We performed a comparison between AWS Security Hub and Prisma Cloud by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Ease of Deployment: Prisma Cloud by Palo Alto Networks' initial setup was straightforward and aided by helpful engineers and clear instructions. Deployment time differed but was uncomplicated. On the other hand, AWS Security Hub's setup is simple and straightforward, though policies must be set up. It necessitates minimal upkeep.
Features: Prisma Cloud provides a management console, continuous compliance monitoring, auto-remediation, and identity-based micro-segmentation. On the other hand, AWS Security Hub is commended for its integration capabilities, real-time alerts, and compliance monitoring. Prisma Cloud could benefit from more personalized dashboard options, enhanced automation capabilities, and better integration with ticketing systems. On the other hand, AWS Security Hub might benefit from greater integration possibilities with open-source solutions and upgrades to its user interface and dashboards.
Pricing: Prisma Cloud is perceived as having a complex credit-based pricing system, leading to a general perception of being expensive. However, it provides good value for securing multi-cloud environments. In contrast, AWS Security Hub is considered to have reasonable pricing, but there is some uncertainty surrounding it for those outside of the central team.
Service and Support: Prisma Cloud's customer service has been a bit inconsistent, with some customers appreciating the technical assistance and account managers, while others have encountered slow response times and unhelpful solutions. On the other hand, AWS Security Hub's technical support has been commended by contented customers for being prompt and efficient.
ROI: Prisma Cloud by Palo Alto Networks offers benefits such as risk transparency, enhanced compliance and security, and quicker issue resolution, resulting in improved productivity and cost savings. Although the exact ROI is hard to quantify, it reduces risks and enhances resource utilization. On the other hand, AWS Security Hub has been well-received with a positive outcome.
Comparison Results: Prisma Cloud by Palo Alto Networks is the better option when compared to AWS Security Hub. Its features are more comprehensive and effective in protecting the entire cloud-native stack, including cloud compliance monitoring and alerting, network security, and micro-segmentation. While AWS Security Hub is praised for its integration capabilities, it falls short in terms of comprehensive features and auto-remediation capabilities.
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"Easily integrates with third-party tools"
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"Finding out if your infrastructure is secure is a valuable feature."
"Very good at detection and providing real-time alerts."
"The most valuable features are vulnerability monitoring, serverless access, container runtime features, and Defender."
"What I like most about Prisma Cloud is its zero-day signatures, maximum security, minimal downtime, cloud visibility, control, and ease of deployment."
"It provides insights into potential vulnerabilities in our code, helping us identify and rectify issues before they can be exploited."
"The CSPM and CWPP functionalities are pretty good."
"Prisma Cloud provides the needed visibility and control regardless of how complex and distributed the cloud environments become."
"We are provided with a single tool to protect all of our cloud resources and applications without having to manage and reconcile compliance reports."
"We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features."
"I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent."
"The solution lacks self-sufficiency."
"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"The support must be quicker."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"The regional cost of Prisma Cloud in South Africa is high and could be improved."
"A couple of exporting functionalities should be more user-friendly because if I want to export something, I can get a lot of data visible to that particular CSV."
"They need to make the settings more flexible to fit our internal policies about data. We didn't want developers to see some data, but we wanted them to have access to the console because it was going to help them... It was a pain to have to set up the access to some languages and some data."
"The automation capabilities are growing each day, but the problem is that the updates are not that frequent. There are some services on Amazon that have come out with updates, and Azure is also getting up to date. But Prisma takes some time to follow. There's a time gap that Prisma inherits from these clouds. I understand why it takes some time, but that time should be reduced."
"The feedback that we have given to the Palo Alto team is that the UI can be improved. When you press the "back" button on your browser from the Investigate tab, the query that you're working on just disappears. It won't keep the query on the "back" button."
"We are encountering issues with the new permissions required for AWS integration with Prisma."
"Sometimes, when you assign subnets to regions, the IP address will jump from one location to another because it will automatically change substantially. Then, we need to add those IP subnets to our firewall for existing access. The need to update those subnets potentially causes maintenance or access issues. So far, we can only provide bigger customers with six subnets, and a small company may not be able to access those services."
"A better correlation between the multiple products Prisma Cloud contains would be crucial. It would reduce the time spent looking at reports and enable you to get all the actionable insights across products. I think that Palo Alto is working on it, but they need to work faster because it doesn't make sense to have all these products in a single pane of glass without any correlation between them."
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
AWS Security Hub is ranked 13th in Cloud Security Posture Management (CSPM) with 17 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Security Posture Management (CSPM) with 82 reviews. AWS Security Hub is rated 7.6, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". AWS Security Hub is most compared with Microsoft Sentinel, Wiz, Microsoft Defender for Cloud, Google Chronicle Suite and Oracle Security Monitoring and Analytics Cloud Service, whereas Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, CrowdStrike Falcon Cloud Security and AWS GuardDuty. See our AWS Security Hub vs. Prisma Cloud by Palo Alto Networks report.
See our list of best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.