JFrog Xray vs Prisma Cloud by Palo Alto Networks comparison

JFrog and Palo Alto Networks are both solutions in the Container Security category. JFrog is ranked #20 with an average rating of 8.0, while Palo Alto Networks is ranked #1 with an average rating of 8.5. JFrog holds a 3.1% mindshare in Container Security, compared to Palo Alto Networks’s 17.6% mindshare. Additionally, 100% of JFrog users are willing to recommend the solution, compared to 98% of Palo Alto Networks users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

Prisma Cloud by Palo Alto Networks and JFrog Xray are two leading products in the cloud security and DevSecOps space. Users are happier with the support and comprehensive features of Prisma Cloud by Palo Alto Networks, but JFrog Xray is favored for its superior integration and robust scanning capabilities.

Features: Prisma Cloud offers extensive visibility across multiple cloud environments, robust threat detection, and broad coverage. JFrog Xray provides deep artifact scanning, integration with CI/CD pipelines, and detailed vulnerability analysis. Users find Prisma Cloud's visibility and threat detection valuable, while JFrog Xray is noted for its deep scanning and CI/CD integration.

Room For Improvement: Prisma Cloud users suggest improvements in the customization of policies, more streamlined workflows, and enhanced reporting functionalities. JFrog Xray users desire enhanced reporting functionalities, faster scan times, and improved integration with additional tools. Users seek more customization options and better workflow management for Prisma Cloud and expect quicker scan performance and better reports from JFrog Xray.

Ease Of Deployment and Customer Service: Prisma Cloud is commended for its straightforward deployment, ease of setup, and responsive customer service. JFrog Xray integrates smoothly into existing environments and provides solid customer support. Both products score well in customer service, but Prisma Cloud is noted for its ease of setup, whereas JFrog Xray is praised for seamless integration.

Pricing and ROI: Prisma Cloud users find the pricing to be premium but justified by the extensive features and broad coverage. JFrog Xray users view it as a worthwhile investment due to its strong integration and precise scanning capabilities. Both products are seen as providing good ROI, with Prisma Cloud's pricing reflecting its comprehensive feature set, and JFrog Xray recognized for its cost-effective integrations.

To learn more, read our detailed JFrog Xray vs. Prisma Cloud by Palo Alto Networks Report (Updated: January 2025).

Buyer's Guide

JFrog Xray vs. Prisma Cloud by Palo Alto Networks

January 2025

Download the complete report

Helped 831,158 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

SentinelOne Singularity Clo...

Mindshare comparison

As of January 2025, in the Container Security category, the mindshare of SentinelOne Singularity Cloud Security is 2.3%, up from 0.9% compared to the previous year. The mindshare of JFrog Xray is 3.1%, up from 1.8% compared to the previous year. The mindshare of Prisma Cloud by Palo Alto Networks is 17.6%, down from 19.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Container Security

Featured Reviews

Andrew W

VP - Information Technology at a financial services firm with 201-500 employees

Tells us about vulnerabilities as well as their impact and helps to focus on real issues

Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.

Read full review

Mokshi Pandita

DevOps Engineer at Rambøll Danmark A/S

An intelligent solution that prioritizes which vulnerability to target first in your project

We could create any number of repositories, but we can create only thirty projects with JFrog Xray. If I want things to work, it has to be one project and multiple repositories that belong to different real projects. So I have a limitation of thirty projects, despite being a premium customer. JFrog Xray does not have a dashboard. Although I am able to generate reports, there is no proper dashboard where I can see the total number of vulnerabilities, the total number of license issues, and how many vulnerabilities are fixed. Second, I found the shift left approach missing with JFrog Xray. JFrog Xray has integration with IDEs, but it does not tell you about the vulnerabilities until the artifact is created. However, Snyk could directly integrate with your repository and would not allow you to build unless you fix the problem.

Read full review

VISHWJEET GAIKWAD

Cloud Security Delivery Associate Manager at Accenture

Works very well for multi-cloud environments and is more cost-effective than cloud-native tools

Some of the clients onboard individual cloud accounts into Prisma Cloud. When any new service comes into the AWS, Azure, or any other cloud, Prisma Cloud generates a warning about the new service and any missing permissions to be able to ingest the logs. We then manually run a Terraform template for Azure or a CFT template for AWS. It is a manual task that we have to do as and when needed. It is a repetitive and manual task. They should find a way to automatically update the role with the CFT or Terraform template. It would be best if this task is automated. When an account is onboarded, if it is missing any permission, it should automatically be updated with the required permissions and policies. If they can do something from the AI security perspective, it will be helpful. I am not sure if it has any AI capabilities, but it would be helpful to have AI integration for finding out issues and remediating alerts.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The real-time detection and response capabilities overall are great."

