Prisma Cloud by Palo Alto Networks Reviews

I am using Prisma Cloud by Palo Alto Networks for security. It ensures AWS security, and it is part of my cloud report.

Prisma Cloud by Palo Alto Networks has a good reputation and prepares constructive reports that are helpful for addressing any security issues. The Cloud Native Security Monitoring feature is also beneficial and is a good aspect of the solution.

I believe there are some issues with the product's maturity. In some cases, it could malfunction concerning Cloud Native. These are aspects that need to be checked to ensure stability, especially in terms of monitoring.

I have been using Prisma Cloud by Palo Alto Networks for almost over a year.

I would rate the stability of Prisma Cloud by Palo Alto Networks at seven out of ten.

While I haven't scaled Prisma Cloud by Palo Alto Networks, I believe that Cloud products generally have scalability available.

I would rate Palo Alto Networks' technical support an eight out of ten.

Positive

I have experience with SonarQube, which I consider an earlier and stable product. Prisma Cloud by Palo Alto Networks, however, needs some maturity improvement.

The initial setup process for Prisma Cloud by Palo Alto Networks was primarily a little complex.

SonarQube

The features of Prisma Cloud by Palo Alto Networks are overall satisfying, although I would like to verify some aspects. My final rating for Prisma Cloud by Palo Alto Networks is eight out of ten. I recommend Prisma Cloud by Palo Alto Networks to other users.

Public Cloud

Amazon Web Services (AWS)

We are mainly using Prisma Cloud for Cloud Security Posture Management (CSPM) and for following the compliance standards as per the industry. Another use case is to get the runtime workload protection.

We are using the WAAS, CWP, application security, and CSPM modules. We are not using the DSPM module because it is not available for the India tenant.

All the features provided by Prisma Cloud are quite helpful for the BFSI sector and other sectors. It protects our overall infrastructure and detects any attacks or threats in real-time scenarios. It can also block any suspicious processes or things from the Internet, so it is quite helpful for the organization.

We are working for an organization with a multi-cloud environment. We have deployed Prisma Cloud in their infrastructure with AWS, Azure, and GCP. We are able to monitor all the tools and all the assets as per the compliance standards. We have deployed Defender on all the environments. We have integrated Defender with an embedded kind of application. We have been able to work with the client as per their specific requirements.

Compliance monitoring is very important for the banking sector. With Prisma Cloud, we can see the compliance status. It shows us how we are following the rules of a particular industry. It helps organizations match the industry level and ensure that their data is secure and they are following the guidelines of their particular industry.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments. It is very important to create a secure infrastructure. Prisma Cloud has the ability to protect a multi-cloud environment with AWS, GCP, Azure, Oracle as well as Alibaba Cloud. It plays a very crucial role in the security of an organization.

For security automation capabilities, we have some integrations. We have initialized application security before deploying the infrastructure over different environments, such as prod and pre-prod environments. Every open point should be closed. If we are creating our infrastructure through any automation code, there should be no cloud security posture management alert. We have also integrated Prisma Defender at the same time with the app-embedded format to protect our workload.

Prisma Cloud has features to detect anomalies, attack paths, and escalation privileges as well. It detects the root cause and lets us know the things in our infrastructure that can lead to the attack. We remediate them and secure our infrastructure.

Prisma Cloud saves a lot of time. It provides a consolidated dashboard for our infrastructure. We have multiple accounts, and on a single page, we can see the types of issues and the resources impacted. From there, we can directly go to the cloud, and we can take action on that. It saves time. We can close an alert in minimal time. It saves about 60% of the time which also has financial benefits. There are more than 50% cost savings.

We are more aware of things. If something suspicious is happening, we can track it and take action on that. Also, if any critical issue or vulnerability is reported that can impact our infrastructure, we can take recommended action from there. It helps us to detect the root cause. If there is any data leakage or server compromises, we can get the details and investigate things in detail. We get the API call as well. We get to know which endpoints are not set or how we can secure them. We can secure the endpoints. It helps us to reduce any attacks. We are using a lot of things from Prisma Cloud.

