• Home
  • AWS WAF vs. Prisma Cloud by Palo Alto Networks

AWS WAF vs Prisma Cloud by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Amazon Web Services (AWS) Logo

AWS WAF

Read 52 AWS WAF reviews
17,782 views|13,844 comparisons
82% willing to recommend
Palo Alto Networks Logo

Prisma Cloud by Palo Alto Networks

Read 83 Prisma Cloud by Palo Alto Networks reviews
3,672 views|1,954 comparisons
97% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AWS WAF vs. Prisma Cloud by Palo Alto Networks
March 2024
Executive Summary
Updated on Mar 13, 2024

Prisma Cloud and AWS WAF offer competitive pricing and effective security measures, with Prisma Cloud focusing on multi-cloud visibility and automation, while AWS WAF is highlighted for its web protection capabilities and seamless integration with other AWS services. Prisma Cloud users value the ease of use and advanced threat detection, while AWS WAF users appreciate the customization options and real-time monitoring features.

  • Features: Prisma Cloud by Palo Alto Networks shines with its comprehensive security capabilities, advanced threat detection, and automated compliance assessment. In comparison, AWS WAF stands out for its effectiveness in protecting against web threats, ease of setting up access control rules, and seamless integration with other AWS services.
  • Pricing and ROI: The setup cost for Prisma Cloud is competitive and reasonable, offering good value with easy deployment. In comparison, AWS WAF has relatively low setup costs and fair licensing fees. Both provide scalability for different organizations. Prisma Cloud offers significant cost savings and increased security measures, reducing risks and improving compliance. AWS WAF focuses on protecting web applications and customizing rules to prevent cyber threats.
  • Room for Improvement: Prisma Cloud users suggest improving the UI, integrations, documentation, training resources, and alerting/reporting. AWS WAF users seek easier setup, user-friendly documentation, and more customization.
  • Deployment and customer support: Prisma Cloud users had varying feedback on deployment and setup duration. Some experienced longer deployment and shorter setup, while others had the reverse. AWS WAF users also had mixed feedback. Prisma Cloud stands out for its top-notch and reliable customer service, known for its expertise and responsiveness. AWS WAF is commended for its friendly and proactive support, providing timely assistance to users.

The summary above is based on 142 interviews we conducted recently with Prisma Cloud by Palo Alto Networks and AWS WAF users. To access the review's full transcripts, download our report.

To learn more, read our detailed AWS WAF vs. Prisma Cloud by Palo Alto Networks Report (Updated: March 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Prasanth MG
Allows us to set up security rules and has a good scalability
The solution helps our organization to comply with our security standards.
Pinki Jaiswal
Has seamless integration into CI/CD pipelines, and effective risk management, providing a unified and user-friendly...
It offers security scanning capabilities for multi and hybrid-cloud environments. Currently, we support two clients, each with multiple... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"This product supplies options for web security for applications accessing sensitive information.""We can host any DB or application on the solution.""AWS WAF is very easy to use and configure on AWS.""The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications.""This is not a product that you need to install. You just use it.""The initial setup was very straightforward. Deployment took about ten minutes or less.""What I like best about AWS WAF is that it's a simple tool, so I could understand the basics of AWS WAF in two to three hours.""If hackers try to insert bugs, the tool blocks it."

More AWS WAF Pros →

"The policies that come prepackaged in the tool have been very valuable to us. They're accurate and they provide good guidance as to why the policy was created, as well as how to remediate anything that violates the policy.""Prisma scans things and shows all the vulnerabilities and packages that are vulnerable, and which layers, by default, have vulnerabilities. So developers can easily go into the package or a particular layer and make changes to their code. It's very transparent.""As a pure-play CSPM, it is pretty good. From the data exposure perspective, Prisma Cloud does a fairly good job. Purely from the perspective of reading the conflicts, it is able to highlight any data exposures that I might be having.""It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state.""It provides insights into potential vulnerabilities in our code, helping us identify and rectify issues before they can be exploited.""I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent.""We are provided with a single tool to protect all of our cloud resources and applications without having to manage and reconcile compliance reports.""The most valuable features are vulnerability monitoring, serverless access, container runtime features, and Defender."

