Prisma Cloud by Palo Alto Networks Reviews

We utilize all the modules of Prisma Cloud by Palo Alto Networks, and it is fully integrated into the host control manager on GitHub. We employ this solution to achieve complete visibility from the moment we write our ISE to the actual management of the cloud environment. This approach offers a clear view of our security posture, and the container security component provides valuable insights to assist us in our architectural process.

Our security team is the primary user of the solution, followed by SREs and developers.

Prisma Cloud by Palo Alto Networks offers security that covers various environments. This is crucial as it provides visibility into running processes, allowing for a better assessment of the current security status and giving our knowledge center peace of mind. Moreover, it enables us to leverage all the available modules.

Prisma Cloud by Palo Alto Networks is highly comprehensive, and I would recommend this solution to anyone due to its complete visibility into the cloud and its efficient deployment process, which makes the solution worth the cost.

The solution's security automation capabilities, if configured correctly using various playbooks, can introduce different security gates. This automated playbook has the potential to save us 70 percent of the work.

I would rate Prisma Cloud by Palo Alto Networks a nine out of ten for its proactive approach to cloud security.

Prisma Cloud by Palo Alto Networks has significantly enhanced the functioning of our organization. Through CIM, we can examine IIM posture to determine the permissions granted to users and the status of all shared entities. Additionally, CSPM provides an accurate inventory of all running elements, which we utilize to bolster our security posture. This allows us to effectively identify various threat levels and obtain a precise overview of the environment.

Prisma Cloud by Palo Alto Networks is one of the most comprehensive solutions for securing the entire cloud-native development lifecycle, including the build, deploy, and run phases. By integrating with various components within my development cycle, I can access data from different data centers and formulate a security strategy to ensure ongoing protection.

The solution offers the visibility and control we require, regardless of the complexity or distribution of our cloud environments. This visibility enables us to enhance our security and compliance posture by adhering to the recommendations.

Prisma Cloud by Palo Alto Networks enables us to integrate security into our CI/CD pipeline and add touchpoints to existing DevOps processes by integrating with the infrastructure code. This allows us to enhance security at various stages of the deployment process. The touchpoints in our DevOps processes are seamless. 

The solution provides us with a single tool to protect all our cloud resources and applications without the need to manage and reconcile multiple security and compliance reports. It allows us to have a better understanding of our environment, from the infrastructure code to the cloud, providing a more comprehensive picture.

Prisma Cloud by Palo Alto Networks provides risk clarity at the run and across the entire pipeline showing issues as they are discovered during the build phases. This makes it much easier for our developers to actually take into consideration some of the recommendations that are given.

The solution has helped us reduce run time alerts and shave down a few issues by 40 percent.

The solution has reduced alert investigation times because we can gather all the necessary information for investigation in one place.

Prisma Cloud by Palo Alto Networks has saved us approximately 20 million shillings.

Due to the maturity of most companies, security posture management is the most valuable feature.

The data container component can be improved since it lacks intuitiveness. Therefore, we need to thoroughly comprehend the tool in order to utilize it effectively.

The number of cloud providers in terms of data security needs improvement. The solution does not currently support servers for GCP.

I have been using Prisma Cloud by Palo Alto Networks for around three years.

Prisma Cloud by Palo Alto Networks is stable. Any issues we have are usually resolved within a few hours.

Prisma Cloud by Palo Alto Networks is scalable.

We transitioned from using EDR solutions, and after testing several options that necessitated extensive configuration, we ultimately switched to Prisma Cloud by Palo Alto Networks, which provided a balanced solution.

The initial setup is straightforward. The first time I deployed the solution, it took around three hours, but now I can do it in under an hour. The deployment is usually done through APIs, and we can also employ the production code to deploy containers.

The implementations are completed in-house.

The licensing structure is highly comprehensive. Although the cost can be high, the value is worth the price tag.

We evaluated Wiz.

