We performed a comparison between Prisma Cloud by Palo Alto Networks and AWS GuardDuty based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Prisma Cloud stands out as a more powerful and comprehensive solution for cloud security and compliance management compared to AWS Guard Duty. Prisma Cloud offers excellent visibility, and it's a robust solution for managing hybrid-cloud environments without the hassle of mapping and cross-referencing work.
"The way it monitors accounts is definitely a very important feature."
"We have over 1,000 employees, and we monitor their activity through AWS GuardDuty."
"The solution will detect abnormalities in the AWS workload and alert us so that we can monitor and take action."
"It helps us detect brute-force attacks based on machine learning."
"Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing."
"We use the tool for threat detection. AWS includes AI features as well. AWS GuardDuty gives us reports."
"The solution is easy to use."
"The product has automated protection powered by AI/ML, which is now far more powerful than before. It uses AI/ML in its detection algorithm, providing fast and quick results."
"Configuration monitoring and alerting is the most valuable feature; it happens at the cloud's speed, allowing our development team to respond quickly. If a configuration goes against our security best practices, we're alerted promptly and can act to resolve the issue. As cloud security staff, we're not staring at the cloud all the time, and we want to let the developers do their jobs so that our company is protected and work is proceeding within our security controls."
"The first aspect that is important is the fact that Prisma Cloud is cloud-agnostic. It's actually available for the five top cloud providers: AWS, GCP, Azure, Oracle, and Alibaba Cloud. The second aspect is the fact that we can write our own rules to try to detect misconfigurations in those environments."
"Visibility is a key feature. Integration with other technologies across the board, whether they are Palo Alto technologies, Windows technologies, or cloud technologies, is probably the biggest thing."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"I find the CSPM area to be a more valuable and flexible feature."
"The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them."
"It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization."
"It helps to identify the misconfigurations by monitoring regularly which helps to secure the organization's cloud environment."
"One improvement I would suggest for AWS GuardDuty is the ability to assign findings to specific users or groups, facilitating better communication and follow-up actions."
"It is evolving, and at the moment, I will just need it on a larger scale. Then, it will satisfy my demand, initially."
"For me, I would say just the presentation of findings, like the dashboards and other stuff, could be improved a bit."
"For the next release, they could provide IPS features as well."
"Cost changes. It's very expensive. If you turn on every feature, it's more than most commercial vendors. For smaller orgs, that doesn't make sense."
"AWS GuardDuty sometimes shows false positives and should have better detection accuracy."
"An improvement would be to have a mobile version where remote workers can log in and monitor and fix issues."
"While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved."
"The licensing is a bit confusing."
"Sometimes, when you assign subnets to regions, the IP address will jump from one location to another because it will automatically change substantially. Then, we need to add those IP subnets to our firewall for existing access. The need to update those subnets potentially causes maintenance or access issues. So far, we can only provide bigger customers with six subnets, and a small company may not be able to access those services."
"One major observation is that it is not possible to implement Prisma Cloud on-premises. This is the limitation. Prisma Cloud itself is on a cloud. It is sitting on AWS and Google Cloud. It is a SaaS solution, but some of my clients have a local regulatory requirement, and they want to install it locally on their premises. That capability is not there, but government entities and ministries want to have Prisma Cloud installed locally."
"This solution is more AWS and Azure-centric. It needs to be more specific on the GCP side, which they are working on."
"The solution does not currently support servers for GCP."
"The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories."
"Prisma Cloud lags behind in terms of security automation capabilities."
"They charge seven workloads for monitoring one compute, and that is quite expensive. This makes it difficult to move fully with the compute part because of the workload."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
AWS GuardDuty is ranked 4th in Cloud Workload Protection Platforms (CWPP) with 19 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Workload Protection Platforms (CWPP) with 82 reviews. AWS GuardDuty is rated 8.2, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of AWS GuardDuty writes "A stellar threat-detection service that has helped bolster security against malicious threats". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". AWS GuardDuty is most compared with Microsoft Defender for Cloud, CrowdStrike Falcon Cloud Security, Wiz, Check Point CloudGuard CNAPP and Lacework, whereas Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and Snyk. See our AWS GuardDuty vs. Prisma Cloud by Palo Alto Networks report.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.