• Home
  • BMC Helix Cloud Security vs. Prisma Cloud by Palo Alto Networks

BMC Helix Cloud Security vs Prisma Cloud by Palo Alto Networks comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
BMC Helix Cloud Security vs. Prisma Cloud by Palo Alto Networks
May 2024
Executive Summary

We performed a comparison between BMC Helix Cloud Security and Prisma Cloud by Palo Alto Networks based on real PeerSpot user reviews.

Find out in this report how the two Cloud Security Posture Management (CSPM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed BMC Helix Cloud Security vs. Prisma Cloud by Palo Alto Networks Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Siddharth Pal
Researched Prisma Cloud by Palo Alto Networks but chose SentinelOne Singularity Cloud Security: Provides a unified dashboard, reduces detection times, and strengthens our security posture
One of the key features of PingSafe that we utilize is its cloud-based configuration. This helps with our cloud security monitoring processes. This... Read more →
Donna Geary
A highly scalable and straightforward solution with a knowledgeable support team
Abdelmeguid Hamdy
Comprehensive with good security and helpful automation
The cloud solution as one platform can provide us with a lot of features and cover most of what customers care about. I have some clients that are... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution is a good alerting tool.""PingSafe has a dashboard that can detect the criticality of a particular problem, whether it falls under critical, medium, or low vulnerability.""There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring.""PingSafe offers an intuitive user interface that lets us navigate quickly and easily.""My favorite feature is Storyline.""Cloud Native Security offers a valuable tool called an offensive search engine.""Cloud Native Security offers attack path analysis.""It saves time, makes your environment more secure, and improves compliance. PingSafe helps with audits, ensuring that you are following best practices for cloud security. You don't need to be an expert to use it and improve your security."

More SentinelOne Singularity Cloud Security Pros →

"It's also multi-cloud. You can look at several cloud providers: AWS, Azure, or GCP.""The cool feature of Helix Cloud Security is that you can do all that — understand and remediate issues — in one dashboard, based on the different policies that are available for security, out-of-the-box.""The most valuable aspects of BMC Helix Cloud Security are its security features and regulatory compliance capabilities.""Role-based security is a valuable feature.""The features that I've found most valuable are its container security aspect. I also like its vulnerability management tools.""The best feature is time to value. With very minimal effort, you are able to have a cohesive view into your security posture on one or multiple cloud accounts, particularly if you are dealing with multicloud. If you have Azure and AWS deployments, you might have multiple subscriptions in Azure and usually multiple accounts in AWS. You may even be doing some GCP work (around Google Cloud Platform). It's very difficult to manage a common set of policies, even less reporting, across multiple subscriptions, accounts, and cloud environments. What BMC Helix Cloud Security does is provide a unified view or single pane of glass as to your baseline. Then, it also facilitates the ability for Level 1 or 2 operations support to take action and report on security vulnerabilities."

More BMC Helix Cloud Security Pros →

"The product provides very good network security.""Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them.""The application visibility is amazing. For example, sometimes we don't know what a particular custom port is for and what is running on it. The visibility enables us to identify applications, what the protocol is, and what service is behind it. Within Azure, it is doing a great job of providing visibility. We know exactly what is passing through our network. If there is an issue of any sort we are able to quickly detect it and fix the problem.""Syslog CLIs are the best feature.""The most valuable feature is that the rule set is managed and that it can be run on a regularly scheduled basis.""The framework to configure controls is pretty good; it's pretty sophisticated. We can implement a fair amount of testing for a fair number of controls.""It has a feature for customized security policy. I implement it in banking, health insurance, and other sectors, and every organization has its own customized policies and procedures. In Prisma Cloud, you can customize policies, and based on that, you can do monitoring.""The dynamic workload identity creation, attestation, and assignment is the best feature. In addition, the application dependency map across heterogeneous environments for compliance is a striking feature."

More Prisma Cloud by Palo Alto Networks Pros →

Cons
"Customized queries should be made easier to improve PingSafe.""Scanning capabilities should be added for the dark web.""With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case.""It would be really helpful if the solution improves its agent deployment process.""When you find a vulnerability and resolve it, the same issue will not occur again. I want PingSafe to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again.""Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email.""I'd like to see better onboarding documentation.""The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing."

