Microsoft Defender for Cloud Apps vs Prisma SaaS by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Microsoft Defender for Cloud Apps and Prisma SaaS by Palo Alto Networks based on real PeerSpot user reviews.

Find out in this report how the two Cloud Access Security Brokers (CASB) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Microsoft Defender for Cloud Apps vs. Prisma SaaS by Palo Alto Networks Report (Updated: November 2022).
655,465 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"There is much differentiation within the licensing so if anyone wants DNS security from the DNS security log, we are there already, and if anyone wants to go to a secure internet gateway, that is also available. We can get the integrated cloud DLP license keys. That is a good benefit with Cisco Umbrella. You can get a complete solution in a single licensing.""Some clients only want DNS security, while others want more of the advanced features that it has available.""I was able to implement it myself. It was really easy to install. You could install it on a server locally if you want to. If you have the biggest site, you would do that, but for my site, it was just directing all the traffic out through the Cisco Umbrella DNS. It was really handy. When the owners of the company went overseas, I knew that they would be secure because even if they were not on the company network, they would still go through the Cisco Umbrella servers. It was a complete solution for protecting the company with outgoing data.""It enables us to go granular in the customization of blocking some categories on the DNS.""A single pane of glass saves time... This does have a lot of options available for us to see who's doing what, what trends, what errors. We can set up our alerting through it as well. It is definitely a great dashboard.""If it didn't have a single pane of glass, we would not be using it. The single pane of glass gives you a one-stop shop. It's like going to Home Depot. You find all your stuff there. You can see all your threats and your endpoints. It's a very important feature and makes things very simple.""Any time someone went off the network, the AnyConnect client had the Umbrella agent built in, and it would realize when their computer connected that they were not on the corporate network. It would monitor and they would have pretty close to the same rules that they had to follow when they were in the office, regarding what kind of website browsing they could do.""The single-pane-of-glass management is really important. In today's era, administration costs and operational expenses will cost you a lot, and it reduces that as well. You don't need extra resources to manage all your parameter firewalls, looking at every single device to allow resources internal access. By just introducing the single-pane-of-glass management, it has lifted the burden off of management, especially the network management."

More Cisco Umbrella Pros →

"On-demand scanning is the most valuable feature. In addition, it's a fairly fluid product. It syncs back to the cloud and provides metrics. It's pretty intelligent.""The ability to prevent users from using certain applications is one of the most valuable features. It doesn't require any configuration for implementation from the client perspective. It just works right away and gives you the information you need.""Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool.""Better logging allows us to find problems and take appropriate steps to lock them out.""It's very easy to install and it includes the Intune portal from Microsoft where I can control all the devices from one place.""I like the alert policies because they are quite robust. It has some built-in templates that we can easily pick up. One of them is the alert for mass downloads, when a particular user is running a massive download on your SharePoint site.""The most valuable feature of this solution is its monitoring.""In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."

More Microsoft Defender for Cloud Apps Pros →

"To quarantine and clean a malware file provides a lot of security.""Prisma SaaS is very easy to use; it's common sense — it's the best-in-class.""It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful.""The stacked policies, event policies, and routing policies are easy to understand for someone with general knowledge.""You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you that opportunity to create that.""The remediation process is easy compared to other platforms.""Prisma's most valuable feature would be its ability to identify bad or risky configurations.""The most valuable feature of Prisma Cloud-native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities."

More Prisma SaaS by Palo Alto Networks Pros →

Cons
"I would like them to make some videos, practical videos, the kind with steps that people can use to learn and deploy""I would like to see more integrability with other products.""There are some situations where we would like to block things for specific user groups. I know that Umbrella does that, but it's not that easy.... when you want a specific task for specific rules and policies for user groups, you have to go three levels down in the menu, and it's hard to find where you do that task.""Cisco Umbrella should introduce an on-premises device.""We faced an issue regarding virtual appliances (VAs) during deployment. They could improve the quality and management of the virtual appliances offered right now. You can't see much because it is a Linux machine, and they have customized it. You don't have any route access to the machine, only seeing limited things in it. When we opened a ticket, they didn't know much about VAs themselves. So, that is where it is lacking right now. I know this will improve in the long run.""In my experience with Umbrella support, sometimes the response times take a bit more time than we would like... sometimes, if you go through email, it can take quite a while to get a response.""I'd like to see improvement in its overall integration with all the other platforms. There's some integration between Umbrella and Meraki, but an overall Cisco problem is that there are so many different tools, and finding easy, seamless ways of connecting everything together is always a challenge.""If the security issues are taken care of it would be better."

