Try our new research platform with insights from 80,000+ expert users

AWS GuardDuty vs Cortex Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Average Rating
8.6
Reviews Sentiment
7.8
Number of Reviews
103
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Container Security (3rd), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (3rd)
AWS GuardDuty
Ranking in Cloud Workload Protection Platforms (CWPP)
5th
Average Rating
8.2
Reviews Sentiment
7.9
Number of Reviews
22
Ranking in other categories
No ranking in other categories
Cortex Cloud by Palo Alto N...
Ranking in Cloud Workload Protection Platforms (CWPP)
1st
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
108
Ranking in other categories
Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (1st)
 

Mindshare comparison

As of February 2025, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of SentinelOne Singularity Cloud Security is 2.2%, up from 0.8% compared to the previous year. The mindshare of AWS GuardDuty is 9.2%, down from 9.8% compared to the previous year. The mindshare of Cortex Cloud by Palo Alto Networks is 14.8%, down from 17.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Workload Protection Platforms (CWPP)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Terence Dube - PeerSpot reviewer
Comprehensive threat detection simplifies security management
GuardDuty is limited to AWS environments. While incorporating Amazon Detective for detailed investigation can be useful, including more granular details in findings, such as specific user actions or historical comparisons, would be beneficial. Furthermore, managing global AWS environments requires setting up additional tools for viewing GuardDuty findings across multiple regions. A unified dashboard that aggregates findings across all regions without requiring manual aggregation could enhance convenience for users.
Mohammad Qaw - PeerSpot reviewer
It gives you one console to see all of your assets, review their configurations, and build your processes
Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of PingSafe are cloud misconfiguration, Kubernetes, and IaC scanning."
"I recommend SentinelOne due to its high-security capabilities, which are essential to safeguard data and systems from potential threats."
"As a frequently audited company, we value PingSafe's compliance monitoring features. They give us a report with a compliance score for how well we meet certain regulatory standards, like HIPAA. We can show our compliance as a percentage. It's also a way to show that we are serious about security."
"PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub."
"It has a user-friendly dashboard that I can access without any difficulty."
"PingSafe released a new security graph tool that helps us identify the root issue. Other tools give you a pass/fail type of profile on all misconfigurations, and those will run into the thousands. PingSafe's graphing algorithm connects various components together and tries to identify what is severe and what is not. It can correlate various vulnerabilities and datasets to test them on the back end to pinpoint the real issue."
"For Singularity, the task capability is easy to use and it has a very intuitive dashboard, which streamlines the processes."
"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."
"It kinda just gives us another layer of security. So it does provide some sort of comfort that we do have something that is monitoring for abnormal behavior."
"What we found most valuable in Amazon GuardDuty is its threat detection feature, especially because we were monitoring a huge number of AWS accounts, so we needed a solution that would monitor for any kind of malicious activity. The monitoring aspect of the solution was great because it gave us timely notifications if and when anything happened, and Amazon GuardDuty helped keep us on our toes to make sure we took action right away."
"GuardDuty is extensive in terms of configuration and security compliance."
"The product has automated protection powered by AI/ML, which is now far more powerful than before. It uses AI/ML in its detection algorithm, providing fast and quick results."
"AWS GuardDuty helps by providing continuous threat detection and signaling potential threats. Its most valuable feature is continuous monitoring. The tool's integration with other AWS services has improved security. It provides continuous monitoring and intelligent threat detection, quickly signaling any issues. I would rate this improvement a seven out of ten."
"The solution will detect abnormalities in the AWS workload and alert us so that we can monitor and take action."
"One of the advantages of cloud services is the ability to use them on demand. There's minimal installation involved; you can check the latest offerings and make new deployments while dismantling the previous ones. This approach keeps you ahead of potential services, showcasing the agility of AWS."
"It helps us detect brute-force attacks based on machine learning."
"CSPM is very useful because it gives us good policies and violation alerts."
"The most valuable feature of Prisma Cloud by Palo Alto Networks is the CSPM, which we use the most. Additionally, the investigation and alerts are useful, and the creation of queries."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"It helps to identify the misconfigurations by monitoring regularly which helps to secure the organization's cloud environment."
"I was looking for a vulnerability scanner and I was looking for one place in which I could find everything. This tool not only does vulnerability scanning, but it also gives me an asset management tool."
"The most valuable feature is its cloud security posture management."
"The thing that I like the most is that when it comes to runtime events, whenever we see an event, we are able to look through the logs. It is pretty easy to look back through everything that took place."
"Configuration monitoring and alerting is the most valuable feature; it happens at the cloud's speed, allowing our development team to respond quickly. If a configuration goes against our security best practices, we're alerted promptly and can act to resolve the issue. As cloud security staff, we're not staring at the cloud all the time, and we want to let the developers do their jobs so that our company is protected and work is proceeding within our security controls."
 

