Prisma Cloud by Palo Alto Networks Reviews

We use Prisma Cloud for container security, serverless function security, and our Cloud Security Posture Management.

We realized the benefits of Prisma Cloud almost immediately. It can comprehensively secure the entire cloud-native development lifecycle, from build to deploy and run. It has that capability. We are using it in the build and run space, but we aren't using it for secure code review.

We are more dependent on another product for visibility. Prisma Cloud does not have a natural feel, so we use another tool. About 75 to 80 percent of our workloads are connected to one solution, but Prisma Cloud has limitations. It doesn't have agents for them, so we use other tools or other native security tools to protect them. 

When we started, many false positives and mismatched rules were not properly created. We created a more mature ruleset and now have a manageable set of alerts. It's not that much and has reduced over time.

We use different tools to achieve the same result, and consolidating that helps us save money. It has saved us, but it is a costly product. We are also saving some money on projects where there is competition. It's much cheaper, and they have the same or similar features.

We have standardized vendor process management, so we want to reduce multiple vendors. Prisma Cloud is part of Palo Alto. We use Palo Alto firewalls and other solutions. Prisma has many features that intelligently cover cloud security. One solution can cover runtime for EC2 systems, containers, and Fargate. We also have EKS/Kubernetes integration. So, whatever the cloud-native solution in Pfizer, we can use one solution to secure that.

The Fargate security microservice that's running doesn't support blocking features, which would be helpful. Another issue is the lifecycle. It isn't easy to upgrade if we have a console in Fargate. 

We have used Prisma Cloud for nearly two years.

We have had some issues, but they were mainly due to the environment. It did not crash as much after we set up the environment, but we had to build the system twice because of environmental issues. It took us a long time, but we have a learning curve on these deployments.

Prisma scales well if we're deploying on Kubernetes, but it doesn't scale that great on Fargate.

I had an opportunity to work with technical support and presales. The technical support was good. They are deep into the technology, but the presales staff wasn't up to the mark.

Positive

We have Aqua Security and many open-source tools. Prisma Cloud suits our needs, so it's good. 

The deployment had a steep learning curve, and the support wasn't trained enough to work on the product. They were trying it out in their own lab. It's a new technology, so it takes time.

We deployed via a CICD integration, which took us around two months. We have two deployments: production and our lower environment. It took time because there were dependencies in the infrastructure. It took two to three months to get a stable working solution. I deployed it alone. 

We deployed in Fargate, so high availability and other things were not an issue. The issue was the upgrade process, which requires us to streamline the upgrade process in the target deployment. That requires maintenance. If there is a major upgrade, it requires a lot of planning and everything. 

Prisma Cloud's pricing is a little higher than its competitors. It should come down. 

I rate Prisma Cloud seven out of 10. 

We specialize in all Palo Alto modules, including visibility, compliance, governance, threat detection, data security, and hub security. Our comprehensive suite of services covers all aspects of these modules. We leverage the SaaS security product for advanced threat detection, and for all-encompassing monitoring, we utilize Cortex XDR from Palo Alto.

Many customers store sensitive data in on-premises data centers and require robust security measures. Prisma Access licenses can protect internal networks, but some customers prefer avoiding internet exposure. To address this, we offer gateways that create a secure environment for internet access. With the rise of remote work, we provide VPN connections, such as GlobalProtect, for secure access to both internal and external resources. Customers can deploy multiple gateways in different regions to meet their needs. Traffic flow typically involves a VPN connection to a gateway, followed by routing through internal service connections and potentially a data center firewall before reaching the desired resource. For external access, traffic is routed directly to the internet through the VPN.

Prisma Cloud offers comprehensive security across multi and hybrid cloud environments. For instance, our ADEM tool, considered industry-leading, requires installation on user machines to enable continuous monitoring of all ADEM-equipped users. This includes detecting anomalous activity outside the corporate network and tracking user online time, providing valuable insights into network usage.

Security automation and EA Ops significantly reduce manual configuration and management tasks compared to previous methods, saving valuable time. Now, we only need to configure a few minor details rather than handling everything. For instance, with service connections and gateways, we don't have to manage multiple VPN gateways; Palo Alto is managed on the backend. Our primary responsibility will be monitoring after initial tunnel creation. We've preconfigured connections to on-premises firewalls, whether third-party or Palo Alto, eliminating manual configuration. Automation is in place, and we'll only need to purchase licenses. The autonomous system further enhances automation for all processes.

Intune security automation has significantly reduced our costs, making us more financially efficient making us more financially efficient. Automation is now highly valued as it eliminates the need for engineers to configure and manage systems manually. With AI-driven automation, we can effectively monitor configurations through a dashboard, providing a complete overview. This automation simplifies tasks like creating BGP connections, which previously required complex CLI commands. Prisma Access Palo Alto's GUI interface automates tenant creation with minimal input. Integrating Prisma MDM and Palo Alto device deployment further streamlines the process, reducing manual intervention. Overall, this automation saves money and frees up engineer resources by eliminating time-consuming configuration tasks.

