Uptycs CNAPP

Uptycs is an AWS Security partner with Security Software and Container Security Competencies. We offer customers security context and choice. Deployment options meet customer telemetry and scaling needs across more than 40 AWS services including: Compute (EC2, EBS, ELB, Lambda), Containers (ECR, ECS, EKS), Storage (S3, EFS, S3 Glacier), Database (RDS, ElastiCache), Networking & Content Delivery (VPC, CloudFront, Route 53, API Gateway), Developer Tools (CodeCommit, CodeDeploy, CodePipeline, CodeBuild), Management & Governance (Organizations, CloudWatch, CloudFormation, CloudTrail, Config, ServiceCatalog, Systems Manager), Analytics (Redshift, ElasticSearch, Kinesis), Security, Identity, Compliance (IAM, GuardDuty, WAF, Security Hub), Application Integration (SNS,SQS), End User Computing (Workspaces), Machine Learning (SageMaker), and Migration Services. Uptycs offers custom pricing and solutions via private offer. Reach out directly to aws@uptycs.com.

0 AWS reviews

14 external reviews

View purchase options

Overview

Product video

Uptycs is the top Cloud-Native Application Protection Platform (CNAPP) choice for security teams collaborating with developers to safeguard critical application pipelines, mitigate risks, and defend runtime environments in the hybrid cloud.

Uptycs consolidates cloud security silos into a unified platform, providing a single security console, policy framework, and data lake. This unification enables greater automation, simplifies policy enforcement, and extends security coverage, all while reducing costs.

DATA IS YOUR POWER, NOT A HEADACHE

Uptycs tackled the cybersecurity data challenge first to give you deeper context so you can prioritize what truly matters. Our modern architecture normalizes security telemetry close to its collection point, and then streams it into your detection cloud, so you can query your attack surface like a database. No black boxes, no ETL, and no need to put in a support ticket to get new insights.

FULL LIFECYCLE CLOUD-NATIVE APPLICATION PROTECTION

Detect malware or suspicious behavior on developer endpoints, identify vulnerabilities early in the build process, verify secure configurations, and continuously monitor in production.

:: Prioritize security findings across your hybrid cloud workloads (VMs, containers, clusters, and serverless), and cloud infrastructure (databases, data stores, object storage) through exposure scanning, full attack path analysis, and correlation of security signals

:: Detect active threats to workloads with anomaly and behavior-based detections. Identify, prioritize, and fix misconfigurations and policy violations in Infrastructure as Code (IaC)

:: Simplify the maintenance of least privilege access and reduce IAM risks with full visibility into policies, users, and roles. Detect identity-specific threats through Identity Threat Detection and Response (ITDR) capabilities

:: Get deep support for AWS and start with instant-on, agentless coverage, then add the Uptycs Sensor for runtime protection, advanced remediation, and forensics

:: Gain full visibility into your software development pipeline posture and apply guardrails throughout your software development lifecycle (SDLC)

:: Fully protect your cloud with visibility of all cloud-connected assets, empowering you to understand your blast radius should a developer laptop be compromised

:: Meet compliance mandates with support for CIS benchmarks, HIPAA, ISO 27001, NIST, PCI, and SOC 2 across your cloud infrastructure and workloads running within the cloud

PROTECT YOUR CRITICAL WORKLOADS, WHEREVER THEY RUN

Replace multiple agents and tools with Uptycs for unified threat detection and response, vulnerability scanning, security hygiene, compliance, cyber asset management, file integrity monitoring (FIM), and ad hoc investigation and threat hunting.

:: Enjoy deep support for rare Linux distros, IBM LinuxONE, Linux on Z, IBM Power, AIX, HPC environments, and more

:: Enjoy blazing-fast response times with the Uptycs osquery-based agent with eBPF, designed to minimize its memory, CPU, and disk I/O footprint

:: Leverage rich security telemetry that goes beyond basic events to include file system files, Augeas lens, DNS lookups, sudoers list, and disk encryption

DATASHEET QUICK LINKS:

:: Uptycs for AWS: https://www.uptycs.com/resources/product-brief/aws-security

:: Uptycs CNAPP for Hybrid Cloud Security: https://www.uptycs.com/resources/datasheets/uptycs-for-cloud-native-applications-cnapp

:: Kubernetes and container security: https://www.uptycs.com/resources/datasheets/kubernetes-container-security

:: Uptycs Vulnerability Management: https://www.uptycs.com/resources/uptycs-vulnerability-management

:: Uptycs File Integrity Monitoring (FIM): https://www.uptycs.com/resources/datasheets/uptycs-file-integrity-monitoring-fim

:: Uptycs for IBM LinuxONE, LinuxONE 4 Express, Linux on Z, Linux on IBM Power, and AIX: https://www.uptycs.com/resources/datasheets/ibm-aix-security

:: Uptycs MDR for outsourced detection and response: https://www.uptycs.com/services/mdr-managed-detection-response

:: Case Study: Lookout Relies on Uptycs for AWS Security and Compliance: https://www.uptycs.com/case-studies/lookout

Reach out directly to learn more about how we can tailor solutions to your unique needs.

