Microsoft Defender for Cloud vs Prisma Cloud by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Jun 2, 2022

We performed a comparison between Microsoft Defender Cloud and Prisma Cloud according to four categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of Microsoft Defender Cloud say the initial setup is straightforward, and it comes by default with the free version. The only downside is that if you want more visibility, you need the paid version. In contrast, with Prisma Cloud was easy to run an automated setup. 
  • Features: Valuable features of Microsoft Defender Cloud  include support of hybrid cloud and multi-cloud, the seamless integration with Azure, GCP and AWS. The solution is very intuitive about policy administration, and incident alerts. But you cannot create custom use cases and the consistency needs improvement. Prisma Cloud users say the most valuable features are the integration with Amazon, the visibility, and the ability to monitor the artifact repository. However, it needs to improve the usability and the compute function's integration into the cloud monitoring function. 
  • Pricing: Microsoft Defender Cloud users say it is more cost-effective than competing products, and the pricing model is straightforward. Prisma Cloud users say the licensing is confusing. You can't predict what your costs are going to be. 

  • Service and Support: Users of both solutions say the support is vital. However, Microsoft came ahead because they assigned an architect to the team.   

Comparison Results: Based on the parameters we compared, Microsoft Defender came ahead of Prisma Cloud because our reviewers found Prisma Cloud to be more difficult in terms of licensing. 

To learn more, read our detailed Microsoft Defender for Cloud vs. Prisma Cloud by Palo Alto Networks Report (Updated: March 2023).
686,748 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM.""The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update.""I have found the ability to delete unwanted threats beneficial.""I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there.""I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender.""The solution is well integrated with applications. It is easy to maintain and administer.""It gives a lot of flexibility in terms of configuration and customization as per the business requirements.""We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."

More Microsoft 365 Defender Pros →

"The solution's robust security posture is the most valuable feature.""Defender is a robust platform for dealing with many kinds of threats. We're protected from various threats, like viruses. Attacks can be easily minimized with this solution defending our infrastructure.""The vulnerability reporting is helpful. When we initially deployed Defender, it reported many more threats than we currently see. It gave us insight into areas we had not previously considered, so we knew where we needed to act.""The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark.""Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand.""It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it.""We saw improvement from a regulatory compliance perspective due to having a single dashboard.""The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."

More Microsoft Defender for Cloud Pros →

"The initial setup is seamless.""The application visibility is amazing. For example, sometimes we don't know what a particular custom port is for and what is running on it. The visibility enables us to identify applications, what the protocol is, and what service is behind it. Within Azure, it is doing a great job of providing visibility. We know exactly what is passing through our network. If there is an issue of any sort we are able to quickly detect it and fix the problem.""It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization.""I found the network queue sets useful. I also liked the Workload Protection Module, the vulnerability findings, and how the rule sets handle the vulnerabilities based on severity.""It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state.""Prisma Cloud's monitoring features such as the compute compliance dashboard and the vulnerability dashboard, where we can get a clear visualization of their docker, have also been valuable. We can get layer-by-layer information that helps us see exactly where it's noncompliant. They update the dashboards quite frequently.""The first aspect that is important is the fact that Prisma Cloud is cloud-agnostic. It's actually available for the five top cloud providers: AWS, GCP, Azure, Oracle, and Alibaba Cloud. The second aspect is the fact that we can write our own rules to try to detect misconfigurations in those environments.""The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security."

More Prisma Cloud by Palo Alto Networks Pros →

Cons
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera.""Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR.""Microsoft tends to provide too many features, which makes the solution prone to bugs.""Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded.""The user interface of Microsoft 365 Defender could improve. They could make it simpler.""There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use.""The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there.""The logs could be better."

More Microsoft 365 Defender Cons →

"The product was a bit complex to set up earlier, however, it is a bit streamlined now.""You cannot create custom use cases.""Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority.""Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ.""Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender.""Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations.""The solution's portal is very easy to use, but there's one key component that is missing when it comes to managing policies. For example, if I've onboarded my server and I need to specify antivirus policies, there's no option to do that on the portal. I will have to go to Intune to deploy them. That is one main aspect that is missing and it's worrisome.""Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."

