• Home
  • Prisma SaaS by Palo Alto Networks vs. Qualys VM

Prisma SaaS by Palo Alto Networks vs Qualys VM comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Cloud Access Security Brokers (CASB)
November 2022
Executive Summary

We performed a comparison between Prisma SaaS by Palo Alto Networks and Qualys VM based on real PeerSpot user reviews.

Find out what your peers are saying about Cisco, Microsoft, Netskope and others in Cloud Access Security Brokers (CASB).
To learn more, read our detailed Cloud Access Security Brokers (CASB) Report (Updated: November 2022).
Download the complete report
657,397 professionals have used our research since 2012.
Featured Review
Steven Cruse
Protects users whether in the office or out, and we get the same policy in both locations
We were actually trying to solve other challenges, which included just to protect the onsite, but once COVID hit, it pretty much made it a very... Read more →
Anonymous User
We know instantly if somebody configures something in a way that's vulnerable
If somebody configures something in a way that's vulnerable, we know instantly. We'll get an alert and address it so that it's remediated and not... Read more →
Anonymous User
A great help to improve and maintain security
Qualys VM has greatly helped us to improve and maintain our posture of security.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The Global Block List is one of the most valuable features because it's really easy to block domain names as well as URLs. Sometimes you don't want to block the whole site, you just want to block one URL. The Global Block and Allow Lists are the best features for us.""The most valuable features of this solution are the Web Filtering and the APT.""I haven't found any issues related to latency or any other issue.""It offers good visibility for the Administrator. The administrator has full visibility of what is blocked or has the knowledge of where users go when they are surfing the internet.""We like Cisco Umbrella because of DNS security. It's one step ahead of whatever we are using for regular web filtering. In that way, it's more secure than other web filtering products.""The single-pane-of-glass management is very important. We have a very small team. We can't spend a lot of time going from product to product to product to either investigate or set up policy. We need to have one place that we can go to and set everything up.""When it comes to hybrid work it's pretty effective. We've got the agents. We can protect people inside our building and, when they're using their laptops out in the field, they're still protected. It's working well.""The most valuable thing is how easy it is to deploy. We did it with 9,000 users at my last job, and it took a week to get to all the endpoints. Doing that without having to physically touch all those endpoints was very simple."

More Cisco Umbrella Pros →

"It is easy to use, easy to integrate, and is stable. It's scalable as well.""Prisma's most valuable feature would be its ability to identify bad or risky configurations.""The remediation process is easy compared to other platforms.""It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful.""Prisma SaaS is very easy to use; it's common sense — it's the best-in-class.""The most valuable feature of Prisma Cloud-native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities.""The stacked policies, event policies, and routing policies are easy to understand for someone with general knowledge.""To quarantine and clean a malware file provides a lot of security."

More Prisma SaaS by Palo Alto Networks Pros →

"It's stable and quite reliable.""The vulnerability management feature is what I used the most. It is a good SaaS product. It is easy to use. It has a nice UI where you can see all the assets and vulnerabilities.""The most valuable feature is the connection of threat intelligence information with identified vulnerabilities, which means you can prioritize vulnerabilities according to actual attacks.""Qualys VM's best features are vulnerability management and customizable scoring.""Qualys VM has allowed us to know the vulnerabilities we need to prioritize based on the threat levels and the possible impact if there's an intrusion.""The features that are most valuable are the identification, scan features, and the identification of vulnerabilities.""The initial setup is straightforward.""The most recent is VMDR, which provides a comprehensive overview of how to detect, patch, and remediate specific vulnerabilities."

More Qualys VM Pros →

Cons
"If a hardware platform were provided for Umbrella, that would definitely improve the market for it... Especially when we are addressing governmental customers, they hesitate to connect to the cloud. That is where we need a hardware platform so that the solution can be used on-premises as well.""It could be more secure. It would be better if they provided a transferring proxy as an add-on and more integration.""If the security issues are taken care of it would be better.""The pricing could always be a little bit better.""Its on-prem rollout is quite challenging. It needs better coordination with the Internet Service Provider. It is a cloud-based solution, and any endpoint that connects to it has to go through all the gateway ISPs, but some of the ISPs block HTTPS-based DNS. That's where the challenge occurs with Umbrella.""It would be better if there was a little bit of flexibility for organizations that don't have SD One in their environment. Because of the complexity of the environment, it's not easy to actually turn on the feature of the secure internet gateway for our users. We have not been able to explore that option yet.""Network connectivity was a bit of a challenge at the beginning, but we were able to get the right help from Cisco.""There are a couple of different pieces that have different portals. I know they're working on getting them all into one portal, but that's probably the biggest thing that needs improvement right now. It's not a single pane of glass yet."

