Prisma Cloud and Sonatype Lifecycle compete in cloud security and software development security, respectively. While Prisma Cloud offers comprehensive cloud workload protection, Sonatype Lifecycle leads in vulnerability detection and open-source governance.
Features: Prisma Cloud offers robust cloud workload protection and real-time monitoring for multi- and hybrid-clouds, providing extensive stack protection. Sonatype Lifecycle excels in vulnerability detection and integrates seamlessly with DevOps tools, offering detailed reports and effective policy enforcement.
Room for Improvement: Prisma Cloud could enhance its user interface for better navigation and improve API integration and dynamic policy updates. Sonatype Lifecycle would benefit from more intuitive reporting tools, broader language support, and improved automation and integration features for complex environments.
Ease of Deployment and Customer Service: Prisma Cloud provides flexible deployment across various cloud environments but struggles with automation and integration. Sonatype Lifecycle integrates well with DevOps tools and is praised for its responsive technical support, despite being primarily on-premises.
Pricing and ROI: Prisma Cloud is known for its premium pricing, yet its extensive features justify the cost for organizations demanding robust security. Meanwhile, Sonatype Lifecycle, although expensive for large user bases, offers competitive pricing and delivers strong ROI through improved software security.
The detailed information PingSafe gives about how to fix vulnerabilities reduces the time spent on remediation by about 70 to 80 percent.
After implementing SentinelOne, it takes about five to seven minutes.
Our ability to get in and review our vulnerability stance, whether daily, monthly, weekly, or whatever it might be, has drastically improved over our prior provider.
It eliminates the need for additional hardware, making it a financially and technically sound investment.
From a security standpoint, we have significantly enhanced our client's security posture by implementing Prisma Cloud.
The platform is not famous for being cheap. It is quite expensive, but we know that we have the protection, so there is enough value for what we pay for.
We have seen cost savings and efficiency improvements as we now know what happens in what was previously a black box.
When we send an email, they respond quickly and proactively provide solutions.
They took direct responsibility for the system and could solve queries quickly.
Having a reliable team ready and willing to assist with any issues is essential.
Whenever I have issues with the solution, I will get an immediate response from the product team and they will try to close the issue as soon as possible.
When you send them a message, you get a response in a minute or two.
They can respond with technical documentation or pass on the case to the next level because it requires the development of a new feature or changing a feature due to a bug.
They are helpful when we raise any tickets.
As soon as we need to add somebody, we just add them to NinjaOne, and then we have a script set up where it automatically deploys and adds them to whichever group we need.
I would rate it a 10 out of 10 for scalability.
Scalability is no longer a concern because Cloud Native Security is a fully cloud-based resource.
It's very scalable and very easy to use.
I would rate the scalability of Prisma Cloud as an eight out of ten.
I am highly impressed with the product's scalability.
JFrog is easier to configure for high availability as it does not require extra components.
In my experience, there has been 100 percent uptime.
SentinelOne Singularity Cloud is incredibly reliable.
The cloud console is very resilient.
I cannot recall any downtime with the solution.
I would rate it a ten out of ten for stability.
Prisma Cloud is stable.
Sonatype Lifecycle is very stable, especially in the binary repository management use case for managing binary artifacts.
If I had to ask for anything to make it easier, it would be signed images that are GPG signed and a public repository where we can get the bits from.
If they can merge Kubernetes Security with other modules related to Kubernetes, that would help us to get more modules in the current subscription.
As organizations move to the cloud, a cloud posture management tool that offers complete cloud visibility becomes crucial for maintaining compliance.
It is a SaaS solution, but some of my clients have a local regulatory requirement, and they want to install it locally on their premises.
From a developer's perspective, especially for organizations like banks developing their applications, ensuring API security before deploying them to the cloud is crucial.
Prisma Cloud is an excellent tool.
We also noticed a lack of detailed information for configuring Sonatype Lifecycle for high availability and data recovery.
With very little negotiation involved, we just let them know what we could pay and they were willing to meet us at slightly above what we paid with Sophos, which was still very fair for what we were looking at.
The price was very, very important to us, and it came down to the price when we were doing our evaluations WatchGuard and SentinelOne.
Covering our 50,000 endpoints would have nearly bankrupted most security programs, even well-funded ones like ours.
Prisma Cloud is remarkably expensive.
The cost was not on the higher side.
That's why a lot of our clients are shifting from cloud-native to Prisma Cloud: because of its effectiveness and because it is budget-friendly as well.
For larger numbers like our case with 1,000 user licenses, JFrog becomes much more cost-effective, roughly ten times cheaper than Sonatype.
The real-time detection and response capabilities of SentinelOne Singularity Cloud impressive because it is a platform that uses artificial intelligence to determine what is normal and what is abnormal and can lock down any virus it may encounter.
We were shown how ransomware can be immediately stopped in real-time. That was huge.
Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks.
We could spread the Prisma Cloud platform to 16 countries without encountering any kind of problem.
