Aqua Security vs Prisma Cloud by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Aqua Security and Prisma Cloud by Palo Alto Networks based on real PeerSpot user reviews.

Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Aqua Security vs. Prisma Cloud by Palo Alto Networks Report (Updated: November 2022).
656,862 professionals have used our research since 2012.
Q&A Highlights
Question: What do you think of Aqua Security vs Prisma Cloud?
Answer: Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was very straightforward and went smoothly. This solution is stable with great scalability. We found that Prisma Cloud integrated well with many different solutions. This solution does both development-side security and run-time security very well, which makes it extremely marketable. It offers traffic analysis, user activity, and vulnerability management. Prisma Cloud comes bundled with many different policies, which is very helpful. The dashboard is very informative and offers compliance tabs and other valuable management tabs. Aqua Security does not have good options with other servers - more options would be better outside of the Kubernetes and Docker ecosystems. There should be better integration to the cloud. Deployment needs to be improved, too. Many of our clients continue to have their workforce continuing to work remotely, and deployment can be very problematic. The technical support is a bit spotty and should be more proactive in handling issues and concerns. Prisma Cloud sometimes falls behind on keeping up with changes and updates with other solutions, causing some lag time within the solution. It may also be difficult for individuals who are not so tech-savvy. It is lacking a bit in compliance and risk perspectives and analysis. Conclusions If you have a focus on Kubernetes and/or Docker, Aqua Security could be a great fit. This solution does solve a lot of other problems too. Prisma Cloud can seem inflexible and complicated to use, but if you have a solid plan from the beginning on how to deploy the solution throughout your organization and have done your homework, it can prove to be a very good solution as well.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications.""The most valuable features of this solution are the vulnerability assessments and the glossary of compliance.""The vulnerability reporting is helpful. When we initially deployed Defender, it reported many more threats than we currently see. It gave us insight into areas we had not previously considered, so we knew where we needed to act.""It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop.""It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc.""It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem.""When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team.""It's got a lot of great features."

More Microsoft Defender for Cloud Pros →

"Aqua Security helps us to check the vulnerability of image assurance and check for malware.""The container security element of this product has been very valuable to our organization.""The most valuable feature of Aqua Security is the scanner.""Support is very helpful.""The solution was very user-friendly.""The most helpful feature of Aqua Security is Drift Prevention, which is a feature that allows images to be immutable. In addition, one of the main reasons we went with Aqua Security is because it provides strong protection when it comes to runtime security.""From what I understand, the initial setup is simple.""Their sandboxing service is also really good."

More Aqua Security Pros →

"It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization.""Technical support is quite helpful.""The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers.""It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state.""We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features.""Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.""As a pure-play CSPM, it is pretty good. From the data exposure perspective, Prisma Cloud does a fairly good job. Purely from the perspective of reading the conflicts, it is able to highlight any data exposures that I might be having.""The most valuable feature is the continuous cloud compliance monitoring and alerting."

More Prisma Cloud by Palo Alto Networks Pros →

Cons
"The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions.""Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority.""I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features.""Sometimes, it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or certain kinds of products. That's not an issue directly with the product, though.""Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender.""Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do.""The solution could improve by being more intuitive and easier to use requiring less technical knowledge.""The product was a bit complex to set up earlier, however, it is a bit streamlined now."

More Microsoft Defender for Cloud Cons →

"In the next release, Aqua Security should add the ability to automatically send reports to customers.""We would like to see an improvement in the overview visibility that this solution offers.""The solution could improve user-friendliness.""Aqua Security could improve the forwarding of logging into Splunk and into other tools, it should be easier.""It's a bit hard to use the user roles. That was a bit confusing.""Sometimes I got stressed with the UI.""Aqua Security could provide more open documentation so that their learning resources can be more easily accessed and searched through online. Right now, a lot of the documentation is closed and not available to the public.""Aqua Security lacks a lot in reporting."

More Aqua Security Cons →

"When it comes to protecting the full cloud-native stack, it has the right breadth. They're covering all the topics I would care about, like container, cloud configuration, and serverless. There's one gap. There could be a better set of features around identity management—native AWS—IAM roles, and service account management. The depth in each of those areas varies a little bit. While they may have the breadth, I think there's still work to do in flushing out each of those feature sets.""The access controls for our bank roles were not granular enough. We needed specific people to do particular actions, and we often had to give some people way too much access for them to be able to do what they needed in Prisma. They couldn't do their jobs if they didn't have that level of access, so other people had to do that part for them. It would help to have more granular role-based access controls.""A better correlation between the multiple products Prisma Cloud contains would be crucial. It would reduce the time spent looking at reports and enable you to get all the actionable insights across products. I think that Palo Alto is working on it, but they need to work faster because it doesn't make sense to have all these products in a single pane of glass without any correlation between them.""They charge seven workloads for monitoring one compute, and that is quite expensive. This makes it difficult to move fully with the compute part because of the workload.""Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into.""Prisma Cloud's dashboards should be customizable. That's very important. Other similar solutions are more elastic so you have the power to create customized dashboards. In Prisma Cloud, you cannot do that.""The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories.""We would like to have the detections be more contemporaneous. For example, we've seen detections of an overprivileged user or whatever it might be in any of the hundreds of Prisma policies, where there are 50 minutes of latency between the event and the alert."

