Prisma Cloud by Palo Alto Networks vs Trivy comparison

Palo Alto Networks and Aqua Security are both solutions in the Container Security category. Palo Alto Networks is ranked #1 with an average rating of 8.6, while Aqua Security is ranked #6 with an average rating of 8.6. Palo Alto Networks holds a 11.5% mindshare in Container Security, compared to Aqua Security’s 5.7% mindshare. Additionally, 98% of Palo Alto Networks users are willing to recommend the solution, compared to 100% of Aqua Security users who would recommend it.

Prisma Cloud by Palo Alto N...

Read 111 Prisma Cloud by Palo Alto Networks reviews

26,558 Views
18,325 Comparison Views

98% willing to recommend

Trivy

Read 12 Trivy reviews

4,073 Views
4,073 Comparison Views

100% willing to recommend

Prisma Cloud by Palo Alto N...

Trivy

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jul 24, 2025

Prisma Cloud by Palo Alto Networks and Trivy both operate in the security solutions category. Prisma Cloud may have the upper hand in multi-cloud environment integration and comprehensive security features, whereas Trivy excels in CI/CD pipeline integration and ease of use.

Features: Prisma Cloud provides dynamic workload identity creation, seamless integration with AWS, and comprehensive security across multi-cloud environments. It excels in real-time scanning and automated forensics, combined with dependency mapping. Trivy offers straightforward integration with CI/CD pipelines, efficient scanning of images, files, and Kubernetes environments, and is highly customizable due to its open-source nature.

Room for Improvement: Prisma Cloud could enhance pricing transparency and improve API security management. There is also room for better documentation and automation features. Trivy would benefit from an improved user interface, better reporting capabilities, and reduced false positives. Enhancing dynamic scanning capabilities and open-source database coverage would strengthen Trivy's offerings.

Ease of Deployment and Customer Service: Prisma Cloud provides strong hybrid and multi-cloud deployment capabilities, excelling in support availability but with regional inconsistencies in response times. Trivy boasts simplicity in deployment thanks to its open-source model, though it lacks the vast support infrastructure that Prisma Cloud offers.

Pricing and ROI: Prisma Cloud is perceived as more expensive due to its extensive feature set, appealing to larger enterprises needing comprehensive security solutions. Its pricing is resource usage-based, contributing to high costs. Trivy stands out as cost-effective, with no financial investment required, making it attractive for budget-conscious organizations.

To learn more, read our detailed Prisma Cloud by Palo Alto Networks vs. Trivy Report (Updated: July 2025).

Buyer's Guide

Prisma Cloud by Palo Alto Networks vs. Trivy

July 2025

Download the complete report

Helped 864,155 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Prisma Cloud by Palo Alto N...

Ranking in Container Security

1st

Average Rating

8.4

Reviews Sentiment

7.3

Number of Reviews

111

Ranking in other categories

Web Application Firewall (WAF) (6th), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (2nd)

Trivy

Ranking in Container Security

6th

Average Rating

8.6

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of August 2025, in the Container Security category, the mindshare of Prisma Cloud by Palo Alto Networks is 11.5%, down from 15.3% compared to the previous year. The mindshare of Trivy is 5.7%, up from 1.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Container Security

Featured Reviews

Mohammad Qaw

Senior Security Consultant at helpag

It gives you one console to see all of your assets, review their configurations, and build your processes

Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Read full review

Utsav Sharma

Senior Security Consultant at Ernst & Young

Maintain operational efficiency by detecting misconfigurations and vulnerabilities

The vulnerability scanning feature is excellent as it supports various container capabilities like Docker and Sharma. It also offers repository scanning in the source code domain, allowing pre-push code scans. The misconfiguration detection works well for CloudFormation, Docker files, and Terraform. Its compliance support, like NIST, ensures that configurations align with standards. Trivy helps me significantly detect misconfigurations missed by the ops engineers or in Terraform by the naked eye. It ensures that my deployments are free of misconfigurations and vulnerabilities.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Configuration monitoring and alerting is the most valuable feature; it happens at the cloud's speed, allowing our development team to respond quickly. If a configuration goes against our security best practices, we're alerted promptly and can act to resolve the issue. As cloud security staff, we're not staring at the cloud all the time, and we want to let the developers do their jobs so that our company is protected and work is proceeding within our security controls."

"The dynamic workload identity creation, attestation, and assignment is the best feature. In addition, the application dependency map across heterogeneous environments for compliance is a striking feature."

"With the query language, we can analyze logs and find out which IPs are malicious. It also provides a graphical representation. It provides the overall visibility and how the traffic is flowing. We can see where the malicious IP is and whether it is an insider threat or an outsider threat."

"The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers."

"I've been really pleasantly surprised with how Prisma Cloud is, over time, covering more and more of the topics I care about, and listening to customer feedback and growing the product in the right directions."

