We performed a comparison between Prisma SaaS by Palo Alto Networks and Skyhigh Security based on real PeerSpot user reviews.
Find out in this report how the two Cloud Access Security Brokers (CASB) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"A single pane of glass saves time... This does have a lot of options available for us to see who's doing what, what trends, what errors. We can set up our alerting through it as well. It is definitely a great dashboard."
"I like the original functionality, which allows for providing secure DNS services."
"Application performance has greatly improved and there are less operational issues. Productivity has been going up because we have less operational issues. Also, we have happy customers."
"It has excellent resilience in cybersecurity. Cybersecurity for my organization is very important because we are a banking organization. We need this security to protect the personal information of our clients. This is very important for our security."
"The solution is very easy to manage. We found the initial setup, for example, to be quite simple."
"There is much differentiation within the licensing so if anyone wants DNS security from the DNS security log, we are there already, and if anyone wants to go to a secure internet gateway, that is also available. We can get the integrated cloud DLP license keys. That is a good benefit with Cisco Umbrella. You can get a complete solution in a single licensing."
"Umbrella, being one pane for managing, being all-encompassing, allows us to quickly go in, make a change, and it applies to either every location, if we want it to, or we can have policies in place that only apply to certain users or certain computers."
"The most valuable features for us include tenant lock, content filtering, and DLP solutions, looking for PII and information being exfiltrated."
"It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature. It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up. It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful."
"The most valuable feature of Prisma Cloud-native, in my opinion, is that it assists in identifying, analyzing, and remediating vulnerabilities."
"Prisma SaaS is very easy to use; it's common sense — it's the best-in-class."
"It is easy to use, easy to integrate, and is stable. It's scalable as well."
"Prisma's most valuable feature would be its ability to identify bad or risky configurations."
"You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you that opportunity to create that."
"To quarantine and clean a malware file provides a lot of security."
"The remediation process is easy compared to other platforms."
"They were very, very aggressive in the market to get a new market share or to take over market share while other companies were being broken up."
"I like the encrypted disk feature and the endpoint protection."
"The support is excellent."
"The other products that I have evaluated do not have the scalability options that McAfee has."
"Overall, the performance is good."
"It's an easy-to-use product."
"What's most valuable in Skyhigh Security is its level of security. Another valuable feature of the solution is threat analysis."
"What I found most valuable in Skyhigh Security is its stability. The solution also has good KB articles that make it simple for users to do the deployment of Skyhigh Security themselves, without the need for integrators."
"I'd like to see this solution more closely integrate with other products Cisco has in its portfolio."
"In my experience with Umbrella support, sometimes the response times take a bit more time than we would like... sometimes, if you go through email, it can take quite a while to get a response."
"There are a couple of interface issues. I know that they say that there are feature enhancements that are noted. For example, we've got the Cisco Meraki security appliances, and there, we geofence our company to where we're allowed to send and receive traffic. So, in our case, by default, we only allow traffic to six different countries, which allows us to effectively prevent traffic for the majority of bad players in the world, but they don't give you an easy way to do that in Cisco Umbrella. With Cisco Meraki, I can specify or pick the countries. I can say that I want to only allow traffic from these six countries, and I'm done. With Cisco Umbrella, I have to rely on the fact that they're going to prevent traffic to other countries. They're going to decide if it's good or bad."
"If a hardware platform were provided for Umbrella, that would definitely improve the market for it... Especially when we are addressing governmental customers, they hesitate to connect to the cloud. That is where we need a hardware platform so that the solution can be used on-premises as well."
"It would be better if there was a little bit of flexibility for organizations that don't have SD One in their environment. Because of the complexity of the environment, it's not easy to actually turn on the feature of the secure internet gateway for our users. We have not been able to explore that option yet."
"We faced an issue regarding virtual appliances (VAs) during deployment. They could improve the quality and management of the virtual appliances offered right now. You can't see much because it is a Linux machine, and they have customized it. You don't have any route access to the machine, only seeing limited things in it. When we opened a ticket, they didn't know much about VAs themselves. So, that is where it is lacking right now. I know this will improve in the long run."
"If we're trying to deploy it to a Mac through Meraki, it's impossible. The method of deployment for a Mac, and the features available in Meraki, are not compatible at all."
"It's a very new product, so it's quite immature at the moment. It can be more user friendly."
"We are using the SaaS offering. We use our applications for microservices. We use Twistlock to scan containers, and it displays these results in Prisma, which is a good feature because we can see vulnerabilities with respect to these containers. We can see everything in a very detailed manner. However, when you have different environments for a single application, such as DEV, QA, PROD, and TEST, all these environments run multiple containers, which can lead to a very high number of containers. In such a scenario, it shows you the alerts for all those containers that have vulnerabilities. If you show the results of all the containers that share the same image, it is not going to add any value. Therefore, they should narrow down the alerts based on a container. It should show information for a single container. Otherwise, the person who is looking at the results gets the impression that he has to fix all these issues. This is something that they can improve."
"My clients would like to see a more feature-rich product."
"One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date."
"They can add some new characteristics. For example, when an incident triggers, they can automatically send a template for a particular match that is related to the policy. We don't have that right now. It is something to improve. There could be more automation for certain actions. For example, for a particular group, it can send an administrator alert to their manager. It was one of the concerns of our customers."