More Cisco Umbrella Cons →

"Prisma would be a stronger solution if it could aggregate resources by project or by application. So say we have an application we've developed in AWS and five applications we've developed in Azure. The platform will group it according to those applications, but it's based on the tags we use in Azure, which means I have to rely on development teams to tag resources properly.""They can add some new characteristics. For example, when an incident triggers, they can automatically send a template for a particular match that is related to the policy. We don't have that right now. It is something to improve. There could be more automation for certain actions. For example, for a particular group, it can send an administrator alert to their manager. It was one of the concerns of our customers.""Lacks a hybrid model which has API plus in-line security.""The frequency of updates could be reduced.""We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve.""One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date.""My clients would like to see a more feature-rich product.""When it comes to integration mechanisms, Prisma SaaS does not support reverse proxy type of integrations."

More Prisma SaaS by Palo Alto Networks Cons →

"They're still evolving their platform in terms of reporting capabilities.""Qualys does have an on-prem solution, but it is very expensive.""Certain integration factors between different options could be improved.""It's too early for me to say if there is any room for improvement since we're in the first couple of months of using this solution.""Qualys could be improved in its overall performance compared to other vulnerability management or scanning tools.""The IoT scan is not great.""This solution could be improved by extending the agent capabilities to different operating systems including Mac and Linux. We would also like the capability to easily check for vulnerability in assets in the IOTs.""Some of the older features could be polished instead of focusing on releasing new features."

More Qualys VM Cons →

Pricing and Cost Advice
  • "There is a subscription cost."
  • "The price could be lower."
  • "The price is quite good."
  • "Pricing depends on the automation requirements of the organization."
  • "It has a reasonable price. It is certainly not as expensive as it used to be. It is in line with other offerings on the market. There are a number of different flavors of Umbrella. They could bring Umbrella SIG down a bit because its price is a little bit high for what it does, but I also understand why its price is high."
  • "Cisco Umbrella is expensive and could be cheaper."
  • "When talking about Cisco solutions in general there pricing model is horrible. For example, you can sell a Meraki-based solution, but if the customer starts shopping around, someone is going to have access to the pricing at a level that you cannot compete because they do not have uniform pricing. Not everybody gets fair pricing. Unless you are one of the real major corporations selling the solution your ability to compete is impossible. Cisco will acknowledge the situation and assure you next time it will be in your favor but it never becomes favorable for you. Cisco is not very good in this regard. However, Umbrella is good."
  • "The licensing fee is paid on a yearly basis."

    • More Cisco Umbrella Pricing and Cost Advice →

  • "The licensing fees are paid on a yearly basis and for what we get, the price is good."
  • "Prisma SaaS is more expensive than similar solutions but I think it's worth it."
  • "Prisma is in the middle of the road. It's not the most expensive, but it's not the cheapest. There aren't any additional costs, to my knowledge. I know they have some extra modules, but we didn't use them."
  • "They price their products using credit modules."

    • More Prisma SaaS by Palo Alto Networks Pricing and Cost Advice →

  • "It is different for every company, but for us, it's every three years."
  • "Qualys is cheaper and more affordable than other solutions."
  • "The pricing and licensing for Qualys could be improved."
  • "We do see over $100,000 in terms of price, for mid-size programs. You likely will pay more than $100,000 without any discount. It is a bit pricey."
  • "I used to work there, so I never paid for the product. As an employee, we get a lifetime license for personal use, and that's what I'm using. It is a comprehensive platform, so there is a lot more to it. There could be other solutions that are probably a little bit cheaper, but it depends on what people need. Different people have different needs. It offers many things on the same platform. If you add all the things up, it should be cheaper, but I have not done any analysis specifically."
  • "There is a license for the use of this solution. We pay annually instead of monthly to receive a better discount on the price."
  • "Qualys VM is better suited for medium to large companies because the price can be too much for smaller customers."
  • "There are no additional fees in addition to the standard licensing fees."

