JFrog Xray vs Prisma Cloud by Palo Alto Networks comparison

JFrog and Palo Alto Networks are both solutions in the Container Security category. JFrog is ranked #20 with an average rating of 8.0, while Palo Alto Networks is ranked #1 with an average rating of 8.4. JFrog holds a 3.0% mindshare in Container Security, compared to Palo Alto Networks’s 17.8% mindshare. Additionally, 100% of JFrog users are willing to recommend the solution, compared to 98% of Palo Alto Networks users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

Prisma Cloud by Palo Alto Networks and JFrog Xray are two leading products in the cloud security and DevSecOps space. Users are happier with the support and comprehensive features of Prisma Cloud by Palo Alto Networks, but JFrog Xray is favored for its superior integration and robust scanning capabilities.

Features: Prisma Cloud offers extensive visibility across multiple cloud environments, robust threat detection, and broad coverage. JFrog Xray provides deep artifact scanning, integration with CI/CD pipelines, and detailed vulnerability analysis. Users find Prisma Cloud's visibility and threat detection valuable, while JFrog Xray is noted for its deep scanning and CI/CD integration.

Room For Improvement: Prisma Cloud users suggest improvements in the customization of policies, more streamlined workflows, and enhanced reporting functionalities. JFrog Xray users desire enhanced reporting functionalities, faster scan times, and improved integration with additional tools. Users seek more customization options and better workflow management for Prisma Cloud and expect quicker scan performance and better reports from JFrog Xray.

Ease Of Deployment and Customer Service: Prisma Cloud is commended for its straightforward deployment, ease of setup, and responsive customer service. JFrog Xray integrates smoothly into existing environments and provides solid customer support. Both products score well in customer service, but Prisma Cloud is noted for its ease of setup, whereas JFrog Xray is praised for seamless integration.

Pricing and ROI: Prisma Cloud users find the pricing to be premium but justified by the extensive features and broad coverage. JFrog Xray users view it as a worthwhile investment due to its strong integration and precise scanning capabilities. Both products are seen as providing good ROI, with Prisma Cloud's pricing reflecting its comprehensive feature set, and JFrog Xray recognized for its cost-effective integrations.

To learn more, read our detailed JFrog Xray vs. Prisma Cloud by Palo Alto Networks Report (Updated: December 2024).

Buyer's Guide

JFrog Xray vs. Prisma Cloud by Palo Alto Networks

December 2024

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

SentinelOne Singularity Clo...

Mindshare comparison

As of December 2024, in the Container Security category, the mindshare of SentinelOne Singularity Cloud Security is 2.1%, up from 0.8% compared to the previous year. The mindshare of JFrog Xray is 3.0%, up from 1.9% compared to the previous year. The mindshare of Prisma Cloud by Palo Alto Networks is 17.8%, down from 19.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Container Security

Featured Reviews

Andrew W

VP - Information Technology at a financial services firm with 201-500 employees

Tells us about vulnerabilities as well as their impact and helps to focus on real issues

Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.

Read full review

Mokshi Pandita

DevOps Engineer at Rambøll Danmark A/S

An intelligent solution that prioritizes which vulnerability to target first in your project

We could create any number of repositories, but we can create only thirty projects with JFrog Xray. If I want things to work, it has to be one project and multiple repositories that belong to different real projects. So I have a limitation of thirty projects, despite being a premium customer. JFrog Xray does not have a dashboard. Although I am able to generate reports, there is no proper dashboard where I can see the total number of vulnerabilities, the total number of license issues, and how many vulnerabilities are fixed. Second, I found the shift left approach missing with JFrog Xray. JFrog Xray has integration with IDEs, but it does not tell you about the vulnerabilities until the artifact is created. However, Snyk could directly integrate with your repository and would not allow you to build unless you fix the problem.

Read full review

Mohammad Qaw

Senior Security Consultant at helpag

It gives you one console to see all of your assets, review their configurations, and build your processes

Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"When creating cloud infrastructure, Cloud Native Security evaluates the cloud security parameters and how they will impact the organization's risk. It lets us know whether our security parameter conforms to international industry standards. It alerts us about anything that increases our risk, so we can address those vulnerabilities and prevent attacks."

"It has a user-friendly dashboard that I can access without any difficulty."

"Cloud Native Security offers attack path analysis."

"The UI is responsive and user-friendly."

"The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features."

