Microsoft Defender for Cloud Apps and Prisma Access by Palo Alto Networks are cloud security solutions. Defender is a Cloud Access Security Broker (CASB) focused on securing access to cloud applications, while Prisma Access is a Secure Access Service Edge (SASE) platform that offers broader network security functionality, including CASB capabilities. While they have some overlap, they can also be considered complementary solutions.
The summary above is based on 63 interviews we conducted recently with Microsoft Defender for Cloud Apps and Prisma Access by Palo Alto Networks users. To access the review's full transcripts, download our report.
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator."
"The solution is stable."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"The solution does not affect a user's workflow."
"The product’s most valuable feature is SQL database."
"The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly."
"It is very easy to use, which is what we look for in these types of solutions."
"There are a lot of features with benefits, including discovery, investigation, and putting controls around things. You can't say that you like the investigation part but not the discovery. Everything is correlated; that's how the tool works."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"All of the features are valuable because all of the features are related."
"The most valuable feature is its policy implementation."
"The features I find most valuable is WildFire, user integration, and the basic technology features."
"The scalability of the solution is excellent."
"The protection for web-based applications was helpful for my colleagues who didn't want a particular application on their devices. And the non-web access protection was more for our developers because they were writing and building code on their computers. Prisma Access was able to protect them."
"Overall, the cost savings, ease of deployment, and better VPN user experience and performance are valuable."
"Panorama provides centralized management capabilities for all our firewalls and locations so that we can manage different data centers through a single device, a very valuable feature. We don't have to log into various devices to oversee them individually."
"The solution improved the consistency of our security controls and the BCP. There has been a 20 percent reduction in TCO. Prisma Access also enabled us to deliver better applications by centralizing security management."
"The solution is not very complex and is easy to manage for people who may or may not have knowledge about Palo Alto Networks."
"A feature I've found very helpful is run time security because most of the products on the market will look at security during the build time, and they don't really look at what happens once you're going into production."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer"
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving."
"Sometimes the support is actually lacking."
"I would like to see them include more features in the older licenses. There are some features that are not available, such as preventing or analyzing cloud attacks."
"I would like more customization of notifications. Currently, you either get everything or you get limited information. I would like to have something in between where we can customize the data that is included in notifications."
"There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default."
"This service would be better if it had a separate license, only for this service, that could be used to track usage."
"Sometimes, we'll get false positive alarms. For example, when a SharePoint path has no file sharing, but there is an external user, it will trigger an alarm that the file has been shared with an external user... the alerting mechanism should be more precise when giving you an alert about what activity has been done with the file..."
"Defender for Cloud Apps could come with more configured policies out of the box. Also, integration could be easier. Integration is moderately difficult because Microsoft hasn't developed a solution that unifies device onboarding and management. You have to use Intune to manage devices and Defender for Endpoint to enforce policies. They need to fix their integration, but I believe they will straighten it out by the end of the year."
"They should continue integration with all other Microsoft security-related products. The integration with all the other products is still ongoing."
"The initial support team is not very good. Most of the time, I have found that they are one to three years experienced only. They don't have network expertise. They know about Palo Alto products but don't know how to troubleshoot the issues. We have to guide them most of the time to troubleshoot correctly since their approach is not developed."
"Dependencies of applications sometimes is a bit confusing."
"It would be nice to manage Prisma Access through the cloud instead of through Panorama. You can use the cloud version to monitor Prisma Access, but it doesn't have all the features yet, and it's not 100% done."
"I haven't seen any SD-WAN configuration capability. If Prisma Access would support SD-WAN, that would help... SD-WAN devices should be able to reach Prisma Access, and Palo Alto should support different, vendor-specific devices, not just Palo Alto devices, for SD-WAN configuration."
"From any improvement perspective, the product's compatibility issues with Linux need to be resolved."
"Though the monitoring is fine, the solution should improve its application graphs and interface monitoring."
"There should be a dedicated portal or SASE-based solution. They're trying to add a plugin but it needs a dedicated portal because it is now an enterprise solution for multiple organizations. People should be able to directly log in to a dedicated page for Prisma Access, rather than going into a Panorama plugin, and always having to update the plugin."
"The cloud setup is straightforward, and the onboarding process is much better, but the on-premises initial setup is slightly complex."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
More Prisma Access by Palo Alto Networks Pricing and Cost Advice →
Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews while Prisma Access by Palo Alto Networks is ranked 3rd in Cloud Access Security Brokers (CASB) with 58 reviews. Microsoft Defender for Cloud Apps is rated 8.4, while Prisma Access by Palo Alto Networks is rated 8.2. The top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". On the other hand, the top reviewer of Prisma Access by Palo Alto Networks writes "Integration with Palo Alto platforms such as Cortex Data Lake and Autofocus gives us visibility into our attack surface". Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Qualys VMDR and Microsoft Defender for Identity, whereas Prisma Access by Palo Alto Networks is most compared with Zscaler Zero Trust Exchange, Netskope , Cisco Umbrella, Zscaler Internet Access and FortiSASE . See our Microsoft Defender for Cloud Apps vs. Prisma Access by Palo Alto Networks report.
See our list of best Cloud Access Security Brokers (CASB) vendors.
We monitor all Cloud Access Security Brokers (CASB) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.