• Unlimited Users
  • Unlimited Custom Signatures
  • Unlimited Daily Reports
  • Unlimited API Access
  • SSO via SAML 2.0
  • CIS AWS Foundations Benchmark Report
  • Start Trial




  • Up to 5 Users
  • Up to 5 Custom Signatures
  • Up to 5 Daily Reports
  • Email Support
  • CIS AWS Foundations Benchmark Report
  • Start Trial




  • Unlimited Users
  • Unlimited Custom Signatures
  • Unlimited Daily Reports
  • Unlimited API Access
  • SSO via SAML 2.0
  • Email and Phone Support
  • CIS AWS Foundations Benchmark Report
  • Start Trial

* All per account products require an annual contract.
For organizations that want to run ESP in their own AWS instance, a Private SaaS licence is also available.

Enterprise Plan Compliance Add-Ons

Frequently Asked Questions (FAQ)

Q: How long does the free trial last?
A: The default trial period is 14 days.

Q: Is a credit card required for my free trial?
A: No. A credit card is not required for a free trial account – so you can sign up with no commitment. Credit card information is only requested when you are ready to begin a paid subscription.

Q: Can I add additional users and accounts to my free trial?
A: Yes. The free trial gives you Enterprise Plan access, so you can add as many users and accounts as you need.

Q: What happens at the end of my trial?
A: Once your trial period is over, you will be given the option to sign up for a paid subscription. You may also contact your local Sales representative to understand the different pricing and delivery options available. If you do not subscribe to use ESP at the end of your trial, your account and data will cease to function.

Q: How do I get started using Evident Security Platform?
A: Follow the instructions in our Docs site to set up your account and connect to your AWS account: Onboarding ESP Instructions

Q: How do I make the most of the 14 day trial?
A: We've created this action plan so you can get try out the key ESP features and start to mitigate risks across your infrastructure: New Customer Walkthrough

Q: How do I monitor risk alerts?
A: Learn how to read the alerts dashboard here: Alerts Documentation

Q: How do I generate reports?
A: Learn how to generate risk reports here: Reports Documentation

For more information about how to use the Evident Security Platform visit

Q: What is the Evident Security Platform (ESP)?
A: The Evident Security Platform is the first and only cloud-native infrastructure security solution providing full coverage of all AWS accounts, services, and regions. ESP combines the detection and analysis of misconfigurations, vulnerabilities, and risk – with guided remediation and audit capabilities to meet compliance requirements – all in one solution. ESP was designed specifically to help modern IT and DevOps teams implement and maintain security within the AWS shared responsibility model.

ESP enables IT, Security, Engineering, and Operations with a continuous global view of security risk, with the actionable intelligence needed to rapidly remediate and secure their entire AWS Infrastructure.

Q: How Does ESP Work?
A: ESP gathers the AWS service configuration data, CloudTrail data, and other information from each AWS account via the Amazon APIs. This data is then input into the ESP risk analysis engine that generates a detailed assessment of the security risks, misconfigurations and vulnerabilities it detects.

Q: Does ESP Work Like An Active Vulnerability Scanner for AWS?
A: No. ESP is neither an active or passive vulnerability scanner in the traditional sense. Unlike traditional, on-premise / virtual vulnerability scanners that use active scanning technology, ESP  does not directly “scan” AWS assets to identify OS or Application layer vulnerabilities running inside instances – as it cannot view the actual contents of EC2, S3, RDS, Redshift, or other services. ESP operates at the control plane layer of AWS and uses a passive methodology to collect vulnerability and configuration data via the Amazon APIs, providing a detailed security assessment of the underlying Amazon Web Services infrastructure.

Q: Does ESP Help Me Meet Requirements of the Shared Responsibility Model?
A: Yes. Amazon manages security of the AWS cloud, while security in the cloud is the responsibility of the customer. The customer is responsible for ensuring the security and configuration of the services running in AWS – such as EC2, EBS, S3, Route 53, etc, in addition to the applications and OS’s they implement.

Q: How Does ESP  Gather Security Information From My AWS Accounts?
A: The ESP Platform leverages Cross-Account IAM Roles with read-only access to your AWS services using the Audit IAM role. ESP uses the AWS assume role function and generates a secure, one-time AWS STS token each time it communicates with the Amazon API when gathering configuration information on your infrastructure. This is significantly more secure than other solutions that require you to provide API keys to assess your security posture.

