Updates: Wiz - The PANW Prisma Cloud Rivalry; Head-To-Head Comparison

Summary

• Wiz's more unified platform gives it a notable advantage over Palo Alto Networks' Prisma Cloud. However, the gap has narrowed recently thanks to the Darwin release of Prisma Cloud.
• Wiz has aggressively pursued agent capabilities -  a stark contrast to the vendor's pure agentless stance 1-2 years ago. This is supportive for Prisma Cloud's blended approach to cloud security.
• Wiz's valuation is very high but the $12bn valuation could be sustained if the vendor reaches $600m ARR in 2 years (possibly when Wiz will do its IPO).

Wiz vs. PANW

Platform Architecture

PANW’s Prisma Cloud is offered to customers in a more modularized manner compared to Wiz, meaning they have fewer core modules as standard. This is probably a result of the extensive M&A executed by Nikesh Arora and his leadership team. Despite achieving great success in integrating the various BoB acquired solutions into Prisma Cloud, our sources of information suggest that Prisma Cloud is not as unified as Wiz (though Prisma Cloud has improved a lot lately, as we will discuss shortly).

Wiz’s greater unification across all of its technologies, attributed to its extensive in-house development whereby they have built most solutions themselves, enables it to deliver all (or most) of the solutions as one whole, providing the aforementioned contextualization benefits. Notwithstanding PANW’s best efforts, due to the complexity of integrating different codebases, languages, microservices, and infra etc., as validated by our findings, compared to Wiz’s platform, Prisma Cloud does not have the same level of contextualization, nor the same level of user experience as a by-product. And this can partly be deduced by viewing the modules not included in their standard tier. In essence, it seems as though Prisma Cloud can exclude some modules from the standard tier, whereas Wiz includes them, because excluding them doesn’t have a major impact on the standard tier customer. Perhaps PANW’s DSPM and CDEM (another term for vulnerability management in the cloud) are not deeply intertwined with its CSPM (named as Visibility, Compliance, & Governance), such that they can offer it to customers separately.