Try our new research platform with insights from 80,000+ expert users

Flow Security vs Prisma Cloud by Palo Alto Networks comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Flow Security
Ranking in Data Security Posture Management (DSPM)
10th
Average Rating
9.0
Number of Reviews
1
Ranking in other categories
Database Security (8th)
Prisma Cloud by Palo Alto N...
Ranking in Data Security Posture Management (DSPM)
1st
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
106
Ranking in other categories
Web Application Firewall (WAF) (5th), Container Security (1st), Cloud Workload Protection Platforms (CWPP) (1st), Cloud Security Posture Management (CSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (1st)
 

Featured Reviews

AT
Sep 11, 2023
It gives us a risk report that helps us refine our process management by highlighting where we might be exposed
Flow's distinctive capability to analyze both data at rest and data in motion grants us the ability not only to get full visibility and classification of the data within our managed databases but also to visualize the data flows both within and beyond our environment. This enables us to achieve a comprehensive understanding of all our sensitive data, even as it traverses through applications, shadow databases, and external services such as third-party entities and SaaS applications. What we aspire to achieve with Flow is extended visibility into the external services themselves, which will allow us to see the data they contain.
VISHWJEET GAIKWAD - PeerSpot reviewer
Aug 21, 2024
Works very well for multi-cloud environments and is more cost-effective than cloud-native tools
Some of the clients onboard individual cloud accounts into Prisma Cloud. When any new service comes into the AWS, Azure, or any other cloud, Prisma Cloud generates a warning about the new service and any missing permissions to be able to ingest the logs. We then manually run a Terraform template for Azure or a CFT template for AWS. It is a manual task that we have to do as and when needed. It is a repetitive and manual task. They should find a way to automatically update the role with the CFT or Terraform template. It would be best if this task is automated. When an account is onboarded, if it is missing any permission, it should automatically be updated with the required permissions and policies. If they can do something from the AI security perspective, it will be helpful. I am not sure if it has any AI capabilities, but it would be helpful to have AI integration for finding out issues and remediating alerts.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Before implementing Flow Security, we had no mechanism to alert us when third-party contractors were accessing sensitive data or moving it to locations with lower security. Now we know precisely where the data is stored and can assess the risk when someone wants to develop something. Flow Security lowers our risk of a data breach."
"The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security."
"The most valuable feature is the closed VPN connection, which provides better performance than traditional VPN boxes. For example, let's say a user in New York State normally connects in the East, but if they travel to the UK, they can connect to the same portal, which automatically redirects to any VPN gateway. We can control traffic based on Active Directory groups instead of the user's IP. That means a user in New York can access his application based on his user ID and AD group access when he travels to the UK or anywhere else."
"With the query language, we can analyze logs and find out which IPs are malicious. It also provides a graphical representation. It provides the overall visibility and how the traffic is flowing. We can see where the malicious IP is and whether it is an insider threat or an outsider threat."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"It supports the multi-cloud environment beautifully."
"The Cloud Workload Protection module is a very strong solution. I like the Cloud Workload Protection part. It is something I have not used for the banking client, but I had a chance to try it out for roughly a month on actual deployment of another customer. That part was really robust. Cloud Workload Protection would be the main feature that I enjoy the most."
"I was looking for a vulnerability scanner and I was looking for one place in which I could find everything. This tool not only does vulnerability scanning, but it also gives me an asset management tool."
"Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them."
 

Cons

"It provides a good overview of our infrastructure, but I need more end-to-end visibility, and SaaS is one of the gaps."
"Runecast gave us more visibility into VMware's private cloud. We have more environments there, but Prisma's lack of visibility into the private cloud was a downside—there weren't many."
"Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into."
"The visibility on the SIEM needs to be streamlined so we can get the data without any issues."
"Palo Alto needs to add more support staff to improve their response time."
"We would like to have the detections be more contemporaneous. For example, we've seen detections of an overprivileged user or whatever it might be in any of the hundreds of Prisma policies, where there are 50 minutes of latency between the event and the alert."
"It does not provide runtime security or protection for Windows Server. It is currently lacking in terms of Windows environment."
"In terms of improvement, there are some small things like hardening and making sure the Linux resources are deployed well but that's more at an operational level."
"Having auto Defender upgrades so that we do not have to upgrade Defender manually would be helpful."
 

Pricing and Cost Advice

Information not available
"It is fairly priced. However, its price can be better so that small banks or small organizations can afford it and adopt it to secure their environment and data."
"The pricing is reasonable."
"The licensing cost is a bit high on the compute side."
"Prisma Cloud is a value-back cloud-managed solution; cloud-native solutions are quite expensive."
"The pricing of the solution is fair."
"Prisma Cloud is more expensive than some other solutions, but when we consider all of its use cases, the cost averages out."
"You can expect a premium price because it is a premium quality product by a leading supplier."
"The Prisma Cloud pricing is good."
report
Use our free recommendation engine to learn which Data Security Posture Management (DSPM) solutions are best for your needs.
812,651 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
22%
Financial Services Firm
13%
University
11%
Retailer
7%
Educational Organization
16%
Computer Software Company
13%
Financial Services Firm
13%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Flow Security?
Before implementing Flow Security, we had no mechanism to alert us when third-party contractors were accessing sensitive data or moving it to locations with lower security. Now we know precisely wh...
What is your experience regarding pricing and costs for Flow Security?
I rate Flow Security six out of 10 for affordability. It's a fixed expense and far from the cheapest solution. We had to delay our purchase because business was bad and our CFO didn't like the idea...
What needs improvement with Flow Security?
I would like better visibility into all of our third-party providers. For example, we use one contractor to move data from one place to another. When the data leaves our service, we can see where i...
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cl...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...
 

Also Known As

No data available
Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Information Not Available
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Data Security Posture Management (DSPM). Updated: September 2024.
812,651 professionals have used our research since 2012.