Prisma Cloud by Palo Alto Networks Reviews

I work with various modules, including CSCM, CWP, Code Security, and NS.

We use the solution for day-to-day activities, from onboarding accounts to deploying Defender to creating rules to monitoring incidents. It's used for alerts and monitoring of what happens on the workloads. 

Our customers use the solution to try to meet their compliance standards, and for audit purposes. It helps create policies. SmartCloud itself has around 2,000 policies. It can cover compliance standards around banking, for example, around workloads and data. It helps align with governing bodies' compliance standards. We can create custom policies and anyone can create workloads.

There are many modules that have various capabilities. We can look at the misconfiguration of cloud resources, for example. They can help with compliance as well. We get notified and get data alerts and this is automated. However, we can manage items manually as well. 

It's good for monitoring your environment for AWS.

For visibility, we can create one service account.

Regarding the assets, regarding the alerts, we get all the data. It's great for our cloud security posture and management.

It's cloud-native and is used in major cloud environments. With it, we can monitor clouds like AWS, DPP, Azure, Alibaba, and Oracle. This is important. Many customers work with various key cloud providers. They often have their resources across different cloud providers and all resources must be protected and monitored. With this product, we can monitor all the things even if they are on different clouds - and it can be done on one platform. 

The most valuable aspect of the solution is the computing part.

Prisma Cloud makes it easy to host virtual machines and cluster environments like container Kubernetes. It does this while providing a single dashboard, from which we can monitor all of the workloads and perform vulnerability scanning.

It's very good at helping us take a preventative approach to security. Many bans are using it as a cloud security tool based on the level of prevention they offer. 

It supports the multi-cloud environment beautifully. If there is any kind of anomaly, it helps alert you to it. If there are malware or brute force attack attempts, it will report that. We can both monitor and audit the system. They have their own out-of-the-box configurations or we can customize them to create our own monitoring and auditing policies. 

The solution provides us with data sessions to help gain visibility of workloads in various regions. For example, if there is a workload created just in the US region, we can see that. It will give an overview also. It supports all kinds of workloads, from host protection to Kubernetes and container environments. It even provides support for the Oracle Kubernetes environment.

It ensures that nothing impacts operations. It will block vulnerabilities or implement fixes. 

The solution provides the visibility and control you need regardless of how complex or distributed your cloud environments become. It's very easy to see the entire security posture from every angle - region, data, compliance, et cetera.

We can integrate it into our CI/CD pipelines into existing DevOps processes. We can integrate via APIs or code. When a developer is in the code and integrating, if there's a vulnerability present, or a misconfiguration, it will scan and provide data. With Terraform templates, we can create a lot of instances. With one Terraform code, we can create hundreds of instances. 

The solution helps developers go to very specific locations, to exact areas, at which point they can perform fixes. 

Overall, it provides us with a single tool to protect all of our cloud resources and applications. It's got the best features for web applications and ETL security.  By enabling data, we can monitor whatever is deployed on the cluster or on the IT environment. It provides risk clarity across the entire pipeline. For example, the vulnerability explorer gives you a view of the top critical vulnerabilities. That way, developers can see what the priorities are for what needs fixing. 

It reduces runtime alerts. They provide us with a runtime alert console. It's also reduced alert investigation time. By clicking right on the investigation, we get all the data, including the source IP and any kind of suspicious detail in the workload. We can quickly go ahead and block IP as necessary.

We're able to directly integrate alerting to tools like QRadar.

The solution has helped our customers save money. They don't have to go ahead and hire individual experts for different areas like AWS and Azure. Having everything separate can be hectic and expensive. This is centralized. YOu don't need different teams. With its user-friendly interface, you only need one or two resources to monitor the whole cloud environment.  

Prisma Cloud introduced some new permissions so we have to go and manually add that permission. It is a little bit hectic. If someone onboards single accounts they have to go through each account in that IIM role, and they have to manually add that permission. It's a manual job that takes time. It would be ideal if there was some sort of automation involved.

In scanning, it does not provide runtime protection. 

The licensing could be better. You need to deploy an agent and it would be more convenient if it was agentless, which should be possible. With agents, you are consuming the same amount of credit, yet it does not provide the same amount of features. The automation needs to be improved and included in terms of AWS onboarding. For Azure, it's good, however, with AWS it requires manual intervention. 

Sometimes we do get false alerts. That should be improved. 

I've used the solution for around one year.

The solution is stable. There is occasionally some downtime.

The solution has been scalable. 

Technical support is strong. They have different levels of support, critical, high, medium, and low. For issues rated as a high priority, they provide assistance within one to two hours. Lower priorities may take 24 hours. 

Positive

I did work with a different product previously. Often, other solutions do not have as much visibility. AWS native services, for example, are not able to monitor the workload or data of Azure. You'd need another product for that. Similarly, Defender will only monitor an Azure environment. I have not worked with something that moved across clouds like this solution does. 

