No more typing reviews! Try our Samantha, our new voice AI agent.

BMC Helix Cloud Security vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 1, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Security Posture Management (CSPM)
8th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
BMC Helix Cloud Security
Ranking in Cloud Security Posture Management (CSPM)
38th
Average Rating
8.0
Reviews Sentiment
7.5
Number of Reviews
5
Ranking in other categories
Cloud Workload Protection Platforms (CWPP) (26th)
Prisma Cloud by Palo Alto N...
Ranking in Cloud Security Posture Management (CSPM)
2nd
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
114
Ranking in other categories
Web Application Firewall (WAF) (8th), Container Security (2nd), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (2nd)
 

Mindshare comparison

As of July 2026, in the Cloud Security Posture Management (CSPM) category, the mindshare of Qualys TotalCloud is 1.8%, up from 1.2% compared to the previous year. The mindshare of BMC Helix Cloud Security is 0.9%, up from 0.3% compared to the previous year. The mindshare of Prisma Cloud by Palo Alto Networks is 7.9%, down from 12.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM) Mindshare Distribution
ProductMindshare (%)
Prisma Cloud by Palo Alto Networks7.9%
Qualys TotalCloud1.8%
BMC Helix Cloud Security0.9%
Other89.4%
Cloud Security Posture Management (CSPM)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
DG
Portfolio Manager/ Helix Administrator at Frontier Communications
A highly scalable and straightforward solution with a knowledgeable support team
We work on a third-party shared environment. It wouldn’t have been feasible for a smaller company. My company was actually the first one to do it. Just like any cloud security, it pays to do your research and have complimentary security involved. The product can’t be the be-all and end-all tool for your security. Overall, I rate the solution a nine out of ten.
reviewer2776578 - PeerSpot reviewer
Cyber Security Architect at a comms service provider with 10,001+ employees
Image scanning has supported consistent security practices during cloud deployment
On a scale of ten, we would say people are happy with Prisma Cloud by Palo Alto Networks for the part we use. People are okay with it. We probably would give an eight. We don't give ten because if we don't use the other parts of Prisma Cloud by Palo Alto Networks, it's because it was difficult to implement from an operational point of view. We could have deployed the runtime monitoring with Prisma Cloud by Palo Alto Networks, but within our organization at our company, it was very difficult to find who would be the owner for the alerts. People have other tools and in the end, we don't use the full capabilities of a product that we pay for. It's partially related to the difficulty to integrate Prisma Cloud by Palo Alto Networks runtime in our company's support process. We don't use the real-time monitoring part of Prisma Cloud by Palo Alto Networks. We don't know about the automated remediation feature of Prisma Cloud by Palo Alto Networks.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Its excellent graphical interface makes the scanning process simple."
"One of the features I appreciate is the ability to generate daily reports without relying on anyone else."
"The best features in Qualys TotalCloud include the total asset management of the cloud environment. It is very easy to export the report and see the vulnerabilities related to the cloud specifically."
"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"While automatic inventory detection upon connection is a helpful feature, a truly valuable capability would be assessing an environment's security posture against Azure and CIS best practices."
"I highly recommend Qualys TotalCloud to other users."
"Vulnerability and threat detection and assessment of the criticality of the vulnerabilities exposed are most valuable."
"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."
"The features that I've found most valuable are its container security aspect. I also like its vulnerability management tools."
"Using this solution is an eye-opener; having that holistic view is the biggest eye-opener because you understand, from any of your connected cloud accounts, what your vulnerabilities are with it."
"It is a good tool to make sure that your containers are safe and sound."
"Role-based security is a valuable feature."
"The most valuable aspects of BMC Helix Cloud Security are its security features and regulatory compliance capabilities."
"The cool feature of Helix Cloud Security is that you can do all that — understand and remediate issues — in one dashboard, based on the different policies that are available for security, out-of-the-box."
"It's also multi-cloud. You can look at several cloud providers: AWS, Azure, or GCP."
"With very minimal effort, you are able to have a cohesive view into your security posture on one or multiple cloud accounts, particularly if you are dealing with multicloud."
"Prisma Cloud provides the needed visibility and control regardless of how complex and distributed the cloud environments become."
"The application visibility is amazing. For example, sometimes we don't know what a particular custom port is for and what is running on it. The visibility enables us to identify applications, what the protocol is, and what service is behind it. Within Azure, it is doing a great job of providing visibility. We know exactly what is passing through our network. If there is an issue of any sort we are able to quickly detect it and fix the problem."
"The most valuable features are vulnerability monitoring, serverless access, container runtime features, and Defender."
"Syslog CLIs are the best feature."
"Prisma Cloud by Palo Alto Networks offers very good deep security assessment, and it uses a very good internal engine, which is the core Palo Alto processing and engines."
"The visibility on alerts helps you investigate more easily and see details faster."
"I like the scanning features provided by Prisma Cloud, including the image scan and source scan."
"Its ease of integration is valuable because we need to get the solution out of the door quickly, so speed and ease matter."
 