"The most valuable feature is the closed VPN connection, which provides better performance than traditional VPN boxes. For example, let's say a user in New York State normally connects in the East, but if they travel to the UK, they can connect to the same portal, which automatically redirects to any VPN gateway. We can control traffic based on Active Directory groups instead of the user's IP. That means a user in New York can access his application based on his user ID and AD group access when he travels to the UK or anywhere else."

"I would rate Prisma Cloud by Palo Alto Networks ten out of ten."

"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."

More Prisma Cloud by Palo Alto Networks pros

"I appreciate Trivy for being open-source and not requiring any payment."

"I can see vulnerabilities in the images of any applications deployed in the Kubernetes environment or as container applications."

"It's customizable, allowing me to add any rules and format HTML templates as I wish."

"I definitely recommend Trivy."

"Trivy's ability to scan files, images, GitHub repositories, Infrastructure as Code like Terraform, and Kubernetes is valuable."

"Trivy is easy to integrate with CI/CD and can be installed on desktops to scan images."

"Overall, I would rate Trivy a ten out of ten."

"One of the great features of Trivy is that it helps me scan items such as AWS credentials and GCP service accounts."

More Trivy pros

Cons

"The data security model needs improvement due to integration issues with certain features and cloud providers. With Palo Alto now utilizing a tool from an Israeli startup in Prisma Cloud, the integration is slow, and some features are blocked or not supported."

"The dashboard can be created at the user level instead of the cloud account level, which will help save time."

"Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures."

"We had some teething issues with Prisma Cloud by Palo Alto Networks, but overall, it did what we expected."

"Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users."

"The visibility on the SIEM needs to be streamlined so we can get the data without any issues."

"Prisma is good about compliance, and their support is excellent, but they struggle with automation and integration. They need to stay on top of the newest types of connectors. How can you connect other applications and other tools in order for this to work cohesively? That's a challenge."

"I believe there are some issues with the product's maturity. In some cases, it could malfunction concerning Cloud Native."

More Prisma Cloud by Palo Alto Networks cons

"Trivy can improve by providing an output in PDF format."

"Having little experience can hinder the ability to connect it to a user-friendly UI effectively."

"In our CI/CD pipelines, Trivy lacks built-in functionality for report analysis."

"The only problem is that Trivy does not support reporting features such as generating reports in CSV, which is useful for auditing and reporting."

"The main area for improvement is in differentiating between OS and application-based vulnerabilities."

"Trivy generates many false positives, flagging non-existent vulnerabilities."

"For malware detection, I need to use two tools: Trivy as my anomaly scanner and ClamAV. I am integrating these two tools into the CI pipeline. If both malware and anomaly detection could be managed by one tool, I would not need to depend on two tools."

More Trivy cons

Pricing and Cost Advice

"Prisma Cloud is more expensive than Check Point CloudGuard."

"Prisma Cloud's licensing system functions as expected with a solid licensing infrastructure."

"The pricing is competitive. From what I have seen in the past, it is on par with the others."

"Prisma Cloud is more expensive than some other solutions, but when we consider all of its use cases, the cost averages out."

"Prisma Cloud licensing works on credits."

"Prisma Cloud by Palo Alto Networks is a highly expensive solution."

"The product is very expensive, but the cost is a necessary evil; I don't know how we could have any kind of cloud presence without this type of monitoring. The pricing is calculated by module and resource usage. Ultimately, it saves us money in the amount of time we would spend uncovering what it uncovers, and we might not make the required discoveries without it anyway. Prisma offers incredible value, though I wish it were cheaper."

"Prisma Cloud is cost-efficient, but the credits are on the higher end."

More Prisma Cloud by Palo Alto Networks pricing and cost advice

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Container Security solutions are best for your needs.

See recommendations

864,155 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

14%

Manufacturing Company

10%

Government

Computer Software Company

15%

Financial Services Firm

14%

Manufacturing Company

12%

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What is your primary use case for Prisma Cloud by Palo Alto Networks?

Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.

See all answers

What Cloud-Native Application Protection Platform do you recommend?

We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cl...

See all answers

What do you think of Aqua Security vs Prisma Cloud?

Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...

See all answers

What needs improvement with Trivy?

Trivy's marketing and awareness need improvement. Not everyone knows about it, which isn't ideal given its capabilities. There's potential to integrate AI and machine learning for enhanced function...

See all answers

What is your primary use case for Trivy?

I use Trivy ( /products/trivy-reviews ) to scan code for vulnerabilities before deployment. Our projects, which are developed by different developers, involve various dependencies and third-party c...

See all answers

What advice do you have for others considering Trivy?

I recommend Trivy to others due to its powerful and useful features. However, I suggest increasing its marketing to raise awareness. I rate Trivy an eight out of ten.