Palo Alto Networks is a global leader in cybersecurity, providing top-tier protection to its customer base of over 90,000. Traditionally, customers relied on on-premise hardware firewalls, but the shift towards cloud-based solutions has driven a demand for more flexible and cost-effective security options. In response, Palo Alto Networks offers cloud security solutions that leverage its existing global device infrastructure. Customers only need to purchase licenses to activate cloud security features, tailoring protection to their specific needs for internal, external, or network environments. For customers seeking complete independence, Palo Alto Networks also provides interconnect licenses that eliminate the need for a service connection.

Customers do not directly purchase Palo Alto products or deploy them into production. Our professional engineers provide a lab environment for customers to test any desired Palo Alto services, from essential Prisma Access to advanced cybersecurity solutions like SaaS security and Cortex XDR. Once customers are satisfied with the lab environment, they can deploy the chosen products into production. If they encounter any issues during deployment or operation, the support team promptly addresses them.

I have resolved numerous customer issues, closing over 400 or 500 cases globally. While many cases can be resolved within a week, some complex issues may take up to a month. Palo Alto Networks aims to provide timely support for all customer issues, regardless of severity. When a customer encounters a VPN connection problem, they can create a case with varying priority levels. Critical cases are assigned to engineers immediately, with hourly updates provided to the customer. If the issue persists, the case is escalated to senior resources. Prisma, a relatively new platform, is constantly being monitored for bugs. Any issues identified are addressed promptly and communicated to customers. Our goal is to deliver exceptional support services.

Prisma Cloud offers complete visibility across our entire environment, from end users to the data center. We'll have full control and oversight within a single unified portal, eliminating the need to juggle multiple platforms as often required by other solutions. Prisma Cloud provides dedicated applications for various functions, such as SaaS security, threat and vulnerability management, cloud identity engine, and log analysis. These applications work seamlessly together, automatically connecting through APIs once deployed and licensed. For configuration management, the Strata Cloud Manager handles Prisma Access and Prisma SD-WAN. This centralized approach allows us to efficiently manage multiple aspects of our security infrastructure within a single platform.

Prisma Cloud offers SaaS security and data loss prevention as separate features requiring additional licensing. Both can be managed through a single portal. For threat prevention, they provide Cortex XDR, a recent cybersecurity offering from Palo Alto. When combined, we have a single tool to protect all of our cloud resources and applications.

Prisma Cloud helps reduce the number of runtime alerts. Users will only receive live alerts generated when Prisma detects an issue within the environment. For instance, if Prisma Access observes an attack, it will generate a live alert visible in the startup cloud manager's dashboard.

Prisma Cloud effectively reduces the overall number of alerts by prioritizing them into categories: critical, high, medium, low, and informational. Less critical warnings are consolidated into the informational category, minimizing alert fatigue. Critical alerts persist until resolved, and recurring issues can be configured to trigger email notifications for proactive monitoring, ensuring timely attention even when engineers are unavailable.

Prisma Cloud offers significant cost savings for customers. Previously, customers managed multiple firewalls, including internal and external devices. With Prisma Access, this complex management is eliminated, as Palo Alto handles firewall management. Customers configure and purchase a license to access gateways for end-user connections. This eliminates the need to purchase expensive individual firewalls, which can cost billions. While customers retain visibility through a provided portal to monitor traffic, the primary benefit is the streamlined management and cost reduction achieved through Prisma Cloud.

Visibility and control are valuable features. Customers desire complete oversight to monitor resource access, both internal and external, and verify user activity. ADEM, a purchasable license, enhances network visibility by tracking traffic patterns and identifying potential threats through a dashboard. Our Strata Cloud Manager platform unifies Prisma access and cloud management, while also accommodating next-generation firewall administration. The dashboard provides in-depth visibility into threats and vulnerabilities.

Prisma Cloud's most valuable feature is its user identification capabilities. By integrating with Active Directory or LDAP servers, it efficiently manages user access to cloud resources. Previously, determining user access required multiple hops through internal resources, consuming significant bandwidth. Prisma Cloud's Cloud Identity Engine directly connects to identity providers, streamlining user authentication and authorization. This improves performance and security by eliminating the need to constantly query Active Directory. Additionally, Prisma Cloud offers full visibility into network threats and vulnerabilities through a unified dashboard, reducing the need for multiple tools and licenses. This centralized approach enhances threat detection, response, and overall security posture.

The speed at which Palo Alto resolves bugs should be improved to prevent customers from experiencing issues while waiting for resolutions.

