Tenable and Prisma Cloud offer strong security solutions with varying deployment times and pricing structures. Tenable focuses on customizable reporting and centralized management, while Prisma Cloud is praised for its multi-cloud visibility and threat detection capabilities.
The summary above is based on 140 interviews we conducted recently with Tenable Security Center and Prisma Cloud by Palo Alto Networks users. To access the review's full transcripts, download our report.
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"The security baseline and vulnerability assessments is the valuable feature."
"It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state."
"As a pure-play CSPM, it is pretty good. From the data exposure perspective, Prisma Cloud does a fairly good job. Purely from the perspective of reading the conflicts, it is able to highlight any data exposures that I might be having."
"We are provided with a single tool to protect all of our cloud resources and applications without having to manage and reconcile compliance reports."
"The product is quite good for providing multi-clouds or cross-cloud security from a single-pane -of-glass."
"Prisma Cloud's monitoring features such as the compute compliance dashboard and the vulnerability dashboard, where we can get a clear visualization of their docker, have also been valuable. We can get layer-by-layer information that helps us see exactly where it's noncompliant. They update the dashboards quite frequently."
"It has helped us understand the dynamic topology of our containers, and manage security through the application of policies that our pipelines apply straight from Git."
"It helps to identify the misconfigurations by monitoring regularly which helps to secure the organization's cloud environment."
"The framework to configure controls is pretty good; it's pretty sophisticated. We can implement a fair amount of testing for a fair number of controls."
"Tenable is the leading product for vulnerability scanning."
"The most valuable features of Tenable SC are the reports and the dashboards."
"The most valuable features in Tenable SC are scanning and analysis."
"The solution is very intuitive and the dashboards are simple to use."
"The most valuable feature of this solution is the vulnerability assessment."
"The tool gives us fewer false positives. Compared to its competitors, the solution’s reports are more accurate."
"The scanning part, the agent part – that's the valuable aspect."
"The tool's dashboard and reporting capabilities match our company's needs since we are able to modify the basic view to create a new dashboard, and it works out very well for our needs."
"The solution's container security could be improved."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"The remediation workflow within the Wiz could be improved."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"One definite area for improvement is the auto-remediation or the CWP area. The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options."
"The pricing for the solution needs improvement."
"The dashboard can be created at the user level instead of the cloud account level, which will help save time."
"A couple of exporting functionalities should be more user-friendly because if I want to export something, I can get a lot of data visible to that particular CSV."
"One of the main backlogs in their development is in the area of integration. For example, we have ServiceNow in place for ticket management and Prisma Cloud is supposed to send closure emails for incidents. But from time to time, it fails to do so. We have several other mismatches between Prisma Cloud and ServiceNow."
"I would like to see the inclusion of automated counter-attack, although this is probably illegal."
"A better correlation between the multiple products Prisma Cloud contains would be crucial. It would reduce the time spent looking at reports and enable you to get all the actionable insights across products. I think that Palo Alto is working on it, but they need to work faster because it doesn't make sense to have all these products in a single pane of glass without any correlation between them."
"One thing that is missing is Cloud Run runtime security—serverless. That would be great to have in the tool. It's not that easy to have Cloud Run in specific environments."
"The solution should provide better web application features and support."
"There's a lot of information being streamed out of the reports. What would be nice, and maybe we just haven't found it, would be more of an executive-type view. We still expect it to collect all this information, but we would like a feature that would allow us to show it to an executive or a director or someone like that and give them some type of high-level overview but not get into the nitty-gritty."
"The GUI could be improved to have all concerns and priorities use the same GUI, allowing them to see all tickets, assign vulnerabilities, and assign variation failures to each member of their team."
"Though the solution's technical support is responsive, they do take a lot of time, making it one of the solution's shortcomings that needs improvement."
"The reporting side can be improved. The dashboards are nice, but exporting things out for reports for management was a little tough."
"The product could be user-friendly, and they could enhance the web application's security features."
"Deploying Tenable.sc is highly complex because it's an on-prem solution, whereas Tenable.io is cloud-based, so you can go live as soon as you log in. Tenable.sc involves significant integration with other on-prem solutions, and the deployment takes about two to three weeks with the help of a system integrator"
"I will say it's a lot slower compared to an MS scan. It takes so much longer, so the performance could definitely be worked on."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Security Posture Management (CSPM) with 83 reviews while Tenable Security Center is ranked 10th in Cloud Security Posture Management (CSPM) with 48 reviews. Prisma Cloud by Palo Alto Networks is rated 8.4, while Tenable Security Center is rated 8.2. The top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". On the other hand, the top reviewer of Tenable Security Center writes "A security solution for vulnerability assessment with automated scans". Prisma Cloud by Palo Alto Networks is most compared with Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub, CrowdStrike Falcon Cloud Security and AWS GuardDuty, whereas Tenable Security Center is most compared with Tenable Vulnerability Management, Qualys VMDR, Tenable Nessus, Rapid7 InsightVM and XM Cyber. See our Prisma Cloud by Palo Alto Networks vs. Tenable Security Center report.
See our list of best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.