We performed a comparison between Check Point CloudGuard Posture Management and Prisma Cloud by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: CloudGuard has sophisticated threat detection capabilities. In contrast, Prisma Cloud received some negative feedback for its threat detection.
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"The security baseline and vulnerability assessments is the valuable feature."
"The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster."
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"The solution is very user-friendly."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"Helps identify and correct misconfigurations in cloud environments, ensuring that infrastructure and applications are secure and optimized."
"Compliance is becoming an important tool for us as well."
"It has great scalability."
"The ability to drill down to individual hosts on an account and see which ones are affected is valuable."
"Auto remediation is a very effective feature that helps ensure less manual intervention."
"The most valuable feature is the CloudBots for auto-remediation of security findings."
"It offers advanced detection of threats that can harm data from the cloud database."
"On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures."
"Prisma Access provides comprehensive security. It provides URL filtering, application control, SSL, DLP, etc. It provides complete security for the cloud environment."
"The most valuable feature is the continuous cloud compliance monitoring and alerting."
"We are provided with a single tool to protect all of our cloud resources and applications without having to manage and reconcile compliance reports."
"What I like most about Prisma Cloud is its zero-day signatures, maximum security, minimal downtime, cloud visibility, control, and ease of deployment."
"I found the network queue sets useful. I also liked the Workload Protection Module, the vulnerability findings, and how the rule sets handle the vulnerabilities based on severity."
"One of the most valuable features is the compliance of RedLock, which we are using for any issues with security. It flags them and that's the primary objective of that feature."
"The most valuable features are vulnerability monitoring, serverless access, container runtime features, and Defender."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"The solution's container security could be improved."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"The only thing that needs to be improved is the number of scans per day."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"Their service needs improvement."
"I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes."
"When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug."
"We want to be able to customize the solution more in order to meet the needs of our company."
"The guidelines to implement or to link with the clouds are not complete."
"The false positives can be annoying at times."
"In general, for the product to be successful, they need to improve security, and configuration detection."
"We were demotivated by the lack of native automation modules for the Terraform and Ansible tools."
"Though Prisma Cloud by Palo Alto Networks provides excellent security, is a pioneer in this space, and knows what it's doing, from a user perspective, it would have been better if it was a little easier to use."
"While the code security feature has undergone recent enhancements, there is room for improvement in terms of its cost module."
"I would like to see the inclusion of automated counter-attack, although this is probably illegal."
"The regional cost of Prisma Cloud in South Africa is high and could be improved."
"We identified two things that we felt would be great to have, but they are under NDA. So, I can't disclose them. Other than those two things, we identified a generic bug in the secret key management service on AWS that needs to be fixed. We reported it to them, and we want them to fix it."
"One definite area for improvement is the auto-remediation or the CWP area. The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options."
"It would be ideal if they could somehow reduce the deployment time."
"The UI is good, however, they could improve the experience."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Check Point CloudGuard CNAPP is ranked 5th in Cloud Workload Protection Platforms (CWPP) with 60 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Workload Protection Platforms (CWPP) with 83 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". Check Point CloudGuard CNAPP is most compared with AWS GuardDuty, Microsoft Defender for Cloud, Qualys VMDR, Prisma Access by Palo Alto Networks and Trend Vision One - Cloud Security, whereas Prisma Cloud by Palo Alto Networks is most compared with Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub, CrowdStrike Falcon Cloud Security and Snyk. See our Check Point CloudGuard CNAPP vs. Prisma Cloud by Palo Alto Networks report.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors, best Cloud-Native Application Protection Platforms (CNAPP) vendors, and best Data Security Posture Management (DSPM) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.