IT Central Station is now PeerSpot: Here's why

Aqua Security vs Prisma Cloud by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Q&A Highlights
Question: What do you think of Aqua Security vs Prisma Cloud?
Answer: Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was very straightforward and went smoothly. This solution is stable with great scalability. We found that Prisma Cloud integrated well with many different solutions. This solution does both development-side security and run-time security very well, which makes it extremely marketable. It offers traffic analysis, user activity, and vulnerability management. Prisma Cloud comes bundled with many different policies, which is very helpful. The dashboard is very informative and offers compliance tabs and other valuable management tabs. Aqua Security does not have good options with other servers - more options would be better outside of the Kubernetes and Docker ecosystems. There should be better integration to the cloud. Deployment needs to be improved, too. Many of our clients continue to have their workforce continuing to work remotely, and deployment can be very problematic. The technical support is a bit spotty and should be more proactive in handling issues and concerns. Prisma Cloud sometimes falls behind on keeping up with changes and updates with other solutions, causing some lag time within the solution. It may also be difficult for individuals who are not so tech-savvy. It is lacking a bit in compliance and risk perspectives and analysis. Conclusions If you have a focus on Kubernetes and/or Docker, Aqua Security could be a great fit. This solution does solve a lot of other problems too. Prisma Cloud can seem inflexible and complicated to use, but if you have a solid plan from the beginning on how to deploy the solution throughout your organization and have done your homework, it can prove to be a very good solution as well.
Featured Review
Buyer's Guide
Container Security
June 2022
Find out what your peers are saying about Snyk, Palo Alto Networks, F5 and others in Container Security. Updated: June 2022.
609,272 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It's very easy to install and it includes the Intune portal from Microsoft where I can control all the devices from one place.""The most valuable feature of this solution is its monitoring.""The general usability of the solution is very straightforward.""Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool.""Better logging allows us to find problems and take appropriate steps to lock them out.""I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with.""It is very easy to use, which is what we look for in these types of solutions.""We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."

More Microsoft Defender for Cloud Apps Pros →

"Aqua Security helps us to check the vulnerability of image assurance and check for malware."

More Aqua Security Pros →

"Prisma Cloud also provides the visibility and control you need, regardless of how complex or distributed your cloud environments become. It helps to simplify that complexity. Now we know what the best practices are, and if something is missing we know.""I've been really pleasantly surprised with how Prisma Cloud is, over time, covering more and more of the topics I care about, and listening to customer feedback and growing the product in the right directions.""The ability to monitor the artifact repository is one of the most valuable features because we have a disparate set of development processes, but everything tends to land in a common set of artifact repositories. The solution gives us a single point where we can apply security control for monitoring. That's really helpful.""Prisma Cloud's monitoring features such as the compute compliance dashboard and the vulnerability dashboard, where we can get a clear visualization of their docker, have also been valuable. We can get layer-by-layer information that helps us see exactly where it's noncompliant. They update the dashboards quite frequently.""The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers.""Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them.""It scans our containers in real time. Also, as they're built, it's looking into the container repository where the images are built, telling us ahead of time, "You have vulnerabilities here, and you should update this code before you deploy." And once it's deployed, it's scanning for vulnerabilities that are in production as the container is running.""One of the main reasons we like Prisma Cloud so much is that they also provide an API. You can't expect to give someone an account on Prisma Cloud, or on any tool for that matter, and say, "Go find your things and fix them." It doesn't work like that... We pull down the information from the API that Prisma Cloud provides, which is multi-cloud, multi-account—hundreds and hundreds of different types of alerts graded by severity—and then we can clearly identify that these alerts belong to these people, and they're the people who must remediate them."

More Prisma Cloud by Palo Alto Networks Pros →

Cons
"Currently, reporting is not very straightforward and it needs to be enhanced. Specific reports are not included and you need to run a query, drill down, and then export it and share it. I would love to have reports with more fine-tuning or granularity, and more predefined reports.""The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand.""The integration with macOS operating systems needs to be better.""I would like to see them include more features in the older licenses. There are some features that are not available, such as preventing or analyzing cloud attacks.""There are challenges with detection and there are challenges with false-positive rates.""I want them to enhance in-session policy.""Sometimes the support is actually lacking.""Microsoft Defender for Cloud Apps' initial setup was quite technical but we were prepared. The time of the implementation depends on the job and how many users are being set up."

More Microsoft Defender for Cloud Apps Cons →

"In the next release, Aqua Security should add the ability to automatically send reports to customers."

More Aqua Security Cons →

"Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures.""It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat.""Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into.""The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories.""Getting new guys trained on using the solution requires some thought. If someone is already trained on Palo Alto then he's able to adapt quickly. But, if someone is coming from another platform such as Fortinet, or maybe he's from the system side, that is where we need some help. We need to find out if there is an online track or training that they can go to.""Prisma Cloud's dashboards should be customizable. That's very important. Other similar solutions are more elastic so you have the power to create customized dashboards. In Prisma Cloud, you cannot do that.""They charge seven workloads for monitoring one compute, and that is quite expensive. This makes it difficult to move fully with the compute part because of the workload.""Based on my experience, the customization—especially the interface and some of the product identification components—is not as customizable as it could be. But it makes up for that with the fact that we can access the API and then build our own systems to read the data and then process and parse it and hand it to our teams."

