Try our new research platform with insights from 80,000+ expert users

AWS Security Hub vs Prisma Cloud by Palo Alto Networks comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 24, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Security Hub
Ranking in Cloud Security Posture Management (CSPM)
13th
Average Rating
7.6
Reviews Sentiment
6.5
Number of Reviews
26
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (5th)
Prisma Cloud by Palo Alto N...
Ranking in Cloud Security Posture Management (CSPM)
2nd
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
111
Ranking in other categories
Web Application Firewall (WAF) (8th), Container Security (1st), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (2nd)
 

Mindshare comparison

As of October 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of AWS Security Hub is 4.2%, down from 5.0% compared to the previous year. The mindshare of Prisma Cloud by Palo Alto Networks is 11.4%, down from 17.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM) Market Share Distribution
ProductMarket Share (%)
Prisma Cloud by Palo Alto Networks11.4%
AWS Security Hub4.2%
Other84.4%
Cloud Security Posture Management (CSPM)
 

Featured Reviews

MuhammadAzhar Khan - PeerSpot reviewer
Offers best practice recommendations and supports various compliance standards
Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.
Harsh_Vardhan - PeerSpot reviewer
Provides visibility and control that our customers need
Different modules are valuable for different customers. We are leveraging CSPM. It is one of the best solutions for comprehensive visibility into cloud resource configurations and compliance. It has a lot of out-of-the-box policies, and the visibility that we are getting is impressive. The DSPM module is valuable. This is the latest one that Palo Alto procured from Dig Security. No competitor provides this functionality in a single pane of glass. The support for Linux and container security is also very good. That is the beauty of Prisma Cloud. However, in terms of Windows security, Prisma Cloud is lacking because currently, there is no runtime protection available. The UI is very good. We get all the things within a single UI. It is easy to use. A new user can easily understand it. It is very user-friendly.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."
"I find all of the features to be highly valuable."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"AWS Security Hub can check your infrastructure against multiple compliance frameworks. You can turn on or off specific frameworks based on your needs."
"AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard."
"Finding out if your infrastructure is secure is a valuable feature."
"The most valuable feature is the continuous cloud compliance monitoring and alerting."
"As a pure-play CSPM, it is pretty good. From the data exposure perspective, Prisma Cloud does a fairly good job. Purely from the perspective of reading the conflicts, it is able to highlight any data exposures that I might be having."
"The policies that come prepackaged in the tool have been very valuable to us. They're accurate and they provide good guidance as to why the policy was created, as well as how to remediate anything that violates the policy."
"I like the scanning features provided by Prisma Cloud, including the image scan and source scan."
"In the GlobalProtect module, we can easily guide users experiencing connection issues through the notification column."
"It helps to identify the misconfigurations by monitoring regularly which helps to secure the organization's cloud environment."
"The solution will streamline and minimize manual efforts."
"The Cloud Workload Protection module is a very strong solution. I like the Cloud Workload Protection part. It is something I have not used for the banking client, but I had a chance to try it out for roughly a month on actual deployment of another customer. That part was really robust. Cloud Workload Protection would be the main feature that I enjoy the most."
 

Cons

"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"I would like a more fine-grained capability for creating custom rules and a more user-friendly experience programmatically in writing queries and configuring custom security rules, making it quicker and easier."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"The solution should be easier to learn and use"
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."
"It would be nice Prisma Cloud merged its modules for CSPM and infrastructure as code. It would simplify the pricing and make it easier for customers to evaluate the solution because there are different modules, and you need to add it to your subscription separately."
"The UX part of Prisma's user interface could be simplified and the metrics tool should be highlighted more."
"One definite area for improvement is the auto-remediation or the CWP area. The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options."
"While the documentation continually improves, it still has limitations compared to the extensive resources available for older products like hardware firewalls, which have been around for approximately 20 years."
"It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat."
"When it comes to protecting the full cloud-native stack, it has the right breadth. They're covering all the topics I would care about, like container, cloud configuration, and serverless. There's one gap. There could be a better set of features around identity management—native AWS—IAM roles, and service account management. The depth in each of those areas varies a little bit. While they may have the breadth, I think there's still work to do in flushing out each of those feature sets."
"One of the main backlogs in their development is in the area of integration. For example, we have ServiceNow in place for ticket management and Prisma Cloud is supposed to send closure emails for incidents. But from time to time, it fails to do so. We have several other mismatches between Prisma Cloud and ServiceNow."
"Prisma Cloud lags behind in terms of security automation capabilities."
 

Pricing and Cost Advice

"There are multiple subscription models, like yearly, monthly, and packaged."
"The pricing is fine. It is not an expensive tool."
"The price of the solution is not very competitive but it is reasonable."
"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."
"The price of AWS Security Hub is average compared to other solutions."
"Security Hub is not an expensive solution."
"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
"AWS Security Hub's pricing is pretty reasonable."
"The pricing is reasonable."
"The pricing is competitive. From what I have seen in the past, it is on par with the others."
"It is fairly priced. However, its price can be better so that small banks or small organizations can afford it and adopt it to secure their environment and data."
"The pricing structure is easy to understand. Depending on the use case the pricing of the solution can be different. There are not any additional costs to the standard living fees."
"I wouldn't mind if it were cheaper. We are spending a fair amount of money on Prisma Cloud."
"This solution is good for a company with at least 400 people that must be connected remotely. For smaller companies, it can be too expensive."
"The cost was not on the higher side. Overall, the cost gets recovered with its implementation."
"One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
868,706 professionals have used our research since 2012.
 

Comparison Review

it_user186927 - PeerSpot reviewer
Feb 16, 2015
Cybereason vs. Interset vs. SQRRL
Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
10%
Government
6%
Computer Software Company
15%
Financial Services Firm
14%
Manufacturing Company
10%
Insurance Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise5
Large Enterprise12
By reviewers
Company SizeCount
Small Business34
Midsize Enterprise20
Large Enterprise58
 

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
What do you like most about AWS Security Hub?
The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
What needs improvement with AWS Security Hub?
Regarding how Amazon can improve AWS Security Hub, they have numerous services that are discriminated individually and grouped into packages. However, the sheer number of services can be overwhelmi...
What is your primary use case for Prisma Cloud by Palo Alto Networks?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cl...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...
 

Also Known As

SQRRL
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about AWS Security Hub vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: September 2025.
868,706 professionals have used our research since 2012.