We performed a comparison between Prisma Cloud by Palo Alto Networks and VMware Aria Automation based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Ease of Deployment: Prisma Cloud by Palo Alto Networks has an easy and well-guided initial setup with helpful support staff. Deployment is generally smooth, but not always consistent. In contrast, VMware Aria Automation's setup can be complex and time-consuming, requiring a team of experienced engineers.
Features: Prisma Cloud excels in cloud security posture, workload protection, and infrastructure entitlement management with industry-leading auto-remediation capabilities, vulnerability scanning, and compliance features. In contrast, VMware Aria Automation's strength lies in its extensive automation capabilities, enabling the deployment of virtual machines from a low level and integration and customization of various features. Prisma Cloud could benefit from increased dashboard customization and wider coverage for various cloud vendors. Meanwhile, VMware Aria Automation requires simpler management of multitenancy and easier automation for those without technical expertise.
Pricing: Prisma Cloud has a credit-based pricing structure that is competitive, but its understanding can be challenging, and there may be additional costs for certain features. On the other hand, VMware Aria is an expensive product, and its licensing models can be confusing.
Service and Support: Prisma Cloud and VMware Aria Automation both have customers with mixed experiences with their customer service. While some customers praise Prisma Cloud's technical support and account managers, others have faced unhelpful answers and slow response times. Similarly, VMware Aria Automation's technical support for vRA is rated positively by some customers, but not so much for other solutions.
ROI: Prisma Cloud offers benefits such as risk clarity, faster issue detection, improved compliance, and increased productivity. On the other hand, VMware Aria Automation is praised for saving time and providing more visibility.
Comparison Results: Prisma Cloud by Palo Alto Networks is the preferred cloud-native tool for protection, with continuous compliance monitoring, network security, and micro-segmentation. VMware Aria Automation has automation capabilities but needs improvement in areas such as multitenancy management, migration processes, and licensing models.
"The solution is very user-friendly."
"The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster."
"The security baseline and vulnerability assessments is the valuable feature."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"Prisma Cloud provides the needed visibility and control regardless of how complex and distributed the cloud environments become."
"The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers."
"The solution's dashboard looks very user-friendly."
"CSPM is very useful because it gives us good policies and violation alerts."
"The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security."
"Prisma scans things and shows all the vulnerabilities and packages that are vulnerable, and which layers, by default, have vulnerabilities. So developers can easily go into the package or a particular layer and make changes to their code. It's very transparent."
"The dynamic workload identity creation, attestation, and assignment is the best feature. In addition, the application dependency map across heterogeneous environments for compliance is a striking feature."
"I've been really pleasantly surprised with how Prisma Cloud is, over time, covering more and more of the topics I care about, and listening to customer feedback and growing the product in the right directions."
"We are able to provide self-service to all of our IT/development teams to expand and decrease their environments at will."
"Today, if I want to provision one VM, it takes me five minutes. Earlier, it would take a minimum of 30 minutes to go and choose everything. Now, I can just do one click and it can provision my whole VM. We also integrated with our Alexa, so even through voice functionality, I can create a VM. One of the guys at VMware, along with our partner, deployed that in our environment. If I say, "Hey, Alexa, I need a VM with four gigs of RAM," it will go and start creating it."
"We have it deployed in a highly-available environment and scalability is nice because we just had another ESX host and then we are able to increase the capacity."
"If you do a deployment for a proof of concept, it is simple."
"For repeated installations and provisioning of VMs, we now have a clear definition of what has been installed, and we can monitor all that stuff."
"Among the valuable features are the ease and speed of creating the VMs. Originally, we provisioned them manually and it would take us two days to do the provisioning... but with the automation, we are able to provision a VM with the click of a button, within seconds. It cut down on the time as well as cut down on the expense and employee cost in provisioning."
"We haven't hit any limits yet, scalability is good."
"To manage when VM's aren't being used, we have it set up so that it will auto-destroy them after a certain amount of time, obviously with permission from the user who owns it."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"The only thing that needs to be improved is the number of scans per day."
"The solution's container security could be improved."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories."
"It can be too expensive for small companies."
"The solution does not currently support servers for GCP."
"They are missing some compatibility details in their documentation."
"One definite area for improvement is the auto-remediation or the CWP area. The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options."
"The access controls for our bank roles were not granular enough. We needed specific people to do particular actions, and we often had to give some people way too much access for them to be able to do what they needed in Prisma. They couldn't do their jobs if they didn't have that level of access, so other people had to do that part for them. It would help to have more granular role-based access controls."
"The innovation side of the solution could be more efficient and more detailed."
"Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users."
"I know you can spin up virtual desktops in vRA, but they're not thin-provisioned. I don't know if that's because the other product, Horizon View, is there, but it would be nice to see more integration."
"We would like them to improve the automation part. This is an upcoming area that we would like to focus on."
"I would like to see more automation, more ways to automate automation tasks."
"They should make it a little bit more dynamic, a little bit easier to deal with large-scale AD deployments. They need to make it a little more enterprise-ready. That is the one thing that kills us."
"It has a learning curve."
"Multitenancy management is a little bit difficult to do, so it is an area that can be improved."
"It is too broad scale and complicated. It takes too many clicks to do things."
"in general, it took us a long time to get it off the ground. We had a lot of issues upfront and we determined that we just needed to scrap it. I think we scrapped it two or three times before we actually got it built the way we wanted, and we're still not where we need to be. We have had downtime. There have been some issues, but we're also two iterations behind on version."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Security Posture Management (CSPM) with 82 reviews while VMware Aria Automation is ranked 15th in Cloud Security Posture Management (CSPM) with 133 reviews. Prisma Cloud by Palo Alto Networks is rated 8.4, while VMware Aria Automation is rated 8.0. The top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". On the other hand, the top reviewer of VMware Aria Automation writes "Allows for a lot of orchestration or customization within our environment to suit our customers". Prisma Cloud by Palo Alto Networks is most compared with Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub, CrowdStrike Falcon Cloud Security and AWS GuardDuty, whereas VMware Aria Automation is most compared with Red Hat Ansible Automation Platform, VMware Aria Operations, vCloud Director, Morpheus and vCenter Orchestrator. See our Prisma Cloud by Palo Alto Networks vs. VMware Aria Automation report.
See our list of best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.