Palo Alto Prisma Cloud is relatively new, with only three years of history. While the documentation continually improves, it still has limitations compared to the extensive resources available for older products like hardware firewalls, which have been around for approximately 20 years. Despite these shortcomings, Prisma Cloud's documentation is growing, and knowledge base articles can be helpful for troubleshooting issues.

I have been using Prisma Cloud for two years.

The quality of technical support varies depending on the issue a customer faces. High-priority cases demand immediate attention and daily follow-up to prevent customer frustration. I have resolved hundreds of Palo Alto cases, including critical ones. These cases require engineers to provide half-hourly updates and expedite troubleshooting. A recent critical case involved a customer migrating Panorama configuration and experiencing Prisma Access account verification issues. The initial engineer engaged with Prisma Access but encountered licensing problems. I escalated the case, collaborating with licensing and engineering teams to resolve the API-related issue and restore service. While such cases are time-consuming due to limited resources, a global team of engineers can address troubleshooting needs.

Positive

The initial deployment was smooth due to excellent support from Palo Alto's professional services engineer. They provided a clear overview of our deployment needs, considering the customer's two branches and primarily remote workforce. We determined six VPN gateway connections were required, two in the US, India, and Europe, and two branch office connections. Palo Alto created a lab environment, presented the network topology, and demonstrated traffic flow. Additionally, they introduced the split tunneling feature, allowing specific traffic like Google search to bypass Prisma Access and access the internet directly. Overall, the top-tier engineers at Palo Alto delivered exceptional customer service and ensured a seamless implementation.

I would rate Prisma Cloud nine out of ten. I am deducting a point because of the limited documentation.

We have deployed Prisma Cloud for one of our client premises. And we are managing it internally. Although we do have support and other stuff for this solution, it has two kinds of modes. One is the detect and protect mode, and one is only for the monitoring purpose. There's different licensing. If you need protection from Prisma Cloud, then you will purchase a firewall kind of module with that. Otherwise, by default, it comes in monitoring mode.

It's deployed on all VMs and workloads. With the Prisma Cloud, you can have it on a cloud server or you can deploy it as a stand-alone. That said, the container should be persistent. Otherwise, if you restart the container, you will lose your configuration and everything.

We were doing a deployment for a telecom client, and they have two different application pipelines. One was based in India with the Oracle team. They were developing their own application, so we have also incurred it to the Prisma Cloud in their CI/CD pipeline.

The second use case was to monitor the OpenShift environment. The solution was basically bare metal. Then on top of that, there was OpenStack. It's an on-prem cloud service. We have deployed the Prisma Cloud solution, so it was on top of an open stack.

If there is a large infrastructure involved, you need to run continuous vulnerability assessments. You also need comprehensive reports and complete inventory details. Doing everything manually would cost a lot of human resources. And it can take a long time. This helps automate and control vulnerability scanning that's continuous. It also helps with compliance. If I have to scan something monthly or quarterly, I can do it, and it will run. What Prisma Cloud actually does is that it keeps on doing this activity for you without any required request from the operator side. Its agents are deployed on the infrastructure, on all the components, on all the applications, on all the operating system images, VMs, or the old private cloud environment or your work on nodes. If you spread your agents all over your infrastructure, it'll keep scanning and reporting, and you can see everything from your dashboard. 

We have integrated OpenStack, OpenShift, RH, et cetera. You don't need to integrate every individual part; you only need to integrate the worker node. And once you deploy it on the worker node, all the parts running on that worker node.

Prisma gives you full-fledged posture management. You get detailed insights into all your modules, how they are communicating, and on which ports they are communicating. If there is any unknown port or unknown address, et cetera,  Prisma Cloud can show you the configuration, and the ports. That way, as an architect or product manager, you know through your documentation which application should be communicating on which ports. If there is any deviation from that documentation, Prisma Cloud can see that, and you can get the details for that. 

With respect to virtual protection, it tells you which image, VM, physical server, worker node, or port has what kind of vulnerability. It gives you everything in real time. 

Monitoring mode is great if a company wants to know every single vulnerability and loophole in its infrastructure. It gives you a complete inventory list of VMs and devices within your infrastructure from the dashboard. You can add new policies or elements easily. You just integrate it within Prisma Cloud. That way your inventory automatically gets updated. 

Real-time continuous vulnerability assessment and reporting are key features. It's critical to most large-scale enterprises.

Prisma Cloud provides security scanning for multi and hybrid cloud environments. Sometimes, if we, for example, have some infrastructure on a public cloud, like AWS, then you need to monitor them continuously and you will require the inspector module of AWS. The inspector module is initially free of charge. And after two weeks, they'll start charging you. However, you can just put the credentials or access keys for AWS within the Prisma Cloud and assign the agent to that. It will start monitoring your cloud infrastructure as well with less overhead.