We could realize its benefits within one week of its implementation. Before we started with the actual implementation, we had done a PoC. It took us one week to observe and understand the flow and how it can help our organization.

Prisma Cloud covers all the stages such as build, deployment, runtime, etc. It has the capability to detect, protect, and escalate at all of these stages. At the build stage, we can initiate scanning for application security. It has the capability to scan the images at runtime. It also has features to block things in real-time scenarios. It has all the features. We have already adopted all the features of Prisma Cloud.

We trust Prisma Cloud and follow all the recommended actions. If there is any module that we have not yet adopted, we do a PoC and adopt that as well. As security engineers, we have to secure our infrastructure and assets in real time. Most of the competitors are providing CSPM, but only Prisma Cloud has the features to detect and block things in real-time scenarios. That is why we believe in Prisma Cloud.

Prisma Cloud provides a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

Prisma Cloud provides near to real-time alerts for our cloud infrastructure. At run time, when our Defender is running, it instantly gives the impacted process in a particular environment. So far, we have reduced more than 40% runtime alerts.

We have pre-production, production, prod, and UAT accounts. We can take action on the basis of severity and close any vulnerabilities.

The CWP module, runtime protection, and WAAS API are valuable.

For Prisma Cloud, I have already raised some requests, which are in progress. I am hoping they will be implemented soon. One of the requests is that Prisma Defender for the ECS solution is only supported for Linux. It does not support Windows.

For a runtime incident, it only has the option to archive. After validating the incident, the team members should have the option to add some comments and then archive. We should be able to add comments saying, "It is a false positive." or "This is the action we have taken." We have requested a few more improvements. The Palo Alto team is working on them.

I have been using Prisma Cloud for more than one and a half years.

It is a stable solution. We can trust it and rely on it. I would rate it a ten out of ten for stability.

I would rate it a nine out of ten for scalability.

In our organization, more than 60 users are using this solution. We have some team members working on AWS. We have some team members working on networking and we have some team members working on creating the infrastructure.

We are using the enterprise version, and we are getting the required support. If we find something suspicious, we can raise a ticket with the support team. They are working on priority, and they are following their timeline as well. They are working properly based on the severity and agreed timeline. There is no recommendation for any kind of change.

They are quite helpful, and they are aware of the things. If something is beyond their understanding, they reach out to their internal engineering team, and they are able to help us. They are very nice.

Positive

I have used multiple security vendors. Every vendor has its specific use case. Every tool has some kind of limitation. Overall, we found Prisma Cloud to be better. It has features like template scanning, runtime scanning, and runtime blocking. Endpoint blocking is also there in Prisma Cloud. 

Other products do not have all the features. Some products have only the CSPM feature. Some products have only vulnerabilities and scanning features. Some products only have API endpoint discovery features. Prisma Cloud has all the features integrated or consolidated into one platform. As a single platform, we are getting all the things. Prisma Cloud gives a consolidated report in a single platform. This is why we chose it.

Its deployment is very straightforward. The time taken for its deployment can vary depending on whether it is a migration or a new deployment. Overall, it takes a maximum of one week.

It is fairly priced. However, its price can be better so that small banks or small organizations can afford it and adopt it to secure their environment and data.

I would recommend Prisma Cloud if you are looking for security, real-time protection, and real-time API discovery. If a client needs such a solution, we recommend implementing Prisma Cloud.

Overall, I would rate Prisma Cloud a nine out of ten.

I primarily use the solution for vulnerability management, compliance management, and sometimes defense and access control. It has a sandbox. We can scan and manage CI pipeline security. 

The cloud solution as one platform can provide us with a lot of features and cover most of what customers care about. 

I have some clients that are moving from computing to a container environment. For cloud sets, customers need to increase the power of security over the DevOps environment. It doesn't create any bottlenecks when launching new products. From a business perspective, it's very helpful and supportive. It expedites go-to-market.

