We performed a comparison between Prevasio and VMware Aria Automation based on real PeerSpot user reviews.
Find out in this report how the two Cloud Security Posture Management (CSPM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The security baseline and vulnerability assessments is the valuable feature."
"The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"The solution is very user-friendly."
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"AlgoBot is a Slack chatbot that they've designed to help people identify if the firewalls are going to allow or block specific network traffic. We leveraged this to allow our staff to check themselves if the firewalls are going to be blocking traffic or not. That saves us logging into the firewalls and running the query off the host. We give them the power to use it and it saves us time."
"The most valuable feature is the automation that can be accomplished by using scripts. If we didn't have AlgoSec, I would have to do everything manually."
"The most unique feature is the ability to help fix any gaps or mismatches in the configuration of the firewall."
"The workflow and the fact that I can follow up on a request that I've created and clearly see the status it is in are the most valuable features of this solution. When I need things to move on, for example, if the security guys didn't look at the request or the implementation is not going as it should, then I can contact people. There is a mechanism in there that clearly indicates the service level agreement we have for implementation. We can see if it is being attained."
"The firewall policy summarization is the most valuable feature. It helps us to cross-check the firewall ruleset. That's the main purpose of it. And of course, it monitors changes of the firewall policy. It provides full visibility into the risk involved in firewall change requests. It helps us to check for any integrity issues and conflicts with other rulesets, and of course the compliance."
"Because we get about 60 to 70 rules to deploy a week during the firewall maintenance window, we might create some duplicate rules or open duplicate ports. AlgoSec has become very helpful whenever we need to find out the nodes or subnets that have already been created, then we don't need to create the duplicate subnet of that particular IP address."
"The optimizations are the most useful aspect because most customers have a very unmanaged network with a lot of rules. We use a lot of the optimizations in our reports for improving firewall rules."
"We have Check Point, Palo Alto, and FortiGate firewalls, and it integrates pretty seamlessly with these firewalls. We have had no issues so far."
"The most valuable features are the metrics and reporting aspects. The historical data and extraction enable us to tell where the trends are and where contentions may exist in the future."
"It has integration with the rest of VMware solutions."
"To manage when VM's aren't being used, we have it set up so that it will auto-destroy them after a certain amount of time, obviously with permission from the user who owns it."
"Valuable features include integration with Infoblox, for IP management; and three-tier app deployment as one unified Blueprint."
"I can make a blueprint with an Active Directory deployment. With everything prepared, people can start installing our products."
"It is very stable, especially for high availability features."
"I used the technical support during upgrades. They came onsite and are very technical. They are very good"
"vRA is user-friendly. It has the same layout and walk-through GUI, similar to other VMware products."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"The only thing that needs to be improved is the number of scans per day."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"The remediation workflow within the Wiz could be improved."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"AlgoSec cannot be integrated with solutions that require two-step or multi-factor authentication. Embedding multi-factor authentication capability into the solution would be a valuable feature."
"In the new version H32, there are many, many bugs."
"Integration with Oracle on the cloud is not supported. I would also like to see integrations with network devices in Layer 2."
"There is a little bit of scope for improvement in the risk profiles that come with the AlgoSec Firewall Analyzer module. Currently, AlgoSec provides only three standard zones within a risk profile. These standard zones are external, internal, and DMZ. Everybody's network is divided into different zones within a data center, but AlgoSec only provides three zones. This is a limitation that I see for the risk profile analysis. If there was an option to customize these zones, it would be great."
"The analysis part can be improved when I make a flow request. There should be a clear analysis of which metric part needs to be opened and which firewalls will be opened. It should give you a bit more graphical visibility about these."
"Now that we've moved to the VM it is more stable and independent of hardware."
"When we send multiple requests across at once, sometimes it causes errors and FireFlow gets stuck. In cases like this, we have to go back in and fix it."
"The API integration could potentially improve. I didn't get a chance to look and see how well this solution can integrate with ServiceNow or our GRC environment."
"I would like to see support for Google Cloud and Azure. Because they don't support Google and Azure today, we need something that's cohesive with our entire landscape. There is a gap right now with VMware. If you want support for these environments, you have to go elsewhere right now."
"We still struggle a little bit with the configuration as far as making sure that we have all the endpoints where they need to be, because that's not as agile as we'd like in the back-end. We're working towards that with our DevOps teams to make sure that we're touching the right endpoints and getting the right data."
"I don't think it's intuitive or user-friendly. I think it's a good tool. Any automation tool, these days, the learning curve is kind of high. You're teaching sysadmins who never developed stuff. Maybe they modified a little bit of code and now you tell them, "Hey, here's the tool, use it." But you have to know a little bit of DevOps. So you have to train them how to do the scripting."
"I'm not wanting any particular feature; but there should be cost reductions. VMware comes at a high cost, and that's why we are in the process of transitioning to a more affordable alternative."
"The product's features for hybrid cloud integration could be better."
"We upgraded twice. The last upgrade was a bit problematic."
"I would like to see more automation, more ways to automate automation tasks."
"The upgrade experience is horrible. It's not straightforward, there are a lot of failures, a lot of support interactions. It's not something that we are able to pull off ourselves. I've been with vRA since it was termed vCSA. We've gone through multiple rounds, and it has never been easy."
Prevasio is ranked 19th in Cloud Security Posture Management (CSPM) with 10 reviews while VMware Aria Automation is ranked 15th in Cloud Security Posture Management (CSPM) with 133 reviews. Prevasio is rated 8.8, while VMware Aria Automation is rated 8.0. The top reviewer of Prevasio writes "Identifies vulnerable rules, brings standardization, and provides overall visibility into our environment". On the other hand, the top reviewer of VMware Aria Automation writes "Allows for a lot of orchestration or customization within our environment to suit our customers". Prevasio is most compared with , whereas VMware Aria Automation is most compared with Red Hat Ansible Automation Platform, VMware Aria Operations, vCloud Director, Morpheus and vCenter Orchestrator. See our Prevasio vs. VMware Aria Automation report.
See our list of best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.