JFrog Xray vs Prisma Cloud by Palo Alto Networks comparison

JFrog and Palo Alto Networks are both solutions in the Container Security category. JFrog is ranked #20 with an average rating of 7.8, while Palo Alto Networks is ranked #1 with an average rating of 8.6. JFrog holds a 3.9% mindshare in Container Security, compared to Palo Alto Networks’s 13.0% mindshare. Additionally, 100% of JFrog users are willing to recommend the solution, compared to 98% of Palo Alto Networks users who would recommend it.

JFrog Xray

Read 8 JFrog Xray reviews

3,038 Views
762 Comparison Views

100% willing to recommend

Prisma Cloud by Palo Alto N...

Read 110 Prisma Cloud by Palo Alto Networks reviews

18,891 Views
1,493 Comparison Views

98% willing to recommend

JFrog Xray

Prisma Cloud by Palo Alto N...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 25, 2025

Prisma Cloud by Palo Alto Networks and JFrog Xray are competitors in the enterprise security solutions market. Prisma Cloud leads in pricing and customer support, while JFrog Xray is favored for its robust features and perceived value.

Features: Prisma Cloud offers extensive cloud security and compliance monitoring, integrates well with AWS, provides a single pane of glass for multi-cloud management, and features identity-based micro-segmentation. JFrog Xray excels in in-depth artifact scanning and vulnerability detection with integration into CI/CD pipelines and focuses heavily on vulnerability management, enhancing its security value over traditional tools.

Room for Improvement: Prisma Cloud can improve its integration with all components of cloud-native security for seamless usability. It can also enhance its user interface for non-technical users and expand detailed alert management. JFrog Xray requires better initial setup guidance, needs more streamlined licensing and vulnerability alert precision for extremely large projects, and can enhance its user experience for first-time users.

Ease of Deployment and Customer Service: Prisma Cloud is noted for its easy deployment and excellent customer support with comprehensive resources. It easily integrates into cloud environments, reducing deployment complexities. JFrog Xray necessitates more elaborate configuration due to its detailed integration with CI/CD pipelines but offers solid customer support post-installation.

Pricing and ROI: Prisma Cloud presents an attractive pricing model with balanced costs against features. Its cost-effectiveness makes it appealing for companies looking for broader cloud security. JFrog Xray demands a higher initial investment, justified by its enhanced security capabilities, making it suitable for enterprises heavily focused on DevOps security.

To learn more, read our detailed JFrog Xray vs. Prisma Cloud by Palo Alto Networks Report (Updated: June 2025).

Buyer's Guide

JFrog Xray vs. Prisma Cloud by Palo Alto Networks

June 2025

Download the complete report

Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

JFrog Xray

Ranking in Container Security

20th

Average Rating

8.0

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Vulnerability Management (32nd), Software Composition Analysis (SCA) (6th), Software Supply Chain Security (2nd)

Prisma Cloud by Palo Alto N...

Ranking in Container Security

1st

Average Rating

8.4

Reviews Sentiment

7.3

Number of Reviews

110

Ranking in other categories

Web Application Firewall (WAF) (5th), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (2nd)

Mindshare comparison

As of June 2025, in the Container Security category, the mindshare of JFrog Xray is 3.9%, up from 2.1% compared to the previous year. The mindshare of Prisma Cloud by Palo Alto Networks is 13.0%, down from 17.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Container Security

Featured Reviews

Sai Pradeep Koneti

DevOps Engineer Intern at University of Nebraska at Omaha

Goes deep into the docker files and find out vulnerabilities

When we were trying to get it up and working initially, I found it a bit hard to go through JFrog Xray's documentation and get my error solved. I was facing some issues because we hadn't got a specific license for the tool, but I was able to access it. As a regular user, I regularly saw an error message saying that the license feature was unavailable for my subscription. After a couple of days, I realized I was missing a license. I had to go back to the JFrog Xray team, who provided me with the new license, and then I could complete the setup.

Read full review

Mohammad Qaw

Senior Security Consultant at helpag

It gives you one console to see all of your assets, review their configurations, and build your processes

Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features."

"JFrog Xray's reporting feature has a lot of options in it, including scanning."

"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."

"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."

"If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first."

"The solution is stable and reliable."

"Good reporting functionalities."

More JFrog Xray pros

"I find the CSPM area to be a more valuable and flexible feature."

"Visibility and control are the most utilized features. A dashboard is available to us where we can view different categories. We can see any IAM-related risks, any discovered vulnerabilities, any incidents, or any network-level issues."