I've helped deploy the solution for five to six clients. 

In the early stages, it's a bit complex to set up due to the fact that it's new and we need to train. We need to give users a session and a POC or demo. So the complexity comes from the training and onboarding, not necessarily from the product itself.

Typically, we can deploy it in one week, and deploying it to any cloud environment would take one to two hours. After onboarding the new cloud environment, we need to create rules and integrate the ticketing tool. That might take two weeks also. There's a dependency with the cloud team in that sense, since, if you are going to integrate anything you need to schedule a call. If Defender is included, we need to deploy it manually. We'd also decide what is being automated. 

The solution does require some maintenance. On the portal, it would show whenever some maintenance is needed or if they are updating their versions. There may be maintenance downtime. The maintenance is provided by Palo Alto itself. We'd notify the customer if they need to be prepared for some downtime. 

Customers have witnessed a good ROI based on the ability to create and customize multiple policies. It helps them meet compliance and auditing requirements. 

I don't know the exact cost; that's handled by another team. However, my understanding is that the cost is based on consumption. 

It takes a little bit of time to create time to value for the solution. A new customer might not have any idea of a cloud's capability. Some people need training and this might be on a quarterly or monthly basis to get the customer up to speed. Once they are more knowledgeable about the solution, they can utilize its capabilities more fully.

I'd recommend the solution. It's comprehensive for securing the entire cloud-native development life cycle across the build, deploy, and run. It not only provides security protection in the runtime environment - it also covers CI/CD. We can integrate Azure DevOps or any kind of solution like Jenkins. 

For new customers, I'd recommend they take on a demo or POC. They can get a one-month license and try it out. Customers can coordinate with partners and see how it would work in their environment. If a customer has a multi-cloud environment, this is a good choice. 

I'd rate the solution nine out of ten. 

We host a Prisma Cloud platform on AWS. My role is to host the Prisma Cloud application and provide support to the development team.

We use Prisma Cloud to monitor the health of our Kubernetes clusters and to scan images for vulnerabilities. Developers use Prisma Cloud via twistcli CLI to scan images and view vulnerabilities on the Prisma Cloud user interface.

My job is to maintain the production and staging environments, including installing the twistcli client and deploying dependencies. I also help developers troubleshoot issues with pipelines that connect to Prisma Cloud using twistcli CLI.

Prisma Cloud provides security for multi- and hybrid-cloud environments. It can also monitor multiple on-premises and cloud accounts. In our use case, we have around 40 AWS accounts, which we have added to the Prisma Cloud monitoring tool. We receive non-conformance alerts every month. Prisma Cloud monitors every node in AWS. If a developer opens ports globally, Prisma Cloud will detect it and send an alert to our cloud operations technical team, who will immediately alert the respective developer teams. Prisma Cloud also detects certain types of alerts related to managing data plane infrastructure. For example, if a developer deploys an application on a Kubernetes cluster on AWS and then deletes the application, but the EBS & balancer is not deleted, Prisma Cloud will automatically detect this and send a non-conformance alert to our group email ID.

Prisma Cloud's security automation capabilities provide a variety of features, including twistcli CLI, which can be used to identify vulnerabilities in Docker images. When twistcli CLI detects a vulnerability, it sends an alert to a group email address. The alert includes remediation steps that can be easily followed to fix the vulnerability.

In my experience, Prisma Cloud is the best cloud security solution, whether on-premises or in the cloud. It can monitor multiple cloud products, such as Azure and AWS. I believe it is the best tool for meeting the container requirements of cloud-native applications. It is user-friendly, and upgrades are easy to perform, with documentation available on the official site. It can be deployed on-premises or in the cloud infrastructure. I think it is a good security tool for cloud infrastructure.

We started using Prisma Cloud around version 808.48. That is one of the console versions. Recently, they added some features in the newer version, so our dev team asked us to upgrade to the latest version to get those features. As the administrator, I am not aware of all the cases that Prisma Cloud provides, but I can see that it is easy to manage and has improved all the stakeholders' experience, especially for Docker image scanning. We started with a few teams using Prisma Cloud, but now many stakeholders are using it to scan their Docker images using Prisma CLI. With their request, we recently upgraded the console to the latest version to get the latest features. When we started, we only used basic monitoring, but later we started using it for pipelines to scan Docker images. Then, we added AWS accounts and Kubernetes clusters for monitoring. We deploy twistcli depending on the cluster, and it monitors in the console.

It provides good visibility and control regardless of how complex or distributed our cloud environments become.

Prisma Cloud has enabled us to integrate our security into CI/CD pipelines.

It allows us to add touchpoints to existing DevOps processes.

It also provides us with a single tool to protect all of our resources and applications.