Cons

"From my personal experience, the alerting system needs to be faster. If something happens in our infrastructure, the alert appears on the dashboard, but I have to log in to the dashboard and refresh it."
"PingSafe's current documentation could be improved to better assist customers during the cluster onboarding process."
"Bugs need to be disclosed quickly."
"A two-month grace period for extended searches would be a valuable improvement."
"A few YouTube videos could be helpful. There isn't a lot of information out there to look at."
"There is room for improvement in the current active licensing model for PingSafe."
"While SentinelOne offers robust security features, its higher cost may present a challenge for budget-conscious organizations."
"The main area for improvement I want to see is for the platform to become less resource-intensive. Right now, it can slow down processes on the machine, and it would be a massive improvement if it were more lightweight than it currently is."
"One improvement I would suggest for AWS GuardDuty is the ability to assign findings to specific users or groups, facilitating better communication and follow-up actions."
"Amazon GuardDuty could be better enriched in threat intelligence data."
"While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved."
"I would like to see more integration with other AWS provided services."
"GuardDuty is limited to AWS environments."
"There is currently no consolidated dashboard for AWS GuardDuty. It would be helpful if they could provide a dashboard based on severity levels (high, medium, low) and offer insights account-wise, especially for users utilizing automation structures."
"We currently find Lacework to be much better at detecting vulnerabilities than AWS GuardDuty. The engines of AWS GuardDuty have to be improved."
"GuardDuty is limited to AWS environments."
"We had some teething issues with Prisma Cloud by Palo Alto Networks, but overall, it did what we expected."
"The innovation side of the solution could be more efficient and more detailed."
"Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into."
"The feedback that we have given to the Palo Alto team is that the UI can be improved. When you press the "back" button on your browser from the Investigate tab, the query that you're working on just disappears. It won't keep the query on the "back" button."
"The licensing is a bit confusing."
"A better correlation between the multiple products Prisma Cloud contains would be crucial. It would reduce the time spent looking at reports and enable you to get all the actionable insights across products. I think that Palo Alto is working on it, but they need to work faster because it doesn't make sense to have all these products in a single pane of glass without any correlation between them."
"Prisma Cloud's enterprise reporting needs significant improvement."
"I would like Prisma Cloud to improve its mapping feature to increase usability."
 

Pricing and Cost Advice

"SentinelOne Singularity Cloud Security is costly."
"It's not expensive. The product is in its initial growth stages and appears more competitive compared to others. It comes in different variants, and I believe the enterprise version costs around $55 per user per year. I would rate it a five, somewhere fairly moderate."
"SentinelOne provided competitive pricing compared to other vendors, and we are satisfied with the deal."
"Its pricing was a little less than other providers."
"PingSafe is less expensive than other options."
"The features included in PingSafe justify its price point."
"I am personally not taking care of the pricing part, but when we moved from CrowdStrike to PingSafe, there were some savings. The price of CrowdStrike was quite high. Compared to that, the price of PingSafe was low. PingSafe is charging based on the subscription model. If I want to add an AWS subscription, I need to pay more. It should not be based on subscription. It should be based on the number of servers that I am scanning."
"I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."
"I have heard that the solution's price is quite high."
"The tool's licensing model is pay-as-you-go."
"GuardDuty only enables accounts in regions where you have an active workload. If there are places where you don't have an active workload, you wouldn't even enable them. That's one area where they could allow you to cut down your cost."
"The price of the solution is exactly right."
"I prefer to have something on demand for myself. That's why I haven't been paying for GuardDuty specifically. AWS provides a wide range of offerings, especially in the security area."
"In terms of the costs associated with Amazon GuardDuty, it was $1 per GB from what I recall. Pricing was based on per gigabyte. For example, for the first five hundred gigabytes per month, it'll be $1 per GB, so it'll be $500. If your usage was greater, there's another bracket, for example, the next two thousand GB, then there's an add-on cost of 50 cents per GB. That's how Amazon GuardDuty pricing slowly goes up. I can't remember if there was any kind of additional cost apart from standard licensing for the solution. Nothing else that at least comes to mind. What the service was charging was worth it. That was one good thing when using Amazon GuardDuty because my company could be in a certain tier for a certain period. My company wasn't under a licensing model where it could overestimate its usage and under-utilize its usage and pay much more. This was what made the pricing model for Amazon GuardDuty better."
"We use a pay-as-you-use license, which is competitively priced in the market."
"Pricing is determined by the number of events sent."
"The pricing for Prisma Cloud is high. Providing a pay-as-you-go model or pricing options tailored for medium and small enterprises could help attract more clients."
"Prisma Cloud is remarkably expensive."
"Regarding Prisma Cloud's pricing, we started small, and then we just kept on growing."
"The pricing of the solution is fair."
"It is fairly priced. However, its price can be better so that small banks or small organizations can afford it and adopt it to secure their environment and data."
"Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions."
"Prisma Cloud Enterprise is a costly solution. You need a license for all the components. At the same time, you have everything under one roof, so I think it's still justified."
"The product is very expensive, but the cost is a necessary evil; I don't know how we could have any kind of cloud presence without this type of monitoring. The pricing is calculated by module and resource usage. Ultimately, it saves us money in the amount of time we would spend uncovering what it uncovers, and we might not make the required discoveries without it anyway. Prisma offers incredible value, though I wish it were cheaper."
report
Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
838,640 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
15%
Manufacturing Company
9%
Government
5%
Financial Services Firm
16%
Computer Software Company
15%
Manufacturing Company
9%
Government
6%
Educational Organization
18%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
SentinelOne is relatively cheap. If ten is the most expensive, I would rate it a seven.
What needs improvement with PingSafe?
From my personal experience, the alerting system needs to be faster. If something happens in our infrastructure, the ...
What do you like most about Amazon GuardDuty?
With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavi...
What is your experience regarding pricing and costs for Amazon GuardDuty?
GuardDuty is very cheap and operates on a pay-as-you-go basis. It's priced around a dollar per million requests, maki...
What needs improvement with Amazon GuardDuty?
GuardDuty is limited to AWS environments. While incorporating Amazon Detective for detailed investigation can be usef...
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

PingSafe
No data available
Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Information Not Available
autodesk, mapbox, fico, webroot
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about AWS GuardDuty vs. Cortex Cloud by Palo Alto Networks and other solutions. Updated: January 2025.
838,640 professionals have used our research since 2012.