No more typing reviews! Try our Samantha, our new voice AI agent.

Prisma Cloud by Palo Alto Networks vs Tenable.io Container Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 1, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Container Security
11th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Prisma Cloud by Palo Alto N...
Ranking in Container Security
2nd
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
114
Ranking in other categories
Web Application Firewall (WAF) (8th), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (2nd)
Tenable.io Container Security
Ranking in Container Security
27th
Average Rating
8.0
Reviews Sentiment
6.1
Number of Reviews
9
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Container Security category, the mindshare of Qualys TotalCloud is 1.5%, up from 0.9% compared to the previous year. The mindshare of Prisma Cloud by Palo Alto Networks is 7.8%, down from 11.7% compared to the previous year. The mindshare of Tenable.io Container Security is 1.0%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security Mindshare Distribution
ProductMindshare (%)
Prisma Cloud by Palo Alto Networks7.8%
Qualys TotalCloud1.5%
Tenable.io Container Security1.0%
Other89.7%
Container Security
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
reviewer2776578 - PeerSpot reviewer
Cyber Security Architect at a comms service provider with 10,001+ employees
Image scanning has supported consistent security practices during cloud deployment
On a scale of ten, we would say people are happy with Prisma Cloud by Palo Alto Networks for the part we use. People are okay with it. We probably would give an eight. We don't give ten because if we don't use the other parts of Prisma Cloud by Palo Alto Networks, it's because it was difficult to implement from an operational point of view. We could have deployed the runtime monitoring with Prisma Cloud by Palo Alto Networks, but within our organization at our company, it was very difficult to find who would be the owner for the alerts. People have other tools and in the end, we don't use the full capabilities of a product that we pay for. It's partially related to the difficulty to integrate Prisma Cloud by Palo Alto Networks runtime in our company's support process. We don't use the real-time monitoring part of Prisma Cloud by Palo Alto Networks. We don't know about the automated remediation feature of Prisma Cloud by Palo Alto Networks.
AS
Cyber Security Architect at a security firm with 201-500 employees
Detailed container image reports have improved vulnerability insight and support secure operations
Most valuable are the reports that are quite good, particularly the detailed ones for container image scanning. Tenable.io Container Security is giving me the vulnerability information of Docker images and the information about software bill of materials. However, my challenge at this time is that I am using all these solutions with GitLab Ultimate, and it does not support integration, so I am doing some alternate arrangements which are giving me operational complexity because I need to introduce something else instead of GitLab Ultimate. That is the primary concern regarding the benefits of real-time visibility into my containerized application security status.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best feature would be the ability to create policies. It is easy to control and update policies as required."
"Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities."
"TotalCloud offers a comprehensive suite of features, including EDR, XDR, and TrueRisk, providing a centralized platform for managing vulnerabilities and security risks."
"TotalCloud provides the easiest and the best approach for cloud infrastructure management."
"If someone were to ask me to review Qualys TotalCloud, I would summarize it as an end-to-end solution for cloud security with visibility and governance-grade controls without needing to manage multiple disconnected tools."
"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."
"Qualys TotalCloud's most valuable feature is its agent versatility."
"I would rate Prisma Cloud a ten out of ten."
"The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid."
"I was looking for a vulnerability scanner and I was looking for one place in which I could find everything. This tool not only does vulnerability scanning, but it also gives me an asset management tool."
"Prisma Cloud provides the needed visibility and control regardless of how complex and distributed the cloud environments become."
"The most valuable features of Prisma Cloud are its cloud security posture management and cloud workload protection capabilities."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"It is a good solution. Each team should utilize it. Every good organization is now moving towards or trying to be provider agnostic, so if you are using multiple providers, you should at least give Prisma Cloud a try."
"Prisma Cloud offers robust runtime scanning capabilities, which is beneficial for security teams."
"Tenable.io detects misconfiguration when you deploy a Docker or Kubernetes container. It's much better to remedy these issues during deployment instead of waiting until the container is already in the production environment."
"The solution shows you the exploitable vulnerabilities and helps you prioritize."
"It helps us secure our applications from the build phase and identify the weaknesses from scratch."
"Nessus scanner is very effective for internal penetration testing."
"The strong security provided by the product in the container environment is its most valuable feature."
"By using Nessus, we are able to finish testing with assured results, in half the time."
"The tool's most valuable feature is scanning, reporting, and troubleshooting."
"Most valuable are the reports that are quite good, particularly the detailed ones for container image scanning."
 