More Prisma Cloud by Palo Alto Networks Pros →

Cons
"There is room for improvement in pricing.""One area for improvement in AWS WAF could be the limitation on the number of rules, particularly those from third-party sources, within the free tier.""I would like to be able to view a graphical deployment map in the user interface that will give me an overview of the configuration and help to determine whether I have missed any steps.""It's a bit difficult to apply the right rules for the right security.""They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats.""The product should improve the DDoS-related features.""The default content policy available in the tool is not very strong compared to the competitors.""The technical support does not respond to bugs in the coding of the product."

More AWS WAF Cons →

"The pricing for the solution needs improvement.""The area for improvement is less about the product and more about the upsell. If we've already agreed that we'd like your product x, y, or z, don't try to add fries to my burger. I don't need it.""In terms of securing cloud-native development at build time, a lot of improvement is needed. Currently, it's more a runtime solution than a build-time solution. For runtime, I would rate it at seven out of 10, but for build-time there is a lot of work to be done.""The first time I looked at Prisma Cloud, it took me a while to understand how to implement the integration or how to enable features by using the interface for integration. That portion can probably be improved.""I would like Prisma Cloud to improve its mapping feature to increase usability.""Getting new guys trained on using the solution requires some thought. If someone is already trained on Palo Alto then he's able to adapt quickly. But, if someone is coming from another platform such as Fortinet, or maybe he's from the system side, that is where we need some help. We need to find out if there is an online track or training that they can go to.""There is room for improvement on the logging and monitoring front because it's still not as holistic as I would want it to be.""Sometimes, when you assign subnets to regions, the IP address will jump from one location to another because it will automatically change substantially. Then, we need to add those IP subnets to our firewall for existing access. The need to update those subnets potentially causes maintenance or access issues. So far, we can only provide bigger customers with six subnets, and a small company may not be able to access those services."

More Prisma Cloud by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "It's an annual subscription."
  • "There are no costs in addition to the standard licensing fees."
  • "There are different scale options available for WAF."
  • "AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
  • "It has a variable pricing scheme."
  • "We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
  • "It's quite affordable. It's in the middle."
  • "The pricing should be more affordable, especially as it pertains to small clients."

    • More AWS WAF Pricing and Cost Advice →

  • "The purchasing process was easy and quick. It is a very economical solution."
  • "Our licensing fees are $18,000 USD per year."
  • "One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
  • "The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
  • "From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
  • "If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
  • "The pricing and licensing are expensive compared to the other offerings that we considered."
  • "I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."

    • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What are the limitations of AWS WAF vs alternative WAFs?
    Top Answer:Hi Varun I have had experienced with several WAF deployments and deep technical assessments of the following: 1. Imperva WAF 2. F5 WAF 3. Polarisec Cloud WAF Typical limitations on cloud WAF… more »
    Read all 2 answers   →
    How does AWS WAF compare to Microsoft Azure Application Gateway?
    Top Answer:Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit for… more »
    What do you like most about AWS WAF?
    Top Answer:Rule groups are valuable.
    Read all 39 answers   →
    What is your primary use case for Prisma Cloud by Palo Alto Networks ?
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Read all 7 answers   →
    What Cloud-Native Application Protection Platform do you recommend?
    Top Answer:We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cloud… more »
    What do you think of Aqua Security vs Prisma Cloud?
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was… more »
    Ranking
    1st
    out of 79 in Web Application Firewall (WAF)
    Views
    17,782
    Comparisons
    13,844
    Reviews
    30
    Average Words per Review
    407
    Rating
    8.5
    5th
    out of 79 in Web Application Firewall (WAF)
    Views
    3,672
    Comparisons
    1,954
    Reviews
    53
    Average Words per Review
    1,120
    Rating
    8.4
    Comparisons
    Also Known As
    AWS Web Application Firewall
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    Learn More
    Amazon Web Services (AWS)
    Palo Alto Networks
    Overview

    AWS Web Application Firewall (WAF) is a firewall security system that monitors incoming and outgoing traffic for applications and websites based on your pre-defined web security rules. AWS WAF defends applications and websites from common Web attacks that could otherwise damage application performance and availability and compromise security.

