"The most valuable feature is the visibility of processes and connections."
"The interface and dashboard are amazing."
"I found the solution to be stable."
"We like the centralized management of the firewalls. Until we installed Guardicore Centra, we managed all our firewalls individually, so making changes was complicated, difficult, and time-consuming."
"From day one, you get threat intelligence. It will immediately block active threats, which has been useful."
"This tool greatly helps in understanding the footprint of the attacks."
"The real bonus is the fact that we can secure applications, all the way down to the individual services, on each host. It's actually more granular security than we can get out of a traditional firewall."
"In addition to that, I can get a snapshot of what I deemed were the priority vulnerabilities, whether it was identity access management, key rotation, or secrets management. Whatever you deem to be a priority for mitigating threats for your environment, you can get that as a snapshot."
"As a pure-play CSPM, it is pretty good. From the data exposure perspective, Prisma Cloud does a fairly good job. Purely from the perspective of reading the conflicts, it is able to highlight any data exposures that I might be having."
"The most valuable feature is the continuous cloud compliance monitoring and alerting."
"You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums."
"One of the main reasons we like Prisma Cloud so much is that they also provide an API. You can't expect to give someone an account on Prisma Cloud, or on any tool for that matter, and say, "Go find your things and fix them." It doesn't work like that... We pull down the information from the API that Prisma Cloud provides, which is multi-cloud, multi-account—hundreds and hundreds of different types of alerts graded by severity—and then we can clearly identify that these alerts belong to these people, and they're the people who must remediate them."
"Prisma Cloud's monitoring features such as the compute compliance dashboard and the vulnerability dashboard, where we can get a clear visualization of their docker, have also been valuable. We can get layer-by-layer information that helps us see exactly where it's noncompliant. They update the dashboards quite frequently."
"Technical support is quite helpful."
"The ability to monitor the artifact repository is one of the most valuable features because we have a disparate set of development processes, but everything tends to land in a common set of artifact repositories. The solution gives us a single point where we can apply security control for monitoring. That's really helpful."
"Supports become difficult when it's for a big organization. For a small organization, medium organization, it still makes sense, however, for a big organization, it makes life difficult."
"The maps could go a bit faster. They are useful but slightly slow."
"Sometimes, the speed needs improvement, especially when it comes to the generation of maps, where it can be a bit slow."
"The product needs a few features like enhanced user policies and payload-level inspection to improve the offering."
"The long-term management of the security policies could be improved with some kind of automation platform, something like Chef or Puppet or Ansible, to help you manage the policies after day-one... to then manage the policies and changes to those policies, going forward, through some type of automation process is not turning out to be really easy."
"In our version, when using the terminal server, we cannot exclude user tasks for each session."
"The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories."
"Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures."
"The integration of the Compute function into the cloud monitoring function—because those are two different tools that are being combined together—could use some more work. It still feels a little bit disjointed."
"Getting new guys trained on using the solution requires some thought. If someone is already trained on Palo Alto then he's able to adapt quickly. But, if someone is coming from another platform such as Fortinet, or maybe he's from the system side, that is where we need some help. We need to find out if there is an online track or training that they can go to."
"It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat."
"Based on my experience, the customization—especially the interface and some of the product identification components—is not as customizable as it could be. But it makes up for that with the fact that we can access the API and then build our own systems to read the data and then process and parse it and hand it to our teams."
"The challenge that Palo Alto and Prisma have is that, at times, the instructions in an event are a little bit dated and they're not usable. That doesn't apply to all the instructions, but there are times where, for example, the Microsoft or the Amazon side has made some changes and Palo Alto or Prisma was not aware of them. So as we try to remediate an alert in such a case, the instructions absolutely do not work. Then we open up a ticket and they'll reply, "Oh yeah, the API for so-and-so vendor changed and we'll have to work with them on that." That area could be done a little better."
"We would like to have the detections be more contemporaneous. For example, we've seen detections of an overprivileged user or whatever it might be in any of the hundreds of Prisma policies, where there are 50 minutes of latency between the event and the alert."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Guardicore Centra is ranked 6th in Cloud Workload Security with 7 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Workload Security with 16 reviews. Guardicore Centra is rated 8.2, while Prisma Cloud by Palo Alto Networks is rated 8.0. The top reviewer of Guardicore Centra writes "Allowed us to build out a data center topology without worrying about placement of physical or virtual firewalls that can create bottlenecks". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "Gives me a holistic view of cloud security across multiple clouds or multiple cloud workloads within one cloud provider". Guardicore Centra is most compared with Cisco Secure Workload, Illumio Adaptive Security Platform, VMware NSX, Trend Micro Deep Security and Darktrace, whereas Prisma Cloud by Palo Alto Networks is most compared with Microsoft Defender for Cloud, Aqua Security, Check Point CloudGuard Posture Management, Snyk and Amazon GuardDuty. See our Guardicore Centra vs. Prisma Cloud by Palo Alto Networks report.
See our list of best Cloud Workload Security vendors and best Microsegmentation Software vendors.
We monitor all Cloud Workload Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.