Cons

"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."
"There is a lack of data segregation according to criticality or inventory."
"There is room for improvement in the support."
"The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using."
"In my opinion, what can be improved in Qualys TotalCloud includes pricing and container scanning."
"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"Their customer support needs improvement."
"The price is very expensive, actually."
"I think its TOA interfaces are still not that comfortable. The UI could be more user-friendly, easier to use."
"The UI could be more user-friendly."
"Every organization out there doesn't rely on just one control body. They use FISMA control. They may use HIPAA, CIS, PCI, or SOX, then blend them. One of the things that is now in big demand for BMC Helix Cloud Security is content. That's the next journey in its lifespan, making it easier for the community to share and collaborate on content for security controls that can be measured and remediated."
"We've had some with issues connectors. The connectors have seemed to have caused a little bit of trouble, perhaps with the APIs trying to scan the environment. The only time I've had to reach out to tech support was for that. It seems it may not have been scanning correctly or I wasn't seeing data within a specific time. But we've set up a couple of connectors in the past couple of weeks and they actually scanned the AWS environment and we had data within about 10 minutes. It's working a lot faster and I think they're making improvements as they go."
"BMC Helix Cloud Security has room for improvement in terms of integrating its various features."
"We've had some issues with connectors; the connectors have seemed to cause a little bit of trouble, perhaps with the APIs trying to scan the environment."
"The biggest challenge now, which is a good problem to have, with BMC Helix is content."
"I want the role-based security feature to be improved."
"The Application Security dashboard was not as user-friendly as the Cloud Security dashboard."
"The cost of Prisma Cloud by Palo Alto Networks is too high. I would also appreciate the addition of NLP to reduce the learning curve and make configuring queries more user-friendly."
"They should improve the user experience."
"The tool's UI is an area with certain shortcomings where improvements are required."
"Prisma Cloud supports generating CSV files, but I would also like it to generate PDF files for reporting."
"The automation must continue to become much smoother."
"Prisma Cloud's application security capabilities should be enhanced."
"The cloud integration is too complex. It should be simple to integrate Prisma Cloud with any cloud environment. Policy management could also be simpler."
 

Pricing and Cost Advice

"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"TotalCloud's price is about right where I would expect it to be."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"The cost is high, but it meets our organizational needs."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"It is a subscription model with term licensing that is usually yearly. This includes, not only the product, but support and maintenance. It is based on cloud assets. Therefore, if you have 100 cloud assets, those cloud assets are measured based on evaluation or transactions. For example, if I'm evaluating that cloud asset for CIS compliance, PCI compliance, and AWS best practices, that asset gets evaluated three times, as those are three transactions. However, the license model is based on peak asset usage. So, over a year, if you deploy 100, 1000, 500, and then 2000 assets, you will be charged for the 2000 peak of assets managed by Helix Cloud Security."
"The pricing is based on an annual subscription, upfront, and it's based on cloud assets. Whether your assets are in Azure and AWS combined, the tool tells you how many assets are being scanned and that's the number used for pricing."
"This solution is good for a company with at least 400 people that must be connected remotely. For smaller companies, it can be too expensive."
"Prisma Cloud is cost-efficient, but the credits are on the higher end."
"Prisma Cloud Enterprise is a costly solution. You need a license for all the components. At the same time, you have everything under one roof, so I think it's still justified."
"The purchasing process was easy and quick. It is a very economical solution."
"The pricing is competitive. From what I have seen in the past, it is on par with the others."
"The licensing cost is a bit high on the compute side."
"It is fairly priced. However, its price can be better so that small banks or small organizations can afford it and adopt it to secure their environment and data."
"Prisma Cloud by Palo Alto Networks carries a higher cost, but its enhanced security measures justify the expense."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
904,016 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
16%
Financial Services Firm
13%
Construction Company
8%
Comms Service Provider
7%
Construction Company
21%
Comms Service Provider
11%
Performing Arts
9%
Manufacturing Company
9%
Financial Services Firm
14%
Computer Software Company
9%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business37
Midsize Enterprise21
Large Enterprise58
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What is your primary use case for Prisma Cloud by Palo Alto Networks?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

Qualys TotalCloud with FlexScan
TrueSight Cloud Security, SecOps Policy Service
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Information Not Available
NHS, Vodafone, Kansas City Life, SKY Italia, Cybera
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about BMC Helix Cloud Security vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: June 2026.
904,016 professionals have used our research since 2012.