Prisma Cloud by Palo Alto Networks and AWS WAF both compete in the cloud security space, focusing on protecting workloads and applications. Prisma Cloud seems to have the upper hand due to its advanced features and comprehensive management across hybrid and multi-cloud environments.
Features: Prisma Cloud provides dynamic workload identity creation, extensive application dependency mapping, and automated forensics. It offers comprehensive compliance capabilities and integrates effectively with AWS services, ensuring protection of cloud-native stacks. AWS WAF is notable for simple protection against web vulnerabilities, with customizable rules and seamless integration within AWS ecosystems for straightforward security management.
Room for Improvement: Prisma Cloud faces criticism for its pricing and complex user interface, with suggestions for improvements in automation and API security. AWS WAF could bolster its bot protection, management ease, and DDoS handling. Enhancing the user interface overall and expanding features could meet complex security needs for both solutions.
Ease of Deployment and Customer Service: Prisma Cloud is deployable across hybrid, on-premises, and public clouds but has received mixed reviews about technical support. AWS WAF is praised for its easy integration with AWS and responsive support, although usability needs improvement. Both offer solid customer service but could focus on specific enhancements.
Pricing and ROI: Prisma Cloud is seen as comprehensive but costly, with users valuing its features despite the pricing. The complex licensing supports flexible growth but can be more advantageous when optimizing security investments. AWS WAF offers variable, scalable pricing with a pay-as-you-go model, making it more budget-friendly for cost-effective security within AWS ecosystems.
It eliminates the need for additional hardware, making it a financially and technically sound investment.
From a security standpoint, we have significantly enhanced our client's security posture by implementing Prisma Cloud.
The platform is not famous for being cheap. It is quite expensive, but we know that we have the protection, so there is enough value for what we pay for.
Resolving issues can take time because the support personnel may lack product expertise, leading to delays.
Whenever I have issues with the solution, I will get an immediate response from the product team and they will try to close the issue as soon as possible.
When you send them a message, you get a response in a minute or two.
They can respond with technical documentation or pass on the case to the next level because it requires the development of a new feature or changing a feature due to a bug.
It's very scalable and very easy to use.
I would rate the scalability of Prisma Cloud as an eight out of ten.
I am highly impressed with the product's scalability.
In terms of reliability, I would rate AWS WAF about six out of ten due to the need for improved signature sets.
I cannot recall any downtime with the solution.
I would rate it a ten out of ten for stability.
The tool responds well in small-scale infrastructures, functioning perfectly without any issues.
Compared to firewalls, WAFs generally provide limited stateful analysis capabilities.
Features like bot protection or DDoS mitigation, available with other WAF vendors, do not come natively with AWS WAF.
It is a SaaS solution, but some of my clients have a local regulatory requirement, and they want to install it locally on their premises.
From a developer's perspective, especially for organizations like banks developing their applications, ensuring API security before deploying them to the cloud is crucial.
Prisma Cloud is an excellent tool.
Due to our status as an AWS shop, AWS WAF is cost-effective for us, and we benefit from discounts due to our extensive use of AWS services.
Prisma Cloud is remarkably expensive.
The cost was not on the higher side.
That's why a lot of our clients are shifting from cloud-native to Prisma Cloud: because of its effectiveness and because it is budget-friendly as well.
The cloud-native nature of AWS is crucial since most of our workload is in AWS, making AWS WAF native to Amazon Web Services.
AWS WAF is not stateful, it offers a time-saving solution with its custom rulesets that enhance security and simplify management.
Security posture management is the most valuable feature.
We could spread the Prisma Cloud platform to 16 countries without encountering any kind of problem.
Prisma Cloud provides risk clarity at runtime and across the entire pipeline, like, showing issues as they're discovered during the build phases.
AWS Web Application Firewall (WAF) is a firewall security system that monitors incoming and outgoing traffic for applications and websites based on your pre-defined web security rules. AWS WAF defends applications and websites from common Web attacks that could otherwise damage application performance and availability and compromise security.
You can create rules in AWS WAF that can include blocking specific HTTP headers, IP addresses, and URI strings. These rules prevent common web exploits, such as SQL injection or cross-site scripting. Once defined, new rules are deployed within seconds, and can easily be tracked so you can monitor their effectiveness via real-time insights. These saved metrics include URIs, IP addresses, and geo locations for each request.
AWS WAF Features
Some of the solution's top features include:
Reviews from Real Users
AWS WAF stands out among its competitors for a number of reasons. Two major ones are its user-friendly interface and its integration capabilities.
Kavin K., a security analyst at M2P Fintech, writes, “I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through.”
Prisma Cloud by Palo Alto Networks delivers comprehensive security for cloud environments, focusing on workload protection, identity creation, and seamless AWS integration. Its cloud visibility and control, combined with thorough vulnerability scanning, help maintain robust security across multi-cloud platforms.
Prisma Cloud provides essential capabilities for cloud security posture management, container security, and compliance monitoring. Enterprises utilize it to secure cloud configurations, detect vulnerabilities, and ensure regulatory compliance, spanning AWS, Azure, and Google Cloud. Its runtime management, identity-based micro-segmentation, and threat detection enhance cybersecurity. Despite needing improvements in documentation, integration complexities, UI, and the need for role-based access control refinement, it remains pivotal for securing assets across cloud infrastructures, particularly with its capabilities for vulnerability scanning and CI/CD pipeline integration.
What are the key features?
What benefits or ROI should users expect?
In industries like finance, healthcare, and retail, Prisma Cloud is implemented to strengthen cybersecurity measures, facilitate regulatory compliance, and enhance governance. Organizations leverage its features to secure sensitive data, monitor configurations, and integrate security processes within CI/CD workflows, ensuring robust protection across complex cloud infrastructures.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
