Prisma Cloud by Palo Alto Networks vs Trivy comparison

Palo Alto Networks and Aqua Security are both solutions in the Container Security category. Palo Alto Networks is ranked #1 with an average rating of 8.6, while Aqua Security is ranked #5 with an average rating of 8.6. Palo Alto Networks holds a 10.1% mindshare in Container Security, compared to Aqua Security’s 6.1% mindshare. Additionally, 98% of Palo Alto Networks users are willing to recommend the solution, compared to 100% of Aqua Security users who would recommend it.

Prisma Cloud by Palo Alto N...

Read 111 Prisma Cloud by Palo Alto Networks reviews

22,379 Views
14,770 Comparison Views

98% willing to recommend

Trivy

Read 12 Trivy reviews

4,773 Views
4,773 Comparison Views

100% willing to recommend

Prisma Cloud by Palo Alto N...

Trivy

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 26, 2025

Prisma Cloud by Palo Alto Networks and Trivy both compete in the cloud security category. Prisma Cloud appears to have the upper hand due to its comprehensive security features that span multiple cloud environments.

Features: Prisma Cloud offers dynamic workload identity creation, compliance mapping, workload fingerprinting, and network security across cloud environments. It integrates application dependency mapping, automated forensics, and includes components like RedLock, Twistlock, and PureSec for multi-cloud security. Trivy stands out for its open-source model with extensive scanning capabilities for container images, static code, and cloud configurations. It supports multiple systems and languages for effective vulnerability detection and remediation.

Room for Improvement: Prisma Cloud could improve its documentation, permissions modeling, detection, user interface, and automation capabilities. Its pricing model is also complex and expensive. Trivy lacks a user-friendly interface, real-time scanning, and could enhance reporting capabilities. It should also address false positives and consider integrating machine learning and better contextual analysis.

Ease of Deployment and Customer Service: Prisma Cloud supports deployment across hybrid, public, and private clouds with mixed reviews on customer service quality. Some users report excellent support, while others experience delays. Trivy, primarily deployed on public and private clouds, receives positive feedback for ease of use and responsive technical support.

Pricing and ROI: Prisma Cloud has a complex pricing model based on resources, which can be costly for any organization. Its functionality is valued for security insight and risk reduction, although it might be financially demanding. Trivy provides an economical choice as an open-source solution without licensing fees, appealing especially to budget-constrained projects.

To learn more, read our detailed Prisma Cloud by Palo Alto Networks vs. Trivy Report (Updated: September 2025).

Buyer's Guide

Prisma Cloud by Palo Alto Networks vs. Trivy

September 2025

Download the complete report

Helped 873,085 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Prisma Cloud by Palo Alto N...

Ranking in Container Security

1st

Average Rating

8.4

Reviews Sentiment

7.3

Number of Reviews

111

Ranking in other categories

Web Application Firewall (WAF) (8th), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (2nd)

Trivy

Ranking in Container Security

5th

Average Rating

8.6

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of November 2025, in the Container Security category, the mindshare of Prisma Cloud by Palo Alto Networks is 10.1%, down from 14.5% compared to the previous year. The mindshare of Trivy is 6.1%, up from 3.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Container Security Market Share Distribution
Product	Market Share (%)
Prisma Cloud by Palo Alto Networks	10.1%
Trivy	6.1%
Other	83.8%

Container Security

Featured Reviews

Mohammad Qaw

Senior Security Consultant at helpag

It gives you one console to see all of your assets, review their configurations, and build your processes

Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Read full review

Utsav Sharma

Senior Security Consultant at Ernst & Young

Maintain operational efficiency by detecting misconfigurations and vulnerabilities

The vulnerability scanning feature is excellent as it supports various container capabilities like Docker and Sharma. It also offers repository scanning in the source code domain, allowing pre-push code scans. The misconfiguration detection works well for CloudFormation, Docker files, and Terraform. Its compliance support, like NIST, ensures that configurations align with standards. Trivy helps me significantly detect misconfigurations missed by the ops engineers or in Terraform by the naked eye. It ensures that my deployments are free of misconfigurations and vulnerabilities.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Its ease of integration is valuable because we need to get the solution out of the door quickly, so speed and ease matter."

"Prisma Cloud's inventory reporting is pretty good."

"The most valuable feature of Prisma Cloud by Palo Alto Networks is the CSPM, which we use the most. Additionally, the investigation and alerts are useful, and the creation of queries."

"The solution offers very good configuration capabilities."

"CSPM is very useful because it gives us good policies and violation alerts."

"What I like most about Prisma Cloud is its zero-day signatures, maximum security, minimal downtime, cloud visibility, control, and ease of deployment."

"As a pure-play CSPM, it is pretty good. From the data exposure perspective, Prisma Cloud does a fairly good job. Purely from the perspective of reading the conflicts, it is able to highlight any data exposures that I might be having."

"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."

More Prisma Cloud by Palo Alto Networks pros

"Trivy's open source nature and wide functionality are incredibly valuable."

"Trivy is most valuable for its ability to scan all repository files and dependencies."

"Trivy is easy to integrate with CI/CD and can be installed on desktops to scan images."