See all answers

Comparisons

Wiz vs Prisma Cloud by Palo Alto Networks

Compared 18% of the time

Microsoft Defender for Cloud vs Prisma Cloud by Palo Alto Networks

Compared 11% of the time

CrowdStrike Falcon Cloud Security vs Prisma Cloud by Palo Alto Networks

Compared 6% of the time

Aqua Cloud Security Platform vs Prisma Cloud by Palo Alto Networks

Compared 4% of the time

Orca Security vs Prisma Cloud by Palo Alto Networks

Compared 2% of the time

More Prisma Cloud by Palo Alto Networks Competitors

Snyk vs Trivy

Compared 22% of the time

JFrog Xray vs Trivy

Compared 17% of the time

Wiz vs Trivy

Compared 8% of the time

Kubescape vs Trivy

Compared 7% of the time

SUSE NeuVector vs Trivy

Compared 6% of the time

More Trivy Competitors

Product Reports

Buyer's Guide

Prisma Cloud by Palo Alto Networks

July 2025

Prisma Cloud by Palo Alto Networks report

Download Prisma Cloud by Palo Alto Networks product report

Buyer's Guide

Trivy

July 2025

Download Trivy product report

Also Known As

Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto

No data available

Overview

Prisma Cloud by Palo Alto Networks provides comprehensive cloud-native security solutions. It covers dynamic workload identity, automated forensics, and multi-cloud protection, ensuring robust security across diverse cloud platforms.

Prisma Cloud delivers advanced capabilities for managing cloud security across AWS, Azure, and GCP platforms. It offers dynamic workload identity creation, real-time monitoring, and seamless integration into CI/CD pipelines. With automation, centralized dashboards, and enhanced visibility, users effectively manage security misconfigurations and vulnerabilities. While optimizing cloud environments through runtime protection and compliance, Prisma Cloud faces challenges with its navigation, pricing, and limited automation capabilities. Users seek improvements in API security, role-based access controls, and documentation quality, emphasizing the need for enhanced customization and reporting features.

What are the important features of Prisma Cloud?

Dynamic Workload Identity: Enables unique workload identities for security purposes.
Automated Forensics: Offers detailed insights into threats and incidents automatically.
Runtime Protection: Provides ongoing detection and blocking of suspicious activities.
Multi-Cloud Security: Protects environments on AWS, Azure, and GCP simultaneously.
Compliance Management: Assists in meeting regulatory standards across cloud platforms.

What benefits or ROI should users consider in reviews?

Enhanced Security Posture: Strengthens cloud defense lines with proactive monitoring.
Centralized Dashboard: Offers unified oversight of multiple cloud environments.
Efficient Misconfiguration Handling: Quickly identifies and addresses security lapses.
Seamless CI/CD Integration: Integrates security within development workflows.
Improved Visibility: Provides transparent insights into security operations and alerts.

Industries like finance and telecom rely on Prisma Cloud for managing cloud security posture and container security. Teams utilize its capabilities across hybrid and multi-cloud settings to ensure compliance and robust threat protection. Features like misconfiguration detection and runtime monitoring are critical in promoting security objectives in these sectors.

Palo Alto Networks

Trivy is a versatile tool for scanning container images and identifying vulnerabilities, favored for its integration with CI/CD pipelines and ease of use. It supports scanning both operating system packages and application dependencies.

Trivy is an efficient tool designed to automate security checks and ensure compliance. Its quick setup, detailed analysis capabilities, and support for multiple programming languages and environments make it a reliable choice for users. Trivy provides comprehensive scanning and integration with CI/CD pipelines, resulting in accurate vulnerability detection and a smoother workflow for developers.

What are the most important features?

Efficient vulnerability detection: Quickly identifies vulnerabilities in container images.
Comprehensive scanning: Supports scanning of both OS packages and application dependencies.
CI/CD pipeline integration: Seamlessly integrates with CI/CD tools for automated security checks.
Broad language support: Handles multiple programming languages and environments.
Ease of use: Simple setup and user-friendly interface.

What benefits or ROI should users look for?

Improved security: Regular and thorough vulnerability scanning enhances security posture.
Compliance maintenance: Helps in maintaining compliance with security policies and regulations.
Cost efficiency: Automation reduces the time and cost associated with manual security checks.
Integration flexibility: Efficiently integrates with existing CI/CD pipelines to streamline workflows.
Detailed reporting: Provides comprehensive reports for better decision-making.

Trivy is widely used in industries with a focus on maintaining high security standards such as finance, healthcare, and technology sectors. Its ability to detect vulnerabilities quickly and integrate with CI/CD pipelines makes it an essential tool for ensuring secure and compliant software development practices in these industries. Continuous improvements in speed, documentation, and integration could further enhance its value.

Aqua Security

Sample Customers

Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America

Information Not Available

Buyer's Guide

Prisma Cloud by Palo Alto Networks vs. Trivy

July 2025

Free Report: Prisma Cloud by Palo Alto Networks vs. Trivy

Find out what your peers are saying about Prisma Cloud by Palo Alto Networks vs. Trivy and other solutions. Updated: July 2025.

DOWNLOAD NOW

864,155 professionals have used our research since 2012.

See our Prisma Cloud by Palo Alto Networks vs. Trivy report.

See our list of best Container Security vendors.

We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.