Tracebit logo

    Tracebit

    Sold by
    Tracebit generates and maintains tailored canary resources in your cloud environments, closing gaps in stock intrusion detection without time and cost intensive detection engineering.

    Ratings and reviews

    4.9
    14 ratings
    4 star
    3 star
    2 star
    1 star
    100%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    14 external reviews
    External reviews are from G2 .

    Filters

    Review type

    AWS Marketplace reviews
    External reviews
    Reviews (14)
    Computer & Network Security

    Strong deception tooling with high-confidence, actionable alerts

    Reviewed on Jul 01, 2026
    Review provided by G2
    What do you like best about the product?
    Tracebit has been a great fit for our team. As a small security team without a dedicated SOC, we need tools that give us maximum visibility with minimal noise. Tracebit lets us deploy meaningful canaries across our AWS environment without needing analysts watching dashboards. The alerts are actionable and low on false positives, which is critical when you don't have people to spare on triage. The team is excellent to work with, genuinely responsive, and open to feedback.
    What do you dislike about the product?
    Nothing at the moment, we're happy with the product.
    What problems is the product solving and how is that benefiting you?
    Tracebit gives us a detection layer that doesn't depend on knowing what an attack looks like in advance. Traditional detection rules need you to anticipate the attacker's behaviour, but canaries trigger on any interaction, legitimate users have no reason to touch them. For a small team that can't write and maintain hundreds of detection rules, that's a big deal. It means we get high-confidence alerts for things like credential misuse, lateral movement, or reconnaissance without building custom detections for every scenario. It also fills gaps that our SIEM can't easily cover, things like someone enumerating resources or accessing dummy secrets that should never be touched.
    Financial Services

    tracebit: Natural-Looking Canaries with Reliable Log-Ingestion Detection

    Reviewed on Jul 01, 2026
    Review provided by G2
    What do you like best about the product?
    We particularly appreciate that the canaries blend naturally into the environment while remaining effective at detection, and we also like tracebit's approach of basing detection on log ingestion rather than on out-of-band methods.
    What do you dislike about the product?
    Most of the gaps we identified in our initial evaluation have either been addressed or are currently being worked on. The pace of development has been impressive, so we have no major concerns at this time.
    What problems is the product solving and how is that benefiting you?
    Tracebit helps us detect suspicious activity in our cloud environment using AWS canaries and log-based detection. This improves the accuracy of alerts and reduces noise compared to other approaches. The realistic canaries also make detections more reliable and easier to trust.
    Internet

    Tracebit is a great IDS tool to have under your belt.

    Reviewed on Sep 23, 2024
    Review provided by G2
    What do you like best about the product?
    I thoroughly enjoyed working with Tracebit, their customer support is amazing! They move fast, thus they are able to fix issues and implement new features quickly. Tracebit is feature rich and works great, it is contantly ensuring that resources are safe and catches every time any unussual activity happens in configured accounts. It was very easy to install with Terraform. It works with AzureAD SSO integration and MS Teams as reporting channel! We didn't continue with Tracebit because of orgisational contraints at our end and not of any short comings of the service or team behind it. Tracebit isn't anything, but a great service.
    What do you dislike about the product?
    Being a start up the feature set is growing.
    What problems is the product solving and how is that benefiting you?
    Tracebit solves the issues of detecting any access by an unauthorized individual. It will page us or alert us, depending on how severe the access was.

    More importantly, the alerts are easy to understand and uncommon, which ensures we only get alerts when we need them.
    James B.

    A Solid, Maturing Offering for a Growing Business

    Reviewed on Sep 20, 2024
    Review provided by G2
    What do you like best about the product?
    We were a launch partner with Tracebit and found the offering to be immediately useful to our expanding organisation whilst fitting in with our budgets. We were not mature enough to have a sophisticated Cyber Security Strategy and they helped advise us on many aspects of that throughout our relationship. The initial installation and integration with our AWS account was trivially easy and returned immediate visible value to us. More features were added and Tracebit was superb throughout in consulting with us and assimilating our feedback into their roadmap.
    What do you dislike about the product?
    I think the offering is idea for an expanding business moving from a startup phase to a more mature growth phase. If I were an enterprise customer with a large budget I might be tempted to go to a more mature offering purely because Tracebit may not yet have the breadth of features that other offerings have.
    What problems is the product solving and how is that benefiting you?
    Tracebit solves the problem of intrusion detection. This is giving us more confidence in our perimeters.
    Atanas V.

