Try our new research platform with insights from 80,000+ expert users

Prisma Cloud by Palo Alto Networks vs Trivy comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
3rd
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
110
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Cloud Workload Protection Platforms (CWPP) (4th), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (2nd)
Prisma Cloud by Palo Alto N...
Ranking in Container Security
1st
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
110
Ranking in other categories
Web Application Firewall (WAF) (6th), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (1st)
Trivy
Ranking in Container Security
16th
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
9
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Container Security category, the mindshare of SentinelOne Singularity Cloud Security is 2.1%, up from 1.0% compared to the previous year. The mindshare of Prisma Cloud by Palo Alto Networks is 13.9%, down from 17.7% compared to the previous year. The mindshare of Trivy is 5.5%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Mohammad Qaw - PeerSpot reviewer
It gives you one console to see all of your assets, review their configurations, and build your processes
Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.
Utsav Sharma - PeerSpot reviewer
Maintain operational efficiency by detecting misconfigurations and vulnerabilities
The vulnerability scanning feature is excellent as it supports various container capabilities like Docker and Sharma. It also offers repository scanning in the source code domain, allowing pre-push code scans. The misconfiguration detection works well for CloudFormation, Docker files, and Terraform. Its compliance support, like NIST, ensures that configurations align with standards. Trivy helps me significantly detect misconfigurations missed by the ops engineers or in Terraform by the naked eye. It ensures that my deployments are free of misconfigurations and vulnerabilities.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"I would rate SentinelOne Singularity Cloud Security a ten out of ten."
"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."
"Singularity Cloud's ability to create custom correlation searches and reduce noise is highly valuable."
"PingSafe's graph explorer is a valuable tool that lets us visualize all connected services."
"SentinelOne Singularity Cloud Security has improved our security posture."
"The UI is responsive and user-friendly."
"Visibility is the most important aspect."
"Prisma Cloud's most valuable feature is its user identification capabilities."
"The product is quite good for providing multi-clouds or cross-cloud security from a single-pane -of-glass."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"The threat detection feature in Prisma Cloud by Palo Alto Networks integrates with cloud-native controls like AWS GuardDuty and similar services on Azure and GCP."
"Prisma Cloud's monitoring features such as the compute compliance dashboard and the vulnerability dashboard, where we can get a clear visualization of their docker, have also been valuable. We can get layer-by-layer information that helps us see exactly where it's noncompliant. They update the dashboards quite frequently."
"The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers."
"The most valuable feature is the closed VPN connection, which provides better performance than traditional VPN boxes. For example, let's say a user in New York State normally connects in the East, but if they travel to the UK, they can connect to the same portal, which automatically redirects to any VPN gateway. We can control traffic based on Active Directory groups instead of the user's IP. That means a user in New York can access his application based on his user ID and AD group access when he travels to the UK or anywhere else."
"Its ease of integration is valuable because we need to get the solution out of the door quickly, so speed and ease matter."
"Trivy is easy to integrate with CI/CD and can be installed on desktops to scan images."
"I rate Trivy a nine out of ten."
"Trivy is particularly useful for checking if Docker images have critical vulnerabilities before they reach production."
"The most valuable feature of Trivy is its easy integration with the CI/CD pipeline."
"I appreciate Trivy for being open-source and not requiring any payment."
"Overall, I would rate Trivy a ten out of ten."
"Trivy's open source nature and wide functionality are incredibly valuable."
"I definitely recommend Trivy."
 