More Cisco Umbrella Cons →

"In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis.""There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default.""Microsoft Defender for Cloud Apps' initial setup was quite technical but we were prepared. The time of the implementation depends on the job and how many users are being set up.""There are challenges with detection and there are challenges with false-positive rates.""Sometimes, we'll get false positive alarms. For example, when a SharePoint path has no file sharing, but there is an external user, it will trigger an alarm that the file has been shared with an external user... the alerting mechanism should be more precise when giving you an alert about what activity has been done with the file...""This service would be better if it had a separate license, only for this service, that could be used to track usage.""They need to improve the attack surface reduction (ASR) rules. In the latest version, you can implement ASR rules, which are quite useful, but you have to enable those because if they're not enabled, they flag false positives. In the Defender portal, it logs a block for WMI processes and PowerShell. Apparently, it's because ASR rules are not configured. So, you generally have to enable them to exclude, for example, WMI queries or PowerShell because they have a habit of blocking your security scanners. It's a bit weird that they have to be enabled to be configured, and it's not the other way around.""Sometimes the support is actually lacking."

More Microsoft Defender for Cloud Apps Cons →

"Prisma would be a stronger solution if it could aggregate resources by project or by application. So say we have an application we've developed in AWS and five applications we've developed in Azure. The platform will group it according to those applications, but it's based on the tags we use in Azure, which means I have to rely on development teams to tag resources properly.""Lacks a hybrid model which has API plus in-line security.""The frequency of updates could be reduced.""One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date.""My clients would like to see a more feature-rich product.""We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve.""They can add some new characteristics. For example, when an incident triggers, they can automatically send a template for a particular match that is related to the policy. We don't have that right now. It is something to improve. There could be more automation for certain actions. For example, for a particular group, it can send an administrator alert to their manager. It was one of the concerns of our customers.""When it comes to integration mechanisms, Prisma SaaS does not support reverse proxy type of integrations."

More Prisma SaaS by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "There is a subscription cost."
  • "The price could be lower."
  • "The price is quite good."
  • "Pricing depends on the automation requirements of the organization."
  • "It has a reasonable price. It is certainly not as expensive as it used to be. It is in line with other offerings on the market. There are a number of different flavors of Umbrella. They could bring Umbrella SIG down a bit because its price is a little bit high for what it does, but I also understand why its price is high."
  • "Cisco Umbrella is expensive and could be cheaper."
  • "When talking about Cisco solutions in general there pricing model is horrible. For example, you can sell a Meraki-based solution, but if the customer starts shopping around, someone is going to have access to the pricing at a level that you cannot compete because they do not have uniform pricing. Not everybody gets fair pricing. Unless you are one of the real major corporations selling the solution your ability to compete is impossible. Cisco will acknowledge the situation and assure you next time it will be in your favor but it never becomes favorable for you. Cisco is not very good in this regard. However, Umbrella is good."
  • "The licensing fee is paid on a yearly basis."
  • More Cisco Umbrella Pricing and Cost Advice →

  • "Our clients normally use the Microsoft E1 licensing, which is renewed yearly."
  • "The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD."
  • "I'm not totally involved in the pricing part, but I think its pricing is quite aggressive, and its price is quite similar to Netskope. Netskope has separate licensing fees or additional charges if you want to monitor certain SaaS services, whereas, with MCAS, you get 5,000 applications with their Office 365. It is all bundled, and there's no cost for using that. You only have the operational costs. In the country I am in, it is a bit difficult to get people with the required skill sets."
  • "Its pricing is on the higher side. Its price is definitely very high for a small-scale company. As an enterprise client, we do get benefits from Microsoft. We get a discounted price because of the number of users we have in our company. We have a premier package, and with that, we do get a lot of discounts. There are no additional costs. It only comes in the top-tier packages. Generally, the top-tier license is the best license that you can get for your organization. If you want, you can buy it separately, but that's not a good idea."
  • "The price could be better and should be reconsidered."
  • "It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive."
  • "We are an MST and we do not pay for the solution. However, the price of the solution could be better."
  • "The cost could be improved when you need to pay for anything. For example, refreshing files takes time to load, though it may be my Internet. To improve the refresh time, Microsoft says that we need to pay for a Premium license, and I don't like paying for things that help make a solution better."
  • More Microsoft Defender for Cloud Apps Pricing and Cost Advice →

