When comparing Microsoft and Palo Alto Networks in the context of Cloud Security Posture Management (CSPM), it's important to consider the strengths and focus areas of each vendor's offerings. Microsoft Defender for Cloud and Palo Alto's Prisma Cloud designed for managing cloud security risks, ensuring compliance, and automating governance across cloud environments.
Defender provides a unified security management system that strengthens the security posture of your data centers, and it is particularly well-integrated with Azure services, although it also supports multi-cloud environments to an extent. Defender receives positive feedback for its threat protection, seamless integration with Microsoft tools, and reasonable pricing options. Prisma Cloud is a comprehensive cloud-native security platform that integrates security across the full development lifecycle and cloud environments, including AWS, Google Cloud, and Azure. The solution is commended for its robust security features, and comprehensive compliance capabilities.
The summary above is based on 134 interviews we conducted recently with Palo Alto Networks and Microsoft Defender users. To access the review's full transcripts, download our report.
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster."
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"The solution is very user-friendly."
"The security baseline and vulnerability assessments is the valuable feature."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."
"Defender is a robust platform for dealing with many kinds of threats. We're protected from various threats, like viruses. Attacks can be easily minimized with this solution defending our infrastructure."
"The most valuable feature is that it's intuitive. It's very intuitive."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
"Technical support is helpful."
"The solution is very easy to deploy."
"Good compliance policies."
"It helps to identify the misconfigurations by monitoring regularly which helps to secure the organization's cloud environment."
"I would say Twistlock is a fairly sophisticated tool."
"In addition to that, I can get a snapshot of what I deemed were the priority vulnerabilities, whether it was identity access management, key rotation, or secrets management. Whatever you deem to be a priority for mitigating threats for your environment, you can get that as a snapshot."
"Cloud security posture management is the preferred feature among other vendors."
"Integrating with a CI/CD pipeline and incorporating a vulnerability assessment process are highly effective features, especially when combined with runtime protection."
"Prisma Cloud provides the needed visibility and control regardless of how complex and distributed the cloud environments become."
"The CSPM and CWPP functionalities are pretty good."
"Prisma Cloud helped us with compliance. Most of my deployments have been greenfield, so I don't have a benchmark to compare how the security posture has improved. I've always used this from day zero of the configuration. However, I can say that the compliance checks for PCI, DSS, HIPAA, etc., made my life simpler. I don't need to look at each of these standards and compare the rules I have in place."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
"The only thing that needs to be improved is the number of scans per day."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"The remediation workflow within the Wiz could be improved."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"We would like to have better transparency as to how the security score is calculated because as it is now, it is difficult to understand."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"Microsoft Defender could be more centralized. For example, I still need to go to another console to do policy management."
"Pricing could be improved. There are limited options based on pricing for the government."
"Azure is a complex solution. You have so many moving parts."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
"It would be ideal if they could somehow reduce the deployment time."
"Prisma is good about compliance, and their support is excellent, but they struggle with automation and integration. They need to stay on top of the newest types of connectors. How can you connect other applications and other tools in order for this to work cohesively? That's a challenge."
"The innovation side of the solution could be more efficient and more detailed."
"The user interface should be improved and made easier."
"The regional cost of Prisma Cloud in South Africa is high and could be improved."
"The UI is the worst."
"Prisma Cloud's dashboards should be customizable. That's very important. Other similar solutions are more elastic so you have the power to create customized dashboards. In Prisma Cloud, you cannot do that."
"We'd like to have more native integration with clouds and additional security checks in the future."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Microsoft Defender for Cloud is ranked 3rd in Cloud Security Posture Management (CSPM) with 46 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Security Posture Management (CSPM) with 82 reviews. Microsoft Defender for Cloud is rated 8.0, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Microsoft Defender XDR, Microsoft Defender for Endpoint, Microsoft Sentinel and Azure Firewall, whereas Prisma Cloud by Palo Alto Networks is most compared with Aqua Cloud Security Platform, AWS Security Hub, CrowdStrike Falcon Cloud Security, AWS GuardDuty and Snyk. See our Microsoft Defender for Cloud vs. Prisma Cloud by Palo Alto Networks report.
See our list of best Cloud Security Posture Management (CSPM) vendors, best Container Security vendors, and best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.