Q: What Data Does ESP Collect From My AWS Accounts?
A: ESP  operates at the control plane layer of AWS and gathers the accessible metadata about your AWS resources through the AWS APIs.

Q: Do I need to install agents anywhere?
A: No. ESP  is agentless, nonintrusive, and does not modify or actively change any of your AWS deployment configurations.

Q: Does ESP impact the performance of my AWS deployment when collecting vulnerability and configuration data?
A: No. Because ESP is interacting directly with the AWS API at the control plane, it does not impact the performance of any instances or services running in your AWS accounts.

Q: How quickly can I get ESP up and running?
A: A 14-day free trial is available to evaluate the Evident Security Platform. Once signed up and configured with your Amazon Account information – which takes approximately 2-3 minutes – ESP will start providing actionable security and risk information on your Amazon accounts within approximately 5 minutes. You can follow the instructions here to get started.

Q: How Does ESP rank AWS cloud risks?
A: The configuration information from you AWS accounts are analyzed by a risk engine that determines the severity of risk to help organizations prioritize their remediation efforts. Each vulnerability of misconfiguration is tagged with a specific severity status indicating:

High: High severity alerts pose the most significant risk to your AWS deployment and should be examined and remediated as soon as possible.

Medium: A medium severity alert identifies issues that should be tracked and scheduled for remediation.

Low: Low level alerts may not be applicable or local business rules have determined that it is not a threat.

Q: Does ESP integrate with other secure authentication mechanisms?
A: Yes:  ESP provides Multi-factor Authentication (MFA), Single Sign-On (SSO), and other secure authentication capabilities to further secure access to the platform. We strongly encourage you use this added level of security.

Q: Does Encrypt my Data?
A: Yes. Customer data is always encrypted during collection, in transit when inside our VPCs, and at rest in our data stores. At account termination your account and any data used to identify your infrastructure will be purged from our systems.

Q: How many AWS accounts can I view at one time?
A: has many customers that have tens or hundreds of AWS accounts running in ESP – providing a single, consolidated view of their entire AWS deployment. The information for each separate account can be accessed from this global view with detailed drill down into specific services and vulnerabilities based on risk.

Q: What are custom signatures?
A: Signatures validate conditions that trigger alerts to potential security vulnerabilities. While ESP uses default signatures to evaluate the most common security vulnerabilities and misconfigurations, custom signatures provide organizations with the flexibility to extend the ESP platform to meet individual business needs.

Q: How many custom signatures can I create?
A: Customers can create an unlimited number of custom signatures. However, the number of custom signatures is restricted based on the Evident account type. The Professional Plan allows for five (5) custom signatures, and the Enterprise Plan has unlimited custom signatures.

Q: How are users defined within ESP ?
A: Users are named individuals who can view security reports and configure alerts, signatures, suppressions, and accounts monitored by the platform. More information on users can be found in the blog post Segregation of Duties with ESP Organizations.

Q: Does ESP provide a daily report?
A: Daily Risk Summary Reports are emailed to ESP users identifying new risks from the last 24 hours and summarizing the previous alerts per account and service.

Q: What are the different deployment models available?
A: ESP is available as a SaaS-based solution. You can also license ESP Private SaaS to operate in your own AWS instance to ensure data privacy and data sovereignty. Please contact an sales representative to help you identify the solution that is right for you.

Q: Where can I find out more information about ESP Private SaaS?
A: Please contact a local sales representative. Documentation about ESP Private SaaS is available here.

Q: I'm using AWS GovCloud or C2S, how do I get started?
A: The Federal Sales team will show you how our Government Edition securely delivers Continuous Diagnostics and Mitigation to AWS cloud environments.

Contact Federal Sales to speak to someone about our government solutions for AWS (including GovCloud and C2S), Azure, or cloud compliance.

Q: Where can I find support?
A: You can search our Knowledge Base, participate on our Forums, contact us on our Support Portal, or email us directly at

Q: Can I check the current status of ESP?
A: Check out our Status page for real-time updates on events impacting ESP.