More SentinelOne Singularity Cloud Security Cons →

"We've had some with issues connectors. The connectors have seemed to have caused a little bit of trouble, perhaps with the APIs trying to scan the environment. The only time I've had to reach out to tech support was for that. It seems it may not have been scanning correctly or I wasn't seeing data within a specific time. But we've set up a couple of connectors in the past couple of weeks and they actually scanned the AWS environment and we had data within about 10 minutes. It's working a lot faster and I think they're making improvements as they go.""The UI could be more user-friendly.""BMC Helix Cloud Security has room for improvement in terms of integrating its various features.""I want the role-based security feature to be improved.""Every organization out there doesn't rely on just one control body. They use FISMA control. They may use HIPAA, CIS, PCI, or SOX, then blend them. One of the things that is now in big demand for BMC Helix Cloud Security is content. That's the next journey in its lifespan, making it easier for the community to share and collaborate on content for security controls that can be measured and remediated."

More BMC Helix Cloud Security Cons →

"One definite area for improvement is the auto-remediation or the CWP area. The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options.""I would like Prisma Cloud to improve its mapping feature to increase usability.""We identified two things that we felt would be great to have, but they are under NDA. So, I can't disclose them. Other than those two things, we identified a generic bug in the secret key management service on AWS that needs to be fixed. We reported it to them, and we want them to fix it.""Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users.""It can be too expensive for small companies.""We face some GUI issues related to new permissions for AWS. So far, we don't have any automation to complete them through the GUI. We have to manually update the permissions. Our customers have faced some issues with that.""The UI could be improved.""The automation capabilities are growing each day, but the problem is that the updates are not that frequent. There are some services on Amazon that have come out with updates, and Azure is also getting up to date. But Prisma takes some time to follow. There's a time gap that Prisma inherits from these clouds. I understand why it takes some time, but that time should be reduced."

More Prisma Cloud by Palo Alto Networks Cons →

Pricing and Cost Advice
  • "As a partner, we receive a discount on the licenses."
  • "It's a fair price for what you get. We are happy with the price as it stands."
  • "I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."
  • "Singularity Cloud Workload Security's pricing is good."
  • "Singularity Cloud Workload Security's licensing and price were cheaper than the other solutions we looked at."
  • "I understand that SentinelOne is a market leader, but the bill we received was astronomical."
  • "It's not expensive. The product is in its initial growth stages and appears more competitive compared to others. It comes in different variants, and I believe the enterprise version costs around $55 per user per year. I would rate it a five, somewhere fairly moderate."
  • "The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"

    • More SentinelOne Singularity Cloud Security Pricing and Cost Advice →

  • "It is a subscription model with term licensing that is usually yearly. This includes, not only the product, but support and maintenance. It is based on cloud assets. Therefore, if you have 100 cloud assets, those cloud assets are measured based on evaluation or transactions. For example, if I'm evaluating that cloud asset for CIS compliance, PCI compliance, and AWS best practices, that asset gets evaluated three times, as those are three transactions. However, the license model is based on peak asset usage. So, over a year, if you deploy 100, 1000, 500, and then 2000 assets, you will be charged for the 2000 peak of assets managed by Helix Cloud Security."
  • "The pricing is based on an annual subscription, upfront, and it's based on cloud assets. Whether your assets are in Azure and AWS combined, the tool tells you how many assets are being scanned and that's the number used for pricing."

    • More BMC Helix Cloud Security Pricing and Cost Advice →

  • "The purchasing process was easy and quick. It is a very economical solution."
  • "Our licensing fees are $18,000 USD per year."
  • "One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
  • "The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
  • "From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
  • "If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
  • "The pricing and licensing are expensive compared to the other offerings that we considered."
  • "I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."

