Check Point CloudGuard Posture Management vs Prisma Cloud by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Jan 4, 2023

We performed a comparison between Check Point CloudGuard Posture Management and Prisma Cloud by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both solutions agree that their initial setup is straightforward.
  • Features: Users of both products are happy with their stability and scalability. Both solutions also receive high marks for the visibility they provide, as well as for their real-time cloud compliance monitoring.

    CloudGuard users like its auto remediation and threat detection capabilities and say that it has helped prevent unnecessary data loss from cyber attacks. Several users mention that CloudGuard should improve its reporting features.

    Prisma Cloud users say it is a sophisticated tool and they are happy with its vulnerability scanning tool and web GUI. Some users feel that the solution’s threat detection features need to be updated.
  • Pricing: Most users of both solutions say that they are fairly priced.

  • ROI: Users of both solutions report seeing an ROI.
  • Service and Support: Reviewers of both solutions report being satisfied with the level of support they receive.

Comparison Results: CloudGuard has sophisticated threat detection capabilities. In contrast, Prisma Cloud received some negative feedback for its threat detection.

To learn more, read our detailed Check Point CloudGuard Posture Management vs. Prisma Cloud by Palo Alto Networks Report (Updated: January 2023).
672,785 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM.""It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment.""The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update.""The product is very easy to use.""Microsoft 365 Defender is a stable solution.""Microsoft 365 Defender is simple to upgrade.""Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features.""I have found the ability to delete unwanted threats beneficial."

More Microsoft 365 Defender Pros →

"Alerts of cloud activity happening across all accounts is helpful.""We like the ability to investigate, analyze, and generate reports.""The control logs offer detailed reports of what happens within the infrastructure.""The solution offers an excellent price, benefit, and installation relationship.""This solution has saved the company from unnecessary data loss that occurs due to cyber attacks.""Auto remediation is a very effective feature that helps ensure less manual intervention.""It offers advanced detection of threats that can harm data from the cloud database.""It provides complete visibility of workload hosted on different cloud platforms including AWS and Azure, along with multiple tenants."

More Check Point CloudGuard Posture Management Pros →

"Prisma Cloud's monitoring features such as the compute compliance dashboard and the vulnerability dashboard, where we can get a clear visualization of their docker, have also been valuable. We can get layer-by-layer information that helps us see exactly where it's noncompliant. They update the dashboards quite frequently.""It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization.""We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features.""The first aspect that is important is the fact that Prisma Cloud is cloud-agnostic. It's actually available for the five top cloud providers: AWS, GCP, Azure, Oracle, and Alibaba Cloud. The second aspect is the fact that we can write our own rules to try to detect misconfigurations in those environments.""I found the network queue sets useful. I also liked the Workload Protection Module, the vulnerability findings, and how the rule sets handle the vulnerabilities based on severity.""Prisma Cloud helped us with compliance. Most of my deployments have been greenfield, so I don't have a benchmark to compare how the security posture has improved. I've always used this from day zero of the configuration. However, I can say that the compliance checks for PCI, DSS, HIPAA, etc., made my life simpler. I don't need to look at each of these standards and compare the rules I have in place.""The most valuable feature is the option to add custom queries using the RQL language that they supply so that we can customize the compliance frameworks to what we need to look for.""The CSPM and CWPP functionalities are pretty good."

More Prisma Cloud by Palo Alto Networks Pros →

Cons
"The data recovery and backup could be improved.""There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use.""Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR.""The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better.""Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed.""The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there.""There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups.""It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."

More Microsoft 365 Defender Cons →

"Currently, I would like this solution extended to cellular devices or tablets.""The reporting dashboard responds slowly, which leads to late report compilation.""We're looking for a solution that can incorporate legacy infrastructure for some of our business needs.""CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards.""We should be able to migrate the policies more fluidly.""Check Point's support, customer service, SLAs, and schedules can be improved a little.""Almost all features are good, however, they still require improvements to the code security portion on which integration with the major source code repository is required.""When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug."

More Check Point CloudGuard Posture Management Cons →

"There are hundreds of built-in policies for AWS and Azure, but GCP and Oracle are not covered as much as AWS. There is a lot of work to do on that part. There is, obviously, a tiny bit of favoritism towards AWS because it has the most market share.""Getting new guys trained on using the solution requires some thought. If someone is already trained on Palo Alto then he's able to adapt quickly. But, if someone is coming from another platform such as Fortinet, or maybe he's from the system side, that is where we need some help. We need to find out if there is an online track or training that they can go to.""Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users.""This solution is more AWS and Azure-centric. It needs to be more specific on the GCP side, which they are working on.""One definite area for improvement is the auto-remediation or the CWP area. The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options.""We identified two things that we felt would be great to have, but they are under NDA. So, I can't disclose them. Other than those two things, we identified a generic bug in the secret key management service on AWS that needs to be fixed. We reported it to them, and we want them to fix it.""We would like to have the detections be more contemporaneous. For example, we've seen detections of an overprivileged user or whatever it might be in any of the hundreds of Prisma policies, where there are 50 minutes of latency between the event and the alert.""The access controls for our bank roles were not granular enough. We needed specific people to do particular actions, and we often had to give some people way too much access for them to be able to do what they needed in Prisma. They couldn't do their jobs if they didn't have that level of access, so other people had to do that part for them. It would help to have more granular role-based access controls."