Prisma Cloud provides the needed visibility and control regardless of how complex and distributed the cloud environments become. What you do is you need to open the communication matrix. That communication matrix is the baseline or the product for the Prisma agent or CLIs, to communicate with the Prisma Cloud and share its findings directly. Whatever the agent finds on its local host, it will respond and share it with the Prisma Cloud. 

Prisma Cloud has two types of interfaces. One is towards the Internet to the main Palo Alto cloud environment. The second interface is towards the infrastructure or architecture. Most of the time, the operators focus on the corporate side since their responsibilities are related to that scope. The other side should be automatically updated, similar to how Microsoft. They simply tell you updates have been downloaded and installed, and you need to restart your system. The update processes are transparent. There is nothing manual to worry about.
There are a lot of compliance rules that you can configure. If the product manager knows that there's a new compliance rule, they ensure that the new compliance rule is compatible with their product. Compliance is not an issue, however, rules should be configured. It's just like any other compliance activity. 

Prisma Cloud enabled our customers to integrate security into their CI/CD pipeline. Our client was developing a large-scale application for billing purposes. And Oracle India was involved in that, and there was a DevOps pipeline. We have integrated the Prisma routes to the CLI within their pipeline; it was being handled through Prisma Cloud automatically within different DevOps gateways. It's seamless. Once you integrate it, then it's part of the pipeline, and it's being done automatically just like any other pipeline gate.

Having a single tool to monitor cloud sources has had a positive impact on our customers. Tasks that were headaches have become easier. It's easier to assess vulnerabilities and compliance thanks to automation. 

Prisma Cloud provides risk clarity at runtime and across the entire pipeline showing issues as they are discovered in the build phases. The vulnerability will stay on the dashboard until you fix it as well. It will keep showing you the issue until it is resolved. Vulnerabilities that are identified are documented and stored in the vulnerability management system.

Prisma Cloud has reduced alert investigation times thanks to the comprehensive dashboard. You can directly search for any host you are targeting or go through the entire list and check everything. 

It's helped customers save money in that it's helped them catch vulnerabilities thanks to 24/7 scanning. That helps you fix the issue earlier. If a vulnerability gets through and the company is breached, they can lose their reputation. The same is true if their service goes down - especially in a banking scenario. It can lead to a big financial loss. Having proper security controls and monitors in place mitigates this. 

They have very rich documentation, and everything is very clear with respect to integration and configuration.

It provides a lot of compliance rules. It provides us with around 160 different rules. That way, you can define everything during scanning and the system will keep checking for compliance, which is automated.

One single drawback is that updates are not directly based on push notifications. There is a lot of software that gets updated automatically. Since this is a security product, this product should be automatically updated. Right now, it must be manually updated. I should be able to focus on vulnerabilities and security, not updating.

Delays can be very costly. Even with a minute delay in updating, if an attack is successful, when you have this corrupted million-dollar product, it's useless to you then. That's why updates should be automatically done. 

It doesn't patch your products; it only provides insights into vulnerabilities. It's merely a value-added service for your overall security posture. 

They are missing some compatibility details in their documentation. If I am choosing a product, the first thing I look at before recommending it to my organization, is the documentation, including how it is organized, if their documentation is informative, what information they are providing, et cetera. Prisma Cloud has one issue within its documentation, and that is that it does not provide exact details of every single plugin. I was very concerned about which version of Prisma Cloud was compatible with which version of the solutions we had in our CI/CD pipeline. They need to be more clear. 

The solution is stable and is capable of covering large enterprises. I've never faced issues once I've deployed it. However, if you will be holding the data for the long run, you need to think about storage. That's it.

It's scalable. You can scale horizontally or vertically. 

Their support is not very good.

Negative

I've deployed it from scratch in a containerized environment. I am running a persistent container for Prisma Cloud.

The setup is very straightforward, thanks to their documentation. It's rich and comprehensive. They just don't provide version compatibility.

We deployed the solution in a day.

There is no other complexity in the implementation. It can be anywhere in the VM or any other component of your infrastructure. The agent should be able to ping its Prisma Cloud server. Once that is done, there is no other complexity. You just deploy the agent. The agent will keep updating automatically via the Prisma Cloud, and it will start finding new vulnerabilities. That's it. There are no such complex issues with the Prisma cloud deployment.

The implementation strategy was that we knew for which kind of infrastructure we were going to deploy it. 

There isn't much maintenance needed. The only thing is that sometimes you integrate Prisma Cloud with something that is not supported by Prisma Cloud or documentation does not explain it. In that case, you need to engage their support team. Their support is not very good. 