More Microsoft Defender for Cloud Cons →

"They need to make the settings more flexible to fit our internal policies about data. We didn't want developers to see some data, but we wanted them to have access to the console because it was going to help them... It was a pain to have to set up the access to some languages and some data.""This solution is more AWS and Azure-centric. It needs to be more specific on the GCP side, which they are working on.""One of the main backlogs in their development is in the area of integration. For example, we have ServiceNow in place for ticket management and Prisma Cloud is supposed to send closure emails for incidents. But from time to time, it fails to do so. We have several other mismatches between Prisma Cloud and ServiceNow.""Getting new guys trained on using the solution requires some thought. If someone is already trained on Palo Alto then he's able to adapt quickly. But, if someone is coming from another platform such as Fortinet, or maybe he's from the system side, that is where we need some help. We need to find out if there is an online track or training that they can go to.""The access controls for our bank roles were not granular enough. We needed specific people to do particular actions, and we often had to give some people way too much access for them to be able to do what they needed in Prisma. They couldn't do their jobs if they didn't have that level of access, so other people had to do that part for them. It would help to have more granular role-based access controls.""Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures.""Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into.""A better correlation between the multiple products Prisma Cloud contains would be crucial. It would reduce the time spent looking at reports and enable you to get all the actionable insights across products. I think that Palo Alto is working on it, but they need to work faster because it doesn't make sense to have all these products in a single pane of glass without any correlation between them."

More Prisma Cloud by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
  • More Microsoft 365 Defender Pricing and Cost Advice →

  • "This is a worldwide service and depending on the country, there will be different prices."
  • "Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
  • "There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
  • "Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
  • "I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."
  • "The cost of the license is based on the subscriptions that you have."
  • "Although I am outside of the discussion on budget and costing, I can say that the importance of security provided by this solution is of such importance that whatever the cost is, it is not a factor."
  • "This solution is more cost-effective than some competing products. My understanding is that it is based on the number of integrations that you have, so if you have fewer subscriptions then you pay less for the service."
  • More Microsoft Defender for Cloud Pricing and Cost Advice →

  • "The licensing cost is a bit high on the compute side."
  • "Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions."
  • "If you pay for three years of Palo Alto, it's better. If you're planning on doing this, it's obviously not going to be for one year, so it's better if you go with a three-year license... The only challenge we have is with the public cloud vendor pricing. The biggest lesson I have learned is around the issues related to pricing for public cloud. So when you are doing your segmentation and design, it is extremely important that you work with someone who knows and understands what kinds of needs you will have in the future and how what you are doing will affect you in terms of costs."
  • "You can expect a premium price because it is a premium quality product by a leading supplier."
  • "Its price is reasonable as compared to other products. The main challenge is explaining the licensing model to customers. It isn't a problem related to Palo Alto. Commonly, people don't understand cloud licensing or security licensing. When they have fixed virtual machines, they know what they are going to be charged, but when it comes to cloud automation, it is hard for them to get clarity in case of high workloads or when they have enabled auto-scaling, etc. It would be helpful if Palo Alto can educate people on their licensing programs."
  • "Prisma Cloud Enterprise is a costly solution. You need a license for all the components. At the same time, you have everything under one roof, so I think it's still justified."
  • "The cost depends on the pricing model. Compared to other solutions, the cost isn't that bad."
  • "The pricing is competitive; for the most part, the security firms have similar prices."
  • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which CWPP (Cloud Workload Protection Platforms) solutions are best for your needs.
    686,748 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The solution is well integrated with applications. It is easy to maintain and administer.
    Top Answer:The data recovery and backup could be improved.
    Top Answer:Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across… more »
    Top Answer:The integration with Logic Apps allows for automated responses to incidents.
    Top Answer:This is a worldwide service and depending on the country, there will be different prices. There is a price calculator… more »
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Top Answer:We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We… more »
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very… more »
    Comparisons
    Also Known As
    Microsoft Threat Protection, MS 365 Defender
    Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    Learn More
    Overview

    Microsoft 365 Defender, part of Microsoft’s XDR solution, leverages the Microsoft 365 security portfolio to automatically analyze threat data across domains, building a complete picture of each attack in a single dashboard. With this breadth and depth of clarity defenders can now focus on critical threats and hunt for sophisticated breaches, trusting that the powerful automation in Microsoft 365 Defender detects and stops attacks anywhere in the kill chain and returns the organization to a secure state.

    - Reduce signal noise by viewing prioritized incidents in a single dashboard. 

    - Use the automated investigation capabilities to spend less time on detection and response.

