We performed a comparison between Prisma Cloud by Palo Alto Networks and Tufin Orchestration Suite based on real PeerSpot user reviews.
Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The real-time detection and response capabilities overall are great."
"With PingSafe, it's easy to onboard new accounts."
"The cloud misconfiguration is the most valuable feature."
"It is advantageous in terms of time-saving and cost reduction."
"The user interface is well-designed and easy to navigate."
"The visibility is the best part of the solution."
"I did a lot of research before signing up and doing the demo. They have a good reputation as far as catching threats early on."
"Atlas security graph is pretty cool. It maps out relationships between components on AWS, like load balancers and servers. This helps visualize potential attack paths and even suggests attack paths a malicious actor might take."
"The most valuable feature is its cloud security posture management."
"The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid."
"The dynamic workload identity creation, attestation, and assignment is the best feature. In addition, the application dependency map across heterogeneous environments for compliance is a striking feature."
"Syslog CLIs are the best feature."
"Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them."
"I found the network queue sets useful. I also liked the Workload Protection Module, the vulnerability findings, and how the rule sets handle the vulnerabilities based on severity."
"This solution helped us by allowing us to schedule and fix things. This is not an easy thing if you're managing 1,000 plus resources."
"The first aspect that is important is the fact that Prisma Cloud is cloud-agnostic. It's actually available for the five top cloud providers: AWS, GCP, Azure, Oracle, and Alibaba Cloud. The second aspect is the fact that we can write our own rules to try to detect misconfigurations in those environments."
"It has allowed us to be more efficient in our processing of firewall requests."
"The policy overview is valuable."
"The solution is quite scalable."
"This has helped us to better clean up and audit changes to the firewall policy."
"You can easily scale the solution if you need to."
"We have a better view of our compliance status."
"Our engineers are spending less time on manual processes, specifically for the reporting functionality. For doing the rule cleanup and policy analysis, it would be a nightmare to do that manually. So, it is saving our engineering teams time from not having to do manual log reviews."
"Being able to customize your own clarity to that aspect of change management."
"Whenever I view the processes and the process aspect, it takes a long time to load."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"One area for improvement could be the internal analysis process, specifically the guidance provided for remediation."
"The alerting system of the product is an area that I look at and sometimes get confused about. I feel the alerting feature needs improvement."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"I'd like to see better onboarding documentation."
"We wanted it to provide us with something like Claroty Hub in AWS for lateral movement. For example, if an EC2 instance or a virtual machine is compromised in a public subnet based on a particular vulnerability, such as Log4j, we want it to not be able to reach some of our databases. This kind of feature is not supported in PingSafe."
"The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint."
"In terms of improvement, there are some small things like hardening and making sure the Linux resources are deployed well but that's more at an operational level."
"We had some teething issues with Prisma Cloud by Palo Alto Networks, but overall, it did what we expected."
"We identified two things that we felt would be great to have, but they are under NDA. So, I can't disclose them. Other than those two things, we identified a generic bug in the secret key management service on AWS that needs to be fixed. We reported it to them, and we want them to fix it."
"The solution does not currently support servers for GCP."
"They charge seven workloads for monitoring one compute, and that is quite expensive. This makes it difficult to move fully with the compute part because of the workload."
"The Palo Alto support needs to improve."
"While Prisma provides a lot of visibility, it also creates a ton of work. Most customers that implement Prisma Cloud have thousands of alerts that are urgent."
"I would like to see the inclusion of automated counter-attack, although this is probably illegal."
"There are things that could be explained a little better for somebody brand new to this system, which could be helpful, especially if it was in real-time while you were working in the system. Having the ability in real-time to be able to understand search query suggestions would be helpful."
"There are pros and cons to the workflow. You cannot customize it fully and there are some limitations. You cannot create a pure object, a firewall, IP, or service (single layer) object. You can only create a firewall object group. That is one of the challenges."
"Our initial setup was complex from two dimensions, because we were deploying it globally and had to have a centralized view, but a distributed approach. We had it in Asia and North America, causing a slightly complicated approach."
"It needs better reporting with more graphics and more pie charts, so management can understand details. The reports that are done now are full of data and management would like to have an image to help understand, right away, what the reports are saying."
"I would like to see an improved reporting model that can be flexible for us to generate our own reports. The data's already there."
"They've got such a large number of APIs, and it is so easy to use their APIs. Effectively, they allow us to use it with anything. The only way to improve it more is by offering support for implementing their APIs into certain hardware or software that we might use. They can provide support for implementing APIs."
"I would like to see better report integration in this solution."
"It would be great to add a link to Visio to create shapes directly from Tufin, as it has the configuration."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Prisma Cloud by Palo Alto Networks is ranked 1st in Container Security with 82 reviews while Tufin Orchestration Suite is ranked 22nd in Container Security with 180 reviews. Prisma Cloud by Palo Alto Networks is rated 8.4, while Tufin Orchestration Suite is rated 8.0. The top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". On the other hand, the top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and CrowdStrike Falcon Cloud Security, whereas Tufin Orchestration Suite is most compared with AlgoSec, FireMon Security Manager, Skybox Security Suite, Palo Alto Networks Panorama and AWS Firewall Manager. See our Prisma Cloud by Palo Alto Networks vs. Tufin Orchestration Suite report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.