We performed a comparison between Tenable.io Container Security and Prisma Cloud by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Tenable.io Container Security excels at identifying vulnerabilities and resolving deployment misconfigurations. Prisma Cloud provides extensive visibility, robust management options, and a diverse set of security functionalities for multi-cloud and hybrid-cloud environments. Tenable.io Container Security needs enhancements in auto-remediation, asset visibility, and compliance customization. Prisma Cloud requires improvements in dashboards, query building, correlation, and automation.
Service and Support: Customers have experienced difficulties with Tenable's customer service and support. Some customers said Palo Alto provided excellent, helpful, and responsive support. However, a few customers were dissatisfied with slow response times and a lack of satisfactory resolutions.
Ease of Deployment: The setup process for Tenable.io Container Security is considered straightforward with the support of helpful guidebooks. Reviewers had varied experiences when setting up Prisma Cloud. They said it can be easy or challenging depending on the organization's requirements. It typically takes users one or two weeks to deploy Tenable.io, while the deployment time for Prisma Cloud depends on the complexity of the environment.
Pricing: The cost of Tenable.io Container Security is determined by the number of pages in the application. Some users said that Prisma Cloud is reasonably and competitively priced, while others view it as expensive but essential for the benefits it offers.
ROI: Prisma Cloud by Palo Alto Networks has demonstrated its effectiveness in preventing breaches, enhancing risk understanding, and decreasing security expenses. Users offered limited feedback on Tenable's ROI.
Comparison Results: Prisma Cloud by Palo Alto Networks is the preferred choice over Tenable.io Container Security. Prisma Cloud offers extensive visibility and management features. Users like Prisma Cloud's powerful anomaly detection, integration, and coverage of multi-cloud and hybrid environments. Prisma Cloud stands out due to its easy configuration, integration with DevSecOps pipelines, and comprehensive security capabilities.
"Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them."
"Prisma Cloud helped us with compliance. Most of my deployments have been greenfield, so I don't have a benchmark to compare how the security posture has improved. I've always used this from day zero of the configuration. However, I can say that the compliance checks for PCI, DSS, HIPAA, etc., made my life simpler. I don't need to look at each of these standards and compare the rules I have in place."
"Integrating with a CI/CD pipeline and incorporating a vulnerability assessment process are highly effective features, especially when combined with runtime protection."
"The visibility on alerts helps you investigate more easily and see details faster."
"One of the most valuable features is the compliance of RedLock, which we are using for any issues with security. It flags them and that's the primary objective of that feature."
"As a pure-play CSPM, it is pretty good. From the data exposure perspective, Prisma Cloud does a fairly good job. Purely from the perspective of reading the conflicts, it is able to highlight any data exposures that I might be having."
"One of the main reasons we like Prisma Cloud so much is that they also provide an API. You can't expect to give someone an account on Prisma Cloud, or on any tool for that matter, and say, "Go find your things and fix them." It doesn't work like that... We pull down the information from the API that Prisma Cloud provides, which is multi-cloud, multi-account—hundreds and hundreds of different types of alerts graded by severity—and then we can clearly identify that these alerts belong to these people, and they're the people who must remediate them."
"It scans our containers in real time. Also, as they're built, it's looking into the container repository where the images are built, telling us ahead of time, "You have vulnerabilities here, and you should update this code before you deploy." And once it's deployed, it's scanning for vulnerabilities that are in production as the container is running."
"Nessus scanner is very effective for internal penetration testing."
"The strong security provided by the product in the container environment is its most valuable feature."
"The tool's most valuable feature is scanning, reporting, and troubleshooting."
"It helps us secure our applications from the build phase and identify the weaknesses from scratch."
"Currently, I haven't implemented the solution due to its deprecation by the site. However, I can highlight some benefits of Tenable Cloud Security, a cybersecurity solution with various features for scanning vulnerabilities in both cloud environments and on-premises container security."
"Tenable.io detects misconfiguration when you deploy a Docker or Kubernetes container. It's much better to remedy these issues during deployment instead of waiting until the container is already in the production environment."
"It is a scalable solution. Scalability-wise, it is a good solution."
"It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat."
"There needs to be a mechanism that allows me to manually configure compliance more easily."
"It would be nice Prisma Cloud merged its modules for CSPM and infrastructure as code. It would simplify the pricing and make it easier for customers to evaluate the solution because there are different modules, and you need to add it to your subscription separately."
"When it comes to compliance, the issue is that when we are exporting the reports, there is only a single compliance option. If I need to report on multiple compliance requirements, that feature isn't available. For example, I made a single report for ISO 27000 but I can't correlate it with GDPR."
"They are missing some compatibility details in their documentation."
"Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users."
"Sometimes, when you assign subnets to regions, the IP address will jump from one location to another because it will automatically change substantially. Then, we need to add those IP subnets to our firewall for existing access. The need to update those subnets potentially causes maintenance or access issues. So far, we can only provide bigger customers with six subnets, and a small company may not be able to access those services."
"This solution is more AWS and Azure-centric. It needs to be more specific on the GCP side, which they are working on."
"Tenable.io Container Security should improve integration modules. It should also improve stability."
"The stability and setup phase of the product are areas with shortcomings where improvements are needed."
"I believe integration plays a crucial role for Tenable, particularly in terms of connecting with other products and various container solutions like Docker or Kubernetes. It seems that in future updates, enhanced integration is something I would appreciate. Currently, there is integration with Docker, but when it comes to Kubernetes or other container solutions, it appears to be a challenge, especially with on-prem scanners."
"The initial setup is highly complex."
"They need to work on auto-remediation so it's easier for the security team to act quickly when certain assets or resources are deployed. The latest version has a CIS benchmark that you need to meet for containers in the cloud, but more automation is needed."
"The support is tricky to reach, so we would like better-oriented technical support enabled."
"I feel that in certain areas this product has false positives which the company should work on. They should also try to include business logic vulnerabilities in the scanner testing. Finally, the vulnerability assessment feature should be increased to other hardware devices, apart from firewalls."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
More Tenable.io Container Security Pricing and Cost Advice →
Prisma Cloud by Palo Alto Networks is ranked 1st in Container Security with 83 reviews while Tenable.io Container Security is ranked 22nd in Container Security with 7 reviews. Prisma Cloud by Palo Alto Networks is rated 8.4, while Tenable.io Container Security is rated 7.8. The top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". On the other hand, the top reviewer of Tenable.io Container Security writes "It helps you catch misconfigurations before they go into a production environment where they're harder to deal with". Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and F5 Advanced WAF, whereas Tenable.io Container Security is most compared with Aqua Cloud Security Platform, Wiz, Trivy, Red Hat Advanced Cluster Security for Kubernetes and Sysdig Secure. See our Prisma Cloud by Palo Alto Networks vs. Tenable.io Container Security report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.