabilities. Organizations use it

Industries: Information Technology and Services, Computer Software · Market Segment: 57% Mid-Market, 38% Enterprise
Pros and ConsSeller Details
ProsCompliance, Detailed Analysis, Ease of Use, Features, Integrations
ConsComplex Setup, Expensive, Feature Limitations, Difficult Setup, Implementation Difficulty
Seller Details
Seller
Tenable
Company Website
HQ Location
Columbia, MD
Twitter
@TenableSecurity
87,566 Twitter followers
LinkedIn® Page
www.linkedin.com
2,357 employees on LinkedIn®
Ownership
NASDAQ: TENB
FortiCNAPP
(386)4.4 out of 5
5th Easiest To Use in Cloud Infrastructure Entitlement Management (CIEM) software
View top Consulting Services for FortiCNAPP
OverviewPros and Cons
Product Description

FortiCNAPP (formerly Lacework) is an AI-powered Cloud-Native Application Protection Platform that delivers unified security across your multi-cloud and hybrid environments. Built to protect the entire

Users: Security Engineer, Security Analyst · Industries: Information Technology and Services, Computer Software · Market Segment: 62% Mid-Market, 26% Enterprise
Pros and ConsSeller Details
ProsSecurity, Vulnerability Detection, Alert Management, Cloud Security, Ease of Use
ConsDifficult Setup, Poor Documentation, Complex Setup, Setup Difficulty, Complex Configuration
Seller Details
Seller
Fortinet
Company Website
Year Founded
2000
HQ Location
Sunnyvale, CA
Twitter
@Fortinet
151,488 Twitter followers
LinkedIn® Page
www.linkedin.com
15,801 employees on LinkedIn®
Saviynt
(61)4.3 out of 5
OverviewPros and Cons
Product Description

Saviynt helps organizations transform their organization with identity security. Our AI-first platform enables enterprises to secure every identity — human, non-human, and AI — within any application

Industries: Information Technology and Services, Manufacturing · Market Segment: 77% Enterprise, 7% Mid-Market
Pros and ConsSeller Details
ProsEase of Use, Features, Easy Setup, Customer Support, Integrations
ConsDifficult Learning, Lack of Features, Limited Features, Poor Interface Design, Complexity
Seller Details
Seller
Saviynt
Company Website
Year Founded
2010
HQ Location
El Segundo, US
Twitter
@saviynt
1,230 Twitter followers
LinkedIn® Page
www.linkedin.com
1,458 employees on LinkedIn®
CrowdStrike Falcon Cloud Security
(82)4.6 out of 5
Entry Level Price:Contact Us
View top Consulting Services for CrowdStrike Falcon Cloud Security
OverviewPros and Cons
Product Description

Crowdstrike Falcon Cloud Security is the only CNAPP to stop breaches in the cloud Built for today’s hybrid and multi-cloud environments, Falcon Cloud Security protects the entire cloud attack surface

Industries: Information Technology and Services, Computer & Network Security · Market Segment: 45% Enterprise, 43% Mid-Market
Pros and ConsSeller Details
ProsSecurity, Cloud Security, Detection Efficiency, Vulnerability Detection, Ease of Use
ConsExpensive, Improvements Needed, Improvement Needed, Feature Complexity, Learning Curve
Seller Details
Seller
CrowdStrike
Company Website
Year Founded
2011
HQ Location
Sunnyvale, CA
Twitter
@CrowdStrike
109,799 Twitter followers
LinkedIn® Page
www.linkedin.com
10,831 employees on LinkedIn®
BeyondTrust Entitle Just-in-Time Access
(12)4.3 out of 5
Entry Level Price:Contact Us
OverviewPros and Cons
Product Description

Entitle is a seamless way to grant employees granular and just-in-time access within Cloud and SaaS. Specializing in temporary admin escalations, break-glass access, granular access to PII, and acces

Market Segment: 75% Mid-Market, 17% Enterprise
Pros and ConsSeller Details
ProsDocumentation, Security, Access Control, Auditing, Capabilities
ConsComplex Queries, Complex Usability, Complex Usage, Difficult Setup, Admin Management Issues
Seller Details
Seller
BeyondTrust
Company Website
Year Founded
1985
HQ Location
Johns Creek, GA
Twitter
@BeyondTrust
14,336 Twitter followers
LinkedIn® Page
www.linkedin.com
1,682 employees on LinkedIn®
CyberArk Secure Cloud Access
(5)4.9 out of 5
OverviewPros and Cons
Product Description

CyberArk Secure Cloud Access provisions Zero Standing Privileges (ZSP) across multi-cloud environments, scoping just enough permissions to adhere to the principle of least privilege access. CyberAr

Market Segment: 60% Mid-Market, 40% Enterprise
Pros and ConsSeller Details
ProsEase of Use, User Interface, Access Management, Easy Setup, Features
Seller Details
Seller
CyberArk
Year Founded
1999
HQ Location
Newton, MA
Twitter
@CyberArk
17,726 Twitter followers
LinkedIn® Page
www.linkedin.com
5,022 employees on LinkedIn®
Ownership
NASDAQ:CYBR
CheckRed
(4)4.8 out of 5
OverviewSeller Details
Product Description

CheckRed is a complete cloud security platform (SSPM/CNAPP/CSPM/CIEM/CWPP/Compliance) covering all critical SaaS apps and cloud providers – all in a single, user-friendly, and affordable solution.

Market Segment: 75% Mid-Market, 25% Small-Business
Seller Details
Seller
CheckRed
HQ Location
5220 Spring Valley Rd Suite 604 Dallas,TX 75254
LinkedIn® Page
www.linkedin.com
Trustle
(1)4.5 out of 5
OverviewPros and Cons
Product Description

Trustle goes beyond Cloud Infrastructure Entitlement Management (CIEM) to prioritize the most over-privileged users, and easily transition your entire organization to Just-In-Time Access to everything

Market Segment: 100% Mid-Market
Pros and ConsSeller Details
ProsCloud Services, Identity Management, Secure Access
Seller Details
Seller
Trustle
Year Founded
2019
HQ Location
Boston, MA, USA
LinkedIn® Page
www.linkedin.com
15 employees on LinkedIn®
Filters
Filter
Clear Filter
More Filters
Market Segments
All Segments
Mid Market
Enterprise
Avg. Customer Review
Language
Pricing
Sort by
Clear All
  • Segment
Clear Filter
More Filters
Market Segments
All Segments
Mid Market
Enterprise
Avg. Customer Review
Language
Pricing
Sort by
Clear All
22 Listings in Cloud Infrastructure Entitlement Management (CIEM) Available
  • Sort By:
    G2 Score

Recommended For You

Bloomerang CRM
Neon CRM
Givebutter
DonorPerfect
DonorSnap