"The solution's most valuable features are its ability to detect vulnerabilities inside AWS resources and its ability to rescan after a specific duration set by the administrator."

"The offensive security where they do a fix is valuable. They go to a misconfiguration and provide detailed alerts on what could be there. They also provide a remediation feature where if we give the permission, they can also go and fix the issue."

"We noted immediate benefits from using the solution."

More SentinelOne Singularity Cloud Security pros

"Good reporting functionalities."

"The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features."

"The solution is stable and reliable."

"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."

"The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features."

"JFrog Xray shows us a list of vulnerabilities that can impact our code."

"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."

"If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first."

More JFrog Xray pros

"Prisma Cloud also provides the visibility and control you need, regardless of how complex or distributed your cloud environments become. It helps to simplify that complexity. Now we know what the best practices are, and if something is missing we know."

"The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them."

"It supports the multi-cloud environment beautifully."

"Its ease of integration is valuable because we need to get the solution out of the door quickly, so speed and ease matter."

"The most valuable feature is the option to add custom queries using the RQL language that they supply so that we can customize the compliance frameworks to what we need to look for."

"We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features."

"Visibility is a key feature. Integration with other technologies across the board, whether they are Palo Alto technologies, Windows technologies, or cloud technologies, is probably the biggest thing."

"This positively affected our confidence in your security and compliance. No matter how complex the environment is, the the seamless integration from the top layer itself give us the immediate visibility on the number of services."

More Prisma Cloud by Palo Alto Networks pros

Cons

"PingSafe filtering has some areas that cause problems, and to achieve single sign-on functionality, a break-glass feature, which is currently unavailable, is necessary."

"We repeatedly get alerts on the tool dashboard that we've already solved on our end, but they still appear. That is somewhat irritating."

"The cost has the potential for improvement."

"I want PingSafe to integrate additional third-party resources. For example, PingSafe is compatible with Azure and AWS, but Azure AD isn't integrated with AWS. If PingSafe had that ability, it would enrich the data because how users interact with our AWS environment is crucial. All the identity-related features require improvement."

"The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint."

"One potential drawback is the cost of SentinelOne Singularity Cloud Security, which may be prohibitive for smaller businesses or startups, particularly those in regions with lower average incomes, such as India."

"The Infrastructure as Code service available in PingSafe and the services available in AWS cloud security can be merged so that we can get the security data directly from AWS cloud in PingSafe. This way, all the data related to security will be in one single place. Currently, we have to check a couple of things on PingSafe, and we have to validate that same data on the AWS Cloud to be sure. If they can collaborate like that, it will be great."

"Scanning capabilities should be added for the dark web."

More SentinelOne Singularity Cloud Security cons

"Lacks deeper reporting, the ability to compare things."

"JFrog Xray does not have a dashboard."

"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."

"The speed of JFrog Xray should improve. Other solutions have better performance."

"The out-of-the-box PostgreSQL provided is not stable, which is why we are considering enterprise support."

"Since we have been using the solution via APIs, there are some limitations in the APIs."

"X-ray needs improvement in supporting more than one database, as it currently only supports PostgreSQL."

"JFrog Xray's documentation and error logging could be improved."

More JFrog Xray cons

"One thing that is missing is Cloud Run runtime security—serverless. That would be great to have in the tool. It's not that easy to have Cloud Run in specific environments."

"The UI could use some improvement; we usually find the information we're looking for, but what fields can be clicked on and what workflow to follow to get the required information is not always evident. Sometimes we're all over the place, clicking around to drill in and uncover the alert and investigation details we're looking for."

"We face some GUI issues related to new permissions for AWS. So far, we don't have any automation to complete them through the GUI. We have to manually update the permissions. Our customers have faced some issues with that."

"In terms of securing cloud-native development at build time, a lot of improvement is needed. Currently, it's more a runtime solution than a build-time solution. For runtime, I would rate it at seven out of 10, but for build-time there is a lot of work to be done."

"It provides all the cloud details but is not entirely linked to the compute model."

"Though Prisma Cloud by Palo Alto Networks provides excellent security, is a pioneer in this space, and knows what it's doing, from a user perspective, it would have been better if it was a little easier to use."

"Prisma Cloud's application security capabilities should be enhanced."

"Prisma Cloud lags behind in terms of security automation capabilities."

More Prisma Cloud by Palo Alto Networks cons

Pricing and Cost Advice

"Its pricing was a little less than other providers."

