Palo Alto Networks Prisma Cloud vs. SUSE NeuVector

Finding specific Cloud Vendor specific Cloud resource configuration, tags, network information and etc. is fairly easy to do. Cloud alert capabilities are pretty good and with proper knowledge top notch alerts can be created. Only downside I can think of is ease of use.

Incentivized

SUSE NeuVector is exceptional when you want to make your Kubernetes cluster secure. You can limit network connections, scan containers, container registries and Kubernetes nodes for vulnerable software, forbid running specific commands on certain or all containers. You can enable security for individual containers - when SUSE NeuVector has learned container specifics. That's why you can deploy SUSE NeuVector on production Kubernetes clusters where you are already running conteiners - it will not break anything.

• Vulnerability assessment using Twistlock
• Enhancing Security by scanning workload based on different Security standards and provide a compliance report
• CF template integration with CI/CD pipeline to identify any security issue before workload are deployed
• IAM/UEBA features additional to enchaining security posture
• Auto remediation
• Integration is simple and solution is supported on multiple cloud
• Customized dashboard/queries

Incentivized

• Scans containers software for known vulnerabilities
• Denies command execution in containers
• Prevents unwanted network connections from/to containers

• Real-time supports would be much appreciated. At the moment they have a third-party ticketing support tool, which can be replaced with real-time support, which can be provided to the user at the time of the issue.
• The user should be provided with all the learning material by the Palo Alto team at the time of license purchase. This would save a lot of users' time, which is taken up by research and finding the correct documents from the website.
• Themes can be introduced in the feature set, which would help the user customize the software as per their needs.

Incentivized

• I like everything about NeuVector. They are on the right development path.

It is no doubts about their functionalities and top-notch security features. The Products do really well in their every feature and gives you complete visibility to your valuable Data at all. The Support for the Palo Alto Networks Prisma Cloud is also one of the plus point where you gain the confidence into the product.

Incentivized

Prisma Cloud stacks well with other similar Palo Alto products. UI is beautiful, has decent documentation and some trainings as in other platforms.

Incentivized

SUSE NeuVector is deployed on your Kubernetes, and data does not leave your data center. Sysdig is a cloud platform - you have no full control over what happens with your data. Also, SUSE NeuVector has a capability to prevent specific command execution ir containers, but Sysdig does not have such ability. Sysdig is not an open-source solution, but SUSE NeuVector is.

• Help reduce the cost by assisting what resources can be removed according to usage.
• Report the vulnerabilities.
• Time saved in investigating the issue.

Incentivized

• We went from being blind to what happens in the Kubernetes network to seeing everything and being able to control Kubernetes network communications.
• Now we are able to detect vulnerable containers faster.