• Home
  • AWS GuardDuty vs. Prisma Cloud by Palo Alto Networks

AWS GuardDuty vs Prisma Cloud by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Amazon Web Services (AWS) Logo

AWS GuardDuty

Read 19 AWS GuardDuty reviews
8,899 views|7,503 comparisons
90% willing to recommend
Palo Alto Networks Logo

Prisma Cloud by Palo Alto Networks

Read 83 Prisma Cloud by Palo Alto Networks reviews
25,703 views|14,353 comparisons
97% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AWS GuardDuty vs. Prisma Cloud by Palo Alto Networks
March 2024
Executive Summary
Updated on Jul 1, 2023

We performed a comparison between Prisma Cloud by Palo Alto Networks and AWS GuardDuty based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: Prisma Cloud by Palo Alto Networks is noted for its broad visibility and management capabilities. The solution offers continuous compliance monitoring, integration with other tools, and vulnerability scanning. Users like AWS GuardDuty's centralized data collection and alert mechanisms. It's effective for monitoring AWS accounts and analyzing multiple log sources. Users say Prisma Cloud could be more customizable and incorporate workflow automation. Some said they would like to see more bidirectional integration with ticketing solutions. A few AWS GuardDuty users said they would like to see a mobile version for remote workers. Users would also like more dashboard analytics and reporting features.
  • Service and Support: Most customers are pleased with the support, calling it prompt and efficient, but a few have reported slow response times. In contrast, customers have consistently received exceptional support from the Amazon support team for AWS GuardDuty. The technical support provided is quick and responsive.
  • Ease of Deployment: Users said Palo Alto's engineers and informative documentation made the initial setup easy. AWS GuardDuty's setup was generally perceived as uncomplicated, but it could become more complex, depending on the architecture and integration requirements.
  • Pricing: Prisma Cloud has flexible pricing, and the cost depends on the organization's requirements. Reviewers consider Prisma Cloud expensive, but many see it as reasonable. You must pay extra for certain features. AWS GuardDuty has a competitive pay-go pricing model based on data usage with no additional costs.
  • ROI: Prisma Cloud prevents attacks, improves risk awareness, and speeds up security operations. It helps users identify security misconfigurations and blind spots, resulting in cost savings and improved productivity. AWS GuardDuty benefits the overall security posture, building customer trust and creating new business opportunities.

Comparison Results: Prisma Cloud stands out as a more powerful and comprehensive solution for cloud security and compliance management compared to AWS Guard Duty. Prisma Cloud offers excellent visibility, and it's a robust solution for managing hybrid-cloud environments without the hassle of mapping and cross-referencing work.

To learn more, read our detailed AWS GuardDuty vs. Prisma Cloud by Palo Alto Networks Report (Updated: March 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Saurabh Khan
combines ML and integrated threat intelligence from AWS and leading third parties to help protect your AWS accounts,...
AWS GuardDuty enhances organizational security by providing automated threat detection, easy integration with other AWS services, centralized... Read more →
Anonymous User
Offers unified monitoring and a complete map of our environment but only the SaaS version includes posture management
Prisma Cloud is a crucial component of our clients' security, particularly for their billing environments. It offers comprehensive security across... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution will detect abnormalities in the AWS workload and alert us so that we can monitor and take action.""One of the advantages of cloud services is the ability to use them on demand. There's minimal installation involved; you can check the latest offerings and make new deployments while dismantling the previous ones. This approach keeps you ahead of potential services, showcasing the agility of AWS.""With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavior or traffic patterns right away, which is great for staying on top of potential security risks.""Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing.""The solution provides AWS GuardDuty S3 protection, EKS runtime protection, and malware protection.""It kinda just gives us another layer of security. So it does provide some sort of comfort that we do have something that is monitoring for abnormal behavior.""We have over 1,000 employees, and we monitor their activity through AWS GuardDuty.""The product has automated protection powered by AI/ML, which is now far more powerful than before. It uses AI/ML in its detection algorithm, providing fast and quick results."