I give Prisma Cloud by Palo Alto Networks a nine out of ten for its ease of use, value, and support.

One Prisma engineer or security person with training is able to maintain the solution. For our mature organization, we utilize all of Prisma Cloud by Palo Alto Networks tools.

I recommend Prisma Cloud by Palo Alto Networks. The solution is easy to use and intuitive for the most part. The licensing is comprehensive and straightforward, and the modules can be easily integrated to improve our development.

In Africa, many people do not typically associate the cloud with security due to the prevalence of on-premises security solutions. However, upon utilizing Prisma Cloud by Palo Alto Networks, we have come to realize that it is an excellent and secure tool.

When we did a POC, we realized that this product was able to give us insights into how consumers or services are activated. We could tell if, in certain cases, there was any kind of manual issues such as a misconfiguration. The solution is used to help us to reconfigure items and figure out what reconfiguration needs to be done, et cetera. Our target was to enhance the security portion of our AWS cloud.

The security features are quite good. 

The monitoring part is excellent. It is able to completely monitor our users in order to see what the users are doing at what time and if the users are currently logged in from India, and after five minutes of seeing a user if they are then trying to log in from Singapore, for example. Of course, this would not be possible, and so we would know something was wrong. It can pick up questionable behavior that may have been missed.

The reporting is great.

It's very user-friendly. You can easily make customized dashboards as well. 

We can easily restrict the users if we need to. We can even restrict them from accessing certain applications or services.

If anything tries to come in from a malicious IP, it will block it.

The initial setup is easy. 

We've found the solution to be stable and reliable. 

The solution does offer pretty good integration options.

Technical support is quite helpful.

The remediation part could be better. It should be able to automatically remediate on the basis of its artificial intelligence. If there are alerts, it should directly act and surround the malicious threat with a container or something. Instead of waiting on approval, it should immediately act. There should be no need for manual input when there is a threat on hand.

The ability to scale is limited as it is a SAS product. 

The licensing is a bit confusing.

We've used the solution for a while. Previously, it was RedLock Solutions and we were using it since it was known as RedLock. That's around let's say two years now. Then, Palo Alto bought it, and we now use it under the new name.

The stability and reliability are excellent. There are no bugs or glitches. It does not crash or freeze. it's great.

The scalability isn't infinite. It's limited.

That said, we haven't really tested it as we haven't added any users or anything into the solution yet.

We have found the technical support to be helpful and responsive. Originally, when we needed assistance with integrating it into our AWS cloud, we contact them and they helped us immediately. It was a very positive experience. We were very satisfied. 

The initial setup is very easy. It's not overly complex. A company should be able to handle it without any issues. 

We pay a licensing fee on a yearly basis.

It is not costly. However, the way it is priced is based on the number of incentives. The problem is, what is the number of incentives? We don't know. They seem to do it by the number of workloads, however, we're unclear as to what defines a workload. They need to improve on the licensing front. They need to be more clear about the whole thing.

I've never evaluated any other services.

We are Palo Alto partners.

I'd advise that companies that get big and have a lot of servers or critical applications in their cloud invest in this solution.

I would rate the solution at a nine out of ten.

In my organization, we use Prisma Cloud to Protect the cloud environment to identify misconfigurations and send the reports to the cloud account owners. We can use Prisma Cloud based on location or based on cloud accounts. 

The policies that we are using in our organization help us to work more effectively to identify misconfigurations based on severity and the dashboard is very user-friendly to work with. 

I am very happy to use this product and find it to be highly impressive.

Prisma improved our cloud environment. It helps to identify the misconfigurations by monitoring regularly which helps to secure the organization's cloud environment. 

This product helps our organization in various ways, including identifying account-level misconfigurations. It will protect the environment in many ways. With this, we can avoid data leakage and avoid/identify public and internal cloud-level misconfigurations will be identified.

Identifying misconfigurations and vulnerabilities from the cloud account level as well as the development and operational level helps to secure everything effectively. 

