ControlMonkey is a cloud cyber resilience software company focused on making cloud and SaaS environments recoverable. Its AI-powered platform helps security and cloud teams discover configuration assets, assess resilience posture, back up critical settings, and recover environments to known-good states after outages, attacks, or operational mistakes.
The company sits at the intersection of cloud operations, Infrastructure as Code, and cyber recovery. ControlMonkey combines continuous configuration capture, visibility into what is and is not recoverable, and automated restoration workflows for cloud, identity, networking, and SaaS systems. Its positioning emphasizes deterministic recovery, faster disaster readiness, and stronger control over modern multi-cloud environments.
Offerings, Capabilities, and Integrations
ControlMonkey combines resilience monitoring, configuration backup, change tracking, and recovery orchestration in one platform. Its capabilities span continuous snapshots, versioned restore points, posture and coverage analysis, dependency-aware recovery, and visibility into unmanaged or out-of-band changes made outside IaC workflows.
Beyond resilience, ControlMonkey also supports infrastructure automation and governance. The platform works with Terraform, OpenTofu, and Terragrunt, connects to version control and CI/CD systems, and supports self-service infrastructure workflows, drift remediation, and AI-assisted code generation. Its integration ecosystem covers major cloud providers, identity systems, observability and networking platforms, storage backends, collaboration tools, and developer pipelines.
Products and Services
- Cyber Resilience Platform: ControlMonkey’s primary platform for measuring resilience posture, identifying recovery gaps, capturing cloud and SaaS configuration states, and restoring environments to known-good points in time.
- Cloud Disaster Recovery: Cloud configuration disaster recovery capability that snapshots infrastructure settings and enables restoration of cloud environments with awareness of dependencies and recoverable states.
- SaaS Configuration Disaster Recovery: Recovery offering for critical SaaS and third-party configuration, extending resilience coverage beyond core cloud infrastructure into services that cloud operations depend on.
- Total Visibility: Visibility layer that inventories resources across environments, shows IaC coverage, highlights unmanaged assets, and helps teams understand resilience blind spots.
- Ransomware Recovery and Backup: Backup and recovery capability designed to preserve recoverable configuration states and support restoration after ransomware, malicious changes, or destructive misconfigurations.
- Terraform Cloud Replacement: Alternative to Terraform Cloud for teams that want governed IaC delivery, policy controls, drift remediation, visibility, and automation in a broader operational platform.
- Okta Backup and Recovery solution: Identity resilience offering for Okta environments that backs up and helps recover users, groups, roles, permissions, and other identity configurations.
- KoMo: AI IaC copilot that generates organization-specific Terraform, explains plans, surfaces context from cloud and code, and helps engineers deliver compliant infrastructure changes faster.
- Self-service Infrastructure: Governed self-service catalog that lets internal teams provision approved cloud environments and templates without bypassing DevOps controls.
- Entra ID Backup & Disaster Recovery: Microsoft Entra ID resilience capability for backing up, versioning, and recovering identity configurations such as users, groups, roles, and policies.
- Cloudflare Backup & Governance: Configuration protection and governance for Cloudflare environments, covering DNS, networking, and related edge settings with backup and restore support.
Target Customers
ControlMonkey targets security teams, cloud operations teams, platform engineering groups, DevOps teams, DevSecOps teams, and SRE functions that run business-critical infrastructure in public cloud and SaaS environments. It is especially relevant for organizations that need to recover configuration quickly, reduce blind spots, and improve disaster recovery readiness.
Its ideal buyers are companies with AWS, Azure, or Google Cloud estates, often spread across multiple accounts, subscriptions, projects, or regions, and supported by tools such as Terraform, OpenTofu, or Terragrunt. ControlMonkey is also well suited to organizations that rely on identity, networking, and observability platforms as part of production operations and want those configurations protected alongside core infrastructure.
Cloud Integrations and Marketplace
- AWS Marketplace: ControlMonkey is available for procurement through AWS Marketplace, where it is offered as the ControlMonkey Platform and can be purchased through standard AWS billing workflows.
- Azure Marketplace: ControlMonkey has a marketplace presence through Microsoft’s marketplace listing for the ControlMonkey Platform, supporting Azure-oriented discovery and procurement.
- Amazon Web Services (AWS): ControlMonkey integrates with AWS environments and services to provide cloud inventory, IaC visibility, policy-driven automation, drift remediation, and resilience coverage for AWS infrastructure.
- Microsoft Azure: ControlMonkey supports Azure environments with resource visibility, IaC coverage, Azure organization onboarding, Azure DevOps connectivity, Azure Storage backend support, and disaster recovery workflows.
- Google Cloud Platform: ControlMonkey supports Google Cloud Platform for unified inventory, IaC coverage, organization-level onboarding, policy controls, and resilience use cases across projects and regions.
Key People
- Aharon Twizer: Co-Founder & CEO
- Ori Yemini: Co-Founder & CTO
- Tal Stern: Head of Sales
- Zack Bentolila: Head of Marketing
- Tal Yizraeli: Head of Operations & HR
- Amir Regev: Director of Partnerships and Cloud Alliances
Key Facts
- Headquarters: Tel Aviv, Tel-Aviv District, Israel
- Employees: Approximately 23
- Annual Revenue: $2.0M-$2.4M
- Parent Company: None
- Subsidiaries: None
- Publicly Listed: No (privately held)