"I understand that SentinelOne is a market leader, but the bill we received was astronomical."

"We have an enterprise license. It is affordable. I'm not sure, but I think we pay 150,000 rupees per month."

"PingSafe is less expensive than other options."

"SentinelOne offers excellent pricing and licensing options."

"I am not involved in the pricing, but it is cost-effective."

"The tool is cost-effective."

"PingSafe is affordable."

More SentinelOne Singularity Cloud Security pricing and cost advice

Information not available

"The pricing is reasonable."

"Prisma Cloud Enterprise is a costly solution. You need a license for all the components. At the same time, you have everything under one roof, so I think it's still justified."

"The pricing for Prisma Cloud is high. Providing a pay-as-you-go model or pricing options tailored for medium and small enterprises could help attract more clients."

"The pricing is competitive; for the most part, the security firms have similar prices."

"If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."

"Prisma Cloud is a high-end enterprise solution, making it quite expensive."

"Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions."

"Prisma Cloud licensing works on credits."

More Prisma Cloud by Palo Alto Networks pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Container Security solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

19%

Financial Services Firm

15%

Manufacturing Company

Government

Financial Services Firm

24%

Manufacturing Company

14%

Computer Software Company

12%

Government

Educational Organization

17%

Financial Services Firm

13%

Computer Software Company

12%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...

See all answers

What is your experience regarding pricing and costs for PingSafe?

The pricing is somewhat high compared to other market tools. This cost can be particularly prohibitive for small busi...

See all answers

What needs improvement with PingSafe?

To enhance the notification system's efficiency, resolved issues should be promptly removed from the portal. Currentl...

See all answers

What do you like most about JFrog Xray?

JFrog Xray shows us a list of vulnerabilities that can impact our code.

See all answers

What needs improvement with JFrog Xray?

X-ray needs improvement in supporting more than one database, as it currently only supports PostgreSQL. More support ...

See all answers

What is your primary use case for JFrog Xray?

Our primary use case for X-ray includes multiple activities such as security and vulnerability scanning. We already u...

See all answers

What is your primary use case for Prisma Cloud by Palo Alto Networks ?

Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.

See all answers

What Cloud-Native Application Protection Platform do you recommend?

We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...

See all answers

What do you think of Aqua Security vs Prisma Cloud?

Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...

See all answers

Comparisons

Wiz vs SentinelOne Singularity Cloud Security

Compared 31% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 8% of the time

Orca Security vs SentinelOne Singularity Cloud Security

Compared 6% of the time

Microsoft Defender for Cloud vs SentinelOne Singularity Cloud Security

Compared 5% of the time

Check Point CloudGuard CNAPP vs SentinelOne Singularity Cloud Security

Compared 3% of the time

More SentinelOne Singularity Cloud Security Competitors

Black Duck vs JFrog Xray

Compared 19% of the time

Trivy vs JFrog Xray

Compared 14% of the time

Veracode vs JFrog Xray

Compared 7% of the time

Snyk vs JFrog Xray

Compared 6% of the time

Mend.io vs JFrog Xray

Compared 6% of the time

More JFrog Xray Competitors

Wiz vs Prisma Cloud by Palo Alto Networks

Compared 22% of the time

Microsoft Defender for Cloud vs Prisma Cloud by Palo Alto Networks

Compared 12% of the time

CrowdStrike Falcon Cloud Security vs Prisma Cloud by Palo Alto Networks

Compared 5% of the time

Aqua Cloud Security Platform vs Prisma Cloud by Palo Alto Networks

Compared 5% of the time

SUSE NeuVector vs Prisma Cloud by Palo Alto Networks

Compared 2% of the time

More Prisma Cloud by Palo Alto Networks Competitors

Product Reports

Buyer's Guide

SentinelOne Singularity Cloud Security

October 2024

SentinelOne Singularity Cloud Security report

Download SentinelOne Singularity Cloud Security product report

Buyer's Guide

JFrog Xray

December 2024

Download JFrog Xray product report

Buyer's Guide

Prisma Cloud by Palo Alto Networks

December 2024

Prisma Cloud by Palo Alto Networks report

Download Prisma Cloud by Palo Alto Networks product report

Also Known As

PingSafe

JFrog Security Essentials

Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto

Learn More

SentinelOne

JFrog

Palo Alto Networks

Overview

SentinelOne Singularity Cloud Security protects cloud workloads, offering advanced threat detection and automated response. It integrates seamlessly with cloud environments and secures containerized applications and virtual machines against vulnerabilities.