Vulnerabilities can be identified before deployment - which helps our DevOps team to minimize or reduce time in an effective way. 

Identifying misconfigurations and vulnerabilities at the first stage itself will help the organization save time and money - which is highly appreciated. 

For some custom policies, we need more features. For example, at the investigation tab level, while adding columns for required fields, you can't have more than three or four custom fields. New cloud policies can be added in the next release to address severity changes for the cloned policies. It would be nice to have alerts at the dashboard level. For example, if five members are working with 50 different policies, based on the user name, policies should be assigned with alerts that can be displayed either in a graphical or listed way.

I've used the solution for three years.

I'd rate the stability 4.5 out of five. 

I am highly impressed with the product's scalability. Whenever I have issues with the solution, I will get an immediate response from the product team. They will try to close the issue as soon as possible - which is highly impressive.

I am very happy with the customer service. Whenever I have issues with the solution, I will get an immediate response from the product team and they will try to close the issue as soon as possible. This level of service is highly impressive.

Positive

This is my first solution. I did not previously use anything else. 

The product team helped us when the Initial setup happened.

We implemented through a vendor team and I'd rate the service five out of five. 

When compared to other products, Prisma Cloud is high in pricing and licensing. However, when there is high security it can be expensive. Smaller organizations can't afford Prisma Cloud.

As this is my first solution, I didn't choose any other product other than Prisma Cloud.

We were using it for remediation. I was working on a client's project on behalf of our company, and they had multiple subscriptions. They were using not only Azure but also AWS. Rather than managing remediation and governance separately through different clouds, it was proposed to use Prisma Cloud as a single place for remediation of everything.

Prisma Cloud provided a single window for all security issues, irrespective of the subscription, account, or service provider I was trying to see. The information was totally transparent with Prisma Cloud. Otherwise, it was a daunting task for us to manage everything within AWS itself because each region's or subaccount's data needed to be moved over to another account to see a full picture, and a similar approach was required in Azure as well. The data from a different subscription needed to be copied, which required a batch process to do this job on a daily basis. By integrating AWS and Azure subscriptions with Prisma Cloud, the same task became easier. It was as simple as adding a new account and a credential. That was it. Prisma Cloud took care of the rest of the functions

Prisma Cloud provided security spanning multi-cloud and hybrid-cloud environments. We integrated it with AWS and Azure with multiple subscriptions for each.

With both AWS and Azure, the presentation of the native cloud data was not good. We were more comfortable looking at the same data in Prisma Cloud.

Automation is possible with Prisma Cloud, and that is why we liked it. Automation is still not that good in the native clouds, and Prisma Cloud definitely has an edge compared to the facility that AWS or Azure provides. Although it is an additional cost for IT, overall, there are cost savings. I am not aware of the features provided by GCP. I did not integrate it with Prisma Cloud, but at least with AWS and Azure, Prisma Cloud works much better.

Prisma Cloud provides an agent that can scan container images or Docker images. Otherwise, for Docker images and accounts, AWS provides its own tool and its own format for the report. Similarly, Azure provides its own format to scan those images. We used the agent provided by Prisma Cloud. It unified the approach. Irrespective of the provider, the format of the output and reports was similar. It was easy to compare apples to apples rather than comparing apples to oranges, which definitely is a challenge when we use different cloud providers. Prisma Cloud solved that problem for us.

The level of abstraction is sufficient enough. The complexity is hidden. Only the information that is relevant is displayed, which is better from a developer's perspective because developers do not need to handle that complexity. If architects, like me, need to understand those complexities, they can go into a respective subscription and get the details. The level of abstraction was good enough with Prisma Cloud.

Prisma Cloud provides a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

Prisma Cloud reduced the alert investigation time because now, we have a single window. It is quite easy for anyone. A single resource can work on the alerts and memorize similar issues in the past and work on the current issues faster. It has improved productivity.