The solution is very expensive. They must have decided internally not to go after SMEs or startups. They are targeting multi-million or trillion-dollar organizations. Those are the companies that can afford their products. 

We're an MSP; we provide this product to customers. We provide security as a service.

We wouldn't recommend the solution for SMEs or startups. This is for larger corporate enterprises like large banks, fintechs, or telcos. It's good for larger infrastructures that might have legacy controls or devices.

Prisma is not the only solution in the market; there are others as well. It offers good core functionality, and it covers your whole cloud environment. It's a fully-fledged package that can help provide insights into security threats in any kind of development environment, from production to staging.  

I'd rate the solution seven out of ten.

If you are interested in Prisma Cloud, look at your business cases first. If you have a massive, large-scale infrastructure, they should not go into new products blindly.

We initially wanted something to protect our infrastructure. We acquired Prisma Cloud, so at least our containers are secure because we already installed agents in the containers. Our infrastructure is being monitored by Prisma Cloud. Then, we started with the WAF (web application firewall) service to enable API discovery and to understand what our APs are doing.

We can protect our APIs in case of a DDoS attack. We are currently working on CI/CD integration so that we can enable Slack CLI in our pipelines. Whenever there is a vulnerability, it will automatically be produced into the Prisma cloud.

The most valuable feature of Prisma Cloud is WAF. AWS also provides web application security, but it is outside the VPC. Since the agent is already installed in the container, we can protect it directly from the application side. We have a UI-based view of the request.

If I want to know how many SQL injection attacks happened in a day, I can just make a filter. Instead of typing, I can select the filter and get the details. It's much faster, and it is very easy to find out attacks and discovery from the user's perspective.

A couple of exporting functionalities should be more user-friendly because if I want to export something, I can get a lot of data visible to that particular CSV. There is no filter for what kind of data I want to export. That is something that I have missed as someone from the management side. When we see any CVE issues, proper information, including the path, should be mentioned.

For example, in the case of vulnerable packages or images, whether a base image is vulnerable or the package under the base image is vulnerable should be mentioned. That visibility is sometimes missing there, although not every time. It took me some time to figure out what kind of issue it was trying to resolve.

For example, one issue was that an image should be run with a non-route user. Only the discussion was there, but how to validate and fix that was not there.

I used Prisma Cloud by Palo Alto Networks for around one month in my previous company. I've been using it for the past four months in my current company.

Prisma Cloud is a stable solution.

It is a scalable solution. We have more than 20 people using Prisma Cloud in our organization.

I rate the solution's one-on-one technical support session a six out of ten. The support team usually provides only a half an hour session, which sometimes is very little for us when the issues are big. However, their support through email is good. The solution's one-on-one support session should be extended by at least half an hour. Since their one-on-one sessions are based on their availability, I don't get instant assistance when I need it.

Neutral

I have previously worked on different tools like PingSafe. PingSafe is only into cloud security posture management, but Prisma Cloud has everything enabled in it. As a cloud security posture management tool, both the tools have their own advantages and disadvantages.

I can compare only one functionality, which is the CSPM module. For the CSPM module, Prisma Cloud's finding is good because it has access inside a containerized agent. PingSafe was more into the basic CIS benchmark things where we were able to identify the issues. PingSafe was also good, but Prisma Cloud has more advantages and configurations enabled.

The solution's initial setup was pretty straightforward. It's a bit complex for a new person, and some guidance will be required. However, the documentation is quite enough to reduce those things. The initial setup is neither too hard nor too easy.

The DevOps team does the solution's deployment. I was not a part of the deployment process. When I discussed it with them, they told me they had some script or documentation. They started that, and the deployment was completed in a day or two.

We are using cloud protection, virtual protection, and the CI/CD modules of Prisma Cloud by Palo Alto Networks.

The comprehensiveness of the solution for protecting the full cloud-native stack is pretty good. We need to monitor those things. We initially did all the configuration from the container or API side. Now, our work is only to monitor periodically. It has a report functionality on a mail and download basis.

Periodically, we'll receive a mail asking us if we want to work on the weekly summary of our findings. There is a rescan functionality that I can use to rescan and confirm if someone has fixed a vulnerability so that it will not be shown in the results the next time. Prisma Cloud provides comprehensiveness that covers most of the areas.

When we didn't have this tool initially, we had to run around for different open-source tools because there was no one-stop solution. We had to go for different open-source tools for different functions. Prisma Cloud is a one-stop solution that covers multiple things like API security, container security, infrastructure security, AWS cloud security, and CI/CD security. So, it's a complete package for us to look around and figure out the issues in every area.

We did not immediately realize the solution's benefits from the time of deployment. It took an initial one month to understand the functionalities and their uses. After one and a half months, we were able to identify the benefits of using these services.

