Coming October 25: PeerSpot Awards will be announced! Learn more

Prisma Cloud by Palo Alto Networks vs Red Hat Advanced Cluster Security for Kubernetes comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Prisma Cloud by Palo Alto Networks and Red Hat Advanced Cluster Security for Kubernetes based on real PeerSpot user reviews.

Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

635,513 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"In addition to that, I can get a snapshot of what I deemed were the priority vulnerabilities, whether it was identity access management, key rotation, or secrets management. Whatever you deem to be a priority for mitigating threats for your environment, you can get that as a snapshot.""The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap.""We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features.""The policies that come prepackaged in the tool have been very valuable to us. They're accurate and they provide good guidance as to why the policy was created, as well as how to remediate anything that violates the policy.""It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state.""Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them.""Prisma Cloud helped us with compliance. Most of my deployments have been greenfield, so I don't have a benchmark to compare how the security posture has improved. I've always used this from day zero of the configuration. However, I can say that the compliance checks for PCI, DSS, HIPAA, etc., made my life simpler. I don't need to look at each of these standards and compare the rules I have in place.""The application visibility is amazing. For example, sometimes we don't know what a particular custom port is for and what is running on it. The visibility enables us to identify applications, what the protocol is, and what service is behind it. Within Azure, it is doing a great job of providing visibility. We know exactly what is passing through our network. If there is an issue of any sort we are able to quickly detect it and fix the problem."

More Prisma Cloud by Palo Alto Networks Pros →

"The most valuable feature is the ability to share resources."

More Red Hat Advanced Cluster Security for Kubernetes Pros →

Cons
"It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat.""We identified two things that we felt would be great to have, but they are under NDA. So, I can't disclose them. Other than those two things, we identified a generic bug in the secret key management service on AWS that needs to be fixed. We reported it to them, and we want them to fix it.""The licensing is a bit confusing.""The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories.""Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into.""They charge seven workloads for monitoring one compute, and that is quite expensive. This makes it difficult to move fully with the compute part because of the workload.""Based on my experience, the customization—especially the interface and some of the product identification components—is not as customizable as it could be. But it makes up for that with the fact that we can access the API and then build our own systems to read the data and then process and parse it and hand it to our teams.""When it comes to protecting the full cloud-native stack, it has the right breadth. They're covering all the topics I would care about, like container, cloud configuration, and serverless. There's one gap. There could be a better set of features around identity management—native AWS—IAM roles, and service account management. The depth in each of those areas varies a little bit. While they may have the breadth, I think there's still work to do in flushing out each of those feature sets."

More Prisma Cloud by Palo Alto Networks Cons →

"They're trying to convert it to the platform as a source. They are moving in the direction of Cloud Foundry so it can be easier for a developer to deploy it."

More Red Hat Advanced Cluster Security for Kubernetes Cons →

Pricing and Cost Advice
  • "One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
  • "The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
  • "From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
  • "If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
  • "The pricing and licensing are expensive compared to the other offerings that we considered."
  • "I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."
  • "The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard."
  • "The licensing cost is a bit high on the compute side."
  • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

    Information Not Available
    report
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    635,513 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Top Answer:We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cloud… more »
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was… more »
    Top Answer:The most valuable feature is the ability to share resources.
    Top Answer:They're trying to convert it to the platform as a source. They are moving in the direction of Cloud Foundry so it can be easier for a developer to deploy it. They're trying to create it so that it's… more »
    Top Answer:For the first step, you create the cluster the same way you specify the hardware underneath. On the cluster, you starting creating projects, which are like virtual spaces. There is a physical cluster… more »
    Ranking
    1st
    out of 24 in Container Security
    Views
    32,673
    Comparisons
    19,448
    Reviews
    19
    Average Words per Review
    2,160
    Rating
    7.8
    8th
    out of 24 in Container Security
    Views
    1,916
    Comparisons
    1,553
    Reviews
    1
    Average Words per Review
    371
    Rating
    9.0
    Comparisons
    Also Known As
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    StackRox
    Learn More
    Red Hat
    Video Not Available
    Overview

    Prisma Cloud is a comprehensive cloud-native security platform (CNSP) that provides security and compliance coverage for infrastructure, applications, data, and all cloud-native technology stacks throughout the development lifecycle. Prisma Cloud safeguards cloud operations across hybrid and multi-cloud environments, all from a single, unified solution, using a combination of cloud service provider APIs and a unified agent framework.

    The move to the cloud has changed all aspects of the application development lifecycle, with security being foremost among them. Security and DevOps teams face a growing number of entities to secure as organizations adopt cloud-native approaches. Constantly changing environments challenge developers to build and deploy at a rapid pace without compromising on security. Prisma Cloud by Palo Alto Networks delivers complete security and compliance coverage across the development lifecycle on any cloud environment, enabling you to develop cloud-native applications with confidence.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Red Hat Advanced Cluster Security for Kubernetes is a Kubernetes-native container security solution that enables your organization to more securely build, deploy, and run cloud-native applications from anywhere. With its built-in security across the entire software development life cycle, you can lower your operational costs, reduce operational risk, and increase developer productivity while improving your security posture immediately. In addition, Red Hat Advanced Cluster Security integrates with security tools and DevOps in an effort to help you mitigate threats and enforce security policies that minimize operational risk to your applications. It also enables you to provide developers with actionable, context-rich guidelines integrated into existing workflows, along with tooling to support developer productivity. The solution is suitable for small, medium, and large-sized companies.

