Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
JASP is an Automated Cloud Security Platform from Jemurai, positioned as a way to simplify security checks for AWS cloud environments. It automatically scans changes in your cloud environment and identifies potential security issues that may require further review or remediation, covering scenarios mentioned in the source material such as exposed S3 Buckets, IAM users, EC2 network ports, VPC network access controls, ELB logging, and CloudTrail logging best practices.
Its standout design is “The One Thing”: each time you log in, it highlights the single security issue that should be fixed first. This is useful for teams facing a large number of findings and unsure where to start. The platform provides prioritized findings, remediation instructions, manual rescans, daily automated rescans, and customizable reporting. It emphasizes that all newly added security checks are made available to subscribers, rather than being reserved for higher subscription tiers. At the partner level, Jemurai security experts can work with the customer’s team and may even help remediate issues.
The page only lists subscription benefits, including unlimited environments, all security checks included, and email support, but does not disclose specific pricing. The terms of service state that prices may change, that JASP Support fees are subject to a specified minimum monthly charge, and that each signup requires payment for at least 30 days of support. For payments, it only mentions that users must maintain credit card information; supported payment channels are not specified.
The main strengths are its clear focus, continuous feedback for DevOps workflows, support for unlimited environments, and daily automated rescans, all of which make it practical for AWS configuration security governance. The Jemurai team’s background includes security automation, penetration testing, code review, and OWASP experience, giving it a solid level of professional credibility. The limitations are that public information is relatively sparse: there is no visible information on compliance certifications, SLA, API/CI/CD/SIEM integrations, real-time alerting, or multi-cloud support. The terms also state that the service is provided “as is” and does not guarantee accuracy of results or uninterrupted availability.
JASP is better suited to small and mid-sized DevOps or security teams that primarily use AWS and want a lightweight subscription tool for continuous security checks and prioritized remediation guidance. Large enterprises that require compliance mapping, multi-cloud coverage, complex alert orchestration, or localized support should validate it carefully before adoption. The source text does not provide information on access from China, so its availability there is unknown. Domestic alternatives or complementary options may include cloud providers’ native security centers, Prowler/ScoutSuite, and cloud security platforms such as Prisma Cloud, Wiz, and Lacework.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on jasp.cloud official site.
jasp.cloud is an United States Security provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach jasp.cloud directly.