"Overall, I would rate Trivy a ten out of ten."

"It's customizable, allowing me to add any rules and format HTML templates as I wish."

"I can see vulnerabilities in the images of any applications deployed in the Kubernetes environment or as container applications."

"It is open-source."

"Trivy is very reliable and always has an up-to-date database to scan images and identify vulnerabilities."

More Trivy pros

Cons

"In terms of securing cloud-native development at build time, a lot of improvement is needed. Currently, it's more a runtime solution than a build-time solution. For runtime, I would rate it at seven out of 10, but for build-time there is a lot of work to be done."

"To see the full picture, at least when I last used it in April or May, you needed to switch between the modules. To see the cloud infrastructure and pipeline configuration, you need to switch to that module. To see the code security part, you need to switch to the Code Security module. It is the same story with CSPM. Two competitors of Prisma Cloud do it in a better way. They show the full view of a risk. Prisma Cloud unfortunately lacks in that area, but they are catching up."

"The security automation capabilities are average."

"Some module customization might be needed and certain features like adding custom labels are currently unavailable unless we have administrator access."

"It would be ideal if they could somehow reduce the deployment time."

"They charge seven workloads for monitoring one compute, and that is quite expensive. This makes it difficult to move fully with the compute part because of the workload."

"A better correlation between the multiple products Prisma Cloud contains would be crucial. It would reduce the time spent looking at reports and enable you to get all the actionable insights across products. I think that Palo Alto is working on it, but they need to work faster because it doesn't make sense to have all these products in a single pane of glass without any correlation between them."

"Prisma Cloud's enterprise reporting needs significant improvement."

More Prisma Cloud by Palo Alto Networks cons

"Trivy generates many false positives, flagging non-existent vulnerabilities."

"For malware detection, I need to use two tools: Trivy as my anomaly scanner and ClamAV. I am integrating these two tools into the CI pipeline. If both malware and anomaly detection could be managed by one tool, I would not need to depend on two tools."

"Trivy can improve by providing an output in PDF format."

"Trivy generates many false positives, flagging non-existent vulnerabilities. Improvements could include better contextual analysis or granular filtering."

"A dynamic scanning capability during runtime would be a significant advantage."

"The only problem is that Trivy does not support reporting features such as generating reports in CSV, which is useful for auditing and reporting."

"The reporting could be a little better. When integrating Trivy with CI, the interpretation of the reports could be improved."

"Trivy is not scalable; however, I have scanned very large projects with it. It is stable but not scalable according to my experience."

More Trivy cons

Pricing and Cost Advice

"If you pay for three years of Palo Alto, it's better. If you're planning on doing this, it's obviously not going to be for one year, so it's better if you go with a three-year license... The only challenge we have is with the public cloud vendor pricing. The biggest lesson I have learned is around the issues related to pricing for public cloud. So when you are doing your segmentation and design, it is extremely important that you work with someone who knows and understands what kinds of needs you will have in the future and how what you are doing will affect you in terms of costs."

"The Prisma Cloud pricing is good."

"This solution is good for a company with at least 400 people that must be connected remotely. For smaller companies, it can be too expensive."

"Prisma Cloud by Palo Alto Networks carries a higher cost, but its enhanced security measures justify the expense."

"The pricing is competitive; for the most part, the security firms have similar prices."

"Prisma Cloud is cost-efficient, but the credits are on the higher end."

"It is fairly priced. However, its price can be better so that small banks or small organizations can afford it and adopt it to secure their environment and data."

"The price is high. In the future, when there are more competitors at the same level with different clouds, maybe the position will be different."

More Prisma Cloud by Palo Alto Networks pricing and cost advice

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Container Security solutions are best for your needs.

See recommendations

873,085 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

14%

Manufacturing Company

10%

Government

Computer Software Company

14%

Financial Services Firm

14%

Manufacturing Company

12%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	37
Midsize Enterprise	20
Large Enterprise	55

By reviewers
Company Size	Count
Small Business	3
Midsize Enterprise	1
Large Enterprise	9

Questions from the Community

What is your primary use case for Prisma Cloud by Palo Alto Networks?

Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.

See all answers

What Cloud-Native Application Protection Platform do you recommend?

We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cl...

See all answers

What do you think of Aqua Security vs Prisma Cloud?

Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...

See all answers

What needs improvement with Trivy?

Trivy's marketing and awareness need improvement. Not everyone knows about it, which isn't ideal given its capabilities. There's potential to integrate AI and machine learning for enhanced function...

See all answers

What is your primary use case for Trivy?

I use Trivy ( /products/trivy-reviews ) to scan code for vulnerabilities before deployment. Our projects, which are developed by different developers, involve various dependencies and third-party c...

See all answers

What advice do you have for others considering Trivy?

I recommend Trivy to others due to its powerful and useful features. However, I suggest increasing its marketing to raise awareness. I rate Trivy an eight out of ten.