More Prisma Cloud by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "Azure Defender is a bit pricey. The price could be lower."
  • "This is a worldwide service and depending on the country, there will be different prices."
  • "Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
  • "There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
  • "Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
  • "I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."
  • "The cost of the license is based on the subscriptions that you have."
  • "Although I am outside of the discussion on budget and costing, I can say that the importance of security provided by this solution is of such importance that whatever the cost is, it is not a factor."
  • More Microsoft Defender for Cloud Pricing and Cost Advice →

  • "Aqua Security is not cheap, and it's not very expensive, such as Splunk, they are in the middle."
  • "Dealing with licensing costs isn't my responsibility, but I know that the licenses don't depend on the number of users, but instead are priced according to your workload."
  • More Aqua Security Pricing and Cost Advice →

  • "The pricing and licensing are expensive compared to the other offerings that we considered."
  • "I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."
  • "The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard."
  • "The licensing cost is a bit high on the compute side."
  • "Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions."
  • "If you pay for three years of Palo Alto, it's better. If you're planning on doing this, it's obviously not going to be for one year, so it's better if you go with a three-year license... The only challenge we have is with the public cloud vendor pricing. The biggest lesson I have learned is around the issues related to pricing for public cloud. So when you are doing your segmentation and design, it is extremely important that you work with someone who knows and understands what kinds of needs you will have in the future and how what you are doing will affect you in terms of costs."
  • "You can expect a premium price because it is a premium quality product by a leading supplier."
  • "Its price is reasonable as compared to other products. The main challenge is explaining the licensing model to customers. It isn't a problem related to Palo Alto. Commonly, people don't understand cloud licensing or security licensing. When they have fixed virtual machines, they know what they are going to be charged, but when it comes to cloud automation, it is hard for them to get clarity in case of high workloads or when they have enabled auto-scaling, etc. It would be helpful if Palo Alto can educate people on their licensing programs."
  • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    656,862 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across… more »
    Top Answer:The integration with Logic Apps allows for automated responses to incidents.
    Top Answer:This is a worldwide service and depending on the country, there will be different prices. There is a price calculator… more »
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very… more »
    Top Answer:Their sandboxing service is also really good.
    Top Answer:I rate the price a four out of ten, with one being a high price and ten being a reasonable price. It is a costly… more »
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Top Answer:We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We… more »
    Top Answer:The CSPM and CWPP functionalities are pretty good.
    Comparisons
    Also Known As
    Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    Learn More
    Overview

    Microsoft Defender for Cloud protects your Azure and hybrid resources. Microsoft uses a wide variety of physical, infrastructure, and operational controls to help secure Azure—but there are additional actions you need to take to help safeguard your workloads. Turn on Azure Security Center to strengthen your cloud security posture. Within Azure Security Center, use Azure Defender to protect your hybrid cloud workloads. With Azure Security Center, you can:

    - Assess and visualize the security state of your resources in Azure, on-premises, and in other clouds with Azure Secure Score

    - Simplify enterprise compliance and view your compliance against regulatory requirements

    - Protect all your hybrid cloud workloads with Azure Defender, which is integrated with Security Center

    - Use AI and automation to cut through false alarms, quickly identify threats, and streamline threat investigation

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Aqua Security stops cloud native attacks, preventing them before they happen and stopping them when they happen. Dedicated cloud native threat research and the most loved cloud native security open source community in the world put innovation at your fingertips so you can transform your business. Born cloud native, The Aqua Platform is the most integrated Cloud Native Application Protection Platform (CNAPP), securing from day one and protecting in real-time. Aqua has been stopping real cloud native attacks on hundreds of thousands of production nodes across the world since 2015.