SentinelOne Singularity Cloud Security is renowned for its efficiency in mitigating threats in real-time. The platform integrates effortlessly with existing cloud environments, ensuring robust cloud security management with minimal manual intervention. Securing containerized applications and virtual machines, it excels in threat intelligence and endpoint protection. However, improvements are needed in performance during high workload periods, and more integrations with third-party tools and better documentation would be beneficial. Users often find the installation process complex, support response times slow, and the dashboard's navigation unintuitive.

What are the key features of SentinelOne Singularity Cloud Security?

Real-time Threat Detection: Identifies and mitigates threats as they occur.
Automated Response: Automatically responds to threats to minimize impact.
Ease of Deployment: Simple setup process with scalable options.
Machine Learning Insights: AI-driven insights enhance threat prevention.
Seamless Integration: Integrates with cloud environments for unified security management.

What are the primary benefits or ROI to expect from SentinelOne Singularity Cloud Security?

Enhanced Threat Mitigation: Improved security against real-time threats.
Reduced Manual Intervention: Automated processes save time and resources.
Scalability: Easily adapts to growing security requirements.
Centralized Management: Manage security across platforms from a single console.
Advanced Threat Intelligence: Provides in-depth analysis and protection.

In specific industries, SentinelOne Singularity Cloud Security is implemented to safeguard critical data and infrastructure. Organizations in finance, healthcare, and technology depend on its real-time threat detection and automated response to protect sensitive information. Its ability to secure containerized applications and virtual machines is particularly valuable in dynamic environments where rapid scaling is necessary.

JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].

If you are a team player and you care and you play to WIN, we have just the job you're looking for.

As we say at JFrog: "Once You Leap Forward You Won't Go Back!"

Prisma Cloud by Palo Alto Networks is used for managing cloud security posture, container security, and compliance monitoring in multi-cloud environments.

Prisma Cloud by Palo Alto Networks provides tools for vulnerability management, misconfiguration detection, and compliance with standards like HIPAA and CIS. It offers near real-time inventory and alerting, enhancing cloud configuration audits and security across AWS, Azure, and GCP. Its automated security features offer real-time protection and integration into CI/CD pipelines, optimizing visibility, control, and risk identification without manual steps. Despite its capabilities, improvement areas include documentation, pricing clarity, usability, security automation, dashboard customization, and API functionality. Slow support and integration challenges with AWS and third-party tools are noted.

What are the key features of Prisma Cloud?

Dynamic Workload Identity: Automates identity creation for workloads, enhancing security.
Automated Forensics: Provides swift incident analysis to prevent future vulnerabilities.
Comprehensive Compliance Monitoring: Monitors compliance with industry standards effortlessly.
Cloud Security Posture Management: Manages security posture effectively across environments.
Vulnerability Scanning: Identifies vulnerabilities across multi-cloud setups.
Identity-Based Micro-Segmentation: Limits access to sensitive data via segmentation.
Single-Pane Management: Offers streamlined management across cloud platforms.

What benefits and ROI should users consider?

Increased Productivity: Streamlined processes reduce time spent on manual tasks.
Enhanced Security: Real-time threat detection mitigates potential breaches.
Compliance Assurance: Ensures adherence to necessary industry standards.
Cost Efficiency: Automated features lower operational costs.
Improved Integration: Smooth integration into existing CI/CD pipelines.

In industries such as healthcare and finance, Prisma Cloud by Palo Alto Networks enhances security by aligning with strict compliance standards and safeguarding sensitive data. Its tools adapt to rapid cloud service updates and enable secure deployment across diverse cloud infrastructures.

Sample Customers

Information Not Available

google, amazon, cisco, netflix, oracle, vmware, facebook

Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America

Buyer's Guide

JFrog Xray vs. Prisma Cloud by Palo Alto Networks

December 2024

Free Report: JFrog Xray vs. Prisma Cloud by Palo Alto Networks

Find out what your peers are saying about JFrog Xray vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: December 2024.

DOWNLOAD NOW

824,053 professionals have used our research since 2012.

See our JFrog Xray vs. Prisma Cloud by Palo Alto Networks report.

See our list of best Container Security vendors.

We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.