Every fourth sales call we take with an Indian mid-market CTO now includes a variant of the same sentence: "We looked at Wiz. We can't afford Wiz. What do people actually buy in India?" The question rarely gets a straight answer on the vendor side, because the honest answer — "most Indian 50–200-employee SaaS don't buy a commercial CNAPP at all" — is not the answer CNAPP sales teams are compensated to deliver.
This post is the straight answer. We break down the CNAPP category, walk through the pricing bands for Wiz, Orca, and Prisma Cloud against Indian mid-market budget reality, map the eight vendors that actually show up in Indian RFPs, and give you a decision framework keyed to two variables: regulatory pressure and cost sensitivity.
CNAPP market map (2026)
CNAPP — Cloud-Native Application Protection Platform — is a category Gartner consolidated in 2021 by bundling four sub-categories into one: CSPM (configuration scanning), CWPP (workload protection), CIEM (identity), and increasingly CDR (cloud detection and response). The pitch is "one platform for all cloud security posture". The reality is price compression at the enterprise end and persistent fragmentation at the mid-market end.
The category breaks into four pricing strata:
- Enterprise CNAPP : Wiz, Orca, Prisma Cloud, Lacework. Full stack, ₹25L–₹1.5Cr+/year in India for mid-market scale deployments.
- Challenger / India-origin : Accuknox, Cloudanix. CNAPP-lite, focused on CSPM + CWPP basics, ₹6–18L/year.
- Hyperscaler-native : AWS Security Hub + Config, Azure Defender for Cloud, GCP Security Command Center. ₹4–12L/year at mid-market scale.
- Open source / DIY : Prowler, CloudQuery, Kubescape, Falco. Free plus engineering time (~1 FTE-week setup, 8–12 hours/month operate).
Wiz / Orca / Prisma Cloud price bands (India mid-market, 2026)
All three vendors price-by-quote; published list prices are scarce. The figures below are composite estimates from 2024–2026 vendor conversations, partner quotes, and buyer-side RFP readouts for Indian companies with 50–200 employees and 5–15 cloud accounts. Treat them as the ballpark, not the menu.
| Vendor | Pricing model | India mid-market (₹/year) | Minimum deal |
|---|---|---|---|
| Wiz | Per-workload (resource) | ₹30L–₹1Cr+ | ~₹30L/year |
| Orca | Per cloud-account tier | ₹25L–₹80L | ~₹25L/year |
| Prisma Cloud | Credit-based modular | ₹40L–₹1.5Cr | ~₹40L/year |
| Lacework | Per workload + data volume | ₹20L–₹60L | ~₹20L/year |
| Accuknox | Per workload (India-origin) | ₹6L–₹18L | ~₹6L/year |
| Defender for Cloud (P2) | Per resource/month | ₹4L–₹12L | Usage-based |
| AWS Security Hub + Config + GuardDuty | Per account + per event | ₹4L–₹10L | Usage-based |
| Prowler (OSS) + CloudQuery | OSS + engineer time | ~₹1.5L (engineer cost) | None |
Sources: partner quotes shared with us under NDA (Wiz, Orca, Prisma reseller channels, 2024–2026); published Azure and AWS pricing calculators (April 2026); Accuknox public pricing page; Prowler and CloudQuery are OSS. FX rate assumed: ₹84/USD.
Why Indian mid-market rejects the enterprise tier
Three structural reasons recur across buyer conversations, in rough order of importance.
Absolute price vs security budget
A ₹10 crore revenue Indian SaaS with a 2% security budget has ₹20 lakh/year for all security tooling combined — CSPM/CNAPP, WAF, DLP, endpoint, identity governance, SOC tooling, and the occasional penetration test. A ₹30 lakh/year Wiz contract consumes the entire security line and then some. Even if the CTO believes Wiz is the best product on the market (it often is), the trade-off is structural: either half the other controls don't get bought, or the CFO says no. The CFO says no.
Pricing model scales with infrastructure, not with risk
Per-workload CNAPP pricing means the bill grows with every new EC2 instance, container, or serverless function. For a growth-stage SaaS adding infrastructure 40–60% year-over-year, this means the CNAPP bill outgrows the FinOps savings the rest of the cloud team is producing. The ROI math inverts within 18 months. Buyers who have watched this play out once at their previous company are suspicious the second time.
Operational absorption capacity
Wiz surfaces ~1,200 check categories. Orca ~800. Prisma ~1,000. An Indian mid-market SaaS with one security engineer (frequently zero) cannot triage that volume. The tool produces a backlog that becomes its own KPI — "reduced findings by 40%" — without the findings mapping to actual attack-surface reduction. Buyers who have been through this once describe it as "buying a car you can't drive".
