Cloud security and risk operations. Unified.
CloudSignals+RiskOps™ gives your security and GRC team a single operating system for multi-cloud posture management, risk quantification, compliance evidence, and AI-powered risk narratives. Start free today.
- AWS, Azure, and GCP scanning
- SOC 2, ISO 27001, PCI DSS & more
- GenAI risk chat & risk narratives
- Deploy in < 15 minutes
Start free. Scale as you grow.
Every plan includes multi-cloud CSPM, compliance frameworks, and GenAI risk chat. Upgrade to unlock Risk Register, TPRM, advanced integrations, and enterprise controls.
Free
Low-friction entry point for posture discovery and platform evaluation. No credit card required.
Limited scan quota & asset count. Upgrade anytime.
- 1 cloud account connected
- Limited posture scans per month
- Basic findings visibility
- 1 compliance framework preview
- TPRM & RiskOps preview (5 records)
- Community support
Growth Trial
Most PopularFull-featured 14-day Premium trial with the complete findings-to-risk-to-treatment workflow. Payment method required; cancel before trial end to avoid billing.
Converts to Premium at end of trial. Cancel anytime before then.
- Unlimited cloud accounts & scans during trial
- Full Risk Register, Threat Register & Scenario Studio
- Portfolio Analytics & RiskOps Insights
- All compliance frameworks (SOC 2, ISO, PCI, CMMC, HIPAA)
- Vision AI Chat with tenant intelligence
- TPRM full access & report exports
- Jira integration
Premium
The full CloudSignals+RiskOps operating system for growing security and GRC teams ready to operationalize cloud risk.
Billed monthly. Annual plans available — contact sales for discount.
- Multi-cloud CSPM across all accounts
- Risk Register, Threat Register, Scenario Studio
- Managed Entities & GRC users (up to 10)
- Vision Chat with tenant intelligence context
- Jira, reports, exports & practical TPRM
- Email support with SLA
- 99.9% uptime SLA
Enterprise
CustomAdvanced CloudSignals+RiskOps for regulated teams with complex operating needs, large cloud portfolios, and procurement-led security programs.
Tailored to your cloud footprint, asset count, and deployment model. Volume discounts available.
- Everything in Premium, plus:
- SSO / SAML & advanced user management
- Advanced data retention & audit logging
- Premium Vision AI usage & advanced integrations
- Dedicated customer success manager
- Advanced TPRM workflows
- Optional dedicated cloud runtime
- Custom onboarding & SLA > 99.9%
White-label Provider
MSP / MSSPBuild a branded CloudSignals+RiskOps service line. Dedicated operating model for MSSPs, MSPs, and VARs delivering cyber, GRC, and CSPM to their clients.
Priced per managed tenant or monthly active customer. Volume tiers available.
- Provider & MSP branding profiles
- Multi-tenant MSP management console
- Customer-segmented runtime strategy
- Provider-scale RiskOps & TPRM
- Release governance & support audit trail
- Partner onboarding & enablement program
Everything included, tier by tier.
Detailed breakdown of what's in each CloudSignals+RiskOps plan so you can make an informed procurement decision.
