Coming October 25: PeerSpot Awards will be announced! Learn more

Prisma Cloud by Palo Alto Networks vs SUSE NeuVector comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Prisma Cloud by Palo Alto Networks and SUSE NeuVector based on real PeerSpot user reviews.

Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Prisma Cloud by Palo Alto Networks vs. SUSE NeuVector report (Updated: September 2022).
635,987 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Prisma Cloud also provides the visibility and control you need, regardless of how complex or distributed your cloud environments become. It helps to simplify that complexity. Now we know what the best practices are, and if something is missing we know.""It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state.""Technical support is quite helpful.""The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security.""The application visibility is amazing. For example, sometimes we don't know what a particular custom port is for and what is running on it. The visibility enables us to identify applications, what the protocol is, and what service is behind it. Within Azure, it is doing a great job of providing visibility. We know exactly what is passing through our network. If there is an issue of any sort we are able to quickly detect it and fix the problem.""As a pure-play CSPM, it is pretty good. From the data exposure perspective, Prisma Cloud does a fairly good job. Purely from the perspective of reading the conflicts, it is able to highlight any data exposures that I might be having.""I've been really pleasantly surprised with how Prisma Cloud is, over time, covering more and more of the topics I care about, and listening to customer feedback and growing the product in the right directions.""The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers."

More Prisma Cloud by Palo Alto Networks Pros →

"The initial setup is quite good, it's straightforward."

More SUSE NeuVector Pros →

Cons
"The deployment and onboarding are plug-and-play, but somewhat hard to handle in terms of integration with external operations tools. The product design isn't up to the current standard. I would recommend having higher standards in terms of integration with other tools, especially operationalized tools.""The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories.""The challenge that Palo Alto and Prisma have is that, at times, the instructions in an event are a little bit dated and they're not usable. That doesn't apply to all the instructions, but there are times where, for example, the Microsoft or the Amazon side has made some changes and Palo Alto or Prisma was not aware of them. So as we try to remediate an alert in such a case, the instructions absolutely do not work. Then we open up a ticket and they'll reply, "Oh yeah, the API for so-and-so vendor changed and we'll have to work with them on that." That area could be done a little better.""It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat.""Based on my experience, the customization—especially the interface and some of the product identification components—is not as customizable as it could be. But it makes up for that with the fact that we can access the API and then build our own systems to read the data and then process and parse it and hand it to our teams.""They need to make the settings more flexible to fit our internal policies about data. We didn't want developers to see some data, but we wanted them to have access to the console because it was going to help them... It was a pain to have to set up the access to some languages and some data.""Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into.""A better correlation between the multiple products Prisma Cloud contains would be crucial. It would reduce the time spent looking at reports and enable you to get all the actionable insights across products. I think that Palo Alto is working on it, but they need to work faster because it doesn't make sense to have all these products in a single pane of glass without any correlation between them."

More Prisma Cloud by Palo Alto Networks Cons →

"We are also working with IaaS VMS, but NeuVector doesn't support virtual machines."

More SUSE NeuVector Cons →

Pricing and Cost Advice
  • "One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
  • "The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
  • "From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
  • "If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
  • "The pricing and licensing are expensive compared to the other offerings that we considered."
  • "I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."
  • "The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard."
  • "The licensing cost is a bit high on the compute side."
  • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

  • "Licensing fees are paid yearly."
  • More SUSE NeuVector Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    635,987 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Top Answer:We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cloud… more »
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was… more »
    Top Answer:The initial setup is quite good, it's straightforward.
    Top Answer:Our work has expanded. We are not only working with Kubernetes. We are also working with IaaS VMS, but NeuVector doesn't support virtual machines. We are looking for options that would support both. I… more »
    Ranking
    1st
    out of 24 in Container Security
    Views
    32,673
    Comparisons
    19,448
    Reviews
    19
    Average Words per Review
    2,160
    Rating
    7.8
    9th
    out of 24 in Container Security
    Views
    1,368
    Comparisons
    961
    Reviews
    1
    Average Words per Review
    307
    Rating
    8.0
    Comparisons
    Also Known As
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    NeuVector
    Learn More
    Overview

    Prisma Cloud is a comprehensive cloud-native security platform (CNSP) that provides security and compliance coverage for infrastructure, applications, data, and all cloud-native technology stacks throughout the development lifecycle. Prisma Cloud safeguards cloud operations across hybrid and multi-cloud environments, all from a single, unified solution, using a combination of cloud service provider APIs and a unified agent framework.