More Prisma Cloud by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "Our clients normally use the Microsoft E1 licensing, which is renewed yearly."
  • "The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD."
  • "I'm not totally involved in the pricing part, but I think its pricing is quite aggressive, and its price is quite similar to Netskope. Netskope has separate licensing fees or additional charges if you want to monitor certain SaaS services, whereas, with MCAS, you get 5,000 applications with their Office 365. It is all bundled, and there's no cost for using that. You only have the operational costs. In the country I am in, it is a bit difficult to get people with the required skill sets."
  • "Its pricing is on the higher side. Its price is definitely very high for a small-scale company. As an enterprise client, we do get benefits from Microsoft. We get a discounted price because of the number of users we have in our company. We have a premier package, and with that, we do get a lot of discounts. There are no additional costs. It only comes in the top-tier packages. Generally, the top-tier license is the best license that you can get for your organization. If you want, you can buy it separately, but that's not a good idea."
  • "The price could be better and should be reconsidered."
  • "It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive."
  • "We are an MST and we do not pay for the solution. However, the price of the solution could be better."
  • More Microsoft Defender for Cloud Apps Pricing and Cost Advice →

    Information Not Available
  • "One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
  • "The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
  • "From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
  • "If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
  • "The pricing and licensing are expensive compared to the other offerings that we considered."
  • "I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."
  • "The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard."
  • "The licensing cost is a bit high on the compute side."
  • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    609,272 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-native… more »
    Top Answer:It's very easy to install and it includes the Intune portal from Microsoft where I can control all the devices from one… more »
    Top Answer:It's expensive because we have to pay for an M365 license and it is included in the package.
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very… more »
    Top Answer:Hi @reviewer1078902 ​and @Patrick Geronimo,  Would you mind assisting @Diana Sokolowski?  Thanks in advance for the… more »
    Top Answer:Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across… more »
    Top Answer:It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it… more »
    Top Answer:You can expect a premium price because it is a premium quality product by a leading supplier. We are a strategic partner… more »
    Comparisons
    Also Known As
    MS Cloud App Security, Microsoft Cloud App Security
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    Learn More
    Overview

    Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) that provides multifunction visibility, control over data travel, and sophisticated analytics. With Microsoft Cloud App Security, you can: 

    - Manage, control, and audit apps to streamline cloud access security

    - Mange your access to resources to discover shadow IT and understand your digital information estate

    - Use real-time controls to enable threat protection on all the access points that touch your environment

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    The Aqua Container Security Platform provides development-to-production lifecycle controls for securing containerized applications that run on-premises or in the cloud, on Windows or Linux, supporting multiple orchestration environments.

    Prisma Cloud is a comprehensive cloud-native security platform (CNSP) that provides security and compliance coverage for infrastructure, applications, data, and all cloud-native technology stacks throughout the development lifecycle. Prisma Cloud safeguards cloud operations across hybrid and multi-cloud environments, all from a single, unified solution, using a combination of cloud service provider APIs and a unified agent framework.

    The move to the cloud has changed all aspects of the application development lifecycle, with security being foremost among them. Security and DevOps teams face a growing number of entities to secure as organizations adopt cloud-native approaches. Constantly changing environments challenge developers to build and deploy at a rapid pace without compromising on security. Prisma Cloud by Palo Alto Networks delivers complete security and compliance coverage across the development lifecycle on any cloud environment, enabling you to develop cloud-native applications with confidence.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Offer
    Learn more about Microsoft Defender for Cloud Apps
    Learn more about Aqua Security
    Learn more about Prisma Cloud by Palo Alto Networks
    Sample Customers
    Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.
    HPE Salesforce Telstra Ellie Mae Cathay Pacific HomeAway
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Top Industries
    REVIEWERS
    Educational Organization29%
    Government14%
    Financial Services Firm14%
    Engineering Company14%
    VISITORS READING REVIEWS
    Computer Software Company25%
    Comms Service Provider19%
    Financial Services Firm8%
    Government6%
    VISITORS READING REVIEWS
    Computer Software Company28%
    Comms Service Provider16%
    Financial Services Firm11%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company25%
    Manufacturing Company19%
    Healthcare Company13%
    Financial Services Firm13%
    VISITORS READING REVIEWS
    Computer Software Company29%
    Comms Service Provider14%
    Financial Services Firm9%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business17%
    Midsize Enterprise39%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise16%
    Large Enterprise65%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise13%
    Large Enterprise70%
    REVIEWERS
    Small Business17%
    Midsize Enterprise29%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise12%
    Large Enterprise72%
    Buyer's Guide
    Container Security
    June 2022
    Find out what your peers are saying about Snyk, Palo Alto Networks, F5 and others in Container Security. Updated: June 2022.
    609,272 professionals have used our research since 2012.

    Aqua Security is ranked 7th in Container Security with 1 review while Prisma Cloud by Palo Alto Networks is ranked 2nd in Container Security with 16 reviews. Aqua Security is rated 8.0, while Prisma Cloud by Palo Alto Networks is rated 8.0. The top reviewer of Aqua Security writes "The most advanced solution in the market for container security". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "Gives me a holistic view of cloud security across multiple clouds or multiple cloud workloads within one cloud provider". Aqua Security is most compared with Snyk, Qualys Container Security, Sysdig Secure, NeuVector and Tenable.io Container Security, whereas Prisma Cloud by Palo Alto Networks is most compared with Microsoft Defender for Cloud, Check Point CloudGuard Posture Management, Snyk, Wiz and Orca Security.

    See our list of best Container Security vendors and best Cloud-Native Application Protection Platforms (CNAPP) vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.