Microsoft Defender for Cloud Apps and Prisma Access by Palo Alto Networks are cloud security solutions. Defender is a Cloud Access Security Broker (CASB) focused on securing access to cloud applications, while Prisma Access is a Secure Access Service Edge (SASE) platform that offers broader network security functionality, including CASB capabilities. While they have some overlap, they can also be considered complementary solutions.
The summary above is based on 63 interviews we conducted recently with Microsoft Defender for Cloud Apps and Prisma Access by Palo Alto Networks users. To access the review's full transcripts, download our report.
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The solution is stable."
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The most valuable feature is the seamless integration across different clouds."
"It is very easy to use, which is what we look for in these types of solutions."
"Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment."
"If your business requirements are relatively simple, it can get the job done."
"We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."
"All of the features are valuable because all of the features are related."
"There are a lot of features with benefits, including discovery, investigation, and putting controls around things. You can't say that you like the investigation part but not the discovery. Everything is correlated; that's how the tool works."
"The product’s most valuable feature is SQL database."
"The visibility perspective is pretty cool. If I want to know how much data is being used for a specific project, I can look at how much data has been used, from which region, and which users have been connected. That visibility is very good so that I can see how many licenses we have and how many are used."
"The most valuable features of the solution are in the areas of the secure remote access it provides while also being user-friendly."
"It's much faster and more secure than legacy solutions. It is also quite stable and scalable as well. We are able to see all the traffic in one place."
"It's quite reliable and performs well for users."
"It protects all app traffic so that users can gain access to all apps. Unlike other solutions that only work from ports 80 and 443, which are predominantly for web traffic, Prisma Access covers all protocols and works on all traffic patterns... The most sophisticated attacks can arise from sources that are not behind 80/443."
"The tool's consolidation is pretty quick."
"You have the ability to create your own expressions for your data. Palo Alto understands that DLP is not the same for all consumers. You might have a particular need to fulfill, and they give you the opportunity to create a custom expression to match the specific format that you have. For a confidential file property that you have in your files, you can add a metadata field. It gives you that opportunity to create that."
"Panorama provides centralized management capabilities for all our firewalls and locations so that we can manage different data centers through a single device, a very valuable feature. We don't have to log into various devices to oversee them individually."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"Sometimes, we'll get false positive alarms. For example, when a SharePoint path has no file sharing, but there is an external user, it will trigger an alarm that the file has been shared with an external user... the alerting mechanism should be more precise when giving you an alert about what activity has been done with the file..."
"It takes some time to scan and apply the policies when there is some sensitive information. After it applies the policies, it works, but there is a delay. This is something for which we are working with Microsoft."
"There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default."
"They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing."
"In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis."
"I would like more customization of notifications. Currently, you either get everything or you get limited information. I would like to have something in between where we can customize the data that is included in notifications."
"It doesn't actually decrease the time to respond. This has been an issue with Microsoft recently. Sometimes, there is a delay when it comes to getting an alert policy email... Sometimes it takes two or three hours for that email to be sent."
"I want them to enhance in-session policy."
"I would like the solution to support a different type of authentication. We can't configure a secondary method for our portal."
"The product's current price is an area of shortcoming where improvements are required."
"When we deploy firewall rules via Panorama, we find it's a little bit slow. We have a global environment and might have 100 gateways or VPNs in the cloud. When we deploy something, it tries to deploy it one-by-one, and that can be slow."
"The one thing that I've been a little bit disappointed with is when we have had to open cases with Palo Alto about Prisma Access issues. Versus their other platforms, like their firewalls, where we tend to get really quick responses and very definitive answers, the few tickets I've had to open for Prisma Access have taken them longer to respond to. And they haven't necessarily given me the kind of answer I was looking for, meaning a fix to the problem."
"One thing that would help is if we could get a guide. With Cisco, for example, you can just type the problem regarding your Cisco product and you will easily get your solution. In Palo Alto, however, it's not easy to find the solutions."
"One area for improvement is for them to stay on top of keeping their CVEs on their platform up to date."
"There is room for improvement in the multi-environment visibility, especially around containers."
"It's not very easy to use. Sometimes it's buggy and there are problems when doing updates. The user interface is okay, but some configuration items are difficult. I would like it to be less buggy and easier to configure, to better streamline the user experience."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews while Prisma Access by Palo Alto Networks is ranked 3rd in Cloud Access Security Brokers (CASB) with 57 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Qualys VMDR and Forcepoint CASB, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Zero Trust Exchange, Netskope , Cisco Umbrella, Zscaler Internet Access and FortiSASE . See our Microsoft Defender for Cloud Apps vs. Prisma Access by Palo Alto Networks report.
See our list of best Cloud Access Security Brokers (CASB) vendors.
We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.