"Lacks a hybrid model which has API plus in-line security."
"When it comes to integration mechanisms, Prisma SaaS does not support reverse proxy type of integrations."
"Prisma would be a stronger solution if it could aggregate resources by project or by application. So say we have an application we've developed in AWS and five applications we've developed in Azure. The platform will group it according to those applications, but it's based on the tags we use in Azure, which means I have to rely on development teams to tag resources properly."
"The encrypted disk implementation could be improved. I currently use it from a dongle or USB key with two-factor authentication to access my computer."
"It needs to be more user-friendly, as it is a little bit complicated to use."
"McAfee needs to add more products that could be managed from the cloud."
"There isn't really any aspect that is lacking."
"One thing that can be improved is their ability to integrate with other web proxies to discover unsanctioned IP apps."
"It is an expensive solution."
"You have to have some kind of background with cloud-based security, like working with different providers and how to make instances in the clouds and that kind of stuff - including cloud, networking cloud, cloud application development, anything like that is a requirement to be in the CASB space."
"The pricing of the solution could be adjusted to make it more reasonable."
Cisco Umbrella offers flexible, cloud-delivered security according to users’ requirements Cisco Umbrella includes secure web gateway, firewall, and cloud access security broker (CASB) functionality all delivered from a single cloud security service. Cisco Umbrella’s protection is extended to devices, remote users, and distributed locations anywhere. As company employees work from many locations and devices, Cisco Umbrella is the easiest way to effectively protect users everywhere in minutes.
Cisco Umbrella uses machine learning to search for, identify, and even predict malicious domains. By learning from internet activity patterns, this DNS-layer security solution can automatically identify attacker infrastructure being staged for the next threat. These domains are then proactively blocked, protecting networks from potential compromise. Cisco Umbrella analyzes terabytes of data in real time across all markets, geographies, and protocols.
Cisco Umbrella works with leading IT companies to integrate its security enforcement and intelligence. Built with a bidirectional API, Cisco Umbrella makes it easy to extend protection from on-premises security appliances to cloud controlled devices and sites.
Cisco Umbrella is suitable for small businesses without dedicated security professionals, as well as for multinational enterprises with complex environments.
Why use Cisco Umbrella?
Reviews from Real Users
Cisco Umbrella stands out among its competitors for a number of reasons. Some of the major ones are its DNS-based protection, ability to protect users no matter where they are located, stability, and high performance.
Daniel B., a network specialist at Syswind Kft, writes, “We primarily use the solution as cloud security for our branches. It protects us from direct internet outbreaks. It makes for good flexibility. The solution is very easy to manage. We found the initial setup, for example, to be quite simple. Efficient protection on the DNS level and even higher. The sandboxing feature analyses and handles the complicated security risks.”
Victor M., SOC & Security Services Director at BEST, notes, “It provides security for the remote workers and it helps to improve enterprise security in a very easy way. We mainly enjoy web software protection capabilities. It prevents the end-users from getting into bad sites or sites that potentially could have malware or could be phishing. It helps end-users avoid the wrong sites. The solution works very smoothly. The user interface is good.”
Since software as a service is so easy, use of SaaS applications is exploding. Because of that simplicity, though, the security risks of SaaS are also on the rise. Unsanctioned SaaS apps can expose sensitive data and propagate malware, and even sanctioned SaaS adoption can increase the risk of data exposure, breaches and noncompliance. By offering advanced data protection and consistency across applications, Prisma SaaS reins in the risks. It addresses your cloud access security broker needs and provides advanced capabilities in risk discovery, data loss prevention, compliance assurance, data governance, user behavior monitoring and advanced threat prevention. Now you can maintain compliance while preventing data leaks and business disruption through a fully cloud-delivered CASB deployment.
Skyhigh is the leading cloud access security broker (CASB) trusted by over 500 enterprises to securely enable over 16,000 cloud services, including shadow IT and sanctioned IT.
With Skyhigh, organizations leverage a single cross-cloud platform to gain visibility into cloud usage and risks, meet compliance requirements, enforce security policies, and detect and respond to potential threats.
Prisma SaaS by Palo Alto Networks is ranked 5th in Cloud Access Security Brokers (CASB) with 8 reviews while Skyhigh Security is ranked 4th in Cloud Access Security Brokers (CASB) with 13 reviews. Prisma SaaS by Palo Alto Networks is rated 8.4, while Skyhigh Security is rated 8.6. The top reviewer of Prisma SaaS by Palo Alto Networks writes "Supports custom expressions, helps with compliance, and integrates well with Azure AD". On the other hand, the top reviewer of Skyhigh Security writes "Has good KB articles that make it simple for users to do the deployment themselves". Prisma SaaS by Palo Alto Networks is most compared with Netskope CASB, Zscaler Internet Access, Microsoft Defender for Cloud Apps, Zscaler CASB and Qualys VM, whereas Skyhigh Security is most compared with Netskope CASB, Zscaler Internet Access, Microsoft Defender for Cloud Apps, McAfee Web Gateway and Netskope Next Gen Secure Web Gateway. See our Prisma SaaS by Palo Alto Networks vs. Skyhigh Security report.
See our list of best Cloud Access Security Brokers (CASB) vendors.
We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.