No more typing reviews! Try our Samantha, our new voice AI agent.

C3M Cloud Control [EOL] vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 26, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
C3M Cloud Control [EOL]
Average Rating
10.0
Reviews Sentiment
8.4
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Prisma Cloud by Palo Alto N...
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
114
Ranking in other categories
Web Application Firewall (WAF) (8th), Container Security (2nd), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (2nd)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
BRUNO REYNAUD - PeerSpot reviewer
Information Security Engineer - Pre-sales at a tech services company with 11-50 employees
Reduces analysts workload, highly reliable, and scales well
We utilize C3M Cloud Control solely for demonstration purposes as there are limited cloud-based assets to work with. Our aim is to showcase to customers how they can reduce unnecessary permissions in their cloud environment The remediation capability of C3M Cloud Control is its most valuable…
reviewer2776578 - PeerSpot reviewer
Cyber Security Architect at a comms service provider with 10,001+ employees
Image scanning has supported consistent security practices during cloud deployment
On a scale of ten, we would say people are happy with Prisma Cloud by Palo Alto Networks for the part we use. People are okay with it. We probably would give an eight. We don't give ten because if we don't use the other parts of Prisma Cloud by Palo Alto Networks, it's because it was difficult to implement from an operational point of view. We could have deployed the runtime monitoring with Prisma Cloud by Palo Alto Networks, but within our organization at our company, it was very difficult to find who would be the owner for the alerts. People have other tools and in the end, we don't use the full capabilities of a product that we pay for. It's partially related to the difficulty to integrate Prisma Cloud by Palo Alto Networks runtime in our company's support process. We don't use the real-time monitoring part of Prisma Cloud by Palo Alto Networks. We don't know about the automated remediation feature of Prisma Cloud by Palo Alto Networks.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"Qualys TotalCloud has improved our security posture."
"I would definitely recommend Qualys TotalCloud to other users."
"Qualys TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization."
"In my opinion, this is the best tool."
"I would definitely recommend it because it is easy to handle any cloud resources."
"One of the features I appreciate is the ability to generate daily reports without relying on anyone else."
"We haven't had an issue with stability so far."
"The remediation capability of C3M Cloud Control is its most valuable feature as it significantly reduces the workload for analysts, saving them a considerable amount of time."
"The absolute value you get from the product is great."
"I would say Twistlock is a fairly sophisticated tool."
"It is a very specific product and it is amazingly good at what it does."
"CSPM is very useful because it gives us good policies and violation alerts."
"Integration is very easy. And because it supports security that spans multi- and hybrid-cloud environments, it's very easy to use."
"We feel like we have power in our hands, with full visibility into what is happening at the endpoint level."
"CSPM is the most valuable feature for any organization that runs its workloads in the cloud."
"The most valuable feature is its cloud security posture management."
"Overall, it provides all the pieces of information that you require, in one place and time."
 

Cons

"I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one."
"The support is not up to the mark and seems to be overburdened."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"The support process is inefficient due to the excessive number of replies required when submitting tickets."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements."
"Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released."
"From our perspective, at this point, we need something called risk scoring as you get a lot of alerts, and sometimes you don't know which one's really going to cost if you don't take care of it. We need to understand, at a glance, which items are priorities."
"C3M Cloud Control could improve by adding features to support infrastructure instead of only trying to solve identities in the cloud."
"These tools have a set of signatures or rules that will alert you whenever something meets the criteria. In the future, they might include some machine learning or AI feature that allows you to ask questions about the context of the alert, and it will provide you answers based on the data that they have. Most vendors are doing it, and I believe they will do it in the future. The reporting bar could also use AI to add context based on the environment."
"We would like to have the detections be more contemporaneous. For example, we've seen detections of an overprivileged user or whatever it might be in any of the hundreds of Prisma policies, where there are 50 minutes of latency between the event and the alert."
"They can improve the integrations into the SDLC lifecycle."
"They should improve the user experience."
"The integration of the Compute function into the cloud monitoring function—because those are two different tools that are being combined together—could use some more work. It still feels a little bit disjointed."
"The challenge that Palo Alto and Prisma have is that, at times, the instructions in an event are a little bit dated and they're not usable."
"This solution is more AWS and Azure-centric. It needs to be more specific on the GCP side, which they are working on."
"They need to make the settings more flexible to fit our internal policies about data. We didn't want developers to see some data, but we wanted them to have access to the console because it was going to help them... It was a pain to have to set up the access to some languages and some data."
 

Pricing and Cost Advice

"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"TotalCloud's price is about right where I would expect it to be."
"I rate the support of C3M Cloud Control an eight out of ten."
"Its price is reasonable as compared to other products. The main challenge is explaining the licensing model to customers. It isn't a problem related to Palo Alto. Commonly, people don't understand cloud licensing or security licensing. When they have fixed virtual machines, they know what they are going to be charged, but when it comes to cloud automation, it is hard for them to get clarity in case of high workloads or when they have enabled auto-scaling, etc. It would be helpful if Palo Alto can educate people on their licensing programs."
"The pricing is competitive; for the most part, the security firms have similar prices."
"The pricing of the solution is fair."
"Prisma Cloud by Palo Alto Networks is a highly expensive solution."
"The purchasing process was easy and quick. It is a very economical solution."
"From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
"You can expect a premium price because it is a premium quality product by a leading supplier."
"Almost all the CSPM tools are pretty expensive."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
903,871 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
16%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
No data available
Financial Services Firm
14%
Computer Software Company
9%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business37
Midsize Enterprise21
Large Enterprise58
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What is your primary use case for Prisma Cloud by Palo Alto Networks?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Wiz, Palo Alto Networks, Microsoft and others in Cloud Security Posture Management (CSPM). Updated: June 2026.
903,871 professionals have used our research since 2012.