    The move to the cloud has changed all aspects of the application development lifecycle, with security being foremost among them. Security and DevOps teams face a growing number of entities to secure as organizations adopt cloud-native approaches. Constantly changing environments challenge developers to build and deploy at a rapid pace without compromising on security. Prisma Cloud by Palo Alto Networks delivers complete security and compliance coverage across the development lifecycle on any cloud environment, enabling you to develop cloud-native applications with confidence.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    SUSE NeuVector is a full lifecycle container security solution that helps your organization secure its container infrastructures, manage Kubernetes security risks, and block threats. The NeuVector continuous container security and compliance platform simplifies data protection from pipeline to production, enforces compliance, and provides complete visibility and automated controls for protection against known and unknown threats. In addition, NeuVector is the only Kubernetes-native container security solution that offers a comprehensive risk profile of known vulnerabilities and also delivers immediate protection from all vulnerabilities.

    SUSE NeuVector Features

    SUSE NueVector has many valuable key features. Some of the most useful ones include:

    • Container incident detection and prevention
    • Network security
    • Runtime security
    • Supply chain security
    • Container firewall
    • Host and platform security
    • Cloud-native automation and integration
    • Resource monitoring
    • Visualization and reporting
    • High availability
    • Security
    • Vulnerability management
    • Compliance and auditing
    • Alerting
    • Logging and Response

    SUSE NeuVector Benefits

    There are many benefits to implementing NeuVector. Some of the biggest advantages the solution offers include:

    • Deep packet inspection (DPI): NeuVector applies DPI to identify attacks, detect sensitive data, or verify application access to further reduce the attack surface. Only network layer analysis enables security to detect and verify the allowed protocols, helping security teams enforce business policy.
    • Real-time protection: NeuVector provides inspection, segmentation, and protection of all traffic into and out of a container. This includes container to container traffic, and ingress from external sources to containers, as well as egress from containers to external applications and the internet. The solution aims to protect your applications from internal application level attacks such as DDoS and DNS.
    • Capture packets for debugging and threat investigation: WIth NeuVector, you can view summary connection data and drill down into actual packet details for each container, as they scale up and down. When a threat is detected, NeuVector is able to automatically capture and display the packet info, making it easy for you to investigate.
    • Automated security policies: The NeuVector solution allows you to automate the creation of security policies to protect application workloads in production. The solution also enables you to automate and maintain run-time security policies using Kubernetes custom resource definitions (CRDs), and gives you the option to declare an application security policy at any stage in the pipeline.
    • Compliance: NeuVector offers detection capabilities and security policy enforcement that prevent PHI and PII exposure, exceed requirements, and simplify reporting for PCI-DSS, GDPR, HIPAA, and more. The solution helps you track critical vulnerabilities and compliance violations so you can quickly identify any that require immediate patching or followup alerts. It also makes it possible for you to manage vulnerability and compliance scan results, with no required integration to external workflow tools.

    Reviews from Real Users

    A Platform Solution Architect at a tech services company says, “The solution is feature-rich, easy to set up, and has good support.”

    Offer
    Learn more about Prisma Cloud by Palo Alto Networks
    Learn more about SUSE NeuVector
    Sample Customers
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Figo, Clear Review, Arvato Bertelsmann, Experian, Chime
    Top Industries
    REVIEWERS
    Computer Software Company33%
    Manufacturing Company17%
    Healthcare Company11%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm12%
    Comms Service Provider10%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider12%
    Financial Services Firm11%
    Retailer8%
    Company Size
    REVIEWERS
    Small Business23%
    Midsize Enterprise23%
    Large Enterprise53%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise11%
    Large Enterprise71%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise8%
    Large Enterprise67%
    Buyer's Guide
    Container Security
    September 2022
    Find out what your peers are saying about Palo Alto Networks, Snyk, F5 and others in Container Security. Updated: September 2022.
    635,987 professionals have used our research since 2012.

    Prisma Cloud by Palo Alto Networks is ranked 1st in Container Security with 20 reviews while SUSE NeuVector is ranked 9th in Container Security with 1 review. Prisma Cloud by Palo Alto Networks is rated 7.8, while SUSE NeuVector is rated 8.0. The top reviewer of Prisma Cloud by Palo Alto Networks writes "Gives me a holistic view of cloud security across multiple clouds or multiple cloud workloads within one cloud provider". On the other hand, the top reviewer of SUSE NeuVector writes "Feature-rich, easy to set up, and has good support". Prisma Cloud by Palo Alto Networks is most compared with Microsoft Defender for Cloud, Aqua Security, Check Point CloudGuard Posture Management and Snyk, whereas SUSE NeuVector is most compared with Aqua Security, Sysdig Secure, Red Hat Advanced Cluster Security for Kubernetes, Qualys Container Security and Snyk.

    See our list of best Container Security vendors and best CWPP (Cloud Workload Protection Platforms) vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.