    Aqua Security Features

    Aqua Security has many valuable key features. Some of the most useful ones include:

    • Vulnerability scanning
    • Dynamic threat analysis
    • Automates DevSecOps
    • CI/CD integrations
    • Cloud security posture management
    • Kubernetes security
    • Hybrid and multi-cloud
    • Container security
    • Serverless security
    • VM security
    • Cloud workloads protection

    Aqua Security Benefits

    There are many benefits to implementing Aqua Security. Some of the biggest advantages the solution offers include:

    • Designed for scale and performance: The Aqua Security platform was designed to scale to the largest environments in order to protect huge clusters and massive DevOps pipelines.
    • Empowers DevOps to detect issues early and fix them fast: The solution was designed to help you solve issues immediately - before they cause greater damage to your organization. It helps you gain insight into your vulnerability posture and prioritize remediation and mitigation according to contextual risk.
    • Automated compliance and security posture: Aqua Security checks your cloud services, Infrastructure-as-code templates, and Kubernetes setup against best practices and standards. This way, you can ensure the infrastructure you run your applications on is securely configured and in compliance.
    • Artifact scanning: The Aqua Security platform scans artifacts for vulnerabilities, malware, and other risks during development and staging. It allows you to set flexible and dynamic policies to control deployment into your runtime environments.
    • Minimizes false positives: Aqua Security relies on a variety of sources and proprietary research to curate and present vulnerabilities in the most accurate way, which helps to minimize false positives and unnecessary noise in the pipeline.
    • Automated security testing: The Aqua Security platform automates security testing in your CI/CD pipeline, and continuously scans registries and serverless function stores to detect emerging risks. By implementing the platform, you can get actionable feedback within your CI environments to empower your organization’s developers to fix issues rapidly.
    • Granular controls: The solution provides protection for your VM, container, and serverless workloads using granular controls with instant visibility and real-time detection and response.
    • Sandboxed environment: With Aqua Security, you can run images in a secure sandboxed environment that traces indicators of compromise (IOCs) such as container escapes, reverse shell backdoors, malware drops, code injection backdoors, and network anomalies.

    Reviews from Real Users

    Lizeth Z., Cloud Security Specialist at Telstra, says, “Aqua Security is the most advanced solution in the market for container security. Aqua Security allows us to check for vulnerabilities in the CI/CD pipeline, so application teams can remediate issues before going into production. Aqua Security helps us to check the vulnerability of image assurance and check for malware.”

    Prisma Cloud is a comprehensive cloud-native security platform (CNSP) that provides security and compliance coverage for infrastructure, applications, data, and all cloud-native technology stacks throughout the development lifecycle. Prisma Cloud safeguards cloud operations across hybrid and multi-cloud environments, all from a single, unified solution, using a combination of cloud service provider APIs and a unified agent framework.

    The move to the cloud has changed all aspects of the application development lifecycle, with security being foremost among them. Security and DevOps teams face a growing number of entities to secure as organizations adopt cloud-native approaches. Constantly changing environments challenge developers to build and deploy at a rapid pace without compromising on security. Prisma Cloud by Palo Alto Networks delivers complete security and compliance coverage across the development lifecycle on any cloud environment, enabling you to develop cloud-native applications with confidence.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Offer
    Learn more about Microsoft Defender for Cloud
    Learn more about Aqua Security
    Learn more about Prisma Cloud by Palo Alto Networks
    Sample Customers
    Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
    HPE Salesforce Telstra Ellie Mae Cathay Pacific HomeAway
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Top Industries
    REVIEWERS
    Computer Software Company18%
    Consumer Goods Company12%
    Agriculture12%
    Retailer6%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Financial Services Firm11%
    Comms Service Provider8%
    Government6%
    VISITORS READING REVIEWS
    Computer Software Company22%
    Financial Services Firm15%
    Comms Service Provider9%
    Manufacturing Company9%
    REVIEWERS
    Computer Software Company32%
    Manufacturing Company16%
    Financial Services Firm16%
    Healthcare Company11%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm13%
    Comms Service Provider8%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business26%
    Midsize Enterprise11%
    Large Enterprise63%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    REVIEWERS
    Small Business36%
    Large Enterprise64%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise10%
    Large Enterprise70%
    REVIEWERS
    Small Business22%
    Midsize Enterprise25%
    Large Enterprise53%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise11%
    Large Enterprise72%
    Buyer's Guide
    Aqua Security vs. Prisma Cloud by Palo Alto Networks
    November 2022
    Find out what your peers are saying about Aqua Security vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: November 2022.
    656,862 professionals have used our research since 2012.

    Aqua Security is ranked 3rd in Container Security with 8 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in Container Security with 20 reviews. Aqua Security is rated 7.6, while Prisma Cloud by Palo Alto Networks is rated 7.6. The top reviewer of Aqua Security writes "Easy to set up with robust documentation and good image scanning". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "Gives us security control gates and automated notifications in container orchestrator, but deploy is API-driven, not a built-in integration". Aqua Security is most compared with Snyk, SUSE NeuVector, Sysdig Secure, Qualys Container Security and Tenable.io Container Security, whereas Prisma Cloud by Palo Alto Networks is most compared with Check Point CloudGuard Posture Management, Snyk, Wiz, Orca Security and Amazon GuardDuty. See our Aqua Security vs. Prisma Cloud by Palo Alto Networks report.

    See our list of best Container Security vendors and best Cloud-Native Application Protection Platforms (CNAPP) vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.