Cons

"The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using."
"Regarding technical support from Qualys, they respond, but the response time can be too long. Sometimes we need to wait weeks for solutions to simple questions."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."
"I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one."
"Prisma is good about compliance, and their support is excellent, but they struggle with automation and integration. They need to stay on top of the newest types of connectors. How can you connect other applications and other tools in order for this to work cohesively? That's a challenge."
"They need to make the settings more flexible to fit our internal policies about data. We didn't want developers to see some data, but we wanted them to have access to the console because it was going to help them... It was a pain to have to set up the access to some languages and some data."
"Prisma Cloud's application security capabilities should be enhanced."
"When there are updates, whether daily, weekly, or monthly, it needs configuration or permission adjustments. There is no automation for that, which is too bad."
"We had some teething issues with Prisma Cloud by Palo Alto Networks, but overall, it did what we expected."
"Prisma Cloud supports generating CSV files, but I would also like it to generate PDF files for reporting."
"The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories."
"These tools have a set of signatures or rules that will alert you whenever something meets the criteria. In the future, they might include some machine learning or AI feature that allows you to ask questions about the context of the alert, and it will provide you answers based on the data that they have. Most vendors are doing it, and I believe they will do it in the future. The reporting bar could also use AI to add context based on the environment."
"I feel that in certain areas this product has false positives which the company should work on."
"The support is tricky to reach, so we would like better-oriented technical support enabled."
"I feel that in certain areas this product has false positives which the company should work on. They should also try to include business logic vulnerabilities in the scanner testing. Finally, the vulnerability assessment feature should be increased to other hardware devices, apart from firewalls."
"Tenable.io Container Security should improve integration modules. It should also improve stability."
"The solution’s pricing could be improved."
"However, my challenge at this time is that I am using all these solutions with GitLab Ultimate, and it does not support integration, so I am doing some alternate arrangements which are giving me operational complexity because I need to introduce something else instead of GitLab Ultimate."
"The initial setup is highly complex."
"The stability and setup phase of the product are areas with shortcomings where improvements are needed."
 

Pricing and Cost Advice

"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"TotalCloud's price is about right where I would expect it to be."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"The cost depends on the pricing model. Compared to other solutions, the cost isn't that bad."
"This solution is good for a company with at least 400 people that must be connected remotely. For smaller companies, it can be too expensive."
"Prisma Cloud by Palo Alto Networks is a highly expensive solution."
"Although the cost can be high, the value is worth the price tag."
"Prisma Cloud by Palo Alto Networks carries a higher cost, but its enhanced security measures justify the expense."
"From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
"Its licensing cost depends on the type of license such as the business license or the enterprise license. The enterprise license is costlier than the business license, but we get more visibility and more modules. If you have a multi-cloud environment and subscribe to each cloud's native CSPM tool, it is costly. If you are using a single tool like Prisma Cloud, with a single license, you can monitor all environments, such as Google Cloud, Azure, AWS, and Oracle Cloud. The cost of Prisma Cloud is less than the cost of subscribing to the CSPM tool of each cloud provider. This is where Prisma Cloud can save costs."
"You can expect a premium price because it is a premium quality product by a leading supplier."
"It's best to be an institutional buyer and directly contact the sales team as they can provide over-the-top discounts for bulk orders."
"The solution's pricing is neither cheap nor very expensive."
"The product does not operate on a pay-per-license model."
"I rate the tool's pricing a three out of ten."
"I rate the product’s pricing a six out of ten."
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
904,016 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
16%
Financial Services Firm
13%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
14%
Computer Software Company
9%
Manufacturing Company
9%
Government
6%
Financial Services Firm
14%
Retailer
7%
Manufacturing Company
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise29
By reviewers
Company SizeCount
Small Business37
Midsize Enterprise21
Large Enterprise58
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise3
Large Enterprise4
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your primary use case for Prisma Cloud by Palo Alto Networks?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
What needs improvement with Tenable.io Container Security?
Several things need improvement about Tenable.io Container Security. First, they should support GitLab Ultimate. Seco...
What is your primary use case for Tenable.io Container Security?
I have been dealing with Tenable.io Container Security for almost four to six months.
 

Also Known As

Qualys TotalCloud with FlexScan
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
Tenable FlawCheck, FlawCheck
 

Overview

 

Sample Customers

Information Not Available
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
ServiceMaster
Find out what your peers are saying about Prisma Cloud by Palo Alto Networks vs. Tenable.io Container Security and other solutions. Updated: June 2026.
904,016 professionals have used our research since 2012.