Uptycs provides custom pricing for customers via Private Offer. Please contact aws@uptycs.com for a better understanding of our pricing model and products.

Highlights

Complete, consistent coverage. Secure public and private cloud, Kubernetes, rare Linux distros, IBM LinuxONE, developer endpoints, and the software pipeline. Scales from hundreds to millions of workloads with proven reliability. Learn more at https://www.uptycs.com/products/cnapp.
Deeper data delivers better insights. Correlate real-time insights with historical data to prioritize the threats and vulnerabilities that matter. Get 13-month lookback for compliance and forensic analysis, and Ask Uptycs for on-the-fly investigations.
Remediation requires cloud speed. Slash MTTR by 50% with real-time ATT&CK-mapped detections and blast radius visibility from laptop to code to cloud.

Details

Sold by

Uptycs

Unlock automation with AI agent solutions

Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.

Explore AI agent solutions

Features and programs

Vendor Insights

Info

Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.

Security credentials achieved

(1)

SOC2

View security profile

Financing for AWS Marketplace purchases

AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.

View financing details

Quick Launch

Leverage AWS CloudFormation templates to reduce the time and resources required to configure, deploy, and launch your software.

Learn more

Pricing

Uptycs CNAPP

Info

View purchase options

Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.

Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.

12-month contract (2)

Info

Dimension	Description	Cost/12 months
Uptycs Cloud Audit (100 Cloud Workloads)	Inventory, Compliance, Vuln Mgmt, Risks, IaC, and Identity Analytics.	$12,000.00
Uptycs Cloud Secure (100 Cloud Workloads)	Cloud Audit + Workload Protection, Forensics, and Threat Detections.	$18,000.00

Vendor refund policy

All fees are non-cancellable and non-refundable except as required by law.

How can we make this page better?

We'd like to hear your feedback and ideas on how to improve this page.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Delivery details

Software as a Service (SaaS)

SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

Resources

Vendor resources

Uptycs Customer Portal

Support

Vendor support

support@uptycs.com support.uptycs.com

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Product comparison

Info

Updated weekly

Uptycs CNAPP

By Uptycs

Orca Security CNAPP Cloud Security Platform

By Orca Security CNAPP

Singularity Cloud Security - AI Powered CNAPP

By SentinelOne

Accolades

Info

Top

In Monitoring, Application Development

Top

In Observability, Software Development

Customer reviews

Info

Sentiment is AI generated from actual customer reviews on AWS and G2

Reviews

Functionality

Ease of use

Customer service

Cost effectiveness

13 reviews

Positive

Mixed

Insufficient data

223 reviews

Positive

Mixed

32 reviews

Positive

Positive reviews

Mixed reviews

Negative reviews

Overview

Info

AI generated from product descriptions

Cloud Security Coverage

Comprehensive security monitoring across 40+ AWS services including compute, containers, storage, databases, networking, and security services

Threat Detection Mechanism

Anomaly and behavior-based detection with advanced threat identification using osquery-based agent with eBPF technology

Infrastructure as Code Security

Identify, prioritize, and fix misconfigurations and policy violations in Infrastructure as Code (IaC) environments

Identity and Access Management

Comprehensive visibility and management of IAM policies, users, roles with Identity Threat Detection and Response (ITDR) capabilities

Compliance and Monitoring

Support for multiple compliance standards including CIS benchmarks, HIPAA, ISO 27001, NIST, PCI, and SOC 2 with continuous security telemetry monitoring

Cloud Asset Discovery

Agentless scanning technology providing comprehensive visibility across cloud infrastructure and platform assets

Risk Prioritization

Advanced risk scoring mechanism that identifies and correlates potential attack paths and security vulnerabilities

Security Integration

Seamless integration into CI/CD processes for continuous security assessment throughout software development lifecycle

Generative AI Analysis

AI-powered investigation and remediation capabilities for enhanced security threat detection and response

Multi-Domain Security Coverage

Unified platform integrating multiple cloud security domains including CSPM, CWPP, CIEM, DSPM, container and API security

Cloud Native Security Engine

Agentless Cloud Native Application Protection Platform (CNAPP) with a unique offensive security engine for comprehensive cloud security

Multi-Cloud Asset Management

Includes asset inventory, graph explorer, and security posture management across public and private cloud environments

Advanced Threat Detection

Real-time AI-powered detection and prevention of runtime threats including ransomware, zero-days, and fileless attacks

Infrastructure Security Scanning

Comprehensive scanning capabilities including Infrastructure as Code (IaC), secrets scanning, and vulnerability assessment

Cloud Object Storage Protection

AI-powered malware detection for cloud object storage with millisecond scanning and automated quarantine capabilities

Security credentials

Info

Validated by AWS Marketplace

FedRAMP

GDPR

HIPAA

ISO/IEC 27001

PCI DSS

SOC 2 Type 2

No security profile

Contract

Info

Standard contract

Customer reviews

Leave a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 AWS reviews

14 external reviews

Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.

