No more typing reviews! Try our Samantha, our new voice AI agent.

C3M Cloud Control [EOL] vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 26, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
C3M Cloud Control [EOL]
Average Rating
10.0
Reviews Sentiment
8.4
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Prisma Cloud by Palo Alto N...
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
114
Ranking in other categories
Web Application Firewall (WAF) (8th), Container Security (2nd), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (2nd)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
BRUNO REYNAUD - PeerSpot reviewer
Information Security Engineer - Pre-sales at a tech services company with 11-50 employees
Reduces analysts workload, highly reliable, and scales well
We utilize C3M Cloud Control solely for demonstration purposes as there are limited cloud-based assets to work with. Our aim is to showcase to customers how they can reduce unnecessary permissions in their cloud environment The remediation capability of C3M Cloud Control is its most valuable…
reviewer2776578 - PeerSpot reviewer
Cyber Security Architect at a comms service provider with 10,001+ employees
Image scanning has supported consistent security practices during cloud deployment
On a scale of ten, we would say people are happy with Prisma Cloud by Palo Alto Networks for the part we use. People are okay with it. We probably would give an eight. We don't give ten because if we don't use the other parts of Prisma Cloud by Palo Alto Networks, it's because it was difficult to implement from an operational point of view. We could have deployed the runtime monitoring with Prisma Cloud by Palo Alto Networks, but within our organization at our company, it was very difficult to find who would be the owner for the alerts. People have other tools and in the end, we don't use the full capabilities of a product that we pay for. It's partially related to the difficulty to integrate Prisma Cloud by Palo Alto Networks runtime in our company's support process. We don't use the real-time monitoring part of Prisma Cloud by Palo Alto Networks. We don't know about the automated remediation feature of Prisma Cloud by Palo Alto Networks.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Vulnerability and threat detection and assessment of the criticality of the vulnerabilities exposed are most valuable."
"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"Qualys TotalCloud has improved our security posture."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"Its dashboards are brilliant. It provides in-depth insights."
"Qualys TotalCloud provides unified vulnerability and threat assessment for IaaS and SaaS and a single prioritized view of risk, which helps reduce my workload by not having to combine multiple sources."
"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."
"Its excellent graphical interface makes the scanning process simple."
"We haven't had an issue with stability so far."
"The absolute value you get from the product is great."
"The remediation capability of C3M Cloud Control is its most valuable feature as it significantly reduces the workload for analysts, saving them a considerable amount of time."
"We found it to be easy and flexible. We could easily configure it for our needs, and we could spread the Prisma Cloud platform to 16 countries without encountering any kind of problem."
"The solution offers very good configuration capabilities."
"It has helped us understand the dynamic topology of our containers, and manage security through the application of policies that our pipelines apply straight from Git."
"Most of the customers we are tackling have different tools and solutions, like Qualys, Nessus, and vulnerability management assessment solutions. There are plugins for them, and we can integrate Prisma Cloud with them. We can enrich our telemetry with their data and use the predefined correlation rules in Prisma Cloud. That means we have that work done in seconds."
"The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers."
"Technical support is quite helpful."
"It gave us visibility into and control over complex cloud environments, which helped us feel better about our security and secure the environment with the clinical data."
"Prisma Cloud helped us with compliance. Most of my deployments have been greenfield, so I don't have a benchmark to compare how the security posture has improved. I've always used this from day zero of the configuration. However, I can say that the compliance checks for PCI, DSS, HIPAA, etc., made my life simpler. I don't need to look at each of these standards and compare the rules I have in place."
 

Cons

"I think Qualys TotalCloud needs to improve its handling of zero-day vulnerabilities and supply chain management because modern ransomware attacks not only target prime critical infrastructures but also the supply chain system."
"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"We encountered challenges identifying the correct resource category for certain items, such as those in containers or storage."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"The cloud licensing unit system is unclear, especially since "units" aren't well-defined."
"In a future release, I suggest that zero-day vulnerabilities should be predicted in advance using AI technologies. The system is not 100% secure yet, so proactive threat hunting could be enhanced to be more proactive than the current system."
"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"From our perspective, at this point, we need something called risk scoring as you get a lot of alerts, and sometimes you don't know which one's really going to cost if you don't take care of it. We need to understand, at a glance, which items are priorities."
"C3M Cloud Control could improve by adding features to support infrastructure instead of only trying to solve identities in the cloud."
"The area for improvement is less about the product and more about the upsell. If we've already agreed that we'd like your product x, y, or z, don't try to add fries to my burger. I don't need it."
"The remediation part could be better."
"Runecast gave us more visibility into VMware's private cloud. We have more environments there, but Prisma's lack of visibility into the private cloud was a downside—there weren't many."
"Prisma Cloud supports generating CSV files, but I would also like it to generate PDF files for reporting."
"When it comes to protecting the full cloud-native stack, it has the right breadth. They're covering all the topics I would care about, like container, cloud configuration, and serverless. There's one gap. There could be a better set of features around identity management—native AWS—IAM roles, and service account management. The depth in each of those areas varies a little bit. While they may have the breadth, I think there's still work to do in flushing out each of those feature sets."
"The tool's UI is an area with certain shortcomings where improvements are required."
"Sometimes, on the Azure side, there are issues. Some errors aren't being found on Prisma Cloud."
"This could be one input that its pricing could be adjusted with respect to other competitors regarding any new features that could be added or improvements to be made in Prisma Cloud (Annual Contract)."
 

Pricing and Cost Advice

"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"The cost is high, but it meets our organizational needs."
"Qualys TotalCloud is expensive."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"I rate the support of C3M Cloud Control an eight out of ten."
"From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
"Although the cost can be high, the value is worth the price tag."
"Prisma Cloud by Palo Alto Networks carries a higher cost, but its enhanced security measures justify the expense."
"Prisma Cloud by Palo Alto Networks has helped the company save some money. Cost-wise, it's okay."
"It is an expensive tool. It is not cheap technology. It is a serious investment for any customer. Customers typically buy it together with services. In my experience, customers buying Prisma Cloud are prepared to pay for the implementation and the tool itself."
"Prisma Cloud Enterprise is a costly solution. You need a license for all the components. At the same time, you have everything under one roof, so I think it's still justified."
"Prisma Cloud is a high-end enterprise solution, making it quite expensive."
"Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
No data available
Financial Services Firm
14%
Computer Software Company
9%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business37
Midsize Enterprise21
Large Enterprise58
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What is your primary use case for Prisma Cloud by Palo Alto Networks?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Wiz, Palo Alto Networks, Microsoft and others in Cloud Security Posture Management (CSPM). Updated: June 2026.
902,988 professionals have used our research since 2012.