What they actually buy instead
The buying patterns we see cluster into four archetypes, keyed to regulatory exposure and cloud spend.
Archetype 1: Seed to Series A (≤25 people, ≤₹5L/month spend)
What they buy: Prowler + AWS Config, running on a cron, results dumped to S3 + DuckDB + a Metabase dashboard. GitHub Actions for SAST on pull requests.
Cost: ~₹1.5 lakh/year (setup + ongoing engineer time).
Gaps: No runtime workload protection. No identity governance. Acceptable trade-off at this stage.
Archetype 2: Series A/B (25–100 people, ₹5L–₹15L/month spend, pre-SOC-2)
What they buy: AWS Security Hub + Config + GuardDuty, or Defender for Cloud CSPM-only tier; Vanta or Drata for evidence automation if SOC 2 is on the roadmap; Prowler as a nightly supplement.
Cost: ~₹6–12 lakh/year combined.
Gaps: Multi-cloud view is stitched, not unified. Workload protection is limited to hyperscaler-native.
Archetype 3: Series B/C (100–200 people, ₹15L–₹40L/month spend, SOC 2 in scope or done)
What they buy: Accuknox or Cloudanix for CNAPP-lite with a predominantly Indian sales and support footprint, or — if US customers are driving procurement — an entry-tier Wiz or Orca contract negotiated hard on 2-year pre-pay. Defender for Cloud P2 remains common for Azure-heavy shops.
Cost: ~₹12–30 lakh/year.
Gaps: Choice depends on buyer pressure. US enterprise customers asking "do you have Wiz" drive enterprise CNAPP; Indian-only customer base rarely does.
Archetype 4: Regulated (fintech under RBI, healthtech under NDHM, payroll/insurance)
What they buy: Whatever satisfies the regulator, at whatever price. Commercial CNAPP is more common here because the evidence burden of RBI's cyber framework, DPDPA Significant Data Fiduciary obligations, or IRDAI compliance pushes tooling maturity faster than growth stage would alone.
Cost: 3–5% of revenue, which for a ₹20 crore regulated fintech is ₹60L–₹1Cr.
Gaps: Vendor lock-in is real; assume the tool stays for 3+ years.
Decision framework: regulatory vs cost sensitivity
Plot your company on two axes.
- Regulatory intensity : low (unregulated B2B SaaS), medium (DPDPA-exposed consumer-facing), high (RBI/IRDAI/NDHM/SOC 2 Type II for US enterprise).
- Cost sensitivity : low (>₹40L/month cloud spend, >3% security budget), medium (₹10L–₹40L/month, 2–3%), high (<₹10L/month, 1–2%).
The recommendations:
- Low regulatory + high cost sensitivity : Prowler + Config. Revisit annually.
- Medium regulatory + medium cost sensitivity : Security Hub / Defender + Vanta/Drata + Prowler supplement. Revisit when you cross ₹30L/month spend.
- High regulatory + medium cost sensitivity : Accuknox or Cloudanix. Pay for the Indian support and the data-residency narrative.
- High regulatory + low cost sensitivity : Enterprise CNAPP is defensible. Negotiate on 2-year pre-pay and scope the minimum deal to your actual workload count, not the "recommended" tier.
- Low regulatory + low cost sensitivity : Unusual combination; either you are over-budgeting or under-exposing. Audit the assumptions.
How AICS Secure fits
Our Security module installs the Archetype 2 stack — native tooling + a Prowler supplement + a DPDPA posture runbook — for Indian mid-market SaaS in 2 weeks. Engagement is ₹1,00,000–₹2,00,000 depending on cloud footprint. Unlike commercial CNAPPs, we deliver the configuration, the runbook, and the first 30 days of monitoring, then hand the operation to your team. No per-workload billing, no lock-in.
If you're in Archetype 3 or 4 and already evaluating enterprise CNAPPs, we do vendor-selection engagements — read your AWS/Azure footprint, map it against Wiz/Orca/Prisma/Accuknox requirements, and produce a negotiating package with comparable-deal references from our network. Flat fee ₹1,50,000 for the decision memo.
Start with a free posture audit
Before you buy anything, run the free 24-hour audit. We produce a report that maps your current posture against a realistic Archetype 2 stack and tells you what you actually need to buy — and what you don't. No call required. Written report in your inbox within one business day.
Founder-led by Anushka B. AICloudStrategist is a founding-cohort security and FinOps consultancy for Indian mid-market SaaS (50–200 employees, ₹5L–₹50L/month cloud spend). First three customers at ₹40,000 for a full FinOps QuickStart, or ₹1,00,000 for a Security posture review. We publish our numbers and our pricing honestly. See how we prove what we claim.
AICloudStrategist · Founder-led. Enterprise-reviewed. · Written by Anushka B, Founder.
Top comments (0)