GCP Security Command Center (Premium) vs Prisma Cloud

Dear Community,

We are contemplating enabling GCP Security Command Center premium version at Org level. At the same time we are using Prima for vulnerability.

Now the question i have is, how do we do trade off between the 2 tool in terms of  features, pricing, ease of use etc to present a case for management?

Our Org has multi cloud strategy and we have AWS & Azure as well. Prima being cloud native is one advantage over SCC any other pointers you can provide to determine the same?

Thank you!

2 3 1,118
3 REPLIES 3

There maybe a bit of a misunderstanding here. SCC is cloud native. Its part of GCP. Prisma is not cloud native. It's not part of any cloud provider's offerings. It's a 3rd party service. It interfaces with each cloud via its API and so is a bit limited in what it can accomplish as it can only pull that which is API available and it has to adapt to changes after the fact.

In terms of differentiation. Prisma has been multicloud for a long time. SCC has just started to expand into other clouds so I'd say Prisma is today stronger on AWS/Azure but weaker on GCP. That said, Google has better integration as its one solution developed from the ground up while Prisma is built on acquisitions and there are still challenges to getting all to work as one solution. SCC is very deep on GCP as it doesn't completely rely on API access like Prisma does. So SCC has things like VM Threat Detection where it can detect threats on VMs without the need to install EDR agents. It does this by seeing threat patterns in the underlying host memory . That is something only the cloud provider can do as a 3rd party solution has no access to that. That is pretty compelling in the cloud where VMs are disposable and temporary. There are other CNAPPs such as Wiz and Sysdig and each of these has strengths and weaknesses. There is no one to rule them all. I think the best advice is to look at your own specific priorities and then ask yourself which solution is best at addressing those.

Thanks for your response. Sorry for the confusion. Yes SCC - Cloud Native & Prisma - Cloud Agnostic