Cons

"PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection."
"The integration with Oracle has room for improvement."
"The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint."
"For SentinelOne, improvements could be made in managing Internet dependency as cloud-based operations can pose challenges in environments with limited connectivity."
"Sometimes the Storyline ID is a bit wacky."
"I would like PingSafe to add real-time detection of vulnerabilities and cloud misconfigurations."
"Their search feature could be better."
"A beneficial improvement for PingSafe would be integration with Jira, allowing for a more streamlined ticketing system."
"They could improve more features for the enterprise version of the solution."
"I would like to see the inclusion of automated counter-attack, although this is probably illegal."
"Support is an area that needs improvement."
"The security automation capabilities are average."
"The user interface should be improved and made easier."
"We'd like to have more native integration with clouds and additional security checks in the future."
"They need to improve the API gateway."
"To see the full picture, at least when I last used it in April or May, you needed to switch between the modules. To see the cloud infrastructure and pipeline configuration, you need to switch to that module. To see the code security part, you need to switch to the Code Security module. It is the same story with CSPM. Two competitors of Prisma Cloud do it in a better way. They show the full view of a risk. Prisma Cloud unfortunately lacks in that area, but they are catching up."
"For malware detection, I need to use two tools: Trivy as my anomaly scanner and ClamAV. I am integrating these two tools into the CI pipeline. If both malware and anomaly detection could be managed by one tool, I would not need to depend on two tools."
"In our CI/CD pipelines, Trivy lacks built-in functionality for report analysis."
"Trivy generates many false positives, flagging non-existent vulnerabilities."
"Trivy can improve by providing an output in PDF format."
"The only problem is that Trivy does not support reporting features such as generating reports in CSV, which is useful for auditing and reporting."
"Trivy generates many false positives, flagging non-existent vulnerabilities. Improvements could include better contextual analysis or granular filtering."
"The reporting could be a little better."
"The only problem is that Trivy does not support reporting features such as generating reports in CSV, which is useful for auditing and reporting."
 

Pricing and Cost Advice

"Its pricing was a little less than other providers."
"I would rate the cost a seven out of ten with ten being the most costly."
"I understand that SentinelOne is a market leader, but the bill we received was astronomical."
"The tool is cost-effective."
"The licensing is easy to understand and implement, with some flexibility to accommodate dynamic environments."
"PingSafe is not very expensive compared to Prisma Cloud, but it's also not that cheap. However, because of its features, it makes sense to us as a company. It's fairly priced."
"SentinelOne Singularity Cloud Security is costly."
"I am personally not taking care of the pricing part, but when we moved from CrowdStrike to PingSafe, there were some savings. The price of CrowdStrike was quite high. Compared to that, the price of PingSafe was low. PingSafe is charging based on the subscription model. If I want to add an AWS subscription, I need to pay more. It should not be based on subscription. It should be based on the number of servers that I am scanning."
"The pricing and licensing are expensive compared to the other offerings that we considered."
"Prisma Cloud by Palo Alto Networks has helped the company save some money. Cost-wise, it's okay."
"Although the cost can be high, the value is worth the price tag."
"Prisma Cloud's licensing system functions as expected with a solid licensing infrastructure."
"The cost depends on the pricing model. Compared to other solutions, the cost isn't that bad."
"The price for Prisma Cloud is reasonable."
"The licensing cost is a bit high on the compute side."
"The pricing of the solution is fair."
Information not available
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
9%
Government
5%
Educational Organization
16%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
9%
Computer Software Company
15%
Financial Services Firm
15%
Manufacturing Company
11%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
SentinelOne Singularity Cloud Security is an excellent CSPM tool, but its CWPP features need improvement, and there i...
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
What needs improvement with Trivy?
One drawback I have observed with Trivy is the difficulty in building or integrating a UI, particularly for an operat...
What is your primary use case for Trivy?
The main use case for Trivy is to scan Docker images or packages for CVEs, specifically for vulnerabilities. I use th...
What advice do you have for others considering Trivy?
I rate Trivy an eight out of ten. This rating reflects its open-source nature, comprehensive scanning capabilities, a...
 

Also Known As

PingSafe
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
No data available
 

Overview

 

Sample Customers

Information Not Available
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Information Not Available
Find out what your peers are saying about Prisma Cloud by Palo Alto Networks vs. Trivy and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.