| Feature | Free | Growth Trial | Premium | Enterprise | White-label |
|---|---|---|---|---|---|
| Cloud Posture (CSPM) | |||||
| Cloud accounts | 1 | Unlimited | Unlimited | Unlimited | Multi-tenant |
| AWS / Azure / GCP scanning | ✓ | ✓ | ✓ | ✓ | ✓ |
| Monthly scan quota | Limited | Unlimited | Unlimited | Unlimited | Unlimited |
| Findings severity triage | ✓ | ✓ | ✓ | ✓ | ✓ |
| Asset inventory | Starter limit | Full | Full | Full | Full |
| Risk & Compliance Operations | |||||
| Risk Register | Preview | ✓ | ✓ | ✓ | ✓ |
| Threat Register | — | ✓ | ✓ | ✓ | ✓ |
| Scenario Studio | — | ✓ | ✓ | ✓ | ✓ |
| Portfolio Analytics | — | ✓ | ✓ | ✓ | ✓ |
| Compliance frameworks | 1 preview | All 14+ | All 14+ | All 14+ | All 14+ |
| TPRM records | 5 preview | Full access | Full access | Advanced | Provider-scale |
| Audit-ready reports | — | ✓ | ✓ | ✓ | ✓ |
| AI & Intelligence | |||||
| Vision AI GenAI Chat | — | ✓ | ✓ | Premium usage | Premium usage |
| RiskOps AI Insights | — | ✓ | ✓ | ✓ | ✓ |
| Executive risk narratives | — | ✓ | ✓ | ✓ | ✓ |
| Integrations & Exports | |||||
| Jira integration | — | ✓ | ✓ | ✓ | ✓ |
| CSV / PDF exports | — | ✓ | ✓ | ✓ | ✓ |
| Advanced integrations (SIEM, ticketing) | — | — | — | ✓ | ✓ |
| Enterprise & MSP Controls | |||||
| GRC user seats | 1 | Unlimited (trial) | Up to 10 | Unlimited | Unlimited |
| SSO / SAML | — | — | — | ✓ | ✓ |
| Advanced data retention | — | — | — | ✓ | ✓ |
| Custom branding | — | — | — | — | ✓ |
| Multi-tenant MSP console | — | — | — | — | ✓ |
| Dedicated runtime (optional) | — | — | — | ✓ | ✓ |
| Support & SLA | |||||
| Support channel | Community | Community | Email + SLA | Dedicated CSM | Partner program |
| Uptime SLA | — | — | 99.9% | 99.9%+ | Custom |
| Custom onboarding | — | — | — | ✓ | ✓ |
Built different, by design.
Most security platforms make you choose between CSPM and GRC, or require separate products and separate budgets. CloudSignals+RiskOps was architected to bridge both — with AI at the center.
AI-native, not AI-bolted
GenAI risk narratives, Vision AI Chat, and agentic remediation are built into every workflow — not added as a premium add-on. Your findings become business risk stories automatically.
CSPM + GRC in one platform
Most orgs buy a cloud scanner and a separate GRC tool. CloudSignals eliminates the gap — posture findings flow directly into risk registers, threat scenarios, and audit evidence.
Built for mid-market scale
Priced and designed for 50–5,000 employee organizations. Enterprise capabilities without enterprise complexity. Get your first compliance report in under an hour — not months.
White-label from day one
MSSPs and MSPs can deliver a fully branded CloudSignals+RiskOps service line to their clients without custom development. Multi-tenant console, provider branding, and partner enablement included.
Part of a unified platform
CloudSignals is the first solution of a broader AiVRIC platform — Defense, Offense, and Vision are all in development and share the same data fabric. Your investment grows with the platform.
Deploy your way
SaaS, customer-hosted private cloud, or hybrid. Data residency controls, BYOK support, and optional dedicated runtimes for regulated industries that need full data sovereignty.
What CloudSignals+RiskOps replaces.
A standalone CSPM tool, a separate GRC platform, and a standalone TPRM tool — CloudSignals consolidates all three under one login and one contract.
Connect your cloud account, run a scan, and generate a SOC 2 or ISO 27001 evidence report in under an hour. No professional services engagement required.
Replace 6–8 weeks of manual audit prep with continuous evidence collection. Your compliance posture is always current — not frozen at audit time.
How CloudSignals compares.
The CSPM and GRC market is crowded — Vanta, Wiz, Prisma Cloud, and Todyl are all credible platforms. Here's an honest, side-by-side look at where CloudSignals+RiskOps fits and where it leads.