    - Take care of routine and complex remediation with Microsoft 365 Defender by auto-healing affected assets.

    - Hunt across all your data, leveraging your organizational knowledge with custom queries. 

    - Develop custom detection and response tools for long-term protection and improved security posture.

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Microsoft Defender for Cloud protects your Azure and hybrid resources. Microsoft uses a wide variety of physical, infrastructure, and operational controls to help secure Azure—but there are additional actions you need to take to help safeguard your workloads. Turn on Azure Security Center to strengthen your cloud security posture. Within Azure Security Center, use Azure Defender to protect your hybrid cloud workloads. With Azure Security Center, you can:

    - Assess and visualize the security state of your resources in Azure, on-premises, and in other clouds with Azure Secure Score

    - Simplify enterprise compliance and view your compliance against regulatory requirements

    - Protect all your hybrid cloud workloads with Azure Defender, which is integrated with Security Center

    - Use AI and automation to cut through false alarms, quickly identify threats, and streamline threat investigation

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Prisma Cloud is a comprehensive cloud-native security platform (CNSP) that provides security and compliance coverage for infrastructure, applications, data, and all cloud-native technology stacks throughout the development lifecycle. Prisma Cloud safeguards cloud operations across hybrid and multi-cloud environments, all from a single, unified solution, using a combination of cloud service provider APIs and a unified agent framework.

    The move to the cloud has changed all aspects of the application development lifecycle, with security being foremost among them. Security and DevOps teams face a growing number of entities to secure as organizations adopt cloud-native approaches. Constantly changing environments challenge developers to build and deploy at a rapid pace without compromising on security. Prisma Cloud by Palo Alto Networks delivers complete security and compliance coverage across the development lifecycle on any cloud environment, enabling you to develop cloud-native applications with confidence.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Offer
    Learn more about Microsoft 365 Defender
    Learn more about Microsoft Defender for Cloud
    Learn more about Prisma Cloud by Palo Alto Networks
    Sample Customers
    Information Not Available
    Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Top Industries
    REVIEWERS
    Computer Software Company38%
    Manufacturing Company25%
    Comms Service Provider13%
    Aerospace/Defense Firm13%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm9%
    Government9%
    Manufacturing Company6%
    REVIEWERS
    Computer Software Company22%
    Agriculture11%
    Consumer Goods Company11%
    Transportation Company6%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm12%
    Government7%
    Comms Service Provider6%
    REVIEWERS
    Computer Software Company27%
    Manufacturing Company23%
    Financial Services Firm14%
    Healthcare Company9%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm14%
    Comms Service Provider6%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise12%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise16%
    Large Enterprise62%
    REVIEWERS
    Small Business26%
    Midsize Enterprise13%
    Large Enterprise62%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise67%
    REVIEWERS
    Small Business22%
    Midsize Enterprise24%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise12%
    Large Enterprise70%
    Buyer's Guide
    Microsoft Defender for Cloud vs. Prisma Cloud by Palo Alto Networks
    March 2023
    Find out what your peers are saying about Microsoft Defender for Cloud vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: March 2023.
    686,748 professionals have used our research since 2012.

    Microsoft Defender for Cloud is ranked 2nd in CWPP (Cloud Workload Protection Platforms) with 32 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in CWPP (Cloud Workload Protection Platforms) with 19 reviews. Microsoft Defender for Cloud is rated 8.2, while Prisma Cloud by Palo Alto Networks is rated 7.6. The top reviewer of Microsoft Defender for Cloud writes "Provides good recommendations and makes policy administration easy". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The magic happens with traffic passing through multiple zones and our data center, as we can quickly troubleshoot problems". Microsoft Defender for Cloud is most compared with AWS GuardDuty, Trend Micro Cloud One Workload Security, Cortex XDR by Palo Alto Networks, Wiz and Orca Security, whereas Prisma Cloud by Palo Alto Networks is most compared with Aqua Security, Snyk, Wiz, Check Point CloudGuard Posture Management and AWS GuardDuty. See our Microsoft Defender for Cloud vs. Prisma Cloud by Palo Alto Networks report.

    See our list of best CWPP (Cloud Workload Protection Platforms) vendors, best Cloud Security Posture Management (CSPM) vendors, and best Cloud-Native Application Protection Platforms (CNAPP) vendors.

    We monitor all CWPP (Cloud Workload Protection Platforms) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.