"SentinelOne Singularity Cloud Security is excellent, and I highly recommend it."

"The agentless vulnerability scanning is great."

"Singularity Cloud's ability to create custom correlation searches and reduce noise is highly valuable."

"They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away."

"Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks."

"SentinelOne Singularity Cloud Security offers several valuable features, most notably the rapid vulnerability notifications that provide timely alerts regarding our infrastructure."

"It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end."

More SentinelOne Singularity Cloud Security pros

"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."

"The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features."

"Good reporting functionalities."

"JFrog Xray's reporting feature has a lot of options in it, including scanning."

"The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features."

"JFrog Xray shows us a list of vulnerabilities that can impact our code."

"The solution is stable and reliable."

"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."

More JFrog Xray pros

"The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them."

"The first aspect that is important is the fact that Prisma Cloud is cloud-agnostic. It's actually available for the five top cloud providers: AWS, GCP, Azure, Oracle, and Alibaba Cloud. The second aspect is the fact that we can write our own rules to try to detect misconfigurations in those environments."

"CSPM is the most valuable feature."

"With the query language, we can analyze logs and find out which IPs are malicious. It also provides a graphical representation. It provides the overall visibility and how the traffic is flowing. We can see where the malicious IP is and whether it is an insider threat or an outsider threat."

"Prisma Cloud's monitoring features such as the compute compliance dashboard and the vulnerability dashboard, where we can get a clear visualization of their docker, have also been valuable. We can get layer-by-layer information that helps us see exactly where it's noncompliant. They update the dashboards quite frequently."

"Prisma Cloud's most valuable feature is its user identification capabilities."

"Cloud security posture management is the preferred feature among other vendors."

"The two most valuable features are container security and the capability to discover workloads."

More Prisma Cloud by Palo Alto Networks pros

Cons

"The could improve their mean time to detect."

"PingSafe can be improved by developing a comprehensive set of features that allow for automated workflows."

"The integration with Oracle has room for improvement."

"In some cases, the rules are strictly enforced but do not align with real-world use cases."

"The main area for improvement I want to see is for the platform to become less resource-intensive. Right now, it can slow down processes on the machine, and it would be a massive improvement if it were more lightweight than it currently is."

"The cost has the potential for improvement."

"One potential drawback is the cost of SentinelOne Singularity Cloud Security, which may be prohibitive for smaller businesses or startups, particularly those in regions with lower average incomes, such as India."

"The area of improvement is the cost, which is high compared to other traditional endpoint protections."

More SentinelOne Singularity Cloud Security cons

"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images."

"The out-of-the-box PostgreSQL provided is not stable, which is why we are considering enterprise support."

"JFrog Xray does not have a dashboard."

"JFrog Xray's documentation and error logging could be improved."

"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."

"The speed of JFrog Xray should improve. Other solutions have better performance."

"Since we have been using the solution via APIs, there are some limitations in the APIs."

"Lacks deeper reporting, the ability to compare things."

More JFrog Xray cons

"Technical support could use some improvement."

"We'd like to have more native integration with clouds and additional security checks in the future."

"Prisma Cloud supports generating CSV files, but I would also like it to generate PDF files for reporting."

"A better correlation between the multiple products Prisma Cloud contains would be crucial. It would reduce the time spent looking at reports and enable you to get all the actionable insights across products. I think that Palo Alto is working on it, but they need to work faster because it doesn't make sense to have all these products in a single pane of glass without any correlation between them."

"The UI could be improved."

"They could improve more features for the enterprise version of the solution."

"Prisma is good about compliance, and their support is excellent, but they struggle with automation and integration. They need to stay on top of the newest types of connectors. How can you connect other applications and other tools in order for this to work cohesively? That's a challenge."

"Based on my experience, the customization—especially the interface and some of the product identification components—is not as customizable as it could be. But it makes up for that with the fact that we can access the API and then build our own systems to read the data and then process and parse it and hand it to our teams."

More Prisma Cloud by Palo Alto Networks cons

Pricing and Cost Advice

"PingSafe is fairly priced."

"Its pricing is constant. It has been constant over the previous year, so I am happy with it. However, price distribution can be better explained. That is the only area I am worried about. Otherwise, the pricing is very reasonable."