Note: Competitive data is based on publicly available documentation, pricing pages, and product reviews as of 2025. Contact us to discuss specific capability gaps for your use case.
| Capability | CloudSignals +RiskOps™ |
Vanta | Wiz | Prisma Cloud (Palo Alto) |
Todyl |
|---|---|---|---|---|---|
| Primary focus | CSPM + GRC + AI RiskOps | GRC / Compliance | CSPM / CNAPP | CNAPP (Enterprise) | MSSP Bundle |
| Free tier available | Yes | — | — | — | — |
| Multi-cloud CSPM (AWS / Azure / GCP) | ✓ | Limited | ✓ | ✓ | — |
| Risk Register & GRC workflows | Native | ✓ | — | Limited | — |
| TPRM (third-party risk) | ✓ | ✓ | — | — | — |
| Compliance automation (SOC 2, ISO, PCI, CMMC) | ✓ | ✓ | Limited | ✓ | — |
| AI GenAI Chat + risk narratives | Native | — | — | — | — |
| Agentic auto-remediation | AIRE mesh | — | — | — | — |
| White-label / MSP model | Built-in | — | — | — | ✓ |
| Deployment options | SaaS + Private + Hybrid | SaaS only | SaaS only | SaaS + Cloud | SaaS only |
| Mid-market pricing & accessibility | Free tier + $499 | ~$800+/mo | Enterprise / Custom | Enterprise / Custom | Channel / Custom |
| Integrated offense / exposure testing | Roadmap (RogueAgent) | — | — | — | — |
| Time to first scan result | < 15 min | Hours to days | Minutes (setup) | Days (PS needed) | Channel managed |
Data based on publicly available product documentation, pricing pages, and G2/Gartner Peer Insights reviews as of 2025. Competitive capabilities evolve rapidly — always conduct your own evaluation. Schedule a live comparison demo →
Common procurement questions.
Answers to the questions security leaders, procurement teams, and GRC practitioners ask most often before purchasing CloudSignals+RiskOps.
Can I run a proof of concept before committing?
Yes. The 14-day Growth Trial gives you the full Premium feature set. Stripe collects a payment method to activate the subscription trial, but you are not charged during the trial period. This includes unlimited cloud accounts, all compliance frameworks, Risk Register, TPRM, Vision AI Chat, and every integration. We recommend running the trial against a real cloud environment for the most representative evaluation.
What cloud platforms does CloudSignals support?
CloudSignals natively scans Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Multi-account and multi-organization scanning is supported on all three. Additional cloud providers and SaaS connectors are on the roadmap.
How is pricing structured for large cloud environments?
The Free and Premium tiers are flat-rate. Enterprise and White-label pricing is scoped to your cloud footprint — based on number of cloud accounts, managed asset count, and deployment model. Contact our sales team for a tailored quote that reflects your actual environment size.
Is my data stored in the United States?
By default, all SaaS tenants are hosted in US-based cloud infrastructure. Enterprise and White-label customers can request EU or specific regional data residency. Customer-hosted deployment options are available for organizations that require full data sovereignty, with your team controlling the runtime environment entirely.
Does CloudSignals support SOC 2 Type II and ISO 27001?
Yes. CloudSignals+RiskOps includes pre-built control mappings for SOC 2 Type II, ISO 27001, PCI DSS, CMMC Level 2, HIPAA, and more. The platform continuously collects evidence against these frameworks and generates audit-ready reports. Your GRC team can export evidence packages directly to auditors without manual assembly.
Can we run CloudSignals in our own cloud environment?
Yes. Customer-hosted (BYOC/private cloud) deployment is available on the Enterprise and White-label tiers. You deploy the CloudSignals runtime in your own AWS, Azure, or GCP account. AiVRIC provides the application, your team controls the infrastructure, and no data leaves your environment.
What's included for MSPs and MSSPs?
The White-label Provider tier includes a multi-tenant MSP management console, provider and client branding profiles, customer-segmented runtime strategy, provider-scale TPRM workflows, and a dedicated partner enablement program. MSSPs can build fully branded CloudSignals+RiskOps service lines for their end clients without custom development work.
What happens after my 14-day trial ends?
At the end of the Growth Trial, your subscription converts to Premium monthly billing unless you cancel before the trial expires. Your data and configurations are preserved either way, and Stripe sends billing confirmation so you have a clear record of the subscription status.
Start your security operations transformation.
CloudSignals+RiskOps is available today. Start free in 15 minutes, or talk to our team to design a rollout plan that fits your security program, budget, and compliance timeline.