We performed a comparison between Prisma Cloud by Palo Alto Networks and SentinelOne Singularity Cloud Security based on real PeerSpot user reviews.
Find out in this report how the two Cloud-Native Application Protection Platforms (CNAPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Cloud security posture management is the preferred feature among other vendors."
"I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent."
"Prisma Cloud's most important feature is its auto-remediation."
"The most valuable features are the alerts and auto-remediation because it allows us a lot of flexibility to customize and do things the Palo Alto team never intended. We faced some challenges with certificates because we also have next-gen firewalls. We would like to equip all the traffic because there have been many cases in which the developers have done things by mistake. Deploying certificates on virtual machines can be complex in a development environment, but we managed to do that with Prisma Cloud."
"The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers."
"The dynamic workload identity creation, attestation, and assignment is the best feature. In addition, the application dependency map across heterogeneous environments for compliance is a striking feature."
"The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid."
"Configuration monitoring and alerting is the most valuable feature; it happens at the cloud's speed, allowing our development team to respond quickly. If a configuration goes against our security best practices, we're alerted promptly and can act to resolve the issue. As cloud security staff, we're not staring at the cloud all the time, and we want to let the developers do their jobs so that our company is protected and work is proceeding within our security controls."
"The most valuable feature is the ability to gain deep visibility into the workloads inside containers."
"Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks."
"We like PingSafe's vulnerability assessment and management features, and its vulnerability databases."
"It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end."
"The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well."
"The real-time detection and response capabilities overall are great."
"My favorite feature is Storyline."
"The ease of use of the platform is very nice."
"When there are updates, whether daily, weekly, or monthly, it needs configuration or permission adjustments. There is no automation for that, which is too bad."
"One definite area for improvement is the auto-remediation or the CWP area. The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options."
"The innovation side of the solution could be more efficient and more detailed."
"It can be too expensive for small companies."
"The information presented in the UI sometimes doesn't look intuitive enough."
"The deployment and onboarding are plug-and-play, but somewhat hard to handle in terms of integration with external operations tools. The product design isn't up to the current standard. I would recommend having higher standards in terms of integration with other tools, especially operationalized tools."
"Sometimes, when you assign subnets to regions, the IP address will jump from one location to another because it will automatically change substantially. Then, we need to add those IP subnets to our firewall for existing access. The need to update those subnets potentially causes maintenance or access issues. So far, we can only provide bigger customers with six subnets, and a small company may not be able to access those services."
"When it comes to protecting the full cloud-native stack, it has the right breadth. They're covering all the topics I would care about, like container, cloud configuration, and serverless. There's one gap. There could be a better set of features around identity management—native AWS—IAM roles, and service account management. The depth in each of those areas varies a little bit. While they may have the breadth, I think there's still work to do in flushing out each of those feature sets."
"There is a bit of a learning curve for new users."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"Scanning capabilities should be added for the dark web."
"It took us a while to configure the software to work well in this type of environment, as the support documents were not always clear."
"The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud."
"The resolution suggestions could be better, and the compliance features could be more customizable for Indian regulations. Overall, the compliance aspects are good. It gives us a comprehensive list, and its feedback is enough to bring us into compliance with regulations, but it doesn't give us the specific objects."
"We had a glitch in PingSafe where it fed us false positives in the past."
"In terms of ease of use, initially, it is a bit confusing to navigate around, but once you get used to it, it becomes easier."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud-Native Application Protection Platforms (CNAPP) with 82 reviews while SentinelOne Singularity Cloud Security is ranked 5th in Cloud-Native Application Protection Platforms (CNAPP) with 67 reviews. Prisma Cloud by Palo Alto Networks is rated 8.4, while SentinelOne Singularity Cloud Security is rated 8.6. The top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". On the other hand, the top reviewer of SentinelOne Singularity Cloud Security writes "Provides excellent workload telemetry, hunting capabilities, and deep visibility ". Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and CrowdStrike Falcon Cloud Security, whereas SentinelOne Singularity Cloud Security is most compared with Wiz, Orca Security, AWS GuardDuty, Sysdig Secure and Snyk. See our Prisma Cloud by Palo Alto Networks vs. SentinelOne Singularity Cloud Security report.
See our list of best Cloud-Native Application Protection Platforms (CNAPP) vendors, best Container Security vendors, and best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud-Native Application Protection Platforms (CNAPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.