We performed a comparison between Check Point CloudGuard Posture Management and Prisma Cloud by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: CloudGuard has sophisticated threat detection capabilities. In contrast, Prisma Cloud received some negative feedback for its threat detection.
"The agentless vulnerability scanning is great."
"With PingSafe, it's easy to onboard new accounts."
"PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us."
"We really appreciate the Slack integration. When we have an incident, we get an instant notification. We also use Joe Sandbox, which Singularity can integrate with, so we can verify if a threat is legitimate."
"PingSafe offers three key features: vulnerability management notifications, cloud configuration assistance, and security scanning."
"The management console is the most valuable feature."
"The multi-cloud support is valuable. They are expanding to different clouds. It is not restricted to only AWS. It allows us to have different clouds on one platform."
"It's helped free up staff time so that they can work on other projects."
"This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc."
"Visibility is a key feature. It helps me to validate my overall network posture."
"The dashboard is intuitive. You know if you're compliant or not, and then it gives you a remediation plan."
"All of the features are very useful in today's market."
"The most valuable feature is the ability to apply common tools across all accounts."
"Cloud security posture management is the feature we've been using the longest."
"It provides critical insights that enable the IT team to plan and launch smart investigations when there are security breaches."
"We like the ability to investigate, analyze, and generate reports."
"I found the network queue sets useful. I also liked the Workload Protection Module, the vulnerability findings, and how the rule sets handle the vulnerabilities based on severity."
"Prisma Cloud also provides the visibility and control you need, regardless of how complex or distributed your cloud environments become. It helps to simplify that complexity. Now we know what the best practices are, and if something is missing we know."
"Prisma Cloud provides the needed visibility and control regardless of how complex and distributed the cloud environments become."
"We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features."
"You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums."
"It scans our containers in real time. Also, as they're built, it's looking into the container repository where the images are built, telling us ahead of time, "You have vulnerabilities here, and you should update this code before you deploy." And once it's deployed, it's scanning for vulnerabilities that are in production as the container is running."
"What I found most valuable in Prisma Cloud by Palo Alto Networks is the VAS, such as the web application and API security. I feel that VAS adds a lot of value, mainly because it gives visibility through the application layer and threat detection features."
"It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization."
"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"They need more experienced support personnel."
"There should be more documentation about the product."
"Bugs need to be disclosed quickly."
"PingSafe can improve by eliminating 100 percent of the false positives."
"With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case."
"Their search feature could be better."
"You do need to pay extra in order to get better support."
"The user interface could be improved. Sometimes, the visibility is not immediately available for the environment. We have the native servers that come with the solutions, but we cannot see them in the Check Point log. Another issue is with the integrated file monitoring. It would make sense to have stuff like file integrity monitoring and malware scanning available within this module because we don't want to integrate another product."
"The dashboard customization has room for improvement."
"I would like to see improvements in the vulnerability assessments in terms of how the solution discovers vulnerabilities or compromised workloads. Also, customizable reports would be nice."
"The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point."
"Automation and advanced threat prevention have room for improvement."
"The reporting dashboard responds slowly, which leads to late report compilation."
"I would like them to include support for their products in languages other than English."
"One major observation is that it is not possible to implement Prisma Cloud on-premises. This is the limitation. Prisma Cloud itself is on a cloud. It is sitting on AWS and Google Cloud. It is a SaaS solution, but some of my clients have a local regulatory requirement, and they want to install it locally on their premises. That capability is not there, but government entities and ministries want to have Prisma Cloud installed locally."
"The Palo Alto support needs to improve."
"They need to improve the API gateway."
"The solution does not currently support servers for GCP."
"We'd like to have more native integration with clouds and additional security checks in the future."
"One of the main backlogs in their development is in the area of integration. For example, we have ServiceNow in place for ticket management and Prisma Cloud is supposed to send closure emails for incidents. But from time to time, it fails to do so. We have several other mismatches between Prisma Cloud and ServiceNow."
"I would like to see the inclusion of automated counter-attack, although this is probably illegal."
"When it comes to protecting the full cloud-native stack, it has the right breadth. They're covering all the topics I would care about, like container, cloud configuration, and serverless. There's one gap. There could be a better set of features around identity management—native AWS—IAM roles, and service account management. The depth in each of those areas varies a little bit. While they may have the breadth, I think there's still work to do in flushing out each of those feature sets."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Check Point CloudGuard CNAPP is ranked 4th in Cloud Security Posture Management (CSPM) with 64 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Security Posture Management (CSPM) with 82 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". Check Point CloudGuard CNAPP is most compared with Wiz, AWS GuardDuty, Microsoft Defender for Cloud, Qualys VMDR and Orca Security, whereas Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and Snyk. See our Check Point CloudGuard CNAPP vs. Prisma Cloud by Palo Alto Networks report.
See our list of best Cloud Security Posture Management (CSPM) vendors, best Cloud Workload Protection Platforms (CWPP) vendors, and best Cloud-Native Application Protection Platforms (CNAPP) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.