The runtime defense and API security are very good. It offers very good application security.

It's very comprehensive. It can cover the full cloud-native stack. There is a wide range of integrations, and the compatibility with various cloud providers is very useful.

It's perfect in terms of the security automation. We can do everything from the portal and choose a variety of policies. It can cover medium to large customers. 

We can take a preventative approach to cloud security. It's helpful.

They are constantly updating and adding new features and offering support for each of the updates. 

It is very comprehensive. It covers all aspects of the customer's cloud.

It provides good visibility and control regardless of the complexity. 

We can integrate into CI/CD pipelines. It's very efficient. They can integrate with whatever CI tools the customer uses, including Windows, Linux, and so forth. 

Modules can be added to cover additional items from the customer's side.

It reduced runtime alerts. We've saved more than 50% to 60% of our time.

We've reduced alert investigation times. With any incident that happens, we can do an investigation and correlate and normalize the incident quickly. We've saved more than 70% of the time typically taken.

They could improve more features for the enterprise version of the solution. They need to also have more features for on-premises versions for companies that cannot access the cloud version. 

I've been using the solution for around two years. 

The solution is stable. I'd rate the solution eight out of ten. 

We use the solution for one location. 

It's a scalable solution. I'd rate it nine out of ten. 

I was not involved in the deployment of the solution. 

There is maintenance, however, it is very minor. You just need one to two people to manage it. 

The ROI users get from the tool is very high. 

The pricing is a little bit high. It is not a cheap product. 

I'm a partner and reseller.

I'd rate the solution nine out of ten. 

I'd recommend the solution to others. The cloud-based version is very good. Users can rely on the product.

Private Cloud

We use the GlobalProtect module within Prisma Cloud to ensure the security of our mobile users.

Prisma Cloud provides security spanning for multi and hybrid cloud environments.

It includes automation capabilities that we can deploy if the environment is suitable.

Prisma Cloud has enabled us to migrate from multiple vendors, creating a more user-friendly experience for everyone.

Prisma Cloud enhances the security of our cloud-native development lifecycle from start to finish.

One of the advantages of Prisma Cloud's GlobalProtect module is that it provides a centralized tool for monitoring applications, user connections, and latency. Additionally, it allows us to track the percentage of availability.

Prisma Cloud saves the equivalent time of one full-time employee.

The most valuable aspect of Prisma Cloud compared to other VPNs is its security and performance.

In the GlobalProtect module, we can easily guide users experiencing connection issues through the notification column. Within that column, we can submit and escalate notifications on host entries for troubleshooting purposes. Additionally, we can troubleshoot by collecting direct logs during user data connections. On the security front, we have a wide range of SaaS-based items at our disposal. Using Prisma Cloud, we can send internet-based reminders about the option to create a VPN tunnel internally.

Palo Alto needs to add more support staff to improve their response time.

I have been using Prisma Cloud by Palo Alto Networks for two years.

I would rate the stability of Prisma Cloud ten out of ten.

I would rate the scalability of Prisma Cloud ten out of ten.

The support response time is slow, with resolutions sometimes taking up to two days.

Neutral

The initial deployment is straightforward. I have experience with two deployments. In my previous job, the deployment took six months to complete. Currently, we have 15 tenants to deploy and have successfully deployed ten within the first seven months.

The price for Prisma Cloud is reasonable.

I would rate Prisma Cloud by Palo Alto Networks eight out of ten. However, the delay in support time negatively impacts my overall assessment.

We have 90,000 accounts and have already migrated 50,000 users over to GlobalProtect.

Palo Alto does the maintenance.

I recommend Prisma Cloud to others, as long as the solution meets their requirements for cost, support, and number of locations.

Public Cloud

Currently, we use Prisma Cloud by Palo Alto Networks in my company for our clients who operate in the finance and banking teams and want data, network security, and posture management for the cloud infrastructure.