The solution provides the visibility and control we need. Initially, we did some access analysis to know what kind of permissions these particular agents are running. Then, we got to know and understand the agent's particular privileges.

The solution has reduced runtime alerts by around 15 to 20%. As soon as we use any image, we decide to run the scan and get the finding immediately. We have a time window to figure out the issue.

In case of an incident, Prisma Cloud requires some maintenance. If something happens because of the tool, we have to stop those agents, rerun them, and then check the logs. Sometimes, the services are disrupted when we enable something amid permission issues. So, that part definitely requires some maintenance.

I would recommend Prisma Cloud by Palo Alto Networks to other users. Prisma Cloud is a one-stop solution where you get multiple tools within one tool. That is a great thing because you don't have to run around for different kinds of tools.

Overall, I rate Prisma Cloud by Palo Alto Networks an eight out of ten.

I work with various modules, including CSCM, CWP, Code Security, and NS.

We use the solution for day-to-day activities, from onboarding accounts to deploying Defender to creating rules to monitoring incidents. It's used for alerts and monitoring of what happens on the workloads. 

Our customers use the solution to try to meet their compliance standards, and for audit purposes. It helps create policies. SmartCloud itself has around 2,000 policies. It can cover compliance standards around banking, for example, around workloads and data. It helps align with governing bodies' compliance standards. We can create custom policies and anyone can create workloads.

There are many modules that have various capabilities. We can look at the misconfiguration of cloud resources, for example. They can help with compliance as well. We get notified and get data alerts and this is automated. However, we can manage items manually as well. 

It's good for monitoring your environment for AWS.

For visibility, we can create one service account.

Regarding the assets, regarding the alerts, we get all the data. It's great for our cloud security posture and management.

It's cloud-native and is used in major cloud environments. With it, we can monitor clouds like AWS, DPP, Azure, Alibaba, and Oracle. This is important. Many customers work with various key cloud providers. They often have their resources across different cloud providers and all resources must be protected and monitored. With this product, we can monitor all the things even if they are on different clouds - and it can be done on one platform. 

The most valuable aspect of the solution is the computing part.

Prisma Cloud makes it easy to host virtual machines and cluster environments like container Kubernetes. It does this while providing a single dashboard, from which we can monitor all of the workloads and perform vulnerability scanning.

It's very good at helping us take a preventative approach to security. Many bans are using it as a cloud security tool based on the level of prevention they offer. 

It supports the multi-cloud environment beautifully. If there is any kind of anomaly, it helps alert you to it. If there are malware or brute force attack attempts, it will report that. We can both monitor and audit the system. They have their own out-of-the-box configurations or we can customize them to create our own monitoring and auditing policies. 

The solution provides us with data sessions to help gain visibility of workloads in various regions. For example, if there is a workload created just in the US region, we can see that. It will give an overview also. It supports all kinds of workloads, from host protection to Kubernetes and container environments. It even provides support for the Oracle Kubernetes environment.

It ensures that nothing impacts operations. It will block vulnerabilities or implement fixes. 

The solution provides the visibility and control you need regardless of how complex or distributed your cloud environments become. It's very easy to see the entire security posture from every angle - region, data, compliance, et cetera.

We can integrate it into our CI/CD pipelines into existing DevOps processes. We can integrate via APIs or code. When a developer is in the code and integrating, if there's a vulnerability present, or a misconfiguration, it will scan and provide data. With Terraform templates, we can create a lot of instances. With one Terraform code, we can create hundreds of instances. 

The solution helps developers go to very specific locations, to exact areas, at which point they can perform fixes. 

Overall, it provides us with a single tool to protect all of our cloud resources and applications. It's got the best features for web applications and ETL security.  By enabling data, we can monitor whatever is deployed on the cluster or on the IT environment. It provides risk clarity across the entire pipeline. For example, the vulnerability explorer gives you a view of the top critical vulnerabilities. That way, developers can see what the priorities are for what needs fixing. 

It reduces runtime alerts. They provide us with a runtime alert console. It's also reduced alert investigation time. By clicking right on the investigation, we get all the data, including the source IP and any kind of suspicious detail in the workload. We can quickly go ahead and block IP as necessary.

We're able to directly integrate alerting to tools like QRadar.

The solution has helped our customers save money. They don't have to go ahead and hire individual experts for different areas like AWS and Azure. Having everything separate can be hectic and expensive. This is centralized. YOu don't need different teams. With its user-friendly interface, you only need one or two resources to monitor the whole cloud environment.  

Prisma Cloud introduced some new permissions so we have to go and manually add that permission. It is a little bit hectic. If someone onboards single accounts they have to go through each account in that IIM role, and they have to manually add that permission. It's a manual job that takes time. It would be ideal if there was some sort of automation involved.

In scanning, it does not provide runtime protection. 

