Prisma Cloud by Palo Alto Networks vs XM Cyber comparison

Palo Alto Networks and XM Cyber are both solutions in the Cloud Security Posture Management (CSPM) category. Palo Alto Networks is ranked #2 with an average rating of 8.5, while XM Cyber is ranked #25 with an average rating of 8.0. Palo Alto Networks holds a 14.3% mindshare in CSPM, compared to XM Cyber’s 0.9% mindshare. Additionally, 98% of Palo Alto Networks users are willing to recommend the solution, compared to 100% of XM Cyber users who would recommend it.

Prisma Cloud by Palo Alto N...

Read 110 Prisma Cloud by Palo Alto Networks reviews

17,006 Views
10,310 Comparison Views

98% willing to recommend

XM Cyber

Read 2 XM Cyber reviews

767 Views
485 Comparison Views

100% willing to recommend

Prisma Cloud by Palo Alto N...

XM Cyber

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 25, 2025

Prisma Cloud and XM Cyber are competing cybersecurity solutions in the cloud security sector. Prisma Cloud has the upper hand with its comprehensive security features and strong ROI, while XM Cyber focuses on vulnerability management.

Features: Prisma Cloud offers posture management, workload protection, and identity security for cloud-native security needs. XM Cyber provides continuous attack path modeling, deep insights into security threats, and vulnerability management.

Ease of Deployment and Customer Service: Prisma Cloud integrates seamlessly with common cloud environments, offering responsive customer service for swift deployment. XM Cyber offers specialized deployment assistance to ensure optimal configuration with effective customer support.

Pricing and ROI: Prisma Cloud typically requires a higher initial investment but promises a strong ROI for extensive and integrated cloud security solutions. XM Cyber is more cost-effective, appealing to organizations focused on specific vulnerability management.

To learn more, read our detailed Prisma Cloud by Palo Alto Networks vs. XM Cyber Report (Updated: April 2025).

Buyer's Guide

Prisma Cloud by Palo Alto Networks vs. XM Cyber

April 2025

Download the complete report

Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Prisma Cloud by Palo Alto N...

Ranking in Cloud Security Posture Management (CSPM)

2nd

Average Rating

8.4

Reviews Sentiment

7.3

Number of Reviews

110

Ranking in other categories

Web Application Firewall (WAF) (6th), Container Security (1st), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (1st)

XM Cyber

Ranking in Cloud Security Posture Management (CSPM)

25th

Average Rating

8.0

Reviews Sentiment

7.7

Number of Reviews

Ranking in other categories

Continuous Controls Monitoring (7th), Vulnerability Management (30th), Continuous Threat Exposure Management (CTEM) (4th)

Mindshare comparison

As of May 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of Prisma Cloud by Palo Alto Networks is 14.3%, down from 18.4% compared to the previous year. The mindshare of XM Cyber is 0.9%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Cloud Security Posture Management (CSPM)

Featured Reviews

Mohammad Qaw

Senior Security Consultant at helpag

It gives you one console to see all of your assets, review their configurations, and build your processes

Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Read full review

HolgerHeimann

Ffounder at It.sec

Reliable with no false-positives and helpful support

There's a lot of improvement possible, however, most of it is in the details. I personally like the concept, as it's pretty straightforward and the product is not trying to overload functionality. It's a clean and straightforward approach. You know what you get. Most of the improvements are detail improvements. They're pretty open to future requests as well, so we send them a lot of suggestions. For example, at the moment, they have something called Battleground. That's a visualization of the network, and it's a visualization of the attack paths that are possible. The program uses so-called scenarios, and we say, "Okay, I'm watching traffic for maybe 24 hours," and then you get a result for that scenario, what happens in that time with what the attack paths are, et cetera. The result of the same scenario yesterday or tomorrow may be different as something might change. In that, one of the things I'm currently missing, which is on the list to be added, is some kind of diff visualization. For example, showing a two-screen split of activity. On the left side of the screen, that's how it was yesterday; on the right side, that's how it is today; and here are the differences. We'd like to see a cheaper price.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"My favorite feature is the CWPP module. We can define various kinds of rules for vulnerabilities, incidents, or suspicious activities."