Rajitha A.

A unified solution to improve IT management and operations – all in one.

Reviewed on Jan 27, 2025

Review provided by G2

What do you like best about the product?

Uptycs is good for its comparitive feature. It can analyse several tools of the same category and assist in making the correct choice at the end. This is particularly helpful for people like me who constantly flip between a few tools when I needed to select the best for cloud security.

What do you dislike about the product?

To facilitate a more rapid decision-making process, I suggest adding more concise and clear recommendations or summaries.

What problems is the product solving and how is that benefiting you?

As a security professional, it is important to me to have relevant non-compliance points and to decrease the risk of those non compliance points to the infrastructure. Uptycs is advantageous to me because I can see the compliance status of the cloud infrastructure and I can also enforce it with automated compliance checks.

Computer & Network Security

Uptycs – an advanced security monitoring tool, albeit expensive.

Reviewed on Jan 26, 2025

Review provided by G2

What do you like best about the product?

Very good tool for monitoring security, compliant with CIS or PCI DSS standards. I like the ability to create your own SQL queries in network security research.

What do you dislike about the product?

It's a pity that the price is high, I would gladly continue using this tool if it weren't for the high fees.

What problems is the product solving and how is that benefiting you?

Uptycs addresses issues with visibility across environments, maintaining compliance, excessive false positives, securing containers, and the lack of flexibility in customizing tools to meet individual needs.

reviewer2301639

Great features, good support, and lots of functionality

Reviewed on Oct 27, 2023

Review provided by PeerSpot

What is our primary use case?

We are using the solution for configuration and file integrity management. It's a validation tool.

What is most valuable?

They have multiple great features.

It offers most of the functionalities we need.

What needs improvement?

The one thing missing is the IPS part, the blocking part.

We end up facing a lot of issues after upgrades.

For how long have I used the solution?

I've been using the solution for three or more years.

What do I think about the stability of the solution?

The solution is somewhat stable. It depends on how we are integrating it. Apart from the major upgrades and bugs around that, I'd rate the stability six or seven out of ten.

What do I think about the scalability of the solution?

The solution is scalable. It covers multiple functionalities, operating systems, and clouds.

We have around 10,000 users on the solution currently.

How are customer service and support?

Technical support is good. They provide us with valuable assistance.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup was really hard since the profiles you have to build around certain things. We had a lot of challenges implementing it.

It was a bit time-consuming to set up.

What's my experience with pricing, setup cost, and licensing?

The pricing is moderate compared to other products in the market. However, it is not the cheapest option.

Depending on the requirements and how it is used, it's worth the money spent.

What other advice do I have?

I'm an end-user.

We use the solution on multiple clouds.

I'd advise users to validate which product and metrics will help them the most. The solution has multiple functionalities. Don't go in blindly. Know what you want to get out of the product.

I'd rate the solution eight out of ten based on the scalability potential.

Which deployment model are you using for this solution?

Public Cloud

Joseph M.

Excellent lightweight EDR with full Mac support

Reviewed on Aug 03, 2023

Review provided by G2

What do you like best about the product?

It's tought ot find an EDR with decent support for Macs, there's plenty of options for Windows but if you're in a hybrid environment you're likely to notice the difference between endpoint systems. Uptycs supports Windows/Mac/Unix equally with a full set of detections for each. Inplementing Uptycs is a breeze, and the continuous development means you remain on the cutting edge. Systems are easy to use and figure out, tuning is straigtforward

What do you dislike about the product?

Communications around bugs is lacking. The backend is constantly under development which means things will change, and not always in a way you may want them to. Removing Uptycs from a Mac remotely is challenging at best, although this is mostly due to Apple.

What problems is the product solving and how is that benefiting you?

Uptycs isa full suite EDR/XDR and can provide an MDR as well. We use the EDR and MDR capabilities to cover corporate assets for compliance, governance, and security purposes.

Bharath K.

Uptycs OS Query

Reviewed on Jul 19, 2023

Review provided by G2

What do you like best about the product?

The Detections are in detail with Process tree and Associated files are written in detail with their Hashes and the account used to execute.

What do you dislike about the product?

The Dashboard.
A common search bar would be easy for analyst to search Hostnames/IP

What problems is the product solving and how is that benefiting you?

Endpoint security solution.
If Thread Adversaries try to evade detections Defender/Falcon Uptycs was able to capture those events

View all reviews