Overview

Product video
Reco is the leader in Dynamic SaaS Security, the only approach that eliminates the SaaS Security Gap. This gap is driven by SaaS Sprawl, the proliferation of apps, AI, and identities, the challenge of keeping their configurations secure amidst constant updates, and the challenge of finding threats hidden within an ever growing number of events. Dynamic SaaS Security by Reco keeps pace with this sprawl, no matter how fast it evolves, by covering the entire SaaS lifecycle, cradle to grave. It tracks all apps, SaaS to SaaS connections, Shadow SaaS, AI Agents, and Shadow AI tools, including their users and data, and adds support for new apps in days, not quarters. Reco maintains airtight posture and compliance, even as apps and AI Agents are added or updated. And it also ensures accounts remain secure, access privileges are minimized, and alerts are provided for critical threats. Their AI based graph technology connects in minutes and provides immediate value to security teams to continuously discover all SaaS applications including sanctioned and unsanctioned apps, shadow apps, associated identities from both humans and machines, their permission level, and actions. Reco uses advanced analytics around persona, actions, interactions and relationships to other users, and then alerts on exposure from misconfigurations, over permission users, compromised accounts, and risky user behavior. This comprehensive picture is generated continuously using the Reco Knowledge Graph and empowers security teams to take swift action to effectively prioritize their most critical points of risk. Reco uses a low code and no code approach to add a new SaaS integration in 3 to 5 days.
Highlights
- App Discovery and SSPM Instantly track all apps, SaaS to SaaS, Shadow SaaS, AI Agents, and Shadow AI tools, including their users and data. Keep your posture and compliance airtight within business context, even as apps and AI Agents are added and updated.
- Identity & Access Governance Ensure that accounts are always secure, and access privileges are kept to a minimum.
- Identity Threat Detection and Response Get instant alerts on data theft, account compromise, and configuration drift with hundreds of pre built detection controls. Respond automatically with your existing tools.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Financing for AWS Marketplace purchases
Security credentials achieved
(2)


Pricing
Dimension | Description | Cost/12 months |
|---|---|---|
Reco Essential | SSPM - Posture Management & Compliance up to 3 integrations | $18,000.00 |
Reco Advanced | SaaS Security - SaaS detection and response, Identity & Access Governance with unlimited integrations | $90,000.00 |
Vendor refund policy
Please contact us at support@reco.ai
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
Standard contract
Customer reviews
Security posture management has provided clear SaaS and AI agent risk visibility and alerts
What is our primary use case?
I implemented Reco for cybersecurity posture management for SaaS applications, and also for AI agents posture, so SaaS security posture management and agent posture management. I am using Reco for detecting attacks and generating alerts on bad behavior in SaaS applications, not only posture.
I am using the eight different sensors for SaaS application discovery in my environment, and it works well. To be honest, I am not using that in depth, the discovery module; I know the SaaS applications that I have and I integrate them directly. I see that it's discovering applications through these sensors, and I am using the email one, which works well; it checks on the emails and sees if someone is using a SaaS application. But besides that one, I am not using the other sensors. That sensor is working well, but I am not, let's say, taking advantage of that module yet, the discovery module.
My impression of Reco's AI Agent Security features ability to discover and govern connected AI agents is that it works well; I am using that for my agents on Copilot Studio. I integrate Reco with Copilot Studio, and it's showing me the agents, the inventory of agents, and the posture of those agents. It's working well, but the only problem was with the integration with Copilot Studio because there was a centralized integration; I have to integrate with each environment in Copilot Studio, so it's not easy to integrate because I have to go one by one, one agent per agent. But once I am integrated, it's very good; it shows good information and posture risks on those agents, so it's working well.
I am aware of the pricing aspect of Reco.
I am not using Reco's agents for automating tasks in my business processes.
I do not use the device management feature in Reco.
What is most valuable?
What I like about Reco is that it's pretty easy to integrate with the applications; it's almost plug and play. The interface and the user experience of the interface are very good, and it's very easy to find the detections, alerts, to filter, and to navigate the interface. The support is also very good; I have been implementing the solution with them, and they have been helping me a lot. The support works well, and it's also very good at prioritizing the detections, so I don't see many false positives.
The key benefits that I have seen from using Reco are that it helps me to mitigate risks in SaaS applications; I have a lot of SaaS applications with many configurations inside. Without Reco, I am losing critical information to understand if I have risks in the cloud, so with Reco, I now have visibility. I am maybe not 100% sure, but in a high percentage, I can assure that I don't have high or critical risks in my SaaS applications, which are growing every day and becoming more important. It helped me to mitigate those risks, basically.
The coverage of SaaS applications is very good; they cover almost all of my SaaS applications, and they have a big list of SaaS applications supported.
What needs improvement?
I am not using the inclusion of LLMs in the knowledge graph yet; to be honest, I see that it's showing things, but until now, I don't see big value on that.
Apart from the integration with Copilot Studio that I mentioned, I would like to see more posture security controls added in some SaaS applications; I see a few of them, but it could have more.
I would like to see real-time detection in prompts included to Reco in the next releases, maybe in Copilot Studio to see if I have any attack or prompt injection or whatever in Copilot Studio and all the agent platforms to inspect those prompts.
For how long have I used the solution?
I have been working with Reco for one year.
What do I think about the stability of the solution?
I haven't had any performance or stability issues with Reco; it is stable.
What do I think about the scalability of the solution?
Regarding scalability, what I mean by scalable is that it scales in and out automatically, and I don't see that; it's transparent for me.
How are customer service and support?
The support is very good; I have been implementing the solution with them, and they have been helping me a lot. The support works well, and it's also very good at prioritizing the detections, so I don't see many false positives.
I would evaluate customer service and technical support from Reco as very good.
Which solution did I use previously and why did I switch?
Prior to adopting Reco, I had a feature that Netskope has for posture, SaaS posture management, which wasn't good; it was very immature.
How was the initial setup?
The deployment process was pretty smooth; they were with me, the support helped me to deploy the solution, and they sent me all the step-by-step procedures for integrating with the SaaS applications. It was pretty smooth, and I didn't have any challenges there; the only challenge was the Copilot Studio integration that I had to do for each Copilot Studio environment.
What about the implementation team?
I purchased Reco directly through the vendor.
What was our ROI?
It's difficult to find return on investment with Reco because it's more related to risk, to risk mitigation. I could say that maybe I have mitigated a couple of risks that could lead to money loss, but to be honest, I can't calculate that. Before Reco, I didn't have visibility on the posture of SaaS applications; it wasn't that I saved time with Reco; it was having more visibility and mitigating more risk, which is difficult to show as a return on investment.
What's my experience with pricing, setup cost, and licensing?
My experience with the pricing was reasonable; it was okay for the features and what the product provides. The contract, the negotiation, and everything were okay.
Which other solutions did I evaluate?
I evaluated a couple of other options; I decided to go with Reco mostly because of the integrations, the supported integrations, and the user experience. How it shows the detections is pretty clear and organized, while the others either didn't integrate with some of my SaaS applications or they showed the posture detections very confusingly or were missing detections.
What other advice do I have?
I am using Reco as a full SaaS.
The only disadvantage at that moment was that Reco wasn't so popular; it wasn't implemented in companies in my region, so that was the only risk; it was a new tool without experience in at least companies that I could ask for recommendations.
Based on my experience with Reco, I would say to test it, try it out, and see if it solves your problems. I have no advice to give except that it's a good product that has improved a lot over time. I would rate this review as a 9.