    • More Qualys VM Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Cloud Access Security Brokers (CASB) solutions are best for your needs.
    See Recommendations
    657,397 professionals have used our research since 2012.
    Questions from the Community
    Which is the better security solution - Cisco Umbrella or Zscaler?
    Top Answer: Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried.… more »
    Read all 3 answers   →
    Which is the better security solution - Cisco Umbrella or Microsoft Cloud...
    Top Answer:Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-native… more »
    What do you like most about Cisco Umbrella?
    Top Answer:The single-pane-of-glass management is really important. In today's era, administration costs and operational expenses… more »
    Read all 47 answers   →
    What do you like most about Prisma SaaS by Palo Alto Networks?
    Top Answer:The stacked policies, event policies, and routing policies are easy to understand for someone with general knowledge.
    Read all 12 answers   →
    What is your experience regarding pricing and costs for Prisma SaaS by Pa...
    Top Answer:The pricing is reasonable for Palo Alto. They price their products using credit modules. There are various types of… more »
    Read all 9 answers   →
    What needs improvement with Prisma SaaS by Palo Alto Networks?
    Top Answer:The frequency of updates could be reduced. The updates are necessary, but they occur too frequently. The updates require… more »
    Read all 11 answers   →
    What is your primary use case for Qualys VM?
    Top Answer:We use this solution to scan the servers on the network. It is used predominantly by our information security team.
    Read all 34 answers   →
    How does Tenable Nessus compare with Qualys VM?
    Top Answer:The thing I like most about Tenable Nessus is its ease of use. I also like that it has highly customizable scans… more »
    How does Pentera compare with Qualys VMDR?
    Top Answer:Hi Yao, The two products are totally different solutions. Pentera is an Automated Penetration Testing platform… more »
    Comparisons
    Also Known As
    OpenDNS
    Palo Alto Networks Prisma SaaS, Prisma SaaS, Palo Alto Networks Aperture, Aperture
    QualysGuard VM
    Learn More
    Cisco
    Palo Alto Networks
    Qualys
    Overview

    Cisco Umbrella offers flexible, cloud-delivered security according to users’ requirements Cisco Umbrella includes secure web gateway, firewall, and cloud access security broker (CASB) functionality all delivered from a single cloud security service. Cisco Umbrella’s protection is extended to devices, remote users, and distributed locations anywhere. As company employees work from many locations and devices, Cisco Umbrella is the easiest way to effectively protect users everywhere in minutes.

    Cisco Umbrella uses machine learning to search for, identify, and even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. These domains are then proactively blocked, protecting networks from potential compromise. Cisco Umbrella analyzes terabytes of data in real time across all markets, geographies, and protocols.

    Cisco Umbrella works with leading IT companies to integrate its security enforcement and intelligence. Built with a bidirectional API, Cisco Umbrella makes it easy to extend protection from on-premises security appliances to cloud controlled devices and sites.

    Cisco Umbrella is suitable for small businesses without dedicated security professionals, as well as for multinational enterprises with complex environments.

    Why use Cisco Umbrella?

    • Simplify security management: Cisco Umbrella is the fastest and easiest way to protect all users within minutes and reduces the number of infections and alerts sent from other security products by stopping threats at the earliest point. With no hardware to install and no software to manually update, ongoing management is simple

    • Reliable reporting: Cisco Umbrella reports show activity for each device or network in the system. Users gain a more complete picture of the security risks facing their organization and can take action to remedy them.

    • Manage and control cloud apps: Umbrella provides visibility into sanctioned and unsanctioned cloud services in use across the enterprise. Users can uncover new services being used, see who is using them, identify potential risk, and block specific applications easily.

    Reviews from Real Users

    Cisco Umbrella stands out among its competitors for a number of reasons. Some of the major ones are its DNS-based protection, ability to protect users no matter where they are located, stability, and high performance.

    Daniel B., a network specialist at Syswind Kft, writes, “We primarily use the solution as cloud security for our branches. It protects us from direct internet outbreaks. It makes for good flexibility. The solution is very easy to manage. We found the initial setup, for example, to be quite simple. Efficient protection on the DNS level and even higher. The sandboxing feature analyses and handles the complicated security risks.”

