ThreatKey vs. Obsidian Security


Cybersecurity is more important than ever for organizations to protect their data and systems against constantly evolving threats. Two companies offering solutions in this space are ThreatKey and Obsidian Security. Both provide cybersecurity software to help businesses identify and remediate vulnerabilities.

This article will compare and contrast ThreatKey and Obsidian Security in depth, analyzing their features, target customers, strengths and weaknesses. Understanding the key differences between these two platforms can help organizations make an informed decision on which solution may suit their needs best.

Overview of ThreatKey

ThreatKey was founded in 2020 and is headquartered in San Francisco. Their platform uses security posture management to secure both SaaS applications and cloud infrastructure. It identifies security misconfigurations and ranks them based on misconfiguration data for prioritized remediation.

Key features and capabilities of ThreatKey include:

  • SaaS Security Posture Management (SSPM) - Scans SaaS apps like Salesforce, Google Workspace, and Office 365 to uncover risks.
  • Cloud Security Posture Management (CSPM) - Assesses cloud resources against best practices and hardens security.
  • Prioritized Remediation - Analyzes findings based on vulnerability data to prioritize remediation by risk.
  • Compliance Assistance - Continuously audits SaaS apps to ensure compliance with regulations.
  • Intuitive Interface - Easy to use with fast time to value.

ThreatKey is suited for organizations of all sizes looking to improve their SaaS and cloud security. It charges based on number of users, and offers flat-fee pricing options.

Overview of Obsidian Security

Obsidian Security was founded in 2017 and is headquartered in Newport Beach, CA. It focuses on securing SaaS applications by discovering and protecting sensitive data stored in them. Obsidian continuously scans SaaS apps for misconfigurations, suspicious user activity, and compromised credentials.

Key features and capabilities of Obsidian Security include:

  • SaaS Application Security - Scans SaaS apps like Salesforce, NetSuite, Microsoft 365 and more to identify misconfigurations.
  • SaaS Activity Monitoring - Monitors activity like anomalous file downloads to detect compromised accounts.
  • Compliance Assistance - Continuously audits SaaS apps to ensure compliance.

Obsidian is purpose-built for SaaS security, going deep into SaaS apps themselves. It charges based on the number of the highest user count of any SaaS applications connected.

Comparing Core Capabilities

While both platforms aim to improve SaaS security, ThreatKey and Obsidian Security have some key differences:

  • Scope - ThreatKey secures both SaaS apps and cloud environments. Obsidian just focuses on SaaS apps.
  • Approach - ThreatKey identifies risks and prioritizes remediation. Obsidian emphasizes a focus on detections.
  • Compliance - Both continuously audit SaaS apps for compliance with regulations.
  • Ease of Use - ThreatKey is more intuitive and faster time to value. Obsidian's UI is less polished.

In summary, ThreatKey helps secure an organization's entire SaaS and cloud environment through robust posture management. Obsidian identifies risks in specific SaaS apps through advanced detection engineering.

Comparing Business Models

ThreatKey and Obsidian Security differ in their business models:

  • Pricing - ThreatKey charges per user, offering flat rates. Obsidian charges per highest connected user count in your SaaS app.
  • Funding - ThreatKey has raised $5 million in funding. Obsidian has raised $119.5 million.
  • Target Customers - ThreatKey serves organizations of all sizes. Obsidian focuses on enterprises.
  • Deployment - Both are cloud-native SaaS platforms.

In summary, ThreatKey seems optimized for broad customer segments, while Obsidian targets larger enterprises. But both aim to expand their platforms to secure more environments.

Strengths of ThreatKey

Some key strengths of the ThreatKey platform:

  • Unified platform secures both SaaS apps and cloud infrastructure.
  • Prioritized remediation allows smarter security resource allocation.
  • Intuitive interface enables fast time to value.
  • Flexible pricing model makes it accessible for organizations of all sizes.
  • Founders have strong cybersecurity expertise.

Weaknesses of ThreatKey

Some limitations to consider:

  • As a younger company, ThreatKey has less brand recognition than competitors.
  • It lacks advanced insider threat detection capabilities.
  • Reporting functionality could be improved.

Strengths of Obsidian Security

Key advantages provided by Obsidian Security:

  • Deep scanning and securing of SaaS applications.
  • Real-time detection of misconfigurations.
  • Activity monitoring detects compromised SaaS accounts.
  • Well-funded with strong enterprise customer base.

Weaknesses of Obsidian Security

Some limitations to consider:

  • Only secures SaaS apps, lacking cloud posture management.
  • Focused on large enterprises, rather than all customer segments.
  • UI and UX not as intuitive as some competitors.
  • Overall platform less flexible than ThreatKey.

Conclusion and Recommendations

In summary, ThreatKey provides robust SaaS and cloud security optimized for any organization, while Obsidian Security delivers automated SaaS protection tailored for large enterprises.

For most organizations, ThreatKey represents a stronger choice overall. Its unified platform, flexible pricing, and intuitive interface give it broader appeal. ThreatKey makes enterprise-grade security achievable for organizations of all sizes.

Larger companies firmly committed to SaaS may find Obsidian Security's insider threat detections compelling. But ThreatKey's holistic posture management still makes it an attractive option for enterprises as well.

It is recommended to trial both solutions when possible. But for unified SaaS and cloud security that is accessible and easy to use, ThreatKey stands out as a leader in the space.

Demand more from your security platform


Reduction in Mean Time to Detect (MTTD)

The results and conclusions drawn from this data may not be universally applicable or representative of every individual case or scenario.


Faster scan completion when compared to leading CSPM and SSPM brands.


Supported integrations across SaaS and Cloud. Extensive integration support on every plan.
Streamline your approach to security posture management throughout your entire corporate environment.
Start Securing