The licensing could be better. You need to deploy an agent and it would be more convenient if it was agentless, which should be possible. With agents, you are consuming the same amount of credit, yet it does not provide the same amount of features. The automation needs to be improved and included in terms of AWS onboarding. For Azure, it's good, however, with AWS it requires manual intervention. 

Sometimes we do get false alerts. That should be improved. 

I've used the solution for around one year.

The solution is stable. There is occasionally some downtime.

The solution has been scalable. 

Technical support is strong. They have different levels of support, critical, high, medium, and low. For issues rated as a high priority, they provide assistance within one to two hours. Lower priorities may take 24 hours. 

Positive

I did work with a different product previously. Often, other solutions do not have as much visibility. AWS native services, for example, are not able to monitor the workload or data of Azure. You'd need another product for that. Similarly, Defender will only monitor an Azure environment. I have not worked with something that moved across clouds like this solution does. 

I've helped deploy the solution for five to six clients. 

In the early stages, it's a bit complex to set up due to the fact that it's new and we need to train. We need to give users a session and a POC or demo. So the complexity comes from the training and onboarding, not necessarily from the product itself.

Typically, we can deploy it in one week, and deploying it to any cloud environment would take one to two hours. After onboarding the new cloud environment, we need to create rules and integrate the ticketing tool. That might take two weeks also. There's a dependency with the cloud team in that sense, since, if you are going to integrate anything you need to schedule a call. If Defender is included, we need to deploy it manually. We'd also decide what is being automated. 

The solution does require some maintenance. On the portal, it would show whenever some maintenance is needed or if they are updating their versions. There may be maintenance downtime. The maintenance is provided by Palo Alto itself. We'd notify the customer if they need to be prepared for some downtime. 

Customers have witnessed a good ROI based on the ability to create and customize multiple policies. It helps them meet compliance and auditing requirements. 

I don't know the exact cost; that's handled by another team. However, my understanding is that the cost is based on consumption. 

It takes a little bit of time to create time to value for the solution. A new customer might not have any idea of a cloud's capability. Some people need training and this might be on a quarterly or monthly basis to get the customer up to speed. Once they are more knowledgeable about the solution, they can utilize its capabilities more fully.

I'd recommend the solution. It's comprehensive for securing the entire cloud-native development life cycle across the build, deploy, and run. It not only provides security protection in the runtime environment - it also covers CI/CD. We can integrate Azure DevOps or any kind of solution like Jenkins. 

For new customers, I'd recommend they take on a demo or POC. They can get a one-month license and try it out. Customers can coordinate with partners and see how it would work in their environment. If a customer has a multi-cloud environment, this is a good choice. 

I'd rate the solution nine out of ten. 

We have a console set up in Prisma that scans all the cloud environments and collects data about platform, infrastructure, and app vulnerabilities.

We are responsible for app vulnerabilities, and 90 percent of the vulnerabilities were detected by other products before Prisma scans. Other scanners also do some of the same things. Prisma's ability to consolidate and identify the uniqueness of the vulnerability is a huge help. Based on the different scans, we can determine duplicate vulnerabilities.

Prisma provides visibility regardless of how complex or distributed my cloud environment becomes. It adds value, especially from the infrastructure and platform side. From an application perspective, there were many other challenges.

I wouldn't say we can protect everything with Prisma. It identifies the issue but doesn't resolve it. Protection is something else that we have to do in the cloud environment. 

We use Prisma to scan for vulnerabilities and place them in a centralized repository where they are assigned a severity. Based on that severity, App Runner will get time to fix it after something is already in production. 

One feature we like is the amount of data Prisma gives us. Some infrastructure and platform vulnerabilities in the cloud are hard to detect, and we were unaware of some of these. It's critical to shed light on these. For example, you create virtual machines and forget about them, but when you revisit them, some vulnerabilities may be detected. 

Prisma allows us to adopt a preventative approach. We can scan some containers before they go into cloud production. The only caveat is identifying the cloud environment in a production or non-production environment.

Prisma could improve the data quality. One challenge is that when an application is deployed on multiple virtual machines, we get an alert for each machine, but the biggest challenge is container flapping. When containers go up and down, we get 100 alerts on one day, but it reports 20 the next day. The numbers keep changing, and the app owners tell us, "You reported a hundred vulnerabilities from my app, and today, you report 20. I haven't made any changes in production, is your data correct or not?"

 Containers can go up and down, so it can't tell whether the container is down for good or if it was only down at the time of the scan. That's one of the biggest issues we had. The second is data deduplication because we get vulnerabilities from multiple sources through Prisma scans. A vulnerability is reported by Prisma scan and software composition analysis, SAS, DAST, or BLAST scans. You've got all these different scans reporting the same vulnerability. 