"The most valuable features of the solution are areas like compliance and asset inventories, along with runtime protection."

"Prisma Cloud helped us with compliance. Most of my deployments have been greenfield, so I don't have a benchmark to compare how the security posture has improved. I've always used this from day zero of the configuration. However, I can say that the compliance checks for PCI, DSS, HIPAA, etc., made my life simpler. I don't need to look at each of these standards and compare the rules I have in place."

"Comprehensive and valuable for providing security. It is scalable, its stability is impressive, and setting it up is straightforward."

"Palo Alto enables us to know what security threats are happening in the background."

"This solution helped us by allowing us to schedule and fix things. This is not an easy thing if you're managing 1,000 plus resources."

"In the GlobalProtect module, we can easily guide users experiencing connection issues through the notification column."

"This positively affected our confidence in your security and compliance. No matter how complex the environment is, the the seamless integration from the top layer itself give us the immediate visibility on the number of services."

More Prisma Cloud by Palo Alto Networks pros

"The platform's most valuable feature is attack simulation."

"What I personally like very much, from my experience, is that it is very reliable."

Cons

"This solution is more AWS and Azure-centric. It needs to be more specific on the GCP side, which they are working on."

"We are encountering issues with the new permissions required for AWS integration with Prisma."

"While the documentation continually improves, it still has limitations compared to the extensive resources available for older products like hardware firewalls, which have been around for approximately 20 years."

"Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into."

"I have some challenges customizing and personalizing some of the capabilities in the CSPM in terms of new policies and services. We have to reconfigure and rebuild the CSPM."

"The cloud integration is too complex. It should be simple to integrate Prisma Cloud with any cloud environment. Policy management could also be simpler."

"More documentation with real-world use cases would be helpful."

"The integration of the Compute function into the cloud monitoring function—because those are two different tools that are being combined together—could use some more work. It still feels a little bit disjointed."

More Prisma Cloud by Palo Alto Networks cons

"We'd like to see a cheaper price."

"XM Cyber could identify all areas of vulnerability. They could expand the identification span for different areas."

Pricing and Cost Advice

"If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."

"Prisma Cloud by Palo Alto Networks carries a higher cost, but its enhanced security measures justify the expense."

"The licensing cost is a bit high on the compute side."

"Almost all the CSPM tools are pretty expensive."

"Prisma Cloud licensing works on credits."

"Prisma Cloud is a high-end enterprise solution, making it quite expensive."

"The pricing is competitive; for the most part, the security firms have similar prices."

"Prisma Cloud is more expensive than Check Point CloudGuard."

More Prisma Cloud by Palo Alto Networks pricing and cost advice

"We have to pay standard licensing fees."

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.

See recommendations

850,028 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

15%

Financial Services Firm

13%

Computer Software Company

13%

Manufacturing Company

10%

Computer Software Company

16%

Financial Services Firm

15%

Manufacturing Company

10%

Retailer

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What is your primary use case for Prisma Cloud by Palo Alto Networks ?

Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.

See all answers

What Cloud-Native Application Protection Platform do you recommend?

We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cl...

See all answers

What do you think of Aqua Security vs Prisma Cloud?

Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...

See all answers

What do you like most about XM Cyber?

The platform's most valuable feature is attack simulation.

See all answers

What is your experience regarding pricing and costs for XM Cyber?

We have to pay standard licensing fees. There are no additional costs. It is an expensive product. I rate the pricing a seven out of ten.

See all answers

What needs improvement with XM Cyber?

XM Cyber could identify all areas of vulnerability. They could expand the identification span for different areas.

