Use cases
Resources
See what your cloud is really doing
CloudFence Security engine continuously learns and establishes network and identity behavior baseline of every asset in your cloud, and helps you swiftly detect and stop suspicious behavior deviations before they become breaches.
CloudFence provides us a visual traffic analysis which has allowed us to reduce our troubleshooting times, and reduce our exposure.
For years I've talked with people about using VPC flow logs to limit security groups to only used ports on workloads, and finally Mounira REMINI and CloudFence have done it. I suggest checking out their solution if you've got someone dedicated to network and/or identity security in the cloud, they've made things very actionable from a practitioner over categories point of view.
With CloudFence, we finally have clear, real-time visibility into our cloud network traffic. It helps us baseline normal activity, spot anomalies early, and close critical blind spots — a vital layer in our cloud security strategy.
The GAP
Your Infrastructure Moved to the Cloud. Has your Network Security?
Posture management platforms analyze configurations, and traditional Network security relies on on-prem playbooks: virtual appliances and static rules, that don't scale in the cloud and don't learn behavior.
But today’s cloud environments are not predictable. AI agents, ephemeral workloads, and constantly changing communication patterns make static security models fall short.
Legacy tools tell you what could happen
Relies on configuration analysis. Assume you’re safe if the configuration “looks right”
Uses predefined network rules and perimeter controls
Recommend hardening based on policy assumptions
Overlook outbound and east‑west traffic
CloudFence, shows you what is happening
Learns how workloads actually communicate and flags unusual behavior
Detects real-time deviations across network and identity
Enforces least-privilege based on actual usage
Monitors and baseline egress traffic at scale
How it works
The 3-Step Process
Step #1
Authorize
Create a read-only IAM role for Identity and Network logs.
Step #2
Ingest
CloudFence processes logs and builds behavior baselines.
Step #3
Secure
Receive alerts and optimize security policies instantly.
demo
CloudFence in action
FAQ
How is CloudFence different from CSPM or CNAPP?
CSPM and CNAPP focus on misconfigurations and posture especially Ingress. CloudFence focuses on behavioral detection — it learns normal patterns for every workload by looking at network and identity logs, builds baselines, and flags suspicious deviations in real time, especially in outbound traffic. It complements posture tools by catching what static config oriented checks miss.
How is CloudFence different from a SIEM?
SIEMs collect and store logs but rely on manual rules and tuning to find threats. CloudFence automatically analyzes network and identity behavior, builds per-workload baselines, and detects unusual activity without rule engineering — delivering fast, focused, actionable detections purpose-built for the cloud.
Can CloudFence block traffic?
CloudFence itself focuses on detection and visibility, not inline blocking. However, it can integrate with your cloud controls (like security groups, firewalls ) to automate response actions or trigger blocking through your existing infrastructure.
How is pricing structured?
CloudFence charges a flat yearly fee, based on the number of workloads with active interfaces generating traffic. This model provides cost predictability, eliminates surprises, and scales with your actual environment. Integration and hosting are fully managed, and we offer unlimited seats for your security and operations teams.
More FAQ & Answers
The Behavioral Security Layer Your Cloud Is Missing
Move beyond static rules and legacy network appliances in the cloud. Detect behavioral deviations, enforce usage-based least privilege, control egress traffic, and visualize workload communications - all powered natively from your cloud logs