"PingSafe is affordable."

"SentinelOne provided competitive pricing compared to other vendors, and we are satisfied with the deal."

"SentinelOne Singularity Cloud Security is costly."

"It was reasonable pricing for me."

"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."

"Its pricing was a little less than other providers."

More SentinelOne Singularity Cloud Security pricing and cost advice

Information not available

"Its price is reasonable as compared to other products. The main challenge is explaining the licensing model to customers. It isn't a problem related to Palo Alto. Commonly, people don't understand cloud licensing or security licensing. When they have fixed virtual machines, they know what they are going to be charged, but when it comes to cloud automation, it is hard for them to get clarity in case of high workloads or when they have enabled auto-scaling, etc. It would be helpful if Palo Alto can educate people on their licensing programs."

"The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."

"It is fairly priced. However, its price can be better so that small banks or small organizations can afford it and adopt it to secure their environment and data."

"You can expect a premium price because it is a premium quality product by a leading supplier."

"Prisma Cloud is remarkably expensive."

"Although the cost can be high, the value is worth the price tag."

"Prisma Cloud's licensing system functions as expected with a solid licensing infrastructure."

"The pricing of the solution is fair."

More Prisma Cloud by Palo Alto Networks pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Container Security solutions are best for your needs.

See recommendations

831,158 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

19%

Financial Services Firm

15%

Manufacturing Company

Government

Financial Services Firm

25%

Manufacturing Company

13%

Computer Software Company

12%

Government

Educational Organization

17%

Financial Services Firm

13%

Computer Software Company

13%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...

See all answers

What is your experience regarding pricing and costs for PingSafe?

SentinelOne is relatively cheap. If ten is the most expensive, I would rate it a seven.

See all answers

What needs improvement with PingSafe?

The areas with room for improvement include the cost, which is higher compared to other security platforms. The dashb...

See all answers

What do you like most about JFrog Xray?

JFrog Xray shows us a list of vulnerabilities that can impact our code.

See all answers

What needs improvement with JFrog Xray?

X-ray needs improvement in supporting more than one database, as it currently only supports PostgreSQL. More support ...

See all answers

What is your primary use case for JFrog Xray?

Our primary use case for X-ray includes multiple activities such as security and vulnerability scanning. We already u...

See all answers

What is your primary use case for Prisma Cloud by Palo Alto Networks ?

Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.

See all answers

What Cloud-Native Application Protection Platform do you recommend?

We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...

See all answers

What do you think of Aqua Security vs Prisma Cloud?

Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...

See all answers

Comparisons

Wiz vs SentinelOne Singularity Cloud Security

Compared 28% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 8% of the time

Microsoft Defender for Cloud vs SentinelOne Singularity Cloud Security

Compared 7% of the time

Orca Security vs SentinelOne Singularity Cloud Security

Compared 6% of the time

Check Point CloudGuard CNAPP vs SentinelOne Singularity Cloud Security

Compared 4% of the time

More SentinelOne Singularity Cloud Security Competitors

Black Duck vs JFrog Xray

Compared 19% of the time

Trivy vs JFrog Xray

Compared 14% of the time

Veracode vs JFrog Xray

Compared 7% of the time

Snyk vs JFrog Xray

Compared 6% of the time

Mend.io vs JFrog Xray

Compared 5% of the time

More JFrog Xray Competitors

Wiz vs Prisma Cloud by Palo Alto Networks

Compared 22% of the time

Microsoft Defender for Cloud vs Prisma Cloud by Palo Alto Networks

Compared 12% of the time

CrowdStrike Falcon Cloud Security vs Prisma Cloud by Palo Alto Networks

Compared 5% of the time

Aqua Cloud Security Platform vs Prisma Cloud by Palo Alto Networks

Compared 5% of the time

SUSE NeuVector vs Prisma Cloud by Palo Alto Networks

Compared 2% of the time

More Prisma Cloud by Palo Alto Networks Competitors

Product Reports

Buyer's Guide

SentinelOne Singularity Cloud Security

December 2024

SentinelOne Singularity Cloud Security report

Download SentinelOne Singularity Cloud Security product report

Buyer's Guide

JFrog Xray

January 2025

Download JFrog Xray product report

Buyer's Guide

Prisma Cloud by Palo Alto Networks

January 2025

Prisma Cloud by Palo Alto Networks report

Download Prisma Cloud by Palo Alto Networks product report

Also Known As

PingSafe

JFrog Security Essentials

Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto

Learn More

SentinelOne

JFrog

Palo Alto Networks

Overview

SentinelOne Singularity Cloud Security protects cloud workloads, offering advanced threat detection and automated response. It integrates seamlessly with cloud environments and secures containerized applications and virtual machines against vulnerabilities.

