We use them and the product is very very nice and very lightweight to set up. Like for a cloud environment it takes about 5 minutes to get it up and running for a tenant.
What we use it for:
- vulnerability assessments for containers and VMs (they give a list of vulnerable or outdated packages)
- initial access vulnerabilities: what happens if an internet facing component is compromised because you have a vulnerable package and to what kind of data it has access to (it has some regexes and what not to figure out if in your database you have PII data, HIPAA etc.), what lateral movement is possible etc.
- provides information on what you can do to fix a finding
- IAM checks for overly broad permissions
- Service account age and overdue key rotations
They add features weekly or faster.