    Victor M., SOC & Security Services Director at BEST, notes, “It provides security for the remote workers and it helps to improve enterprise security in a very easy way. We mainly enjoy web software protection capabilities. It prevents the end-users from getting into bad sites or sites that potentially could have malware or could be phishing. It helps end-users avoid the wrong sites. The solution works very smoothly. The user interface is good.”

    Prisma SaaS by Palo Alto Networks is a powerful cloud access security brokerage (CASB) and SaaS solution that is designed to fully handle an organization’s SaaS security needs. It is a comprehensive package that offers both in-line as well as API-based protection. Users can use Prisma SaaS to complement whatever security tools they currently employ.

    Prisma SaaS Benefits

    Some of the ways that organizations can benefit by choosing to deploy Prisma SaaS include:

    • Adaptability. Prisma SaaS can be adapted to satisfy any and all SaaS needs that an organization might have. When users choose Prisma SaaS, they gain access to a vast suite of integrations. These enable users to connect with the most widely used and common SaaS applications on the market. An organization is given the ability to take stock of features or functions that they might be missing and employ the integration to make up for whatever they feel they are missing.
    • Security. Prisma SaaS comes with a wealth of security features that users can leverage to handle all of their security needs. Users can set specific security policies to classify data in a way that enables the solution’s artificial intelligence and machine learning software to track them to prevent losses from taking place. The solution’s AI and ML can also block known malware, identify new malware, and block these new threats before they can do harm.
    • Automated updates. Organizations do not need to devote resources to ensure that Prisma SaaS’s software remains up to date. It automatically updates when an update is ready to launch. Users can focus on using the product and allow the solution to manage its updates on its own.

    Prisma SaaS Features

    • Centralized management and control. Prisma SaaS is controllable from a single centralized location. Users can manage every aspect of the solution in a simplified way. They do not need to master the controls on a variety of consoles to achieve the highest level of value from it. All of the controls are located in one place, which also makes it easy for users to learn how to use them. Additionally, it enables users to view all of their critical data in a single location without having to struggle to find the data that they need.
    • Threat visualization and reporting. Users gain the ability to break down potential threats and incidents in ways that provide deep insights. Prisma SaaS can visually represent threats that have not yet been actualized as well as events that have occurred. Additionally, it can create detailed reports that can provide users with the information that they need to secure themselves from future harm.
    • User behavior monitoring. Prisma SaaS’s AI and ML capabilities enable the solution to spot unusual user behavior that might signal that a user’s credentials have been stolen.

    Reviews from Real Users

    Prisma SaaS by Palo Alto Network is a solution that stands out when compared to many of its competitors. Two major advantages it offers are the ability to customize data search expressions and the ability to identify, analyze, and troubleshoot threats from a single solution.

    Gabriel F., the senior service delivery engineer at the Netdata Innovation Center, writes, “You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you the opportunity to create that.”

    Angell D., a senior engineer at Cloudrise, says, "The most valuable feature of Prisma Cloud-native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities."

    Qualys VM is a vulnerability management tool that is cloud-based and gives you immediate, global visibility into where your IT systems might be vulnerable to the latest internet threats and how to protect them. The solution uses real-time threat intelligence, advanced correlation, and powerful machine learning models to automatically prioritize the riskiest vulnerabilities on your most critical assets – reducing potentially thousands of discovered vulnerabilities. Qualys VM frees you from the substantial cost, resource, and deployment issues associated with traditional software products.

    Qualys VM Features

    Qualys VM has many valuable key features. Some of the most useful ones include:

    • Agent-based detection: Qualys VM works with Qualys Cloud Agents, extending its network coverage to assets that can’t be scanned. With this feature, vulnerabilities are found faster and network impact is minimal.
    • Constant monitoring and alerts: Teams are proactively alerted about potential threats so problems can be tackled before turning into breaches. You can tailor alerts and be notified about general changes or specific circumstances.
    • Comprehensive coverage and visibility: Qualys VM scans and identifies vulnerabilities continuously in order to protect your IT assets on premises, in the cloud, and mobile endpoints. In addition, its executive dashboard displays an overview of your security posture and access to remediation details. The solution also generates custom role-based reports for multiple stakeholders, including automatic security documentation for compliance auditors.