The solution has improved our organization, and I believe that it is a continuous process to protect you in any environment. Prisma Cloud gives you an overview of what gaps are in their environment, but how they are going to be solved depends upon the client, especially the security gaps. Prisma Cloud by Palo Alto Networks gives 60 to 70 percent of the overview, which the client ignores in their infrastructures. The tool provides users with a better overview of what is going on in their infrastructure.

The most valuable features of the solution are areas like compliance and asset inventories, along with runtime protection.

The tool's UI is an area with certain shortcomings where improvements are required. With the cloud protection and UI, the tool should have the option to download the data for the vulnerabilities. One should have the option to download detailed data about vulnerabilities in the host. The tool should have a guide or a knowledge base document. The tool should specifically provide a guide about the solution's UI, which can be helpful for clients.

Sometimes, it does provide an error, or I can say that when we integrate our infrastructure cloud with Prisma Cloud, we face some issues. Most of the time, the integration issues are not due to Prisma Cloud but from the client side.

The tool's support team needs to improve.

I have been using Prisma Cloud by Palo Alto Networks for two years. My company has a partnership with Palo Alto Networks.

Stability-wise, I rate the solution a seven out of ten. I rate the stability at a seven, considering the time we needed to get the data from DSPM. Most of the time, when the client requires data, it is not available. At other times, it requires a lot of time to get the data. It also requires time to import data from the cloud as per our requirements.

It is a scalable solution. Scalability-wise, I rate the solution a nine out of ten.

My company's clients are medium and enterprise-sized businesses.

The solution's technical support team doesn't reply on time. There is a gap in communication. The solution's technical support team doesn't have enough engineers to handle the cases. The support team wants us to work as per their time, so it is not according to the clients’ needs and time. I rate the technical support a six out of ten.

Neutral

I got a chance to work with CrowdStrike and SharePoint, but I never got the project since the client did not give me a chance.

The product's initial setup phase is straightforward. For the deployment phase, we just need some minimal data from the cloud to be able to integrate with Prisma Cloud. Just in case of custom issues, there are some points where we faced some issues with the deployment, but it was basically from the client side as they had multiple policies deployed on AWS and Azure Cloud, making it a little difficult for Prisma Cloud to integrate. In general, it is easy to integrate anything on the Prisma Cloud.

For the product's deployment phase, one cloud admin from the client's end and one from my company's side, one person is required. Two to three people are required to take care of the deployment.

The solution can be deployed in a matter of days.

Though the company's clients have multiple tools, they were not able to integrate all of the cloud accounts in a single SIR tool, which is why we had to use Prisma Cloud by Palo Alto Networks to monitor all of our company's clients' cloud accounts.

The solution provides security scanning for multi and hybrid cloud environments, but it does not provide the details about the product that provides the security. Most of the time, it just provides an overview of the security gaps. In real life, I didn't see any of the scenarios where it is protecting our company's infrastructure. Clients are sometimes not ready to use runtime protection for the Prisma Cloud because they don't want to take any risks in the production environment.

The comprehensiveness of Prisma Cloud for protecting the full cloud-native environment involves network protection. The most important thing is network security, and the second is IAM security, which is important for the banking team. I see that the tool has a large number of containers. Deployment and pipeline security are the main areas for the banking sector. Our clients don't use much of Prisma Cloud by Palo Alto Networks because it contains complexity, and the UI is not user-friendly. There have been multiple cases of their client complaining about the UI. From the standpoint of the client, the tool is too complex.

Speaking about the tool's help that allows users to take a preventative approach to cloud security, I would say that based on the asset inventory, we check the details about the assets and the number of assets. Secondly, we go through the alerts, which consist of IAM and the network security rules. Following the severity, like critical, high, or medium, we first resolve those issues and take steps monthly. The alerts that are generated monthly should be resolved only in that month.

