We performed a comparison between Check Point CloudGuard Posture Management and Prisma SaaS by Palo Alto Networks based on real PeerSpot user reviews.
Find out in this report how the two CWPP (Cloud Workload Protection Platforms) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring."
"The administration portal panel is very intuitive."
"Good interface and visibility."
"The dashboard is intuitive. You know if you're compliant or not, and then it gives you a remediation plan."
"We really liked its ease of implementation against our Microsoft Azure environment."
"Checkpoint posture management gives you visibility across your entire cloud infrastructure, so it helps you with management, maintenance, and compliance. With visibility across all these cloud platforms, you can protect against compromised credentials or identity theft."
"We like the ability to investigate, analyze, and generate reports."
"The reporting is quite good. It is the most powerful aspect of this solution."
"You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you that opportunity to create that."
"Prisma SaaS is very easy to use; it's common sense — it's the best-in-class."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"Prisma's most valuable feature would be its ability to identify bad or risky configurations."
"To quarantine and clean a malware file provides a lot of security."
"It is easy to use, easy to integrate, and is stable. It's scalable as well."
"The remediation process is easy compared to other platforms."
"The most valuable feature of Prisma Cloud-native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities."
"Reporting should have more options."
"CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards."
"Currently, worldwide, there are many companies of all sizes that do not understand the value that their data has, but even with all existing clouds, they also do not understand what the shared responsibility model is. They only assume that by having a cloud, the provider must ensure safety, when the truth is that the providers only secure their sites. Everything we do in the cloud and how we configure it is actually our responsibility."
"The support must be more effective."
"Reporting should have more options."
"Currently, I would like this solution extended to cellular devices or tablets."
"The security of Check Point CloudGuard Posture Management could improve. There are always new security issues coming out."
"It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published."
"They can add some new characteristics. For example, when an incident triggers, they can automatically send a template for a particular match that is related to the policy. We don't have that right now. It is something to improve. There could be more automation for certain actions. For example, for a particular group, it can send an administrator alert to their manager. It was one of the concerns of our customers."
"My clients would like to see a more feature-rich product."
"One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date."
"Prisma would be a stronger solution if it could aggregate resources by project or by application. So say we have an application we've developed in AWS and five applications we've developed in Azure. The platform will group it according to those applications, but it's based on the tags we use in Azure, which means I have to rely on development teams to tag resources properly."
"We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve."
"Lacks a hybrid model which has API plus in-line security."
"When it comes to integration mechanisms, Prisma SaaS does not support reverse proxy type of integrations."
More Check Point CloudGuard Posture Management Pricing and Cost Advice →
More Prisma SaaS by Palo Alto Networks Pricing and Cost Advice →
Check Point CloudGuard Posture Management is ranked 4th in CWPP (Cloud Workload Protection Platforms) with 19 reviews while Prisma SaaS by Palo Alto Networks is ranked 5th in Cloud Access Security Brokers (CASB) with 8 reviews. Check Point CloudGuard Posture Management is rated 8.6, while Prisma SaaS by Palo Alto Networks is rated 8.4. The top reviewer of Check Point CloudGuard Posture Management writes "Security visibility accuracy is tremendous, letting us see who is trying to access what". On the other hand, the top reviewer of Prisma SaaS by Palo Alto Networks writes "Supports custom expressions, helps with compliance, and integrates well with Azure AD". Check Point CloudGuard Posture Management is most compared with Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud, Amazon GuardDuty, Threat Stack Cloud Security Platform and Qualys VM, whereas Prisma SaaS by Palo Alto Networks is most compared with Cisco Umbrella, Netskope CASB, Zscaler Internet Access, Microsoft Defender for Cloud Apps and Symantec CloudSOC CASB.
We monitor all CWPP (Cloud Workload Protection Platforms) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
