Onapsis vs. Palo Alto Networks Prisma Cloud

Onapsis is divided into 4 major components,

1. Assess
2. Comply
3. Defend
4. Control

In assess, it does a whitebox and blackbox testing of the ERP systems that have been added to the Onapsis console. It highlights relevant application issues and automates the process, also provides the solutions to implement the fix. In comply, it provides a governance on the various regulatory compliances which the firm has to follow, as well as provides a firm grip to the audit and ERP admin team. In control, it enables a workflow of 15 pre-defined parameter values within the SAP system and helps monitor, and track the changes made to those parameters. The capabilities are to either block, or request for an approval for changes made to those parameters in addition to just monitoring them. In defend, it goes through the SAP logs; and compares it with a pre-defined ruleset to alert the end-users via email or SIEM tool or both.

Incentivized

Finding specific Cloud Vendor specific Cloud resource configuration, tags, network information and etc. is fairly easy to do. Cloud alert capabilities are pretty good and with proper knowledge top notch alerts can be created. Only downside I can think of is ease of use.

Incentivized

• Eliminating the manual process improves the overall accuracy of results and also frees up valuable resources to focus on other different projects.
• Onapsis provides great leverage to our technical teams in order to review in a standardized way of the landscape.
• Onapsis always matches vulnerabilities with useful context and finds possible solutions.
• Onapsis is usually implemented to continuously monitor, and alert us on any issues on the SAP systems. Not only this but implementing Onapsis also eliminates the network on the year-end and month-end audits and helps in making the overall process faster, smooth, efficient as well as accurate.

Incentivized

• Vulnerability assessment using Twistlock
• Enhancing Security by scanning workload based on different Security standards and provide a compliance report
• CF template integration with CI/CD pipeline to identify any security issue before workload are deployed
• IAM/UEBA features additional to enchaining security posture
• Auto remediation
• Integration is simple and solution is supported on multiple cloud
• Customized dashboard/queries

Incentivized

• Multiple UIs
• No proper customization of UI log-off
• Tedious setup of Control component
• No proper error messages received

Incentivized

• Real-time supports would be much appreciated. At the moment they have a third-party ticketing support tool, which can be replaced with real-time support, which can be provided to the user at the time of the issue.
• The user should be provided with all the learning material by the Palo Alto team at the time of license purchase. This would save a lot of users' time, which is taken up by research and finding the correct documents from the website.
• Themes can be introduced in the feature set, which would help the user customize the software as per their needs.

Incentivized

Honestly, I havent use something like Onapsis before and currently I am not aware if there is something similiar out there. They are one of a kind and is a complete suit, so is unlikelly that someone from outside will appear with a better solution.

Incentivized

Our organization didn't consider any other tool, and so far we are pretty much satisfied with Prisma Cloud.

Incentivized

• It offers very reasonable packages.
• The customer support of Onapsis is reliable and efficient.
• It is a great platform as it shows a unified and easy-to-read different and complex topics in a simpler way.

Incentivized

• Investigation time is severely reduced
• Has potential to identify misconfigurations
• Hard to setup

Incentivized