Prisma Cloud is highlighted for its cost-effectiveness, security capabilities, and comprehensive features. Snyk is praised for its vulnerability detection capabilities. Both solutions could improve their user interface, Prisma Cloud users shared that documentation needs improvement, while Snyk could enhance its integration capabilities. The customer service for both products is highly rated.
The summary above is based on 150 interviews we conducted recently with Prisma Cloud by Palo Alto Networks and Snyk users. To access the review's full transcripts, download our report.
"I would say Twistlock is a fairly sophisticated tool."
"Visibility is a key feature. Integration with other technologies across the board, whether they are Palo Alto technologies, Windows technologies, or cloud technologies, is probably the biggest thing."
"The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid."
"It provides insights into potential vulnerabilities in our code, helping us identify and rectify issues before they can be exploited."
"Most of the customers we are tackling have different tools and solutions, like Qualys, Nessus, and vulnerability management assessment solutions. There are plugins for them, and we can integrate Prisma Cloud with them. We can enrich our telemetry with their data and use the predefined correlation rules in Prisma Cloud. That means we have that work done in seconds."
"The most valuable feature is the option to add custom queries using the RQL language that they supply so that we can customize the compliance frameworks to what we need to look for."
"Syslog CLIs are the best feature."
"Due to the maturity of most companies, security posture management is the most valuable feature."
"The code scans on the source code itself were valuable."
"Static code analysis is one of the best features of the solution."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"It has an accurate database of vulnerabilities with a low amount of false positives."
"It is a stable solution. Stability-wise, I rate the solution a ten out of ten."
"Provides clear information and is easy to follow with good feedback regarding code practices."
"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"The solution does not currently support servers for GCP."
"I have some challenges customizing and personalizing some of the capabilities in the CSPM in terms of new policies and services. We have to reconfigure and rebuild the CSPM."
"They are missing some compatibility details in their documentation."
"We have discovered that Prisma is not functioning properly with GCP."
"We are encountering issues with the new permissions required for AWS integration with Prisma."
"This solution is more AWS and Azure-centric. It needs to be more specific on the GCP side, which they are working on."
"I would like Prisma Cloud to improve its mapping feature to increase usability."
"The challenge that Palo Alto and Prisma have is that, at times, the instructions in an event are a little bit dated and they're not usable. That doesn't apply to all the instructions, but there are times where, for example, the Microsoft or the Amazon side has made some changes and Palo Alto or Prisma was not aware of them. So as we try to remediate an alert in such a case, the instructions absolutely do not work. Then we open up a ticket and they'll reply, "Oh yeah, the API for so-and-so vendor changed and we'll have to work with them on that." That area could be done a little better."
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time."
"All such tools should definitely improve the signatures in their database. Snyk is pretty new to the industry. They have a pretty good knowledge base, but Veracode is on top because Veracode has been in this business for a pretty long time. They do have a pretty large database of all the findings, and the way that the correlation engine works is superb. Snyk is also pretty good, but it is not as good as Veracode in terms of maintaining a large space of all the historical data of vulnerabilities."
"The product is very expensive."
"We use Bamboo for CI.CD, and we had problems integrating Snyk with it. Ultimately, we got the two solutions to work together, but it was difficult."
"Snyk's API and UI features could work better in terms of speed."
"The solution's reporting and storage could be improved."
"We have seen cases where tools didn't find or recognize certain dependencies. These are known issues, to some extent, due to the complexity in the language or stack that you using. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading."
"The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Prisma Cloud by Palo Alto Networks is ranked 1st in Container Security with 82 reviews while Snyk is ranked 5th in Container Security with 41 reviews. Prisma Cloud by Palo Alto Networks is rated 8.4, while Snyk is rated 8.2. The top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and Check Point CloudGuard CNAPP, whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Wiz. See our Prisma Cloud by Palo Alto Networks vs. Snyk report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.