Prisma Cloud reduced costs. With the different service providers and different subscription models that we had previously, we divided the subscriptions between the analysts. They were responsible for the issues related to the subscription. We had a team of six people previously. After the implementation of Prisma Cloud, all the issues got consolidated, and our team size got reduced to two. The productivity increased because the same analyst could see past issues, revisit those issues, learn quickly, and fix similar issues. They got an idea of how to fix a similar issue, so the overall productivity increased, which reduced the cost.

When we work on, for example, AWS, we need to consolidate the data from different regions, which is an exercise in itself. The same exercise or similar exercise can easily be done in Prisma Cloud. It is as easy as registering a new subscription to AWS, and you start seeing all that data. For example, it is very easy to do analysis of the Defender data, which can include warnings, errors, etc. Although it is natively AWS data, the presentation is not easy for a developer. Prisma Cloud makes it a bit easier. 

The first time I looked at Prisma Cloud, it took me a while to understand how to implement the integration and how to enable features by using the interface for integration. That portion can probably be improved. I have not looked at the latest version. I used the version that was available three months back. It is portal-based, and they might have changed it in the last three months, but at that time, integration was a bit tricky. Even though documentation was available, it took a while for a new person to understand what integration meant, what will be achieved after the integration, or how the integration needed to be done on the Azure or AWS side. That was a bit challenging initially.

I used it for eight or nine months. I last used it about three months ago.

It is stable.

The client's team interacted with the customer support team. We used to highlight the issue to them, and they used to contact Palo Alto's support. We required their support two or three times, but I or my team was not directly involved with their customer support for help.

Positive

I have not used a similar solution before.

I was involved in the implementation. It was all cloud-based. There is a bit of a learning curve when trying to understand how to integrate it. Although some good documentation is available for Prisma Cloud, it was still a bit difficult to understand the product initially. However, the UI that analysts use to work on issues and remediation is quite good. It is not complex. After you have done one or two integrations with your AWS or Azure account or subscription, it becomes a routine activity. It is easy to integrate more subscriptions, but the initial one or two subscriptions of the AWS or Azure account will take some time because some features need to be enabled on the respective cloud as well. It is not only the configuration on the Prisma Cloud side. Some configuration is required on the AWS or Azure side as well.

It is a website, so deployment is not a challenge. It is as simple as registering an account and making the payment, which the IT team already did before they created an account for us, so, as such, there is no deployment. If we want to use an agent, then certainly some deployments are required on the machines, but that is the agent deployment. The product itself does not require any deployment.

From a maintenance perspective, not much maintenance is required. It is a one-time integration. It will then be set for a few years unless you want to remove some of the subscriptions or something changes in Azure or AWS. There is a limitation on the Azure or AWS side but not on the Prisma side, so maintenance is there, but it is low.

There was a cost reduction. That was the benefit that we had visualized while evaluating Prisma Cloud as one of the possible solutions. The complexity of IT operations had also reduced, and the team size had also reduced after implementing Prisma Cloud.

We used the enterprise edition. A standard edition is also there. I am aware of these two editions. I know that there is some cost, but I do not have the exact figures with me. The cost was not on the higher side. Overall, the cost gets recovered with its implementation.

I have not compared it with other tools, but overall, I found it to be pretty good when resolving the challenges that we were facing early on. I did not get a chance to look at the Gartner report in terms of where it stands, but based on my experience with this solution, I was quite satisfied.

It is a good solution. Each team should utilize it. Every good organization is now moving towards or trying to be provider agnostic, so if you are using multiple providers, you should at least give Prisma Cloud a try.

Prisma Cloud enables you to integrate security into your CI/CD pipeline and add touchpoints into existing DevOps processes. I know it is possible, but we were already using some other tools, so we did not try this feature. We already had a good process utilizing other scanning tools, so we did not try that feature, but I know that they have this feature.