More AWS GuardDuty Pros →

"Prisma Cloud's monitoring features such as the compute compliance dashboard and the vulnerability dashboard, where we can get a clear visualization of their docker, have also been valuable. We can get layer-by-layer information that helps us see exactly where it's noncompliant. They update the dashboards quite frequently.""The application visibility is amazing. For example, sometimes we don't know what a particular custom port is for and what is running on it. The visibility enables us to identify applications, what the protocol is, and what service is behind it. Within Azure, it is doing a great job of providing visibility. We know exactly what is passing through our network. If there is an issue of any sort we are able to quickly detect it and fix the problem.""The dynamic workload identity creation, attestation, and assignment is the best feature. In addition, the application dependency map across heterogeneous environments for compliance is a striking feature.""It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state.""The most valuable features are the alerts and auto-remediation because it allows us a lot of flexibility to customize and do things the Palo Alto team never intended. We faced some challenges with certificates because we also have next-gen firewalls. We would like to equip all the traffic because there have been many cases in which the developers have done things by mistake. Deploying certificates on virtual machines can be complex in a development environment, but we managed to do that with Prisma Cloud.""It supports the multi-cloud environment beautifully.""The support is excellent.""The most valuable feature of Prisma Cloud is WAF (web application firewall)."

More Prisma Cloud by Palo Alto Networks Pros →

Cons
"AWS GuardDuty sometimes shows false positives and should have better detection accuracy.""The solution's user interface could be improved because it will help users to understand multiple options.""One improvement I would suggest for AWS GuardDuty is the ability to assign findings to specific users or groups, facilitating better communication and follow-up actions.""While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved.""I work in a bank, and it would be good if AWS GuardDuty could be integrated with other monitoring and detection tools we use.""Cost changes. It's very expensive. If you turn on every feature, it's more than most commercial vendors. For smaller orgs, that doesn't make sense.""Because it's a threat detection service, they need to keep up with the various threat factors because new threat factors and attack factors come up all the time.""The solution has to be integrated with new services that AWS adds like QuickSight, Managed Airflow, AppFlow and MWAA."

More AWS GuardDuty Cons →

"Prisma Cloud supports generating CSV files, but I would also like it to generate PDF files for reporting.""Sometimes we do get false alerts. That should be improved.""It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat.""They are missing some compatibility details in their documentation.""They should improve the user experience.""One thing that is missing is Cloud Run runtime security—serverless. That would be great to have in the tool. It's not that easy to have Cloud Run in specific environments.""The solution does not currently support servers for GCP.""Prisma Cloud lags behind in terms of security automation capabilities."

More Prisma Cloud by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "We use a pay-as-you-use license, which is competitively priced in the market."
  • "I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it."
  • "In terms of the costs associated with Amazon GuardDuty, it was $1 per GB from what I recall. Pricing was based on per gigabyte. For example, for the first five hundred gigabytes per month, it'll be $1 per GB, so it'll be $500. If your usage was greater, there's another bracket, for example, the next two thousand GB, then there's an add-on cost of 50 cents per GB. That's how Amazon GuardDuty pricing slowly goes up. I can't remember if there was any kind of additional cost apart from standard licensing for the solution. Nothing else that at least comes to mind. What the service was charging was worth it. That was one good thing when using Amazon GuardDuty because my company could be in a certain tier for a certain period. My company wasn't under a licensing model where it could overestimate its usage and under-utilize its usage and pay much more. This was what made the pricing model for Amazon GuardDuty better."
  • "Pricing is determined by the number of events sent."
  • "The pricing model is pay as you go and is based on the number of events per month."
  • "On a scale of one to ten, where one is a high price, and ten is a low price, I rate the pricing a four or five, which is somewhere in the middle."
  • "GuardDuty only enables accounts in regions where you have an active workload. If there are places where you don't have an active workload, you wouldn't even enable them. That's one area where they could allow you to cut down your cost."
  • "The tool has no subscription charges."