"It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization."

"It is user-friendly. It has a good look and feel and reporting structure. It provides a single pane of glass. These are the things that I like."

"The most valuable features of the solution are areas like compliance and asset inventories, along with runtime protection."

"Visibility is a key feature. Integration with other technologies across the board, whether they are Palo Alto technologies, Windows technologies, or cloud technologies, is probably the biggest thing."

"The most valuable feature is the closed VPN connection, which provides better performance than traditional VPN boxes. For example, let's say a user in New York State normally connects in the East, but if they travel to the UK, they can connect to the same portal, which automatically redirects to any VPN gateway. We can control traffic based on Active Directory groups instead of the user's IP. That means a user in New York can access his application based on his user ID and AD group access when he travels to the UK or anywhere else."

"One of the main reasons we like Prisma Cloud so much is that they also provide an API. You can't expect to give someone an account on Prisma Cloud, or on any tool for that matter, and say, "Go find your things and fix them." It doesn't work like that... We pull down the information from the API that Prisma Cloud provides, which is multi-cloud, multi-account—hundreds and hundreds of different types of alerts graded by severity—and then we can clearly identify that these alerts belong to these people, and they're the people who must remediate them."

More Prisma Cloud by Palo Alto Networks pros

Cons

"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."

"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images."

"JFrog Xray's documentation and error logging could be improved."

"JFrog Xray does not have a dashboard."

"The out-of-the-box PostgreSQL provided is not stable, which is why we are considering enterprise support."

"X-ray needs improvement in supporting more than one database, as it currently only supports PostgreSQL."

"Lacks deeper reporting, the ability to compare things."

"Since we have been using the solution via APIs, there are some limitations in the APIs."

More JFrog Xray cons

"Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures."

"The Fargate security microservice that's running doesn't support blocking features, which would be helpful. Another issue is the lifecycle. It isn't easy to upgrade if we have a console in Fargate."

"The cloud integration is too complex. It should be simple to integrate Prisma Cloud with any cloud environment. Policy management could also be simpler."

"Prisma is good about compliance, and their support is excellent, but they struggle with automation and integration. They need to stay on top of the newest types of connectors. How can you connect other applications and other tools in order for this to work cohesively? That's a challenge."

"The visibility on the SIEM needs to be streamlined so we can get the data without any issues."

"There are hundreds of built-in policies for AWS and Azure, but GCP and Oracle are not covered as much as AWS. There is a lot of work to do on that part. There is, obviously, a tiny bit of favoritism towards AWS because it has the most market share."

"When it comes to protecting the full cloud-native stack, it has the right breadth. They're covering all the topics I would care about, like container, cloud configuration, and serverless. There's one gap. There could be a better set of features around identity management—native AWS—IAM roles, and service account management. The depth in each of those areas varies a little bit. While they may have the breadth, I think there's still work to do in flushing out each of those feature sets."

"Getting new guys trained on using the solution requires some thought. If someone is already trained on Palo Alto then he's able to adapt quickly. But, if someone is coming from another platform such as Fortinet, or maybe he's from the system side, that is where we need some help. We need to find out if there is an online track or training that they can go to."

More Prisma Cloud by Palo Alto Networks cons

Pricing and Cost Advice

Information not available

"The Prisma Cloud pricing is good."

"Prisma Cloud is a high-end enterprise solution, making it quite expensive."

"Prisma Cloud is more expensive than Check Point CloudGuard."

"Prisma Cloud is cost-efficient, but the credits are on the higher end."

"Our licensing fees are $18,000 USD per year."

"Prisma Cloud is remarkably expensive."

"Prisma Cloud by Palo Alto Networks has helped the company save some money. Cost-wise, it's okay."

"Prisma Cloud is affordable."

More Prisma Cloud by Palo Alto Networks pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Container Security solutions are best for your needs.

See recommendations

856,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

25%

Computer Software Company

12%

Manufacturing Company

11%

Government

Computer Software Company

14%

Financial Services Firm

13%

Educational Organization

10%

Manufacturing Company

10%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about JFrog Xray?

JFrog Xray shows us a list of vulnerabilities that can impact our code.

See all answers

What needs improvement with JFrog Xray?

X-ray needs improvement in supporting more than one database, as it currently only supports PostgreSQL. More support during troubleshooting sessions would also be beneficial.

See all answers

What is your primary use case for JFrog Xray?

