Try our new research platform with insights from 80,000+ expert users

Cisco Secure Workload vs Prisma Cloud by Palo Alto Networks comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 29, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Workload
Average Rating
8.6
Reviews Sentiment
7.7
Number of Reviews
15
Ranking in other categories
Cloud and Data Center Security (9th), Cloud Workload Protection Platforms (CWPP) (14th), Microsegmentation Software (4th), Cisco Security Portfolio (9th)
Prisma Cloud by Palo Alto N...
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
111
Ranking in other categories
Web Application Firewall (WAF) (7th), Container Security (1st), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cisco Secure Workload is designed for Cloud and Data Center Security and holds a mindshare of 13.1%, up 12.0% compared to last year.
Prisma Cloud by Palo Alto Networks, on the other hand, focuses on Cloud-Native Application Protection Platforms (CNAPP), holds 14.5% mindshare, down 20.4% since last year.
Cloud and Data Center Security Market Share Distribution
ProductMarket Share (%)
Cisco Secure Workload13.1%
Illumio23.4%
Akamai Guardicore Segmentation22.2%
Other41.3%
Cloud and Data Center Security
Cloud-Native Application Protection Platforms (CNAPP) Market Share Distribution
ProductMarket Share (%)
Prisma Cloud by Palo Alto Networks14.5%
Wiz23.8%
Microsoft Defender for Cloud10.4%
Other51.300000000000004%
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

Raj Metkar - PeerSpot reviewer
Discover internal application dependencies and create a dependency map
We actively seek improvements in integrating the Infoblox DDI platform with Cisco Secure Workload. This integration allows Cisco Secure Workload to learn about our networks and network tags, providing valuable insights into vulnerabilities related to the operating system and various applications installed on our servers. Recently, Cisco announced a new product called HyperShield, an AI-based autonomous micro-segmentation solution. While Cisco has not stated that HyperShield will replace Cisco Secure Workload, it represents a natural evolution for the company. HyperShield features dynamic policy discovery and enforcement; however, once policies are enforced, they do not change until a discovery occurs, requiring a re-enforcement process. This new platform operates autonomously, minimizing the need for user or security engineer intervention. I would have expected Cisco to incorporate more automatic discovery and enforcement features within the existing Cisco Secure Workload product. Instead of enhancing the current product, they have introduced a new solution. Cisco plans to honor existing Tetration licenses, allowing users to transition to HyperShield without additional costs, reflecting the investment enterprises have already made. From Cisco’s perspective, this represents a natural progression in their product line. While the product name changes, it seems more of a rebranding effort. The enhancements are greater autonomy, improved discovery, and automatic enforcement, which are now being introduced in HyperShield. Cisco Secure Workload offers automatic policy enforcement but cannot adjust policies dynamically as the application needs to change. Having used the platform for the past five years, the recent announcement has been reassuring. Cisco has confirmed that our investment in the platform will not go to waste. They will honor our existing licenses, providing a natural migration path to the new solution without any disruption
Harsh_Vardhan - PeerSpot reviewer
Provides visibility and control that our customers need
Different modules are valuable for different customers. We are leveraging CSPM. It is one of the best solutions for comprehensive visibility into cloud resource configurations and compliance. It has a lot of out-of-the-box policies, and the visibility that we are getting is impressive. The DSPM module is valuable. This is the latest one that Palo Alto procured from Dig Security. No competitor provides this functionality in a single pane of glass. The support for Linux and container security is also very good. That is the beauty of Prisma Cloud. However, in terms of Windows security, Prisma Cloud is lacking because currently, there is no runtime protection available. The UI is very good. We get all the things within a single UI. It is easy to use. A new user can easily understand it. It is very user-friendly.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"By using Tetration insight, we are able to get the latency on our level accounts and we can determine whatever the issue is with the application latency itself."
"The most valuable feature of this solution is security."
"The most valuable feature of the solution is that we don't have to do packet captures on the network."
"Secure Workload's best feature is that it's an end-to-end offering from Cisco."
"The only use case I can see that makes sense is micro-segmentation. I think there are other use cases for it. The main purpose of the product is to do micro-segmentation by collecting IP. That could be done by installing an agent, and then you have all the communication coming in and out. You could also use some flow sensors installed in the network that receive a copy of the traffic and then report that back to the system."
"The product offers great visibility into the network so we can enforce security measures."
"The most valuable feature is micro-segmentation, which is the most important with respect to visibility."
"Instead of proving that all the access control lists are in place and all the EPGs are correct, we can just point the auditor to a dashboard and point out that there aren't any escaped conversations. It saves an enormous, enormous amount of time."
"One of the most valuable features is the compliance of RedLock, which we are using for any issues with security. It flags them and that's the primary objective of that feature."
"The UI is very good. We get all the things within a single UI."
"The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them."
"Palo Alto enables us to know what security threats are happening in the background."
"Prisma Cloud's inventory reporting is pretty good."
"Syslog CLIs are the best feature."
"The most valuable feature is that the rule set is managed and that it can be run on a regularly scheduled basis."
"I was looking for a vulnerability scanner and I was looking for one place in which I could find everything. This tool not only does vulnerability scanning, but it also gives me an asset management tool."
 