    • More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about PingSafe?
    Top Answer:The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best… more »
    Read all 44 answers   →
    What is your experience regarding pricing and costs for PingSafe?
    Top Answer:I'm not aware of the exact pricing.
    Read all 31 answers   →
    What needs improvement with PingSafe?
    Top Answer:When I joined my organization, I saw that PingSafe was already implemented. I started to use the tool's alerting… more »
    Read all 44 answers   →
    What do you like most about BMC Helix Cloud Security?
    Top Answer:The most valuable aspects of BMC Helix Cloud Security are its security features and regulatory compliance capabilities.
    Read all 5 answers   →
    What is your experience regarding pricing and costs for BMC Helix Cloud S...
    Top Answer:I would rate the price of BMC Helix Cloud Security as a seven in terms of costliness. It is not the cheapest option… more »
    Read all 3 answers   →
    What needs improvement with BMC Helix Cloud Security?
    Top Answer:BMC Helix Cloud Security has room for improvement in terms of integrating its various features. It currently consists of… more »
    Read all 5 answers   →
    What is your primary use case for Prisma Cloud by Palo Alto Networks ?
    Top Answer:Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
    Read all 7 answers   →
    What Cloud-Native Application Protection Platform do you recommend?
    Top Answer:We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We… more »
    What do you think of Aqua Security vs Prisma Cloud?
    Top Answer:Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very… more »
    Comparisons
    Also Known As
    PingSafe
    TrueSight Cloud Security, SecOps Policy Service
    Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
    Learn More
    SentinelOne
    BMC
    Palo Alto Networks
    Overview

    Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their  remediation tasks with evidence-backed Verified Exploit Paths™. The efficient and scalable runtime protection, proven over 5 years and trusted by many of the world’s leading cloud enterprises, harnesses local, autonomous AI engines to detect and thwart runtime threats in real-time. CNAPP data and workload telemetry is recorded to SentinelOne’s unified security lake, for easy access and investigation.

    Singularity Cloud Security includes both agentless and AI-powered cloud security controls, which represent two halves of our strategy to keep public cloud and container environments safe. Radically reduce your cloud attack surface with Singularity Cloud Native Security, formerly PingSafe, with agentless insights and evidence-based prioritization; protect runtime compute and container with Singularity Cloud Workload Security, SentinelOne’s real-time CWPP, with AI-powered machine-speed blocking of threats.

    BMC Helix Cloud Security is a SaaS tool designed to help organizations reduce compliance and security lapses resulting from next-gen container and cloud technologies. The solution offers a fully transparent, user-friendly view of all compliance data gathered throughout container resources, cloud, and data centers. BMC Helix Cloud Security can be used to insert compliance inquiries precisely in DevOps workflows for immediate assessment in relation to critical “go, no-go” conclusions throughout  the entire workflow. 

    BMC Helix Cloud Security offers enterprise organizations a unique compliance solution with robust functionalities to concentrate on numerous use processes that may interfere with digital transfigurations, such as:

    • Discovering resources, accounts, and configurations that are non-compliant with standard regulations or the organization's own policies and protocols.

    • Multi-source cloud compliance for PaaS service infrastructures, networks, storage, and containers.

    • DevOps workflows with melded security and compliance for WebApp application blueprints and weaknesses, and all application libraries.

    • Out-of-box capabilities for immediate compliance integration for DevOps workflows.

    BMC Helix Cloud Security is SaaS, which makes it a very flexible solution. It is able to integrate seamlessly with many of today’s enterprises’ demands. BMC Helix Cloud Security can easily perform as a policy-as-code (YAML) based protocol language, open RESTful APIs, or by seamlessly compiling extensible data connectors.

    Many of today's enterprise organizations must comply with numerous policies and regulations to maintain effective operations. BMC Helix Cloud Security ensures an enterprise organization is able to satisfy regulatory standards such as Sarbanes-Oxley (SOX) Act, Defense Information System Agency (DISA), or any other stringent government or internal organizational compliance standards. The solution has a comprehensive compliance policy that utilizes mode-two capabilities and will ensure that an enterprise organization will greatly minimize or even negate the threat of ransomware and data breaches throughout its network. 

    BMC Helix Cloud Security will also see that container and container hosts are configured correctly and will then regularly audit to ensure compliance at the three important levels of compliance - images, daemon configuration, and host configuration.