After the deployment, it took three to four months to notice the value derived from using the solution, from my point of view and experience.

The discovery is good. The discovery provides details about the assets and the data, along with the data inside the infrastructure and about the infrastructure. There are some issues because if only about the data, it does not give out any issues for the user and instead gives more information about the infrastructure and some within the infrastructure.

Palo Alto DSPM did not discover much data existing outside of our company's official IT systems.

The solution provides insights into the content that has been discovered, along with some detailed information.

I cannot reveal the type of insights into the content that the solution has provided because our client would not want our company to open up about such details.

The insights into the content have affected the data security operations since following the compliance provides and helps clients regulate their security. It also prevents data breaches. The data breaches open up whatever data can be opened, and it helps clients to determine what data they need to secure and how. Speaking about data security posture, our company's clients take steps to resolve any issues because they want to save their reputation, especially in scenarios involving hacking.

It took around two to three months to see the value derived from the use of the product.

The tool provides an automated discovery of new data assets as they get onboarded. It does take one to two days on an average basis to show all the data.

In terms of whether the solution provides a prioritized list of all the data security posture issues in our company's environment, I can say that as soon as the assets are discovered, Prisma Cloud starts scanning and does all of the data security scanning. It does not take much time, and it can be done in four to five hours. If it is a large-scale infrastructure, then it can take an average of eight to ten hours.

I have not used the solution's connectors for the SOC's DDR solution to help automate remediation since the plant where it is used did not integrate Prisma Cloud with the same tools they use, with one of the reasons being that Prisma Cloud overflows the alerts, and they did not want alerts to overflow with their production in an SIMP environment.

The solution provides visibility and control regardless of how complex or distributed the cloud environment becomes, but when it comes to getting the data from the UI shown to the upper management, things do become complex because the tool doesn't have many options to import or export data.

I cannot say that the solution has reduced all the alerts by prioritizing the ones that have the most impact on sensitive data. The alerts that were critical and high, have been resolved by the team, while also taking care of areas involving IAM and networks.

The prioritization of alerts in the tool has affected our company's operations, and from my point of view, right now, I am able to show my CIS and the upper management team what steps we have taken and how the issues that are there as per the alerts have been resolved based on the critical, medium and high severity basis. I can say that 60 percent of the issues have been resolved as per the alerts. It gives me the flexibility to provide details to the management team that we are on track to provide security to our infrastructure. It gives me the flexibility to provide data to management for some time. As the environment grows, it generates a lot of alerts, and it takes time to resolve all of them.

The solution does not require any maintenance, and one just needs to make sure that the tool is up to date.

Based on my experience, I would recommend Prisma Cloud because I have hands-on experience with the solution. The integration is easy. The tool provides visibility in the infrastructure and for the alerts about the security gaps, the tool provides precise details. Talking about the new app in the tool, I would say little improvements are required. The tool is quite informative for me, but from the client side, it does require some improvement.

If someone has a large infrastructure, I won't recommend Prisma Cloud to them. If they have medium and enterprise, then I will recommend Prisma Cloud to such people because it can handle and, as per the working out of the tool, it can change the details about the small-scale, medium-scale, and enterprise businesses, but not for the large scale enterprises.

I rate the tool an eight out of ten.

I work with Palo Alto products, including their firewalls, VM-Series, CM-Series, hardware, and Prisma Cloud by Palo Alto Networks. I recommend Prisma Cloud by Palo Alto Networks primarily for financial services, FSI, and energy companies.

The threat detection feature in Prisma Cloud by Palo Alto Networks integrates with cloud-native controls like AWS GuardDuty and similar services on Azure and GCP. It also brings its own threat intelligence from Unit 42 and supports external intel feeds like VirusTotal. Multi-cloud compliance monitoring leads to a normalized view and can reduce workforce requirements.

The cost of Prisma Cloud by Palo Alto Networks is too high. I would also appreciate the addition of NLP to reduce the learning curve and make configuring queries more user-friendly.