    Qualys VM Benefits

    There are many benefits to implementing Qualys VM. Some of the biggest advantages the solution offers include:

    • Lower and more predictable TCO: The solution doesn’t require any capital expenditures, extra human resources, or infrastructure or software to deploy and manage.
    • Full clarity: Qualys VM gives you full clarity into your data center assets, identifies their vulnerabilities, prioritizes remediation, and assesses IT compliance.
    • Accurate, prioritized results: The solution features a powerful data analysis, correlation, and reporting engine.
    • Advanced protection: Because Qualys VM constantly monitors your environment, it can flag traffic anomalies and alert you of any compromising indicators.
    • Scan for vulnerabilities everywhere: You can scan systems anywhere from the same console, including your perimeter, your internal network, and cloud environments. Since Qualys separates scanning from reporting, you can create custom reports showing each audience just the level of detail it needs to see.

    Reviews from Real Users

    Qualys VM is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it offers good continuous monitoring, reporting functionality, and other valuable features like a priority mechanism.

    A Senior Security Consultant at a tech services company says, “Continuous Monitoring is excellent because it is entirely dependent on the agent, and the Agent Scan, is also quite good. I also like the asset tagging, asset grouping features, and the dashboard, because we can customize and create our own dashboard.”

    Another reviewer, an Information Security Manager at an outsourcing company comments, “The reporting functionality is great. It's more accurate and effective to get a picture of what the vulnerabilities are in a more distributed workforce.”

    Additionally, a Cyber Security Director at a manufacturing company mentions, “The prioritization mechanism is the most valuable aspect of the solution.” And also adds, “The initial setup is straightforward and technical support is great.”

    Offer
    Learn more about Cisco Umbrella
    Learn More
    Learn more about Prisma SaaS by Palo Alto Networks
    Learn More
    Learn more about Qualys VM
    Learn More
    Sample Customers
    Chart Industries, City of Aspen, Eastern Mountain Sports, FLEXcon, George Washington University, Jackson Municipal Airport Authority, Ohio Public Library Information Network, PTC, Richland Community College, Smart Motors, Tulane University, VeriClaim
    University of Arkansas
    Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
    Top Industries
    REVIEWERS
    Financial Services Firm16%
    Educational Organization9%
    Comms Service Provider9%
    Consumer Goods Company7%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider14%
    Financial Services Firm8%
    Government6%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm11%
    Comms Service Provider11%
    Energy/Utilities Company6%
    REVIEWERS
    Financial Services Firm22%
    Comms Service Provider16%
    Manufacturing Company9%
    Healthcare Company9%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm11%
    Comms Service Provider8%
    Government7%
    Company Size
    REVIEWERS
    Small Business39%
    Midsize Enterprise25%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise15%
    Large Enterprise64%
    REVIEWERS
    Small Business44%
    Midsize Enterprise25%
    Large Enterprise31%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise14%
    Large Enterprise70%
    REVIEWERS
    Small Business23%
    Midsize Enterprise14%
    Large Enterprise63%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise17%
    Large Enterprise62%
    Buyer's Guide
    Cloud Access Security Brokers (CASB)
    November 2022
    Download Free Report
    Find out what your peers are saying about Cisco, Microsoft, Netskope and others in Cloud Access Security Brokers (CASB). Updated: November 2022.
    DOWNLOAD NOW
    657,397 professionals have used our research since 2012.

    Prisma SaaS by Palo Alto Networks is ranked 5th in Cloud Access Security Brokers (CASB) with 9 reviews while Qualys VM is ranked 3rd in Vulnerability Management with 29 reviews. Prisma SaaS by Palo Alto Networks is rated 8.4, while Qualys VM is rated 8.2. The top reviewer of Prisma SaaS by Palo Alto Networks writes "Supports custom expressions, helps with compliance, and integrates well with Azure AD". On the other hand, the top reviewer of Qualys VM writes "Excellent continuous monitoring, helpful technical support, easy to scale, and simple to install". Prisma SaaS by Palo Alto Networks is most compared with Netskope CASB, Microsoft Defender for Cloud Apps, Zscaler Internet Access, Zscaler CASB and Infoblox Advanced DNS Protection, whereas Qualys VM is most compared with Tenable Nessus, Tenable.sc, Microsoft Defender for Cloud Apps, Rapid7 InsightVM and Skybox Security Suite.

    We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.