    You can create rules in AWS WAF that can include blocking specific HTTP headers, IP addresses, and URI strings. These rules prevent common web exploits, such as SQL injection or cross-site scripting. Once defined, new rules are deployed within seconds, and can easily be tracked so you can monitor their effectiveness via real-time insights. These saved metrics include URIs, IP addresses, and geo locations for each request.

    AWS WAF Features

    Some of the solution's top features include:

    • Web traffic filtering: Get an extra layer of security by creating a centralized set of rules, easily deployable across multiple websites. These rules filter out web traffic based on conditions like HTTP headers, URIs, and IP addresses. This is very helpful for protection against exploits such as SQL injection and cross-site scripting as well as attacks from third-party applications.
    • Bot control: Malicious bot traffic can consume excessive resources and cause downtime. Gain visibility and control over bot traffic with a managed rule group. You can easily block harmful bots, such as scrapers and crawlers, and you can allow common bots, like search engines and status monitors.
    • Fraud prevention: Effectively defend your application against bot attacks by monitoring your application’s login page with a managed rule group that prevents hackers from accessing user accounts using compromised credentials. The managed rule group helps protect against credential stuffing attacks, brute-force login attempts, and other harmful login activities.
    • API for AWS WAF Management: Automatically create and maintain rules and integrate them into your development process.
    • Metrics for real-time visibility: Receive real-time metrics and captures of raw requests with details about geo-locations, IP addresses, URIs, user agents, and referrers. Integrate seamlessly with Amazon CloudWatch to set up custom alarms when events or attacks occur. These metrics provide valuable data intelligence that can be used to create new rules that significantly improve your application protections.
    • Firewall management: AWS Firewall Manager automatically scans and notifies the security team when there is a policy violation, so they can swiftly take action. When new resources are created, your security team can guarantee that they comply with your organization’s security rules.

    Reviews from Real Users

    AWS WAF stands out among its competitors for a number of reasons. Two major ones are its user-friendly interface and its integration capabilities.

    Kavin K., a security analyst at M2P Fintech, writes, “I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through.”

    Prisma Cloud by Palo Alto Networks is a cloud security solution used for cloud security posture management, cloud workload protection, container security, and code security. It provides visibility, monitoring, and alerting for security issues in multi-cloud environments. 

    The solution is user-friendly, easy to set up, and integrates with SIEM for generating alerts and reports. Its most valuable features include security features, monitoring capabilities, reporting, compliance monitoring, vulnerability dashboard, data security features, and multi-cloud capabilities. Prisma Cloud has helped organizations by providing comprehensive protection, automating workflows, simplifying troubleshooting, and improving collaboration between SecOps and DevOps.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Sample Customers
    eVitamins, 9Splay, Senao International
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Top Industries
    REVIEWERS
    Computer Software Company25%
    Manufacturing Company13%
    Energy/Utilities Company8%
    Financial Services Firm8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company7%
    Comms Service Provider6%
    REVIEWERS
    Computer Software Company32%
    Manufacturing Company17%
    Financial Services Firm17%
    Healthcare Company7%
    VISITORS READING REVIEWS
    Educational Organization14%
    Computer Software Company14%
    Financial Services Firm13%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business37%
    Midsize Enterprise20%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise64%
    REVIEWERS
    Small Business29%
    Midsize Enterprise19%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise22%
    Large Enterprise61%
    Buyer's Guide
    AWS WAF vs. Prisma Cloud by Palo Alto Networks
    March 2024
    Free Report: AWS WAF vs. Prisma Cloud by Palo Alto Networks
    Find out what your peers are saying about AWS WAF vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Prisma Cloud by Palo Alto Networks is ranked 5th in Web Application Firewall (WAF) with 83 reviews. AWS WAF is rated 8.0, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, Imperva Web Application Firewall, F5 Advanced WAF and Akamai App and API Protector, whereas Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and Qualys VMDR. See our AWS WAF vs. Prisma Cloud by Palo Alto Networks report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.