    BMC Helix Cloud Security is designed to identify vulnerabilities by dissecting and thoroughly investigating compliance data for container and cloud resources and delivering the outcomes through a friendly, easy-to-understand dashboard. The solution can also provide support for unique or custom sources, provided that data is in a JavaScript Object Notation (JSON) format.

    BMC Helix Cloud security is also able to help discover and minimize vulnerabilities created by new services, objects, and resources instituted by containers and public clouds. These can sometimes be forgotten, creating a tremendous risk to an organization. BMC Helix Cloud Security will ensure these new services will be carefully and continually monitored to ensure industry and government standards and regulations are not being compromised. The solution is continually dissecting data and then will deliver outcomes in a dynamic, easy-to-understand dashboard.

    BMC Helix Cloud Security offers a user-friendly, robust, complete compliance strategy to ensure organizations maintain the highest levels of productivity and profitability while negating the risk of any type of compliance vulnerabilities.

    Prisma Cloud by Palo Alto Networks is a cloud security solution used for cloud security posture management, cloud workload protection, container security, and code security. It provides visibility, monitoring, and alerting for security issues in multi-cloud environments. 

    The solution is user-friendly, easy to set up, and integrates with SIEM for generating alerts and reports. Its most valuable features include security features, monitoring capabilities, reporting, compliance monitoring, vulnerability dashboard, data security features, and multi-cloud capabilities. Prisma Cloud has helped organizations by providing comprehensive protection, automating workflows, simplifying troubleshooting, and improving collaboration between SecOps and DevOps.

    Prisma Cloud Features

    Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

    • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

    • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

    • Workload protection: Secure hosts and containers across the application lifecycle.

    • Network security: Gain network visibility and enforce micro segmentation.

    • Identity security: Enforce permissions and secure identities across clouds.

    Benefits of Prisma Cloud

    • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

    • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

    • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

    Reviews from Real Users

    Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

    Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

    Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

    Sample Customers
    Information Not Available
    NHS, Vodafone, Kansas City Life, SKY Italia, Cybera
    Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
    Top Industries
    REVIEWERS
    Computer Software Company27%
    Construction Company13%
    Financial Services Firm10%
    Media Company8%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Financial Services Firm15%
    Manufacturing Company10%
    Insurance Company5%
    VISITORS READING REVIEWS
    Financial Services Firm24%
    Computer Software Company15%
    Real Estate/Law Firm6%
    Energy/Utilities Company6%
    REVIEWERS
    Computer Software Company33%
    Manufacturing Company18%
    Financial Services Firm18%
    Healthcare Company8%
    VISITORS READING REVIEWS
    Educational Organization14%
    Computer Software Company14%
    Financial Services Firm13%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business39%
    Midsize Enterprise20%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise13%
    Large Enterprise61%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise6%
    Large Enterprise74%
    REVIEWERS
    Small Business28%
    Midsize Enterprise20%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise22%
    Large Enterprise61%
    Buyer's Guide
    BMC Helix Cloud Security vs. Prisma Cloud by Palo Alto Networks
    May 2024
    Free Report: BMC Helix Cloud Security vs. Prisma Cloud by Palo Alto Networks
    Find out what your peers are saying about BMC Helix Cloud Security vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    BMC Helix Cloud Security is ranked 30th in Cloud Security Posture Management (CSPM) with 5 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Security Posture Management (CSPM) with 82 reviews. BMC Helix Cloud Security is rated 8.0, while Prisma Cloud by Palo Alto Networks is rated 8.4. The top reviewer of BMC Helix Cloud Security writes "A highly scalable and straightforward solution with a knowledgeable support team". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". BMC Helix Cloud Security is most compared with Red Hat Advanced Cluster Security for Kubernetes, VMware Aria Operations, Threat Stack Cloud Security Platform and CloudBolt, whereas Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and CrowdStrike Falcon Cloud Security. See our BMC Helix Cloud Security vs. Prisma Cloud by Palo Alto Networks report.

    See our list of best Cloud Security Posture Management (CSPM) vendors and best Cloud Workload Protection Platforms (CWPP) vendors.

    We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.