  • "The licensing fees are paid on a yearly basis and for what we get, the price is good."
  • "Prisma SaaS is more expensive than similar solutions but I think it's worth it."
  • "Prisma is in the middle of the road. It's not the most expensive, but it's not the cheapest. There aren't any additional costs, to my knowledge. I know they have some extra modules, but we didn't use them."
  • "They price their products using credit modules."
  • More Prisma SaaS by Palo Alto Networks Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.
    655,465 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried.… more »
    Top Answer:Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-native… more »
    Top Answer:The single-pane-of-glass management is really important. In today's era, administration costs and operational expenses… more »
    Top Answer:In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the… more »
    Top Answer:The E5 license offers everything bundled. People are moving to Microsoft because you buy one license and it gives you… more »
    Top Answer:The visibility it provides is quite good. You get all the logs for investigation purposes. But there should be more… more »
    Top Answer:You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for… more »
    Top Answer:The pricing is reasonable for Palo Alto. They price their products using credit modules. There are various types of… more »
    Top Answer:They can add some new characteristics. For example, when an incident triggers, they can automatically send a template… more »
    Comparisons
    Also Known As
    OpenDNS
    MS Cloud App Security, Microsoft Cloud App Security
    Palo Alto Networks Prisma SaaS, Prisma SaaS, Palo Alto Networks Aperture, Aperture
    Learn More
    Overview

    Cisco Umbrella offers flexible, cloud-delivered security according to users’ requirements Cisco Umbrella includes secure web gateway, firewall, and cloud access security broker (CASB) functionality all delivered from a single cloud security service. Cisco Umbrella’s protection is extended to devices, remote users, and distributed locations anywhere. As company employees work from many locations and devices, Cisco Umbrella is the easiest way to effectively protect users everywhere in minutes.

    Cisco Umbrella uses machine learning to search for, identify, and even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. These domains are then proactively blocked, protecting networks from potential compromise. Cisco Umbrella analyzes terabytes of data in real time across all markets, geographies, and protocols.

    Cisco Umbrella works with leading IT companies to integrate its security enforcement and intelligence. Built with a bidirectional API, Cisco Umbrella makes it easy to extend protection from on-premises security appliances to cloud controlled devices and sites.

    Cisco Umbrella is suitable for small businesses without dedicated security professionals, as well as for multinational enterprises with complex environments.

    Why use Cisco Umbrella?

    • Simplify security management: Cisco Umbrella is the fastest and easiest way to protect all users within minutes and reduces the number of infections and alerts sent from other security products by stopping threats at the earliest point. With no hardware to install and no software to manually update, ongoing management is simple

    • Reliable reporting: Cisco Umbrella reports show activity for each device or network in the system. Users gain a more complete picture of the security risks facing their organization and can take action to remedy them.

    • Manage and control cloud apps: Umbrella provides visibility into sanctioned and unsanctioned cloud services in use across the enterprise. Users can uncover new services being used, see who is using them, identify potential risk, and block specific applications easily.

    Reviews from Real Users

    Cisco Umbrella stands out among its competitors for a number of reasons. Some of the major ones are its DNS-based protection, ability to protect users no matter where they are located, stability, and high performance.

    Daniel B., a network specialist at Syswind Kft, writes, “We primarily use the solution as cloud security for our branches. It protects us from direct internet outbreaks. It makes for good flexibility. The solution is very easy to manage. We found the initial setup, for example, to be quite simple. Efficient protection on the DNS level and even higher. The sandboxing feature analyses and handles the complicated security risks.”

    Victor M., SOC & Security Services Director at BEST, notes, “It provides security for the remote workers and it helps to improve enterprise security in a very easy way. We mainly enjoy web software protection capabilities. It prevents the end-users from getting into bad sites or sites that potentially could have malware or could be phishing. It helps end-users avoid the wrong sites. The solution works very smoothly. The user interface is good.”

    Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) that provides multifunction visibility, control over data travel, and sophisticated analytics. With Microsoft Cloud App Security, you can: 

    - Manage, control, and audit apps to streamline cloud access security

    - Mange your access to resources to discover shadow IT and understand your digital information estate

    - Use real-time controls to enable threat protection on all the access points that touch your environment

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Prisma SaaS by Palo Alto Networks is a powerful cloud access security brokerage (CASB) and SaaS solution that is designed to fully handle an organization’s SaaS security needs. It is a comprehensive package that offers both in-line as well as API-based protection. Users can use Prisma SaaS to complement whatever security tools they currently employ.

