Launch prototype. Scores, references, and figures shown are based on public sources and are illustrative until first publication.
VendorAudit
VendorAudit
Market Pulse Profiles Compare How to buy Reviews Methodology Newsletter
Subscribe
Category coverage Data Security DSPM · DLP · Data Discovery · Data Security Platforms · Data Access Governance · AI-SPM
Vendor profile · Data security · Updated April 2026 · Compare with another vendor

Palo Alto Networks — Prisma DSPM

DSPM capability acquired from Dig Security in 2023. Integrated into Prisma Cloud CNAPP platform. Best for existing Palo Alto Networks Prisma customers. Limited standalone value outside the Palo Alto ecosystem.

Capability strength
70/ 100
Company health
78/ 100
divisional · NASDAQ: PANW · ~$120B market cap
Trajectory
Improving
Best fit for
Existing Prisma Cloud customers

At a glance

Palo Alto Networks acquired Dig Security (Tel Aviv) in October 2023 for an undisclosed amount, estimated at approximately $400 million. Dig Security's technology was integrated into the Prisma Cloud CNAPP platform as Prisma DSPM. Palo Alto Networks (NASDAQ: PANW) has a market capitalisation of approximately $120 billion and is the largest pure-play cybersecurity company by revenue. The company's Prisma Cloud platform is a leading CNAPP, serving tens of thousands of enterprise customers globally.

What Prisma DSPM actually is

Prisma DSPM is the Dig Security platform embedded within Prisma Cloud's cloud security posture management (CSPM) and CNAPP capabilities. Like Wiz's DSPM module, the primary value proposition is infrastructure-correlated data risk: combining data discovery and classification findings with Prisma Cloud's existing infrastructure context (network exposure, IAM misconfigurations, vulnerability data) to produce prioritised, contextualised data risk findings. The data discovery scope covers AWS, Azure, and GCP data stores; SaaS coverage is developing.

The integration cadence from the Dig acquisition is still underway. Enterprise buyers should request a detailed technical map of which Prisma Cloud data security capabilities are from the original Prisma platform, which are from the Dig acquisition, and which represent net-new development post-acquisition. The answer to this question determines how mature specific capabilities are.

Capability assessment

Strengths: For organisations already running Prisma Cloud, adding DSPM is incremental cost against existing licensing, and the correlated risk view (infrastructure + data) is genuinely powerful. Palo Alto Networks' platformisation strategy has succeeded commercially — buying adjacent capabilities into a single customer relationship creates stickiness and commercial efficiency for buyers who want to reduce vendor count. PANW's enterprise sales force has excellent reach and executive relationships; procurement conversations are well-facilitated. The broader Palo Alto security portfolio (XSIAM, Cortex, Prisma) provides correlation context that standalone DSPM cannot match.

Weaknesses: Outside the Prisma Cloud ecosystem, Prisma DSPM has little differentiation from pure-play alternatives. The Dig acquisition is two years old and the integration is still maturing — capability parity with Cyera or Sentra in SaaS coverage, unstructured data classification, and access governance depth is not yet achieved. Palo Alto Networks' platformisation strategy means that Prisma DSPM roadmap investment competes with XSIAM, Cortex, and other platform priorities. For buyers focused purely on DSPM outcomes, the combined platform creates overhead without benefit.

Company health

Parent company Palo Alto Networks is one of the financially strongest cybersecurity companies globally, with strong recurring revenue growth and a clear path to profitability. The DSPM product line carries no existential risk. Integration execution risk (as with all acquisitions) is the primary concern for buyers committing to the roadmap.

Strengths and weaknesses

Best for: Existing Prisma Cloud customers seeking to consolidate data security into the Palo Alto platform. Organisations running CNAPP and wanting integrated data risk context. Enterprise security teams whose primary security platform is already Palo Alto Networks and want to minimise vendor count.

Worst for: Organisations evaluating standalone DSPM — pure-play alternatives have more depth. Non-Palo Alto environments where the platform context provides no value. Buyers with SaaS-heavy data estates or unstructured data risk as primary concerns.

Negotiation and buying considerations

Negotiate DSPM access as a bundle with existing Prisma Cloud licensing — PANW account teams have meaningful flexibility to include DSPM at incremental cost for existing enterprise customers. Use competitive DSPM evaluations (Cyera, Sentra) as leverage in commercial negotiations. Get explicit roadmap commitments for SaaS source coverage and access governance depth — these are the capability gaps most likely to create dissatisfaction if not addressed.

Independence note: No portion of this analysis was shared with Palo Alto Networks before publication. This profile reflects publicly available information only. VendorAudit takes no money from covered vendors.