    • More AWS GuardDuty Pricing and Cost Advice →

  • "The purchasing process was easy and quick. It is a very economical solution."
  • "Our licensing fees are $18,000 USD per year."
  • "One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
  • "The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
  • "From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
  • "If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
  • "The pricing and licensing are expensive compared to the other offerings that we considered."
  • "I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."

    • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Amazon GuardDuty?
    Top Answer:With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavior or traffic patterns right away, which is great for staying on top of potential… more »
    Read all 11 answers   →
    What is your experience regarding pricing and costs for Amazon GuardDuty?
    Top Answer:80 percent of the customers are using AWS GuardDuty, and we recommend it due to its low cost, especially for small customers, ranging from five to ten dollars a month. In our policies, we enforce the… more »
    Read all 10 answers   →
    What needs improvement with Amazon GuardDuty?
    Top Answer:One improvement I would suggest for AWS GuardDuty is the ability to assign findings to specific users or groups, facilitating better communication and follow-up actions. It would be beneficial to have… more »
    Read all 11 answers   →
    What is your primary use case for Prisma Cloud by Palo Alto Networks ?
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Read all 7 answers   →
    What Cloud-Native Application Protection Platform do you recommend?
    Top Answer:We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cloud… more »
    What do you think of Aqua Security vs Prisma Cloud?
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was… more »
    Ranking
    4th
    out of 59 in Cloud Workload Protection Platforms (CWPP)
    Views
    8,899
    Comparisons
    7,503
    Reviews
    19
    Average Words per Review
    644
    Rating
    8.1
    1st
    out of 59 in Cloud Workload Protection Platforms (CWPP)
    Views
    25,703
    Comparisons
    14,353
    Reviews
    53
    Average Words per Review
    1,120
    Rating
    8.4
    Comparisons
    Also Known As
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    Learn More
    Amazon Web Services (AWS)
    Palo Alto Networks
    Overview

    Amazon Guard Duty is a continuous cloud security monitoring service that consistently monitors and administers several data sources. These include AWS CloudTrail data events for EKS (Elastic Kubernetes Service) audit logs, VPC (Virtual Private Cloud) flow logs, DNS (Domain Name System) logs, S3 (Simple Cloud Storage), and AWS CloudTrail event logs.

    Amazon GuardDuty intuitively uses threat intelligence data - such as lists of malicious domains and IP addresses - and ML (machine learning) to quickly discover suspicious and problematic activity in a user's AWS ecosystem. Activities may include concerns such as interactions with malicious IP addresses or domains, exposed credentials usage, or changes and/or escalation of privileges.

    GuardDuty is able to easily determine problematic AWS EC2 (Elastic Compute Cloud) instances delivering malware or mining bitcoin. It is also able to trace AWS account access history for evidence of destabilization. such as suspicious API calls resulting in changing password policies to minimize password strength or anomalous infrastructure deployments in new or different never-used regions.

    GuardDuty will continually alert users regarding their AWS environment status and will send the security discoveries to the GuardDuty dashboard or Amazon CloudWatch events for users to view.

    Users can access GuardDuty via:

    • AWS SDKs: Amazon provides users with several software development kits (SDKs) that are made up of libraries and sample code of numerous popular programming languages and platforms, such as Android, iOS, Java, .Net, Python, and Ruby. The SDKs make it easier to develop programmatic access to GuardDuty.

    • GuardDuty HTTPS API: This allows users to issue HTTPS requests directly to the service.

    • GuardDuty Console: This is a browser-based intuitive dashboard interface where users can access and use GuardDuty.

    Amazon Elastic Kubernetes Service (Amazon EKS)

    Kubernetes protection is an optional add-on in Amazon GuardDuty. This tool is able to discover malicious behavior and possible destabilization of an organization's Kubernetes clusters inside of Amazon Elastic Kubernetes Service (Amazon EKS).