I have been working with Prisma Cloud by Palo Alto Networks since it was called RedLock in 2019.

The initial setup is straightforward. Day zero involves cloud integration following an admin guide. Day one involves policy tuning, customization, and configuring compliance policies like GDPR.

The ROI is challenging to quantify. While there is tangible reduction in workforce needed, exact cost savings cannot be easily measured.

Pricing and licensing are expensive. There are different experiences with ROI, and exact cost benefits are hard to quantify.

If you have a multi-cloud environment, Prisma Cloud by Palo Alto Networks is essential for reducing costs and normalizing outputs. In a single-cloud, limited setup with good automation, you might not need it. I rate the overall solution at seven to seven and a half.

Hybrid Cloud

Other

I have mostly used the CSPM and CWP side of things. 

For one of our clients, we used the self-hosted version that we had deployed on IBM Cloud and the SaaS version hosted by Prisma itself. For the CWP side, we used it for securing applications of our clients, doing the runtime checks, and servicing the runtime events and plug-in vulnerabilities.

For the CSPM side, the use case was more heavily for compliance on the cloud. We had Google and AWS environments.

Its main benefit was that it made it easier to monitor our clients. It just made everything more efficient. There was efficiency.

Prisma Cloud provides security spanning multi-cloud environments. I have not worked with a hybrid cloud environment.

I never did anything with the automated features other than being able to click and have it do the relearn process when it comes to the runtime events. If I see that an application is creating a bunch of false positive runtime events, I can put it in an automatic relearn state. It will relearn what that application does so it is not firing off a bunch of false positives. That is the only automation I have used other than the Helm option provided at the time of deployment. It does some automation when it comes to deployment. That is about it. I am not sure about the savings money-wise, but I know that every time we deploy by Helm, it saves us time. It is hard to judge the time savings because I never deployed it in a manual way.

Prisma Cloud is pretty good for helping us take a preventative approach to cloud security. We can have lock-in controls where a developer cannot deploy vulnerabilities that are critical. We can prevent them from doing it that way. It is excellent in that regard. I also like the preventive controls on the runtime side. If you see a runtime event, you could put options in place to prevent that specific command from running, or you can shut down the console, container pod, etc. It is hard to measure the time savings. However, it can take us an hour if we have to reach out to the proper team to get a pod shut down. It would also depend on how responsive they are. Having something in place to automatically shut something down does save a lot of time.

When we first started deploying it, our team was new. We had done some training, but it did take us a little while to fully grasp all the benefits of Prisma Cloud itself. It could have taken a couple of weeks to a month before we really got a good grasp of everything. I would not say that this is the case with everyone. None of us in the team had done the cloud before, so it took us longer to understand and realize the benefits compared to others.

Prisma Cloud is pretty comprehensive. On the CSPM side of things, the SaaS-hosted version seems to have a lot more capability than the self-hosted version. The SaaS-hosted version is more comprehensive than the self-hosted version.

The visibility and control that Prisma Cloud provides affect confidence in the security and compliance postures. A great thing about it is that we can set up whatever specific compliance needs the clients have. It has a lot of features already built into it. It is a simple toggle action to enable the compliance that they need to follow. It lays out what is failing. It gives you all the information that you need to work with clients to get everything compliant. It also offers some options if you want to make custom policies and things like that. If the compliance policies that clients follow are not available nationally, they can have their own compliance policies. They can put those in. It is great.

Prisma Cloud provides a single tool to protect all of the cloud resources and applications, and then there are other tools that you can download from the console, such as the twistcli tool. It is all in there, but there are different tools that you can use as well.

Prisma Cloud saves a lot of time and probably a lot of money too. That is because you can log in to one specific tool. The CSPM SaaS side of it even has more, so being able to log in on that one tool helps. You do not have to worry about different tools to take care of different security aspects. Everything built into one saves a lot of time.