    Prisma SaaS Benefits

    Some of the ways that organizations can benefit by choosing to deploy Prisma SaaS include:

    • Adaptability. Prisma SaaS can be adapted to satisfy any and all SaaS needs that an organization might have. When users choose Prisma SaaS, they gain access to a vast suite of integrations. These enable users to connect with the most widely used and common SaaS applications on the market. An organization is given the ability to take stock of features or functions that they might be missing and employ the integration to make up for whatever they feel they are missing.
    • Security. Prisma SaaS comes with a wealth of security features that users can leverage to handle all of their security needs. Users can set specific security policies to classify data in a way that enables the solution’s artificial intelligence and machine learning software to track them to prevent losses from taking place. The solution’s AI and ML can also block known malware, identify new malware, and block these new threats before they can do harm.
    • Automated updates. Organizations do not need to devote resources to ensure that Prisma SaaS’s software remains up to date. It automatically updates when an update is ready to launch. Users can focus on using the product and allow the solution to manage its updates on its own.

    Prisma SaaS Features

    • Centralized management and control. Prisma SaaS is controllable from a single centralized location. Users can manage every aspect of the solution in a simplified way. They do not need to master the controls on a variety of consoles to achieve the highest level of value from it. All of the controls are located in one place, which also makes it easy for users to learn how to use them. Additionally, it enables users to view all of their critical data in a single location without having to struggle to find the data that they need.
    • Threat visualization and reporting. Users gain the ability to break down potential threats and incidents in ways that provide deep insights. Prisma SaaS can visually represent threats that have not yet been actualized as well as events that have occurred. Additionally, it can create detailed reports that can provide users with the information that they need to secure themselves from future harm.
    • User behavior monitoring. Prisma SaaS’s AI and ML capabilities enable the solution to spot unusual user behavior that might signal that a user’s credentials have been stolen.

    Reviews from Real Users

    Prisma SaaS by Palo Alto Network is a solution that stands out when compared to many of its competitors. Two major advantages it offers are the ability to customize data search expressions and the ability to identify, analyze, and troubleshoot threats from a single solution.

    Gabriel F., the senior service delivery engineer at the Netdata Innovation Center, writes, “You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you the opportunity to create that.”

    Angell D., a senior engineer at Cloudrise, says, "The most valuable feature of Prisma Cloud-native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities."

    Offer
    Learn more about Cisco Umbrella
    Learn more about Microsoft Defender for Cloud Apps
    Learn more about Prisma SaaS by Palo Alto Networks
    Sample Customers
    Chart Industries, City of Aspen, Eastern Mountain Sports, FLEXcon, George Washington University, Jackson Municipal Airport Authority, Ohio Public Library Information Network, PTC, Richland Community College, Smart Motors, Tulane University, VeriClaim
    Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.
    University of Arkansas
    Top Industries
    REVIEWERS
    Financial Services Firm16%
    Comms Service Provider9%
    Educational Organization9%
    Retailer7%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider14%
    Financial Services Firm8%
    Government6%
    REVIEWERS
    Educational Organization29%
    Government14%
    Financial Services Firm14%
    Engineering Company14%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider11%
    Financial Services Firm11%
    Government7%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider11%
    Financial Services Firm11%
    Energy/Utilities Company6%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise26%
    Large Enterprise37%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise15%
    Large Enterprise64%
    REVIEWERS
    Small Business24%
    Midsize Enterprise33%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise66%
    REVIEWERS
    Small Business47%
    Midsize Enterprise27%
    Large Enterprise27%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise14%
    Large Enterprise70%
    Buyer's Guide
    Microsoft Defender for Cloud Apps vs. Prisma SaaS by Palo Alto Networks
    November 2022
    Find out what your peers are saying about Microsoft Defender for Cloud Apps vs. Prisma SaaS by Palo Alto Networks and other solutions. Updated: November 2022.
    655,465 professionals have used our research since 2012.

    Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 18 reviews while Prisma SaaS by Palo Alto Networks is ranked 5th in Cloud Access Security Brokers (CASB) with 9 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Prisma SaaS by Palo Alto Networks is rated 8.4. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Prisma SaaS by Palo Alto Networks writes "Supports custom expressions, helps with compliance, and integrates well with Azure AD". Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Netskope CASB, Qualys VM, Skyhigh Security and Infoblox Advanced DNS Protection, whereas Prisma SaaS by Palo Alto Networks is most compared with Netskope CASB, Zscaler Internet Access, Zscaler CASB, Skyhigh Security and Qualys VM. See our Microsoft Defender for Cloud Apps vs. Prisma SaaS by Palo Alto Networks report.

    See our list of best Cloud Access Security Brokers (CASB) vendors.

    We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.