Our primary use case for X-ray includes multiple activities such as security and vulnerability scanning. We already use Black Duck for these purposes, and we are evaluating how JFrog Xray can offer...

See all answers

What is your primary use case for Prisma Cloud by Palo Alto Networks ?

Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.

See all answers

What Cloud-Native Application Protection Platform do you recommend?

We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cl...

See all answers

What do you think of Aqua Security vs Prisma Cloud?

Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...

See all answers

Comparisons

Black Duck vs JFrog Xray

Compared 14% of the time

Trivy vs JFrog Xray

Compared 14% of the time

Veracode vs JFrog Xray

Compared 6% of the time

GitHub Dependabot vs JFrog Xray

Compared 6% of the time

Wiz vs JFrog Xray

Compared 5% of the time

More JFrog Xray Competitors

Wiz vs Prisma Cloud by Palo Alto Networks

Compared 22% of the time

Microsoft Defender for Cloud vs Prisma Cloud by Palo Alto Networks

Compared 11% of the time

CrowdStrike Falcon Cloud Security vs Prisma Cloud by Palo Alto Networks

Compared 5% of the time

Aqua Cloud Security Platform vs Prisma Cloud by Palo Alto Networks

Compared 4% of the time

Snyk vs Prisma Cloud by Palo Alto Networks

Compared 2% of the time

More Prisma Cloud by Palo Alto Networks Competitors

Product Reports

Buyer's Guide

JFrog Xray

June 2025

Download JFrog Xray product report

Buyer's Guide

Prisma Cloud by Palo Alto Networks

May 2025

Prisma Cloud by Palo Alto Networks report

Download Prisma Cloud by Palo Alto Networks product report

Also Known As

JFrog Security Essentials

Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto

Overview

JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].

If you are a team player and you care and you play to WIN, we have just the job you're looking for.

As we say at JFrog: "Once You Leap Forward You Won't Go Back!"

JFrog

Prisma Cloud by Palo Alto Networks delivers comprehensive security for cloud environments, focusing on workload protection, identity creation, and seamless AWS integration. Its cloud visibility and control, combined with thorough vulnerability scanning, help maintain robust security across multi-cloud platforms.

Prisma Cloud provides essential capabilities for cloud security posture management, container security, and compliance monitoring. Enterprises utilize it to secure cloud configurations, detect vulnerabilities, and ensure regulatory compliance, spanning AWS, Azure, and Google Cloud. Its runtime management, identity-based micro-segmentation, and threat detection enhance cybersecurity. Despite needing improvements in documentation, integration complexities, UI, and the need for role-based access control refinement, it remains pivotal for securing assets across cloud infrastructures, particularly with its capabilities for vulnerability scanning and CI/CD pipeline integration.

What are the key features?

Workload Identity Creation: Establishes identities for cloud workloads, enhancing security through precise access management.
Dynamic Workload Protection: Protects applications dynamically, securing resources during runtime.
Integration with AWS Products: Seamlessly integrates with AWS services, maximizing the efficiency of cloud operations.
Automated Forensics: Provides detailed insights through automated investigations and runtime mapping between containers.
Application Dependency Map: Enables compliance and asset management through comprehensive inventory functionality.

What benefits or ROI should users expect?

Proactive Threat Prevention: Enhances security measures with advanced threat detection and prevention.
Cloud Visibility and Control: Offers control across multi-cloud environments, ensuring users maintain a strong security posture.
Prevention Capabilities: Users value its ability to prevent vulnerabilities and threats effectively.
Integration Capabilities: Supports seamless integration into existing cloud infrastructures and CI/CD pipelines.

In industries like finance, healthcare, and retail, Prisma Cloud is implemented to strengthen cybersecurity measures, facilitate regulatory compliance, and enhance governance. Organizations leverage its features to secure sensitive data, monitor configurations, and integrate security processes within CI/CD workflows, ensuring robust protection across complex cloud infrastructures.

Palo Alto Networks

Sample Customers

google, amazon, cisco, netflix, oracle, vmware, facebook

Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America

Buyer's Guide

JFrog Xray vs. Prisma Cloud by Palo Alto Networks

June 2025

Free Report: JFrog Xray vs. Prisma Cloud by Palo Alto Networks

Find out what your peers are saying about JFrog Xray vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: June 2025.

DOWNLOAD NOW

856,873 professionals have used our research since 2012.

See our JFrog Xray vs. Prisma Cloud by Palo Alto Networks report.

See our list of best Container Security vendors.

We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.