We have used Prisma Cloud for a year and a half.

Often, we don't get the data for a particular console because it's down. While we're working to fix the issue, we get the previous data and all the other stuff.

At my company, we have many resources, and I haven't had any issues with vulnerability. Prisma can scale vertically or horizontally very well.

I can't say whether Prisma has saved us money because that's not the goal. The objective of Prisma is to identify incidents inside the company. Reputation and data security are the two most important things to a financial institution. We spend money to prevent improper data usage or vulnerability exploitation. I don't know whether it can save money, but it protects our data.

I rate Prisma Cloud seven out of 10. It does do a lot of things, but the data reliability and other issues make our lives more difficult. It presents more challenges than just getting the data and porting over.

We use Prisma Cloud for cloud security management. We use the CSPM and compute modules.

Prisma Cloud provides security spanning multi and hybrid cloud environments, which is moderately essential to our organization.

The security automation capabilities help remediate vulnerabilities, which correlate to cost savings.

After a few months, the benefits of Prisma Cloud became apparent. We have begun integrating the Prisma Cloud alert or inventory module into the computing environment. This is a positive development as it enhances tool interoperability and consolidates a significant amount of previously inaccessible data.

Prisma Cloud can secure 60 to 70 percent of the entire Cloud-native development life cycle.

Prisma Cloud provides the visibility and control we need regardless of how complex or distributed our cloud environment becomes. This improves our compliance posture.

Prisma Cloud provides 70 percent of coverage in a single tool to protect our cloud resources and applications.

It has helped save our organization around 20 percent, protecting our cloud resources and applications.

Prisma Cloud compliance monitoring helps us improve our overall compliance posture.

Prisma Cloud's most valuable features are its ability to detect vulnerabilities as they occur and its CSPM function, which provides a complete inventory of assets.

I like the scanning features provided by Prisma Cloud, including the image scan and source scan.

Prisma Cloud needs to improve its reporting. If they report a Go vulnerability and claim that Prisma Defender hasn't released a patch, it won't help us. However, if they report that Prisma Defender has released a patch, that is beneficial. Reporting the Go vulnerability within Defender is ineffective because I cannot directly fix a Go vulnerability.

The integration with other tools can be improved. It provides all the cloud details but is not entirely linked to the compute model.

There needs to be more transparent communication when they will have downtime.

I have been using Prisma Cloud for over two years.

I would rate the stability of Prisma Cloud nine out of ten.

I would rate the scalability of Prisma Cloud five out of ten because it is dependent on vendor resources rather than its own. For example, image scanning is entirely reliant on us.

The technical team requires a lot of information for every ticket we submit, and if there is ever an out-of-the-box issue, they don't respond to us or take a long time to respond.

Neutral

I previously used AWS tools and Tenable products, but we switched to Prisma Cloud because of its real-time vulnerability identification.

Initial deployment is straightforward and takes one to two hours when all required information is available. However, if complete requirements are missing, manual deployment of all agents is necessary, which is a significantly time-consuming process.

Prisma Cloud is affordable.

I would rate Prisma Cloud eight out of ten.

We have over 100 users.

Our environment is complex. Prisma Cloud is deployed across multiple locations using many tools.

Prisma Cloud requires a lot of maintenance for upgrades and Defender.

I would recommend Prisma Cloud to others. The scanning and runtime are one step ahead of the competition.

I work with Palo Alto products, including their firewalls, VM-Series, CM-Series, hardware, and Prisma Cloud by Palo Alto Networks. I recommend Prisma Cloud by Palo Alto Networks primarily for financial services, FSI, and energy companies.

The threat detection feature in Prisma Cloud by Palo Alto Networks integrates with cloud-native controls like AWS GuardDuty and similar services on Azure and GCP. It also brings its own threat intelligence from Unit 42 and supports external intel feeds like VirusTotal. Multi-cloud compliance monitoring leads to a normalized view and can reduce workforce requirements.

The cost of Prisma Cloud by Palo Alto Networks is too high. I would also appreciate the addition of NLP to reduce the learning curve and make configuring queries more user-friendly.

I have been working with Prisma Cloud by Palo Alto Networks since it was called RedLock in 2019.

The initial setup is straightforward. Day zero involves cloud integration following an admin guide. Day one involves policy tuning, customization, and configuring compliance policies like GDPR.

The ROI is challenging to quantify. While there is tangible reduction in workforce needed, exact cost savings cannot be easily measured.

Pricing and licensing are expensive. There are different experiences with ROI, and exact cost benefits are hard to quantify.

If you have a multi-cloud environment, Prisma Cloud by Palo Alto Networks is essential for reducing costs and normalizing outputs. In a single-cloud, limited setup with good automation, you might not need it. I rate the overall solution at seven to seven and a half.