    Red Hat Advanced Cluster Security for Kubernetes Features

    Red Hat Advanced Cluster Security for Kubernetes has many valuable key features. Some of the most useful ones include:

    • Vulnerability management: With the Red Hat Advanced Cluster Security for Kubernetes solution, you gain full visibility into your entire cloud-native landscape. The solution makes it possible for your organization to identify and remediate vulnerabilities in Kubernetes configurations and container images, as well as running applications. It also enables you to provide developers with clear and prioritized guidance on fixable vulnerabilities.
    • Configuration management: The solution makes configuration management easy. To identify missed best practices, you can understand how images, containers, and deployments are configured prior to running. It also allows you to leverage Kubernetes-native capabilities - like admission controllers - to prevent misconfigured workloads from deploying or running.
    • Compliance: Using Red Hat Advanced Cluster Security for Kubernetes helps you manage compliance with standard-specific checks across CIS Benchmarks, NIST, PCI, and HIPAA, with more than 300 controls and continuous compliance assessments and one-click audit reporting.
    • Network segmentation: The solution enables you to enforce network policies by using the native capabilities in Kubernetes. You can simulate new policies, visualize existing ones, generate updated YAML files, and apply them directly to Kubernetes.
    • Multifactor risk profiling: With Red Hat Advanced Cluster Security for Kubernetes, you can use risk rankings by combining vulnerability (CVE) details with rich Kubernetes context and artifact data. This allows you to assess and prioritize risk across your entire environment. In turn, you can accelerate remediation times and productivity.
    • Threat detection and incident response: By combining custom policies, process allow lists, application and network baselines, and behavioral modeling to identify anomalous behavior, the solution enables you to protect your applications at runtime. You can then leverage Kubernetes-native enforcement capabilities to respond.

    Red Hat Advanced Cluster Security for Kubernetes Benefits

    There are many benefits to implementing Red Hat Advanced Cluster Security for Kubernetes. Some of the biggest advantages the solution offers include:

    • Increases protection, scalability, and portability.
    • Eliminates blind spots.
    • Reduces time and costs.
    • Reduces the effort needed to implement security.
    • Streamlines security analysis, investigation, and remediation by using the rich context Kubernetes provides.
    • Provides scalability and resiliency native to Kubernetes

    Reviews from Real Users

    PeerSpot user Igor K., Owner/Full Stack Software Engineer at Maraphonic, Inc., says, “The solution allows teams to create their own virtual spaces and share resources. The most valuable feature is the ability to share resources.”

    Offer
    Learn more about Prisma Cloud by Palo Alto Networks
    Learn more about Red Hat Advanced Cluster Security for Kubernetes
    Sample Customers
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    City National Bank, U.S. Department of Homeland Security
    Top Industries
    REVIEWERS
    Computer Software Company33%
    Manufacturing Company17%
    Healthcare Company11%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm12%
    Comms Service Provider10%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm12%
    Government11%
    Manufacturing Company10%
    Company Size
    REVIEWERS
    Small Business23%
    Midsize Enterprise23%
    Large Enterprise53%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise11%
    Large Enterprise71%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise12%
    Large Enterprise74%
    Buyer's Guide
    Container Security
    September 2022
    Find out what your peers are saying about Palo Alto Networks, Snyk, F5 and others in Container Security. Updated: September 2022.
    635,513 professionals have used our research since 2012.

    Prisma Cloud by Palo Alto Networks is ranked 1st in Container Security with 20 reviews while Red Hat Advanced Cluster Security for Kubernetes is ranked 8th in Container Security with 1 review. Prisma Cloud by Palo Alto Networks is rated 7.8, while Red Hat Advanced Cluster Security for Kubernetes is rated 9.0. The top reviewer of Prisma Cloud by Palo Alto Networks writes "Gives me a holistic view of cloud security across multiple clouds or multiple cloud workloads within one cloud provider". On the other hand, the top reviewer of Red Hat Advanced Cluster Security for Kubernetes writes "Allows teams to create their own virtual spaces and share resources". Prisma Cloud by Palo Alto Networks is most compared with Microsoft Defender for Cloud, Aqua Security, Check Point CloudGuard Posture Management, Snyk and Tenable.io Container Security, whereas Red Hat Advanced Cluster Security for Kubernetes is most compared with Aqua Security, CoreOS Clair, Snyk, Tenable.io Container Security and SUSE NeuVector.

    See our list of best Container Security vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.