Cons

"The integration could be better, especially with different types of solutions."
"The interface is really helpful for technical people, but it is not user-friendly."
"They should scale down the hardware a bit. The initial hardware investment is two million dollars so it's a price point problem. The issue with the price comes from the fact that you have to have it with enormous storage and enormous computes."
"The multi-tenancy, redundancy, backup and restore functionalities, as well as the monitoring aspects of the solution, need improvement. The solution offers virtually no enterprise-grade possibility for monitoring."
"There's room for improvement when it comes to Cisco Secure Workload. A couple of internal areas could be refined a little bit. They are trying to solve it, depending on where you suppose the agent is. Suppose you have the agent on both the server and the client, which could be the front-end server or web server connecting to the. In that case, if those two are communicating on RPC, the server can look into its configuration. It could go down and find the configuration file on the FTP server and then set the policies to it. But there are a lot of different FTP servers out there. It's also a complex case for the tool to support all FTP servers."
"There was a controversy when Cisco reduced the amount of data they kept, and the solution became quite cost-intensive, which made its adoption challenging….Although they have modified it now, I preferred the previous version, and I wish all the functionality were back under the same product."
"It is highly scalable, but there is a limitation that it is only available on Cisco devices."
"There is some overlap between Cisco Tetration and AppDynamics and I need to have a single pane of glass, rather than have to jump between different tools."
"Palo Alto needs to add more support staff to improve their response time."
"I don't have any specific notes for improvement; however, if they could continue to focus more on giving users the ability to create custom policies and configurations, that would be ideal."
"The tool's UI is an area with certain shortcomings where improvements are required."
"Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users."
"I have some challenges customizing and personalizing some of the capabilities in the CSPM in terms of new policies and services. We have to reconfigure and rebuild the CSPM."
"A couple of exporting functionalities should be more user-friendly because if I want to export something, I can get a lot of data visible to that particular CSV."
"There is room for improvement on the logging and monitoring front because it's still not as holistic as I would want it to be."
"The area for improvement is less about the product and more about the upsell. If we've already agreed that we'd like your product x, y, or z, don't try to add fries to my burger. I don't need it."
 

Pricing and Cost Advice

"Pricing depends on the scope of the application and the features. Larger installations save more."
"The price is based on how many computers you're going to install it on."
"The cost for the hardware is around 300k."
"It is not cheap and pricing may limit scalability."
"The price is outrageous. If you have money to throw at the product, then do it."
"Regarding price, Cisco Secure Workload can be expensive if you don't have a budget. If you're not doing micro-segmentation, every extra security measure or enforcement you're putting on top of your existing environment will be an extra cost. It's not a cheap solution at all. But from my point of view, if you need to do micro-segmentation, this is one of the best tools I've seen for it. I can't compare that to Microsoft's solution because I haven't looked into it. I've looked into VMware and Cisco. Those are the only two that I know of. I didn't know that Microsoft could do micro-segmentation at all. Maybe they can, but I haven't heard anything about it."
"The pricing is a bit higher than we anticipated."
"We are encountering some resistance in the African market regarding the cost of Prisma Cloud."
"Prisma Cloud is a value-back cloud-managed solution; cloud-native solutions are quite expensive."
"This solution is good for a company with at least 400 people that must be connected remotely. For smaller companies, it can be too expensive."
"The price is high. In the future, when there are more competitors at the same level with different clouds, maybe the position will be different."
"I wouldn't mind if it were cheaper. We are spending a fair amount of money on Prisma Cloud."
"If you pay for three years of Palo Alto, it's better. If you're planning on doing this, it's obviously not going to be for one year, so it's better if you go with a three-year license... The only challenge we have is with the public cloud vendor pricing. The biggest lesson I have learned is around the issues related to pricing for public cloud. So when you are doing your segmentation and design, it is extremely important that you work with someone who knows and understands what kinds of needs you will have in the future and how what you are doing will affect you in terms of costs."
"It is an expensive tool. It is not cheap technology. It is a serious investment for any customer. Customers typically buy it together with services. In my experience, customers buying Prisma Cloud are prepared to pay for the implementation and the tool itself."
"Prisma Cloud Enterprise is a costly solution. You need a license for all the components. At the same time, you have everything under one roof, so I think it's still justified."
report
Use our free recommendation engine to learn which Cloud and Data Center Security solutions are best for your needs.
867,676 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
23%
Manufacturing Company
11%
Financial Services Firm
9%
Government
7%
Computer Software Company
15%
Financial Services Firm
14%
Manufacturing Company
10%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise3
Large Enterprise8
By reviewers
Company SizeCount
Small Business34
Midsize Enterprise20
Large Enterprise58
 

Questions from the Community

What do you like most about Cisco Secure Workload?
The product provides multiple-device integration.
What is your experience regarding pricing and costs for Cisco Secure Workload?
CloudStrike offers antivirus capabilities and firewall features for servers and VDI but lacks automatic policy discovery. This raises questions about the resources required to discover and write po...
What needs improvement with Cisco Secure Workload?
We actively seek improvements in integrating the Infoblox DDI platform with Cisco Secure Workload. This integration allows Cisco Secure Workload to learn about our networks and network tags, provid...
What is your primary use case for Prisma Cloud by Palo Alto Networks?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cl...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...
 

Also Known As

Cisco Tetration
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

ADP, University of North Carolina Charlotte (UNCC)
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Cisco Secure Workload vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: March 2025.
867,676 professionals have used our research since 2012.