See all answers

Comparisons

Wiz vs Prisma Cloud by Palo Alto Networks

Compared 13% of the time

Microsoft Defender for Cloud vs Prisma Cloud by Palo Alto Networks

Compared 9% of the time

Cyera vs Prisma Cloud by Palo Alto Networks

Compared 8% of the time

CrowdStrike Falcon Cloud Security vs Prisma Cloud by Palo Alto Networks

Compared 5% of the time

Red Hat Advanced Cluster Security for Kubernetes vs Prisma Cloud by Palo Alto Networks

Compared 2% of the time

More Prisma Cloud by Palo Alto Networks Competitors

Snyk vs Trivy

Compared 19% of the time

JFrog Xray vs Trivy

Compared 18% of the time

Kubescape vs Trivy

Compared 9% of the time

Wiz vs Trivy

Compared 8% of the time

SUSE NeuVector vs Trivy

Compared 6% of the time

More Trivy Competitors

Product Reports

Buyer's Guide

Prisma Cloud by Palo Alto Networks

October 2025

Prisma Cloud by Palo Alto Networks report

Download Prisma Cloud by Palo Alto Networks product report

Buyer's Guide

Trivy

October 2025

Download Trivy product report

Also Known As

Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto

No data available

Overview

Prisma Cloud by Palo Alto Networks provides comprehensive cloud-native security solutions. It covers dynamic workload identity, automated forensics, and multi-cloud protection, ensuring robust security across diverse cloud platforms.

Prisma Cloud delivers advanced capabilities for managing cloud security across AWS, Azure, and GCP platforms. It offers dynamic workload identity creation, real-time monitoring, and seamless integration into CI/CD pipelines. With automation, centralized dashboards, and enhanced visibility, users effectively manage security misconfigurations and vulnerabilities. While optimizing cloud environments through runtime protection and compliance, Prisma Cloud faces challenges with its navigation, pricing, and limited automation capabilities. Users seek improvements in API security, role-based access controls, and documentation quality, emphasizing the need for enhanced customization and reporting features.

What are the important features of Prisma Cloud?

Dynamic Workload Identity: Enables unique workload identities for security purposes.
Automated Forensics: Offers detailed insights into threats and incidents automatically.
Runtime Protection: Provides ongoing detection and blocking of suspicious activities.
Multi-Cloud Security: Protects environments on AWS, Azure, and GCP simultaneously.
Compliance Management: Assists in meeting regulatory standards across cloud platforms.

What benefits or ROI should users consider in reviews?

Enhanced Security Posture: Strengthens cloud defense lines with proactive monitoring.
Centralized Dashboard: Offers unified oversight of multiple cloud environments.
Efficient Misconfiguration Handling: Quickly identifies and addresses security lapses.
Seamless CI/CD Integration: Integrates security within development workflows.
Improved Visibility: Provides transparent insights into security operations and alerts.

Industries like finance and telecom rely on Prisma Cloud for managing cloud security posture and container security. Teams utilize its capabilities across hybrid and multi-cloud settings to ensure compliance and robust threat protection. Features like misconfiguration detection and runtime monitoring are critical in promoting security objectives in these sectors.

Palo Alto Networks

Trivy offers comprehensive scanning for files, images, repositories, and infrastructure. It's open-source and integrates with CI/CD for vulnerability detection and security enhancement.

Trivy scans vulnerabilities in code, Docker images, containers, and infrastructure. It integrates seamlessly into DevOps pipelines, ensuring security in dependency management and open source vulnerabilities. This tool, lightweight and open-source, provides user-friendly reports and supports continuous vulnerability database updates, fostering ease of use across operating systems. Users benefit from its scanning capabilities, covering Kubernetes, AWS credentials, and GCP service accounts, effectively identifying vulnerabilities and misconfigurations.

What are Trivy's key features?

Comprehensive Scanning: Covers files, images, repositories, infrastructure, and sensitive data.
CI/CD Integration: Easily integrates into existing pipelines for seamless security checks.
Open-Source & Lightweight: Quick setup and fast scanning capabilities ensure rapid deployment.
Continuously Updated Database: Keeps vulnerability data current for effective threat detection.
User-Friendly Reports: Generates understandable and actionable security insights.

What benefits and ROI can users expect?

Enhanced Security: Provides in-depth analysis of vulnerabilities and misconfigurations.
Ease of Use: Designed for straightforward implementation and user interaction.
Compliance Support: Assists in meeting industry security standards and regulations.
Cross-Platform Use: Effective across different operating systems, enabling wide scalability.

In industries like technology and finance, Trivy is used extensively to secure applications, perform compliance checks, and offer security metrics visualization. It addresses microservices, container systems, and Kubernetes clusters security requirements, supporting DevOps teams and enhancing codebase analysis precision.

Aqua Security

Sample Customers

Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America

Information Not Available

Buyer's Guide

Prisma Cloud by Palo Alto Networks vs. Trivy

September 2025

Free Report: Prisma Cloud by Palo Alto Networks vs. Trivy

Find out what your peers are saying about Prisma Cloud by Palo Alto Networks vs. Trivy and other solutions. Updated: September 2025.

DOWNLOAD NOW

873,085 professionals have used our research since 2012.

See our Prisma Cloud by Palo Alto Networks vs. Trivy report.

See our list of best Container Security vendors.

We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.