Coming October 25: PeerSpot Awards will be announced! Learn more

Check Point CloudGuard Posture Management vs Prisma Cloud by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Check Point CloudGuard Posture Management and Prisma Cloud by Palo Alto Networks based on real PeerSpot user reviews.

Find out in this report how the two CWPP (Cloud Workload Protection Platforms) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Check Point CloudGuard Posture Management vs. Prisma Cloud by Palo Alto Networks report (Updated: September 2022).
635,987 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot.""Threat protection is comprehensive and simple.""The integration with Logic Apps allows for automated responses to incidents.""It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network.""It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening.""The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts.""When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team.""One of the features that I like about the solution is it is both a hybrid cloud and also multi-cloud. We never know what company we're going to buy, and therefore we are ready to go. If they have GCP or AWS, we have support for that as well. It offers a single-panel blast across multiple clouds."

More Microsoft Defender for Cloud Pros →

"The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring.""Alerts of cloud activity happening across all accounts is helpful.""The administration portal panel is very intuitive.""The reporting is quite good. It is the most powerful aspect of this solution.""We like the ability to investigate, analyze, and generate reports.""Auto remediation is a very effective feature that helps ensure less manual intervention.""We can monitor each activity from our mobile devices, so there is complete visibility of our cloud traffic flows, with threat intelligence provided by Check Point.""Good interface and visibility."

More Check Point CloudGuard Posture Management Pros →

"As a pure-play CSPM, it is pretty good. From the data exposure perspective, Prisma Cloud does a fairly good job. Purely from the perspective of reading the conflicts, it is able to highlight any data exposures that I might be having.""Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.""The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers.""In addition to that, I can get a snapshot of what I deemed were the priority vulnerabilities, whether it was identity access management, key rotation, or secrets management. Whatever you deem to be a priority for mitigating threats for your environment, you can get that as a snapshot.""The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security.""I've been really pleasantly surprised with how Prisma Cloud is, over time, covering more and more of the topics I care about, and listening to customer feedback and growing the product in the right directions.""I found the network queue sets useful. I also liked the Workload Protection Module, the vulnerability findings, and how the rule sets handle the vulnerabilities based on severity.""You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums."

More Prisma Cloud by Palo Alto Networks Pros →

Cons
"The documentation and implementation guides could be improved.""Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research.""One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view.""As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains.""You cannot create custom use cases.""The solution could improve by being more intuitive and easier to use requiring less technical knowledge.""Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product.""If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."

More Microsoft Defender for Cloud Cons →

"Currently, I would like this solution extended to cellular devices or tablets.""Integration could be improved.""The biggest thing is the documentation aspect of Dome9 is a little lacking. They were purchased by Check Point about a year and a half to two years ago. When they integrated into Check Point's support system, a lot of the documentation that they had previously got mangled in the transition, e.g., linking to stuff on the Dome9 website that no longer exists. There are still a lot of spaces with incomplete links and stuff that is not as fully explained as it could be.""Reporting should have more options.""The accuracy of its remediation is a 7.5 out of 10. Before, I would have given it a ten but now, to handle remediation for fully qualified domain names, it's not working as it did in the past. We're finding some difficulties there.""Almost all features are good, however, they still require improvements to the code security portion on which integration with the major source code repository is required.""CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards.""In Dome9, there should be a policy validation option where we can validate the policy before we push it into production."

More Check Point CloudGuard Posture Management Cons →

"It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat.""Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into.""They need to make the settings more flexible to fit our internal policies about data. We didn't want developers to see some data, but we wanted them to have access to the console because it was going to help them... It was a pain to have to set up the access to some languages and some data.""Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users.""Getting new guys trained on using the solution requires some thought. If someone is already trained on Palo Alto then he's able to adapt quickly. But, if someone is coming from another platform such as Fortinet, or maybe he's from the system side, that is where we need some help. We need to find out if there is an online track or training that they can go to.""We identified two things that we felt would be great to have, but they are under NDA. So, I can't disclose them. Other than those two things, we identified a generic bug in the secret key management service on AWS that needs to be fixed. We reported it to them, and we want them to fix it.""The integration of the Compute function into the cloud monitoring function—because those are two different tools that are being combined together—could use some more work. It still feels a little bit disjointed.""The access controls for our bank roles were not granular enough. We needed specific people to do particular actions, and we often had to give some people way too much access for them to be able to do what they needed in Prisma. They couldn't do their jobs if they didn't have that level of access, so other people had to do that part for them. It would help to have more granular role-based access controls."

More Prisma Cloud by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "I'm not privy to that information, but I know it's probably close to a million dollars a year."
  • "We are using the free version of the Azure Security Center."
  • "Azure Defender is a bit pricey. The price could be lower."
  • "This is a worldwide service and depending on the country, there will be different prices."
  • "Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
  • "There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
  • "Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
  • "I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."
  • More Microsoft Defender for Cloud Pricing and Cost Advice →

  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."
  • "The license for CloudGuard Posture Management is about $80 a year, and it's based on your cloud footprint, not the number of users. So you could have a million users, and it doesn't matter."
  • "From a pricing perspective, they are pretty expensive."
  • "In the beginning, the price of Dome9 was cheap, whereas now it is not."
  • "Check Point CloudGuard Posture Management is always known as a good solution but an expensive one. When you're using Cisco, Check Point, or Palo Alto, you know that you will pay more, but you know that it will work."
  • More Check Point CloudGuard Posture Management Pricing and Cost Advice →