    When Amazon EKS is activated, GuardDuty will actively use various data sources to discover potential risks against Kubernetes API. When Kubernetes protection is enabled, GuardDuty uses optional data sources to detect threats against Kubernetes API.

    Kubernetes audit logs are a Kubernetes feature that captures historical API activity from applications, the control plane, users, and endpoints. GuardDuty collates these logs from Amazon EKS to create Kubernetes discoveries for the organization's Amazon EKS assets; there is no need to store or turn on the logs.

    As long as Kubernetes protection remains activated, GuardDuty will continuously dissect Kubernetes data sources from the Amazon EKS clusters to ensure no suspicious or anomalous behavior is taking place.

    Amazon Simple Cloud Storage (S3) Protection

    Amazon S3 allows Amazon GuardDuty to actively audit object-level API processes to discover possible security threats to data inside an organization's S3 buckets. GuardDuty continually audits risk to the organization’s S3 assets by carefully dissecting AWS CloudTrail management events and AWS CloudTrail S3 data events. These tools are continually auditing various CloudTrail management events for potential suspicious activities that affect S3 buckets, such as PutBucketReplication, DeleteBucket, ListBucket, and data events for S3 object-level API processes, such as PutObject, GetObject, ListObject, and DeleteObject.

    Reviews from Real Users

    The most valuable features are the single system for data collection and the alert mechanisms. Prior to using GuardDuty, we had multiple systems to collect data and put it in a centralized location so we could look into it. Now we don't need to do that anymore as GuardDuty does it for us.” - Arunkumar A., Information Security Manager at Tata Consultancy Services

    Prisma Cloud by Palo Alto Networks is a cloud security solution used for cloud security posture management, cloud workload protection, container security, and code security. It provides visibility, monitoring, and alerting for security issues in multi-cloud environments. 

    The solution is user-friendly, easy to set up, and integrates with SIEM for generating alerts and reports. Its most valuable features include security features, monitoring capabilities, reporting, compliance monitoring, vulnerability dashboard, data security features, and multi-cloud capabilities. Prisma Cloud has helped organizations by providing comprehensive protection, automating workflows, simplifying troubleshooting, and improving collaboration between SecOps and DevOps.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Sample Customers
    autodesk, mapbox, fico, webroot
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Top Industries
    REVIEWERS
    Financial Services Firm43%
    Computer Software Company14%
    Media Company7%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company16%
    Manufacturing Company8%
    Healthcare Company5%
    REVIEWERS
    Computer Software Company32%
    Manufacturing Company17%
    Financial Services Firm17%
    Healthcare Company7%
    VISITORS READING REVIEWS
    Educational Organization14%
    Computer Software Company14%
    Financial Services Firm13%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise14%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise67%
    REVIEWERS
    Small Business29%
    Midsize Enterprise19%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise22%
    Large Enterprise61%
    Buyer's Guide
    AWS GuardDuty vs. Prisma Cloud by Palo Alto Networks
    March 2024
    Free Report: AWS GuardDuty vs. Prisma Cloud by Palo Alto Networks
    Find out what your peers are saying about AWS GuardDuty vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    AWS GuardDuty is ranked 4th in Cloud Workload Protection Platforms (CWPP) with 19 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Workload Protection Platforms (CWPP) with 83 reviews. AWS GuardDuty is rated 8.2, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of AWS GuardDuty writes "A stellar threat-detection service that has helped bolster security against malicious threats". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". AWS GuardDuty is most compared with Microsoft Defender for Cloud, CrowdStrike Falcon Cloud Security, Wiz, Check Point CloudGuard CNAPP and Lacework, whereas Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and Check Point CloudGuard CNAPP. See our AWS GuardDuty vs. Prisma Cloud by Palo Alto Networks report.

    See our list of best Cloud Workload Protection Platforms (CWPP) vendors.

    We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.