Prisma Cloud provides risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases, but this is linked to the CI/CD pipeline, which we did not implement. We looked at the risk level of the infrastructure deployed. We also looked at which cloud platform is having issues. The risk-level clarity was certainly there. It was possible to see the risk level and prioritize the activities or other items with a higher risk, but we never tried CI/CD pipelines.

Overall, I would rate Prisma Cloud a nine out of ten.

We use Palo Alto to secure our network.  We are using the PA-820 firewall and all of the Prisma Cloud modules. It helps reduce our vulnerability to hacking and any malicious attacks on the network. With that appliance, we can minimize those things and control what goes in and out 

We have reduced network calls by 80 percent. The benefit of Palo Alto is the ability to create security across multiple levels and protect against hacks and vulnerabilities. You start to see these benefits within one or two days after implementing these devices. 

We are also using a honeypot to detect a target on our site. Once we have the target, we are blacklisting those using the firewall. The solution has reduced our investigation times by about 50 to 75 percent. It minimizes the alerts, so we're seeing fewer.

I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent.

The UI could be improved.

I have been using Palo Alto for almost eight months.

Palo Alto provides good support and doesn't take long to resolve an issue. 

We previously used Cisco ASA. We decided to switch because we wanted to adopt a UTM approach in which all the logs and reports go to a single dashboard. Everything is visible in Panorama, which comes with the Palo Alto appliances. We need to purchase a separate license for Panorama, but it's there. 

There are many competitors, such as FortGate, but Palo Alto is better. FortiGate has some advantages in terms of throughput. You can get better throughput if you enable all the engines in parallel. However, I've heard about Fortinet devices being compromised, but I've never heard of that happening with Palo Alto. 

I rate Palo Alto Prisma Cloud nine out of 10. Everything is neat, clean, and easy to use. However, when you commit changes through the UI, it takes some time to load on every system. 

It's a service that we have acquired for our cybersecurity department. We deployed Prisma Cloud by Palo Alto in all our clouds, which are Amazon, Azure, and Alibaba.

We are doing cloud security compliance as a security posture, and we are also doing workflow protection.

The solution gives us a lot of visibility across all of our cloud solutions. It helps with the security posture across all of our clouds. 

The security posture and workflow protection are excellent.

From the initial POC, compared to what we had witnessed with Check Point, it's easier to use.

Prisma Cloud is quite a good solution. However, the price is not good. 

We'd like to have more native integration with clouds and additional security checks in the future. It will be nice to see a general evolution of the solution. 

I've been using the solution for about one year.

The stability has been good so far after less than a year of use.

We are early in the process in terms of using the solution. We're not expecting to scale in the next few years. The problem there will be the licensing costs.

Right now, the environment we use is quite big already. We have several clouds already and need the visibility the solution provides. 

Our consultants deal with technical support. I do not deal with support directly. 

We did not previously use a different solution. We wanted our partner to validate our security with a tool from time to time. However, it was a service they were providing to us.

My team was involved in the deployment. I was not directly involved. It was straightforward with the help of our consultants.

Our consulting partner helped us with the initial deployment. 

We witnessed an ROI. It helped reduce risks and sped up threat detection. We avoided human mistakes as well while using this solution. 

We noted the value almost immediately once it was deployed. 

The price is high. In the future, when there are more competitors at the same level with different clouds, maybe the position will be different. 

We evaluated Check Point due to the relationship we have with them. Yet, they did not completely support Alibaba. Alibaba was only compatible with Check Point and Prisma. However, Check Point was at a very early stage and not quite as developed. 

I'd rate the solution an eight out of ten. 

I work with Palo Alto products, including their firewalls, VM-Series, CM-Series, hardware, and Prisma Cloud by Palo Alto Networks. I recommend Prisma Cloud by Palo Alto Networks primarily for financial services, FSI, and energy companies.

The threat detection feature in Prisma Cloud by Palo Alto Networks integrates with cloud-native controls like AWS GuardDuty and similar services on Azure and GCP. It also brings its own threat intelligence from Unit 42 and supports external intel feeds like VirusTotal. Multi-cloud compliance monitoring leads to a normalized view and can reduce workforce requirements.