  • "One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
  • "The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
  • "From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
  • "If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
  • "The pricing and licensing are expensive compared to the other offerings that we considered."
  • "I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."
  • "The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard."
  • "The licensing cost is a bit high on the compute side."
  • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which CWPP (Cloud Workload Protection Platforms) solutions are best for your needs.
    635,987 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across… more »
    Top Answer:The integration with Logic Apps allows for automated responses to incidents.
    Top Answer:This is a worldwide service and depending on the country, there will be different prices. There is a price calculator… more »
    Top Answer:It's very important to have a reliable and good partner. The proactivity helps us to see the existing needs and check… more »
    Top Answer:Some general improvement characteristics can be made, including the following: 1- Cost improvement. Some tools are quite… more »
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Top Answer:We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We… more »
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very… more »
    Comparisons
    Also Known As
    Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
    Dome9
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    Learn More
    Overview

    Microsoft Defender for Cloud protects your Azure and hybrid resources. Microsoft uses a wide variety of physical, infrastructure, and operational controls to help secure Azure—but there are additional actions you need to take to help safeguard your workloads. Turn on Azure Security Center to strengthen your cloud security posture. Within Azure Security Center, use Azure Defender to protect your hybrid cloud workloads. With Azure Security Center, you can:

    - Assess and visualize the security state of your resources in Azure, on-premises, and in other clouds with Azure Secure Score

    - Simplify enterprise compliance and view your compliance against regulatory requirements

    - Protect all your hybrid cloud workloads with Azure Defender, which is integrated with Security Center

    - Use AI and automation to cut through false alarms, quickly identify threats, and streamline threat investigation

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Check Point CloudGuard provides cloud native security for all your assets and workloads, across multi-clouds, allowing you to automate security everywhere, with unified threat prevention and posture management. The only solution that provides context to secure your cloud with confidence.

    Prisma Cloud is a comprehensive cloud-native security platform (CNSP) that provides security and compliance coverage for infrastructure, applications, data, and all cloud-native technology stacks throughout the development lifecycle. Prisma Cloud safeguards cloud operations across hybrid and multi-cloud environments, all from a single, unified solution, using a combination of cloud service provider APIs and a unified agent framework.

    The move to the cloud has changed all aspects of the application development lifecycle, with security being foremost among them. Security and DevOps teams face a growing number of entities to secure as organizations adopt cloud-native approaches. Constantly changing environments challenge developers to build and deploy at a rapid pace without compromising on security. Prisma Cloud by Palo Alto Networks delivers complete security and compliance coverage across the development lifecycle on any cloud environment, enabling you to develop cloud-native applications with confidence.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Offer
    Learn more about Microsoft Defender for Cloud
    Learn more about Check Point CloudGuard Posture Management
    Learn more about Prisma Cloud by Palo Alto Networks
    Sample Customers
    Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Top Industries
    REVIEWERS
    Computer Software Company20%
    Consumer Goods Company13%
    Retailer7%
    Insurance Company7%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider10%
    Financial Services Firm10%
    Government6%
    REVIEWERS
    Financial Services Firm39%
    Computer Software Company22%
    Maritime Company11%
    Insurance Company11%
    VISITORS READING REVIEWS
    Computer Software Company27%
    Comms Service Provider16%
    Financial Services Firm11%
    Energy/Utilities Company5%
    REVIEWERS
    Computer Software Company33%
    Manufacturing Company17%
    Healthcare Company11%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm12%
    Comms Service Provider10%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business28%
    Midsize Enterprise9%
    Large Enterprise63%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise69%
    REVIEWERS
    Small Business38%
    Midsize Enterprise10%
    Large Enterprise53%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise16%
    Large Enterprise65%
    REVIEWERS
    Small Business23%
    Midsize Enterprise23%
    Large Enterprise53%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise11%
    Large Enterprise71%
    Buyer's Guide
    Check Point CloudGuard Posture Management vs. Prisma Cloud by Palo Alto Networks
    September 2022
    Find out what your peers are saying about Check Point CloudGuard Posture Management vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: September 2022.
    635,987 professionals have used our research since 2012.

    Check Point CloudGuard Posture Management is ranked 4th in CWPP (Cloud Workload Protection Platforms) with 19 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in CWPP (Cloud Workload Protection Platforms) with 20 reviews. Check Point CloudGuard Posture Management is rated 8.6, while Prisma Cloud by Palo Alto Networks is rated 7.8. The top reviewer of Check Point CloudGuard Posture Management writes "Security visibility accuracy is tremendous, letting us see who is trying to access what". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "Gives me a holistic view of cloud security across multiple clouds or multiple cloud workloads within one cloud provider". Check Point CloudGuard Posture Management is most compared with Amazon GuardDuty, Threat Stack Cloud Security Platform, Qualys VM, Prisma SaaS by Palo Alto Networks and Guardicore Centra, whereas Prisma Cloud by Palo Alto Networks is most compared with Aqua Security, Snyk, Wiz, Orca Security and Amazon GuardDuty. See our Check Point CloudGuard Posture Management vs. Prisma Cloud by Palo Alto Networks report.

    See our list of best CWPP (Cloud Workload Protection Platforms) vendors, best Cloud Security Posture Management (CSPM) vendors, and best Cloud-Native Application Protection Platforms (CNAPP) vendors.

    We monitor all CWPP (Cloud Workload Protection Platforms) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.