We were able to reduce runtime alerts as we worked with our clients to get to that security posture maturity. There were some clients that were getting probably 25 or more different alerts a day, and we were able to bring that down by more than half. We were on the way to getting even fewer alerts than that. It was quite a bit of a reduction. It is a slow process of getting the runtime alerts knocked down depending on how big the environment is, but it definitely helps.

When it comes to the vulnerability side of things, it has built-in top ten features or top ten vulnerabilities. We can look at them and say that these vulnerabilities are being ranked by Prisma Cloud as our top ten. These are the ones that we should be focusing on. We can work with our clients to help them determine which things should be knocked out first and so on.

Runtime protection and the ability to set up policies and controls are valuable.

The thing that I like the most is that when it comes to runtime events, whenever we see an event, we are able to look through the logs. It is pretty easy to look back through everything that took place. I also like the Radar screen for seeing how everything is connected.

While you can find everything, sometimes, it is a bit difficult. I have always had a little bit of an issue or struggle using the Resource Query Language that we can use to look through and find different things. I wish it was a little bit easier. It might be just my failings in that regard, but it can be a little bit difficult to find everything. You can find everything, but it is difficult sometimes.

If there is a way for auto Defender upgrades, that would be great. They started to implement it, but I do not know if they have done it yet. Having auto Defender upgrades so that we do not have to upgrade Defender manually would be helpful. If there is a way to push the upgrades from the console, that would be one way to improve it. I had created a couple of other requests for improvements, but I do not remember them at this point in time. I know that was one of them.

I started using it back in 2020 although I did a little bit of training a little bit before that around the end of 2019. It was originally Twistlock. I am not sure if Palo Alto had bought it out when I first started training with it.

I would rate it an eight out of ten for stability. Sometimes, on the SaaS version, the console would not load. It was a glitch on their end that they had to fix. We had issues with the GUI at a couple of points. We had issues whenever we were downloading the vulnerability report. It did not include all the information. Once they got some bugs worked out, it was pretty stable, but there were some issues.

It is very scalable. I would rate it a ten out of ten for scalability.

We had a couple of Fortune 500 clients. I do not know if we had anything that was small. A lot of them were big organizations, but some of the environments were small.

We had a client that had the SaaS version that had hundreds of different endpoints, if not more. Most of our clients were on the self-hosted version. Some of them only had four or eight different endpoints or hosts. One of them had about 50 different hosts, give or take. It was a wide array depending on the client we were working with.

When we started, there were three of us working with Prisma Cloud. There were about six of us by the time I left.

They are pretty good, but sometimes, it does take them a little bit longer to move from level 1 support to a higher-up level when it is a technical issue that they have not dealt with before. Overall, it is pretty good.

Positive

We also used a product called Aqua Security. We were using Aqua Security back when we were using the self-hosted version of Prisma and not the SaaS version of Prisma. We had not worked on the SaaS version yet, so I do not know if it is a completely fair comparison, but I did feel that at that point in time, Aqua Security had more features and a better layout. I do not know how that compares today. It has been a little over a year since I last touched Aqua Security, so I am not sure what updates and changes they have made.

We had a deployment team handling the initial deployments. We worked on the upgrades after the initial deployment, which were pretty straightforward, but I am not sure about the initial deployment. It seems to be pretty straightforward, but I have never done an initial deployment.

In terms of maintenance, it is just doing the upgrades. That is really about it. It seems that they push out a patch pretty close to every month. You can upgrade to the minor versions at the very least or security patches.

I would recommend Prisma Cloud to others. It does take a good bit of work to learn it and fully understand the complexity of it and all the features. There are still features in there that I do not even know about or have not even touched, but it is great for protecting the environment. It is easy to get into and understand some of it, but it requires a lot of learning to understand the whole complexity of it.

Its learning curve depends on what you need to do with it. I had taken a week-long class with it, and then there were other training sessions. It could take weeks, if not months, if you want to try to do all the different training they offer.