More Prisma Cloud by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
  • More Microsoft 365 Defender Pricing and Cost Advice →

  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."
  • "The license for CloudGuard Posture Management is about $80 a year, and it's based on your cloud footprint, not the number of users. So you could have a million users, and it doesn't matter."
  • "From a pricing perspective, they are pretty expensive."
  • "In the beginning, the price of Dome9 was cheap, whereas now it is not."
  • "Check Point CloudGuard Posture Management is always known as a good solution but an expensive one. When you're using Cisco, Check Point, or Palo Alto, you know that you will pay more, but you know that it will work."
  • More Check Point CloudGuard Posture Management Pricing and Cost Advice →

  • "The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard."
  • "The licensing cost is a bit high on the compute side."
  • "Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions."
  • "If you pay for three years of Palo Alto, it's better. If you're planning on doing this, it's obviously not going to be for one year, so it's better if you go with a three-year license... The only challenge we have is with the public cloud vendor pricing. The biggest lesson I have learned is around the issues related to pricing for public cloud. So when you are doing your segmentation and design, it is extremely important that you work with someone who knows and understands what kinds of needs you will have in the future and how what you are doing will affect you in terms of costs."
  • "You can expect a premium price because it is a premium quality product by a leading supplier."
  • "Its price is reasonable as compared to other products. The main challenge is explaining the licensing model to customers. It isn't a problem related to Palo Alto. Commonly, people don't understand cloud licensing or security licensing. When they have fixed virtual machines, they know what they are going to be charged, but when it comes to cloud automation, it is hard for them to get clarity in case of high workloads or when they have enabled auto-scaling, etc. It would be helpful if Palo Alto can educate people on their licensing programs."
  • "Prisma Cloud Enterprise is a costly solution. You need a license for all the components. At the same time, you have everything under one roof, so I think it's still justified."
  • "The cost depends on the pricing model. Compared to other solutions, the cost isn't that bad."
  • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which CWPP (Cloud Workload Protection Platforms) solutions are best for your needs.
    672,785 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The solution is well integrated with applications. It is easy to maintain and administer.
    Top Answer:The data recovery and backup could be improved.
    Top Answer:The control logs offer detailed reports of what happens within the infrastructure.
    Top Answer:The prices are competitive. You also have to see the characteristics that Check Point provides; it meets the… more »
    Top Answer:The Check Point CloudGuard Posture Management tool is very good. In addition, the Check Point team works to give updates… more »
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Top Answer:We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We… more »
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very… more »
    Comparisons
    Also Known As
    Microsoft Threat Protection, MS 365 Defender
    Dome9
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    Learn More
    Overview

    Microsoft 365 Defender, part of Microsoft’s XDR solution, leverages the Microsoft 365 security portfolio to automatically analyze threat data across domains, building a complete picture of each attack in a single dashboard. With this breadth and depth of clarity defenders can now focus on critical threats and hunt for sophisticated breaches, trusting that the powerful automation in Microsoft 365 Defender detects and stops attacks anywhere in the kill chain and returns the organization to a secure state.

    - Reduce signal noise by viewing prioritized incidents in a single dashboard. 

    - Use the automated investigation capabilities to spend less time on detection and response.

    - Take care of routine and complex remediation with Microsoft 365 Defender by auto-healing affected assets.

    - Hunt across all your data, leveraging your organizational knowledge with custom queries. 

    - Develop custom detection and response tools for long-term protection and improved security posture.

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Check Point CloudGuard Posture Management is a CWPP (Cloud Workload Protection Platform) tool that enables your organization to automate governance across multi-cloud assets and services. These services include visualization and assessment of security posture, misconfiguration detection, and enforcement of security best practices and compliance frameworks. This solution is one of the leading cloud native security solutions on the market and is suitable for companies of all sizes.

    Check Point CloudGuard Posture Management Features

    Check Point CloudGuard Posture Management has many valuable key features. Some of the most useful ones include:

    • Network security
    • Application protection
    • Workload protection
    • Posture management
    • Cloud intelligence

    Check Point CloudGuard Posture Management Benefits

    There are many benefits to implementing Check Point CloudGuard Posture Management. Some of the biggest advantages the solution offers include:

    • Support cloud native environments: Check Point CloudGuard Posture Management provides cloud security and compliance posture management for cloud-native environments, including AWS, Azure, Google Cloud, Alibaba Cloud, and Kubernetes.
    • Visibility across your entire cloud infrastructure: The solution’s powerful network and asset visualization, including network topology and firewalls, allow you to discover any vulnerabilities, compromised workloads, open ports, or misconfigurations in real time.
    • Custom rules and restrictions: With Check Point CloudGuard Posture Management you can quickly create custom rules with unique restrictions and governance practices using the solution’s Governance Specification Language (GSL), which supports seamless auto deployment for all types of programming languages.
    • Protection against compromised credentials and identity theft in the Cloud: Check Point CloudGuard Posture Management offers better protection and control over IAM users and roles, allowing administrators to easily manage granular permissions across entire cloud environments.
    • Manage posture everywhere across multi-cloud environments: By implementing the solution, you can manage the security and compliance of your public cloud environments at any scale. Additionally, the solution requires no software installation and no agents to manage. All you need to do is specify policies once across multiple clouds, and the system uses underlying cloud controls to implement the policy on each cloud.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Check Point CloudGuard Posture Management solution.

    An Advisory Information Security Analyst at a financial services firm says, "Security visibility accuracy is tremendous, letting us see who is trying to access what. I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better.”

    PeerSpot user Schillebeeks B., Owner at AD Internet Consulting, mentions, "The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring."

    Another reviewer, a Senior Security Engineer at an insurance company, states, "The audit feature is the most valuable for compliance reasons. It gives you a full view of the whole environment, no matter how many accounts you have in AWS or Azure. You have it all under one umbrella."

    Mantu S., Sr. Technology Architect at Incedo Inc., comments, "Auto remediation is a very effective feature that helps ensure less manual intervention."

    Prisma Cloud is a comprehensive cloud-native security platform (CNSP) that provides security and compliance coverage for infrastructure, applications, data, and all cloud-native technology stacks throughout the development lifecycle. Prisma Cloud safeguards cloud operations across hybrid and multi-cloud environments, all from a single, unified solution, using a combination of cloud service provider APIs and a unified agent framework.

    The move to the cloud has changed all aspects of the application development lifecycle, with security being foremost among them. Security and DevOps teams face a growing number of entities to secure as organizations adopt cloud-native approaches. Constantly changing environments challenge developers to build and deploy at a rapid pace without compromising on security. Prisma Cloud by Palo Alto Networks delivers complete security and compliance coverage across the development lifecycle on any cloud environment, enabling you to develop cloud-native applications with confidence.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Offer
    Learn more about Microsoft 365 Defender
    Learn more about Check Point CloudGuard Posture Management
    Learn more about Prisma Cloud by Palo Alto Networks
    Sample Customers
    Information Not Available
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Top Industries
    REVIEWERS
    Computer Software Company38%
    Manufacturing Company25%
    Comms Service Provider13%
    Aerospace/Defense Firm13%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Government9%
    Financial Services Firm8%
    Comms Service Provider7%
    REVIEWERS
    Financial Services Firm27%
    Security Firm23%
    Manufacturing Company8%
    Computer Software Company8%
    VISITORS READING REVIEWS
    Computer Software Company25%
    Financial Services Firm15%
    Comms Service Provider11%
    Manufacturing Company5%
    REVIEWERS
    Computer Software Company29%
    Manufacturing Company19%
    Financial Services Firm14%
    Healthcare Company10%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm13%
    Comms Service Provider7%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise12%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise17%
    Large Enterprise61%
    REVIEWERS
    Small Business36%
    Midsize Enterprise10%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise12%
    Large Enterprise67%
    REVIEWERS
    Small Business23%
    Midsize Enterprise26%
    Large Enterprise51%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise11%
    Large Enterprise71%
    Buyer's Guide
    Check Point CloudGuard Posture Management vs. Prisma Cloud by Palo Alto Networks
    January 2023
    Find out what your peers are saying about Check Point CloudGuard Posture Management vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: January 2023.
    672,785 professionals have used our research since 2012.

    Check Point CloudGuard Posture Management is ranked 5th in CWPP (Cloud Workload Protection Platforms) with 20 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in CWPP (Cloud Workload Protection Platforms) with 19 reviews. Check Point CloudGuard Posture Management is rated 8.4, while Prisma Cloud by Palo Alto Networks is rated 7.6. The top reviewer of Check Point CloudGuard Posture Management writes "A non-technical person can start creating custom rules using GSL Builder in about a week, but the vendor is slow to fix bugs". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The magic happens with traffic passing through multiple zones and our data center, as we can quickly troubleshoot problems". Check Point CloudGuard Posture Management is most compared with Microsoft Defender for Cloud, AWS GuardDuty, Qualys VM, Wiz and Threat Stack Cloud Security Platform, whereas Prisma Cloud by Palo Alto Networks is most compared with Microsoft Defender for Cloud, Aqua Security, Snyk, Wiz and Orca Security. See our Check Point CloudGuard Posture Management vs. Prisma Cloud by Palo Alto Networks report.

    See our list of best CWPP (Cloud Workload Protection Platforms) vendors, best Cloud Security Posture Management (CSPM) vendors, and best Cloud-Native Application Protection Platforms (CNAPP) vendors.

    We monitor all CWPP (Cloud Workload Protection Platforms) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.