Prisma Cloud provides risk clarity at runtime and across the entire pipeline, like, showing issues as they're discovered during the build phases.
Identifying misconfigurations and vulnerabilities at the first stage itself will help the organization save time and money - which is highly appreciated.
The integration into our CICD pipeline enables us to continuously monitor code changes and identify new vulnerabilities.
The most valuable feature for us is Sonatype Lifecycle's capability in identifying vulnerabilities.
SentinelOne Singularity Cloud Security protects cloud workloads, offering advanced threat detection and automated response. It integrates seamlessly with cloud environments and secures containerized applications and virtual machines against vulnerabilities.
SentinelOne Singularity Cloud Security is renowned for its efficiency in mitigating threats in real-time. The platform integrates effortlessly with existing cloud environments, ensuring robust cloud security management with minimal manual intervention. Securing containerized applications and virtual machines, it excels in threat intelligence and endpoint protection. However, improvements are needed in performance during high workload periods, and more integrations with third-party tools and better documentation would be beneficial. Users often find the installation process complex, support response times slow, and the dashboard's navigation unintuitive.
What are the key features of SentinelOne Singularity Cloud Security?In specific industries, SentinelOne Singularity Cloud Security is implemented to safeguard critical data and infrastructure. Organizations in finance, healthcare, and technology depend on its real-time threat detection and automated response to protect sensitive information. Its ability to secure containerized applications and virtual machines is particularly valuable in dynamic environments where rapid scaling is necessary.
Prisma Cloud by Palo Alto Networks delivers comprehensive security for cloud environments, focusing on workload protection, identity creation, and seamless AWS integration. Its cloud visibility and control, combined with thorough vulnerability scanning, help maintain robust security across multi-cloud platforms.
Prisma Cloud provides essential capabilities for cloud security posture management, container security, and compliance monitoring. Enterprises utilize it to secure cloud configurations, detect vulnerabilities, and ensure regulatory compliance, spanning AWS, Azure, and Google Cloud. Its runtime management, identity-based micro-segmentation, and threat detection enhance cybersecurity. Despite needing improvements in documentation, integration complexities, UI, and the need for role-based access control refinement, it remains pivotal for securing assets across cloud infrastructures, particularly with its capabilities for vulnerability scanning and CI/CD pipeline integration.
What are the key features?
What benefits or ROI should users expect?
In industries like finance, healthcare, and retail, Prisma Cloud is implemented to strengthen cybersecurity measures, facilitate regulatory compliance, and enhance governance. Organizations leverage its features to secure sensitive data, monitor configurations, and integrate security processes within CI/CD workflows, ensuring robust protection across complex cloud infrastructures.
Sonatype Lifecycle is an open-source security and dependency management software that uses only one tool to automatically find open-source vulnerabilities at every stage of the System Development Life Cycle (SDLC). Users can now minimize security vulnerabilities, permitting organizations to enhance development workflow. Sonatype Lifecycle gives the user complete control over their software supply chain, allowing them to regain wasted time fighting risks in the SDLC. In addition, this software unifies the ability to define rules, actions, and policies that work best for your organizations and teams.
Sonatype Lifecycle allows users to help their teams discover threats before an attack has the chance to take place by examining a database of known vulnerabilities. With continuous monitoring at every stage of the development life cycle, Sonatype Lifecycle enables teams to build secure software. The solution allows users to utilize a complete automated solution within their existing workflows. Once a potential threat is identified, the solution’s policies will automatically rectify it.
Benefits of Open-source Security Monitoring
As cybersecurity attacks are on the rise, organizations are at constant risk for data breaches. Managing your software supply chain gets trickier as your organization grows, leaving many vulnerabilities exposed. With easily accessible source code that can be modified and shared freely, open-source monitoring gives users complete transparency. A community of professionals can inspect open-source code to ensure fewer bugs, and any open-source dependency vulnerability will be detected and fixed rapidly. Users can use open-source security monitoring to avoid attacks through automatic detection of potential threats and rectification immediately and automatically.
Reviews from Real Users
Sonatype Lifecycle software receives high praise from users for many reasons. Among them are the abilities to identify and rectify vulnerabilities at every stage of the SDLC, help with open-source governance, and minimize risk.
Michael E., senior enterprise architect at MIB Group, says "Some of the more profound features include the REST APIs. We tend to make use of those a lot. They also have a plugin for our CI/CD.”
R.S., senior architect at a insurance company, notes “Specifically features that have been good include:
• the email notifications
• the API, which has been good to work with for reporting, because we have some downstream reporting requirements
• that it's been really user-friendly to work with.”
"Its engine itself is most valuable in terms of the way it calculates and decides whether a security vulnerability exists or not. That's the most important thing. Its security is also pretty good, and its listing about the severities is also good," says Subham S., engineering tools and platform manager at BT - British Telecom.
We monitor all Cloud-Native Application Protection Platforms (CNAPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.