With my limited use of other platforms, I would rate Prisma Cloud a ten out of ten. This is the one that I have used the most. It is the best of the ones that I have used.

I primarily use the solution to uncover misconfiguration and for cloud code security. We can find gaps that hackers might access in order to steal data. It can trigger alerts and show you everything.

It's been helpful for managing multiple accounts. If we had to handle hundreds of accounts manually, it would take a lot of time. 

We've been able to mitigate issues and fix them before they become bigger problems. If the system detects any critical misconfiguration, we'll receive alerts. 

The risk control is very good. They have scanning that runs often and we can see the latest configurations and get alerts.

The solution offers very good configuration capabilities. It can show you how to resolve and remediate issues, and you can pull reports that will show you everything you need to know.

It provides security across multi- or hybrid-cloud environments. It can work with AWS, Azure, Google, Oracle, et cetera.

We have many projects within our organization, and we need protection from people trying to steal our information. We can see gaps from every corner of the cloud. Having a solution like this is important to our organization so that we have the capability to see and monitor everything from everywhere, which would be hard to do manually. 

We can take a preventative approach to cloud security. If anything is open to the public, we can find it and see it. That said, we are using other solutions also. Still, this product will alert you and engage you if there are any areas where information weaknesses filter up. It will guide you and show you how to fix the issues with configurations.

We might have witnessed some cost savings. If anything gets stolen, it would cost our company monetarily; however, that hasn't happened.

It does help us save time since we don't have to check every console ourselves manually. 

We've noted the benefits of the solution across the last five years.

The remediation data is already available in its logs. You don't have to Google fixes. It's already there on the platform.

We're using containers and Docker. Instead of using open-source, we can use our own code and cloud. We'll be able to know if there is a misconfiguration. For example, if there is an AWS-level misconfiguration, Prisma will help us discover this. 

We use a variety of tools, and we can use Prisma to handle various types of misconfiguration. It covers our entire cloud-native development life cycle.

It provides us with the visibility and control we need regardless of how complex or distributed our cloud environment becomes. It's very helpful. It mitigates 98% to 99% of mitigation issues. It's helped us maintain confidence in our compliance and security reporting. I'm able to see configuration changes. If something changes, I know.

It helps us reduce runtime alerts. You can log in and check each and every account via the portal quite easily. If I see an alert, I can quickly fix issues. Or I can go through each alert and find out which are important or not. It reduces the time we take to handle these tasks by 75%. We can focus on the alerts that have the most impact. It prioritizes alerts to critical, high, and low. 

The console is good and user-friendly. We can see the logs very easily. People without experience can also easily adopt the solution.

We only use the solution for misconfigurations. There may be other features that are lacking, however, we don't use the full scope of the product.

Technical support could use some improvement. 

I've been working with the solution for the last seven years.

The stability is very good. There is no issue. 

We only have two security people using the solution currently. We have it across multiple clouds and regions. 

We haven't had any issues scaling the solution. 

We've only used support if we've had issues around false positives. In those cases, we create a ticket.

Neutral

I also work with CrowdStrike. Both offer a lot of features. We've recently switched to CrowdStrike. 

The initial deployment is very easy. You can add it, for example, to your AWS account. You just need to configure it in Prisma Cloud. You may have to create a policy and allow access. After that, you'll be able to see the console. 

We had two people managing the setup process. The time it takes to deploy depends on how many accounts there are. If you only have one account, it's very easy and only takes one to two days. If you have 100+ accounts, you will need a few weeks. 

There is no maintenance needed from our end. 

We didn't use any consultants during the implementation. 

I don't manage the licensing aspect of the solution. 

We are not using application-level security here. At the application level, we're using other tools. We're also using other XDR and EDR tools. We're only using this product for misconfiguration.

I'd advise other users to try the solution. It's a product that offers many features. It's a good idea to go and look at the market and see which solution is the best. It depends on your environment and what you might need. 

I'd rate the solution eight out of ten.