Microsoft Defender for Cloud Apps and Prisma Access by Palo Alto Networks are cloud security solutions. Defender is a Cloud Access Security Broker (CASB) focused on securing access to cloud applications, while Prisma Access is a Secure Access Service Edge (SASE) platform that offers broader network security functionality, including CASB capabilities. While they have some overlap, they can also be considered complementary solutions.
The summary above is based on 63 interviews we conducted recently with Microsoft Defender for Cloud Apps and Prisma Access by Palo Alto Networks users. To access the review's full transcripts, download our report.
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The solution is stable."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The product’s most valuable feature is SQL database."
"The solution does not affect a user's workflow."
"The ability to prevent users from using certain applications is one of the most valuable features. It doesn't require any configuration for implementation from the client perspective. It just works right away and gives you the information you need."
"We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."
"All of the features are valuable because all of the features are related."
"The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly."
"Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment."
"It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications are pretty good."
"This solution provides a DLP on the cloud and very few people have a scanning device for data at rest."
"The performance is good."
"There are plenty of features this solution provides and the most valuable would be the complete security protection we are receiving. We are provided with similar security that the Palo Alto AWS solution has. This includes features such as a firewall and machine learning AI."
"The most valuable features of the solution stem from the fact that it offers stability and scalability while being a very secure product."
"We have an application called ADEM that helps us troubleshoot network-related issues. It helps us to isolate an issue whether it is on the ISP level, endpoint level, or system access level."
"Palo Alto Firewall is one of the best firewalls in the world."
"The most valuable features of the solution are in the areas of the secure remote access it provides while also being user-friendly."
"It's great that we can make sure a machine meets the minimum requirements before users are allowed to log in."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"There are challenges with detection and there are challenges with false-positive rates."
"There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default."
"Sometimes the support is actually lacking."
"I would prefer to have filtering options incorporated within the policies, enabling the solution to perform tasks beyond mere blocking or allowing."
"Generally, the pricing can always be improved along with the management system."
"Microsoft Defender for Cloud Apps' initial setup was quite technical but we were prepared. The time of the implementation depends on the job and how many users are being set up."
"The integration with macOS operating systems needs to be better."
"When we deploy firewall rules via Panorama, we find it's a little bit slow. We have a global environment and might have 100 gateways or VPNs in the cloud. When we deploy something, it tries to deploy it one-by-one, and that can be slow."
"Its integration with non-Palo Alto products can be improved. Currently, it is easy to integrate it with other Palo Alto products such as Cortex XDR. It integrates well with other Palo Alto products. A major part of our network is based on Palo Alto products, but for those companies that use multi-vendor products in their infrastructure, Palo Alto should optimize the integration of Prisma Access with the network devices from other vendors."
"The product's price is an area of concern where improvements are required. The solution's price should be lowered."
"There should be a dedicated portal or SASE-based solution. They're trying to add a plugin but it needs a dedicated portal because it is now an enterprise solution for multiple organizations. People should be able to directly log in to a dedicated page for Prisma Access, rather than going into a Panorama plugin, and always having to update the plugin."
"There is some particular traffic that the security team wants to filter out and apply their own policies and they cannot."
"It's not really Prisma's fault, but when you try to create exceptions you don't really have those abilities. You cannot say, on the management platform, "Hey, for these users I want to create these exceptions." That is one thing that I have gotten some complaints about, and we have faced some challenges there."
"They can add some new characteristics. For example, when an incident triggers, they can automatically send a template for a particular match that is related to the policy. We don't have that right now. It is something to improve. There could be more automation for certain actions. For example, for a particular group, it can send an administrator alert to their manager. It was one of the concerns of our customers."
"If you compare Prisma SaaS against other products, such as Cloud Log, it's a little bit tricky to understand, but it offers different functionality that other products don't have. From a user usability point of view, you need some training for this product, as an admin, you need a couple of demos."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews while Prisma Access by Palo Alto Networks is ranked 3rd in Cloud Access Security Brokers (CASB) with 57 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Qualys VMDR and Forcepoint CASB, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Zero Trust Exchange, Netskope , Cisco Umbrella, Zscaler Internet Access and FortiSASE . See our Microsoft Defender for Cloud Apps vs. Prisma Access by Palo Alto Networks report.
See our list of best Cloud Access Security Brokers (CASB) vendors.
We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.