See all answers

Comparisons

Wiz vs Prisma Cloud by Palo Alto Networks

Compared 22% of the time

Microsoft Defender for Cloud vs Prisma Cloud by Palo Alto Networks

Compared 11% of the time

CrowdStrike Falcon Cloud Security vs Prisma Cloud by Palo Alto Networks

Compared 5% of the time

Aqua Cloud Security Platform vs Prisma Cloud by Palo Alto Networks

Compared 5% of the time

AWS Security Hub vs Prisma Cloud by Palo Alto Networks

Compared 4% of the time

More Prisma Cloud by Palo Alto Networks Competitors

Pentera vs XM Cyber

Compared 22% of the time

Cymulate vs XM Cyber

Compared 16% of the time

Wiz vs XM Cyber

Compared 13% of the time

SafeBreach vs XM Cyber

Compared 9% of the time

Qualys VMDR vs XM Cyber

Compared 6% of the time

More XM Cyber Competitors

Product Reports

Buyer's Guide

Prisma Cloud by Palo Alto Networks

April 2025

Prisma Cloud by Palo Alto Networks report

Download Prisma Cloud by Palo Alto Networks product report

Buyer's Guide

Continuous Threat Exposure Management (CTEM)

May 2025

Download XM Cyber product report

Also Known As

Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto

No data available

Overview

Prisma Cloud by Palo Alto Networks delivers comprehensive security for cloud environments, focusing on workload protection, identity creation, and seamless AWS integration. Its cloud visibility and control, combined with thorough vulnerability scanning, help maintain robust security across multi-cloud platforms.

Prisma Cloud provides essential capabilities for cloud security posture management, container security, and compliance monitoring. Enterprises utilize it to secure cloud configurations, detect vulnerabilities, and ensure regulatory compliance, spanning AWS, Azure, and Google Cloud. Its runtime management, identity-based micro-segmentation, and threat detection enhance cybersecurity. Despite needing improvements in documentation, integration complexities, UI, and the need for role-based access control refinement, it remains pivotal for securing assets across cloud infrastructures, particularly with its capabilities for vulnerability scanning and CI/CD pipeline integration.

What are the key features?

Workload Identity Creation: Establishes identities for cloud workloads, enhancing security through precise access management.
Dynamic Workload Protection: Protects applications dynamically, securing resources during runtime.
Integration with AWS Products: Seamlessly integrates with AWS services, maximizing the efficiency of cloud operations.
Automated Forensics: Provides detailed insights through automated investigations and runtime mapping between containers.
Application Dependency Map: Enables compliance and asset management through comprehensive inventory functionality.

What benefits or ROI should users expect?

Proactive Threat Prevention: Enhances security measures with advanced threat detection and prevention.
Cloud Visibility and Control: Offers control across multi-cloud environments, ensuring users maintain a strong security posture.
Prevention Capabilities: Users value its ability to prevent vulnerabilities and threats effectively.
Integration Capabilities: Supports seamless integration into existing cloud infrastructures and CI/CD pipelines.

In industries like finance, healthcare, and retail, Prisma Cloud is implemented to strengthen cybersecurity measures, facilitate regulatory compliance, and enhance governance. Organizations leverage its features to secure sensitive data, monitor configurations, and integrate security processes within CI/CD workflows, ensuring robust protection across complex cloud infrastructures.

Palo Alto Networks

XM Cyber is a leading hybrid cloud security company that’s changing the way innovative organizations approach cyber risk. Our attack path management platform continuously uncovers hidden attack paths to your critical assets across cloud and on-prem environments, so you can cut them off at key junctures and eradicate risk with a fraction of the effort. This overcomes the big disconnect that security teams experience when they’re presented with endless alerts, yet can’t see which exposures impact risk the most, how they come together to be exploited by an attacker, or how to efficiently eliminate them. This approach is a complete game-changer, which is why some of the world’s largest, most complex organizations choose XM Cyber to help eradicate risk. Founded by top executives from the Israeli cyber intelligence community, XM Cyber has offices in North America, Europe, and Israel.

XM Cyber

Sample Customers

Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America

Hamburg Port Authority, Plymouth Rock Corporation

Buyer's Guide

Prisma Cloud by Palo Alto Networks vs. XM Cyber

April 2025

Free Report: Prisma Cloud by Palo Alto Networks vs. XM Cyber

Find out what your peers are saying about Prisma Cloud by Palo Alto Networks vs. XM Cyber and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,028 professionals have used our research since 2012.

See our Prisma Cloud by Palo Alto Networks vs. XM Cyber report.

See our list of best Cloud Security Posture Management (CSPM) vendors.

We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.