SentinelOne Singularity Cloud Security is renowned for its efficiency in mitigating threats in real-time. The platform integrates effortlessly with existing cloud environments, ensuring robust cloud security management with minimal manual intervention. Securing containerized applications and virtual machines, it excels in threat intelligence and endpoint protection. However, improvements are needed in performance during high workload periods, and more integrations with third-party tools and better documentation would be beneficial. Users often find the installation process complex, support response times slow, and the dashboard's navigation unintuitive.

What are the key features of SentinelOne Singularity Cloud Security?

Real-time Threat Detection: Identifies and mitigates threats as they occur.
Automated Response: Automatically responds to threats to minimize impact.
Ease of Deployment: Simple setup process with scalable options.
Machine Learning Insights: AI-driven insights enhance threat prevention.
Seamless Integration: Integrates with cloud environments for unified security management.

What are the primary benefits or ROI to expect from SentinelOne Singularity Cloud Security?

Enhanced Threat Mitigation: Improved security against real-time threats.
Reduced Manual Intervention: Automated processes save time and resources.
Scalability: Easily adapts to growing security requirements.
Centralized Management: Manage security across platforms from a single console.
Advanced Threat Intelligence: Provides in-depth analysis and protection.

In specific industries, SentinelOne Singularity Cloud Security is implemented to safeguard critical data and infrastructure. Organizations in finance, healthcare, and technology depend on its real-time threat detection and automated response to protect sensitive information. Its ability to secure containerized applications and virtual machines is particularly valuable in dynamic environments where rapid scaling is necessary.

JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].

If you are a team player and you care and you play to WIN, we have just the job you're looking for.

As we say at JFrog: "Once You Leap Forward You Won't Go Back!"

Prisma Cloud by Palo Alto Networks is used for managing cloud security posture, container security, and compliance monitoring in multi-cloud environments.

Prisma Cloud by Palo Alto Networks provides tools for vulnerability management, misconfiguration detection, and compliance with standards like HIPAA and CIS. It offers near real-time inventory and alerting, enhancing cloud configuration audits and security across AWS, Azure, and GCP. Its automated security features offer real-time protection and integration into CI/CD pipelines, optimizing visibility, control, and risk identification without manual steps. Despite its capabilities, improvement areas include documentation, pricing clarity, usability, security automation, dashboard customization, and API functionality. Slow support and integration challenges with AWS and third-party tools are noted.

What are the key features of Prisma Cloud?

Dynamic Workload Identity: Automates identity creation for workloads, enhancing security.
Automated Forensics: Provides swift incident analysis to prevent future vulnerabilities.
Comprehensive Compliance Monitoring: Monitors compliance with industry standards effortlessly.
Cloud Security Posture Management: Manages security posture effectively across environments.
Vulnerability Scanning: Identifies vulnerabilities across multi-cloud setups.
Identity-Based Micro-Segmentation: Limits access to sensitive data via segmentation.
Single-Pane Management: Offers streamlined management across cloud platforms.

What benefits and ROI should users consider?

Increased Productivity: Streamlined processes reduce time spent on manual tasks.
Enhanced Security: Real-time threat detection mitigates potential breaches.
Compliance Assurance: Ensures adherence to necessary industry standards.
Cost Efficiency: Automated features lower operational costs.
Improved Integration: Smooth integration into existing CI/CD pipelines.

In industries such as healthcare and finance, Prisma Cloud by Palo Alto Networks enhances security by aligning with strict compliance standards and safeguarding sensitive data. Its tools adapt to rapid cloud service updates and enable secure deployment across diverse cloud infrastructures.

Sample Customers

Information Not Available

google, amazon, cisco, netflix, oracle, vmware, facebook

Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America

Buyer's Guide

JFrog Xray vs. Prisma Cloud by Palo Alto Networks

January 2025

Free Report: JFrog Xray vs. Prisma Cloud by Palo Alto Networks

Find out what your peers are saying about JFrog Xray vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: January 2025.

DOWNLOAD NOW

831,158 professionals have used our research since 2012.

See our JFrog Xray vs. Prisma Cloud by Palo Alto Networks report.

See our list of best Container Security vendors.

We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.