    Innovative and flexibale

    Reviewed on Sep 09, 2024
    Review provided by G2
    What do you like best about the product?
    The product team has great ideas and very innovative approach. I resonate a lot with the mission to detect adversaries in the cloud and I like that this has become their mission as well. Their solution is growing very rapidly and they expand it with more and more capabilities. The team is super flexible and innovative and they accept and listen to new suggestions and ideas which makes them extremely nice to work with!
    What do you dislike about the product?
    Looking forward for the product to mature
    What problems is the product solving and how is that benefiting you?
    Tracebit makes it really easy to deploy decoys in our cloud accounts!
    Financial Services

    My go-to choice for canary-based cloud threat detection

    Reviewed on Sep 09, 2024
    Review provided by G2
    What do you like best about the product?
    Tracebit excels in its ease of setup and extensive threat coverage. Deploying Tracebit across our Cloud environment took mere minutes, and the platform instantly started monitoring for threats with minimal configuration. The coverage is comprehensive, and the speed and accuracy of alerts give us confidence in quickly identifying potential threats. The Tracebit research and engineering team is at the forefront of AWS Cloud security, making their blog posts both insightful and enjoyable to read. Customer support is exceptional, I have direct assistance provided by the founding members.
    What do you dislike about the product?
    The solution performs well in addressing the technical challenges, but it truly shines when there's a true positive event, which, unfortunately, isn't frequent in my environment. This makes it a bit challenging for me to justify the business value consistently.
    What problems is the product solving and how is that benefiting you?
    Tracebit addresses the challenge of detecting suspicious activities within cloud environments. The platform’s canaries are a unique solution that proactively alerts us to potential breaches, particularly around sensitive credentials, significantly improving our mean time to detection and response, and security posture.
    Investment Banking

    Modern Canaries Without False Positives

    Reviewed on Sep 04, 2024
    Review provided by G2
    What do you like best about the product?
    Tracebit canaries cover a wide range of resources, both in and outside of AWS. You can create decoy S3 buckets in your environment, publish fake credentials to endpoints and pipelines, or even create dummy applications in your Okta instance.

    Deploying Tracebit took a matter of minutes, even across multiple accounts!

    After deploying, you can be confident the canary resources are set up and working correctly because you get notified whenever they aren't.

    Alerts arrive in your Tracebit instance within minutes of the activity occurring, giving you confidence that any potential threats are swiftly identified and can be addressed promptly, ensuring your environment stays secure and resilient against compromised identities. I am yet to receive a false positive alert from Tracebit, further reinforcing my trust in the accuracy and reliability of their detection system.
    What do you dislike about the product?
    Tracebit handles canary resources and credentials effectively.

    I believe their offering could be improved by incorporating automated remediation steps for critical alerts. For example, automatically applying an IAM deny policy to compromised users or roles would be valuable. While this is currently possible through integrations with third-party services like PagerDuty, it requires additional configuration and third party products. Integrating such capabilities directly into Tracebit's platform would enhance security response and reduce dependency on external tools.
    What problems is the product solving and how is that benefiting you?
    Provides insight into suspicious activity within our cloud environments and endpoints without needing to write custom rulesets, onboarding expensive SIEM tooling or ingest large volumes of logs ourselves.

    There's plenty solutions for more legacy credentials, such as SSH or web servers, however there isn't really anybody else doing what Tracebit are doing with cloud canaries.
    Brooks B.

    Tracebit is the pinnacle of deception technology!

    Reviewed on Sep 03, 2024
    Review provided by G2
    What do you like best about the product?
    Love working with Tracebit their customer support is amazing! They are able to fix issues and implement new features quickly. Tracebit is contantly ensuring out resources are safe and catches every time any unussual activity happens in our many accounts. It was very easy to install with Terraform and we have a three step runbook to add any account. It works on OKTA and laptop as well! Tracebit quickly provided an intergration for Panther that ensure we are always notified of issues. We use Tracebit all the time to ensure our enviroments are secure.
    What do you dislike about the product?
    Being a start up the feature set is growing.
    What problems is the product solving and how is that benefiting you?
    Tracebit solves the issues of detecting any access by an unauthorized individual. It will page us or alert us, depending on how severe the access was.

    More importantly, the alerts are easy to understand and uncommon, which ensures we only get alerts when we need them.
    Aaron M.

    Easy to use and helpful team

    Reviewed on Sep 03, 2024
    Review provided by G2
    What do you like best about the product?
    Ease of use. Customer SUpport. Easy integration
    What do you dislike about the product?
    Could have more native integrations but for our use case it is perfect
    What problems is the product solving and how is that benefiting you?
    Canary credentials have been instrumental in stopping breaches
    Information Technology and Services

    Thoughtful Deception

    Reviewed on Aug 30, 2024
    Review provided by G2
    What do you like best about the product?
    Low footprint, thoughtful approach to understanding your real threats; the team are curious and agile, tackling a real problem
    What do you dislike about the product?
    More coverage! More endpoints! Show me all the things in my environment
    What problems is the product solving and how is that benefiting you?
    Understanding real threats in our environment so we can focus on a risk- and threat- driven approach