The cost of Prisma Cloud by Palo Alto Networks is too high. I would also appreciate the addition of NLP to reduce the learning curve and make configuring queries more user-friendly.

I have been working with Prisma Cloud by Palo Alto Networks since it was called RedLock in 2019.

The initial setup is straightforward. Day zero involves cloud integration following an admin guide. Day one involves policy tuning, customization, and configuring compliance policies like GDPR.

The ROI is challenging to quantify. While there is tangible reduction in workforce needed, exact cost savings cannot be easily measured.

Pricing and licensing are expensive. There are different experiences with ROI, and exact cost benefits are hard to quantify.

If you have a multi-cloud environment, Prisma Cloud by Palo Alto Networks is essential for reducing costs and normalizing outputs. In a single-cloud, limited setup with good automation, you might not need it. I rate the overall solution at seven to seven and a half.

We wanted to use Prisma Cloud as a CSPM. The company needed a single pane of glass to monitor our AWS and Azure environments and see where we were in terms of configuration drift, vulnerabilities, etc. 

We're pretty AWS-heavy, so we wanted to see where we stood among all our AWS accounts. We wanted to keep an eye on all that, have a one-stop job, and maybe even offload some of our work. The company wanted to integrate with our Splunk instance to pair our SIEM logs with the CSPM. Most of it was for compliance tracking and vulnerability.

We tested everything out. We were building our own standards, but we also needed to adhere to IRS Publication 1075. They had that natively in their tool, but we could custom-build it.

I thought Prisma was great. It was robust and had many capabilities. We saw most of what we were looking for. The benefit was pretty easy and pretty quick. Prisma is a top-notch product. If they could make it agentless in the Windows stuff we needed and monitor the private cloud, we would have gone with Prisma. Prisma works perfectly with the cloud tools we have. 

I like Prisma's multi-cloud capabilities. It supports the big four cloud providers: AWS, Azure, GCP, and Alibaba. That was critical. We have mixed environments, so it's important to monitor all of that. We don't have much going on in Azure, but we will. We are predominantly AWS.

Prisma was extremely comprehensive. It's easy to drill down to gather more information and keep going. It seemed like you could drill down forever to see what the vulnerability was linked to. 

They had a MITRE ATT&CK attack map that told me here's the vulnerability, issue, or threat. In several instances, it would provide remediation options. If you had it linked up and fully integrated with AWS, it could handle the remediation for you. Otherwise, it would lay out the whole steps and provide the AWS CLI commands to resolve those issues, which was cool. We loved it. 

Runecast gave us more visibility into VMware's private cloud. We have more environments there, but Prisma's lack of visibility into the private cloud was a downside—there weren't many. 

We tested Prisma Cloud out for about a month and a half to compare it to Runecast to see which works better for us.

Prisma's price is pretty high, but it's a good product, and you get what you paid for, especially if you're working in a containerized environment.

We looked at Runecast and Prisma. We did not go with Prisma because Runecast could deploy agentless to our VMware private cloud, and we were impressed with this capability. Prisma looked polished, but Runecast could monitor the private cloud, which was a big thing for us. 

Vulnerability control is one of the things we're working on right now. It'd be great if we could find a product that can help with it. One issue we're having is that the latest data model we use to build out our products is domainless. We can't use Nessus, which is all on a domain, for vulnerability management on our private cloud.

We've tested out agents through the Defender for Endpoint and other things, but they don't handle the load that we have. This was going to help detect vulnerabilities in that environment. Unfortunately, Prisma wasn't able to work in the private Cloud. They were more focused on containerization and Kubernetes, so we ended up going with Runecast.

I rate Palo Alto Prisma nine out of 10. I recommend it. It's polished and a great product. Unfortunately, it didn't fit our use case, but I think their use case is pretty normal for most.