Prisma Cloud provides risk clarity at runtime and across our entire pipeline.

Prisma Cloud has reduced runtime alerts and reduced our alert investigation times. We can remediate alerts within 20 minutes.  

twistcli CLIs are the best feature. They provide a twistcli for scanning Docker images. We have integrated a number of pipelines so that whenever any development is built, the image is scanned for vulnerabilities. Based on the vulnerability reports, the pipelines confirm whether the image needs to be rebuilt after fixing the vulnerabilities, and then build another version if necessary.

I have been using Prisma Cloud by Palo Alto Networks for almost four years.

The technical support team is good. They always help me resolve my tickets with minimal downtime.

Positive

The initial deployment was straightforward because of the well-written documentation that was available. I handled the deployment for the AWS cloud environment.

They have an excellent technical team with sound knowledge of the product.

I would rate Prisma Cloud by Palo Alto Networks a nine out of ten for its compatibility, easy upgrades, user-friendliness, and UI.

Regarding maintenance, we have deployed the application on a Kubernetes environment. We will have one EBS value for the console pod and one persistent volume for the application data. We are taking a snapshot of the PV because we can take a backup of the PV in the Prisma Cloud console UI, but this backup is stored on the same PV where the application is running. If the application crashes completely, we will not be able to restore the backup from the UI, and Prisma Cloud has suggested that we maintain a separate cluster for disaster recovery. However, this is too expensive for us. Therefore, we are taking a snapshot of the PV. If the application crashes, we can simply deploy the console on a new cluster and restore the data from the snapshot.

We are a system integrator. My organization has a cloud practice, and we focus on cloud security. Predominantly, Prisma Cloud is used to identify misconfigurations in the cloud.

We have been using Prisma Cloud for two specific customers on Azure Cloud. It is quite a new organization, and we currently have two customers, but in my previous organization, we had about eight customers.

We predominantly focus only on the cloud. We don't work with hybrid models. MultiCloud is there, but we haven't worked on MultiCloud as of now. This specific region is more into Azure Cloud. Azure has a data center over here. Therefore, the adoption of AWS or Google is not high in this region. For data compliance, customers want to stick to a cloud vendor that has a data center in this region.

My 18 years of experience is purely in serving the US and Europe markets. I am quite new to the UAE and the gulf region, and I found that this region is not very mature when it comes to cloud security. The majority of the CISOs are not aware of cloud security controls that need to be implemented, and they only speak about traditional security such as EDR, endpoint security, DLP, etc. So, there is a big potential for cloud security, specifically at the containers and serverless layer.

When we evaluated solutions, we carried out PoC not only for two customers but also for the other six accounts, and they were pretty shocked to know that there were a lot of misconfigurations in the cloud. This region lacks cloud security skills, and there are not many cloud security experts or solution architects to design proper architecture. When we carried out the PoC, they became aware of the misconfigurations and security gaps. It helped them to identify the potential risks they have in the cloud. Generally, with security, it is not easy to measure the outcome or gain from a solution because it purely depends on the breach and the data loss, but so far, we have helped two organizations in fully implementing the solution, and the other four are still in the PoC process.

We purely focus on the container and serverless security, and we predominantly work with Cloud Posture Management (CPM). We opted for Prisma Cloud because we found Prisma Cloud to be better in terms of the overall posture and integration. There are other products in the market, but they don't have a complete and broad portfolio range when it comes to containers or serverless functions. Prisma Cloud has good integrations. You can integrate vulnerability management for the overall risk score. When it comes to commercials, costing-wise also, it is far more reasonable for the customers.

It is good for helping us to take a preventative approach to cloud security. It identifies all the controls and gives an overall picture. For example, it tells us the portion that has misconfiguration. So, we can fix that portion. It is a very good preventative tool. Certain customers predominantly use it for one-time assessments, which I don't recommend. It should be an ongoing assessment to have a good incident response as soon as an alert comes in. Normally, people just ask for a weekly report or monthly report to identify their security posture. Instead of that, they should have a real-time incident response solution to act as a preventative tool. As soon as an alert is generated, there must be someone to immediately work on it, and having such a tool really helps.

It provides the visibility and control we need. In my previous organization, we had quite a complex environment with about 30 Kubernetes clusters. As compared to other tools, it provided better insights, but I haven't evaluated it for much more complex architectures. When it comes to serverless architectures, our work has been minimal. Therefore, I cannot confirm or guarantee whether Prisma Cloud will satisfy a highly complex environment.

It gives the overall picture of compliance when it comes to the cloud security portion. We also have a couple of custom dashboards wherein we integrate the security risk score from other tools. Before implementing this solution for the customers, there was no proper mechanism for the cloud. They only had the vulnerability management reports, the SIEM score, or the application VAPT reports, but they did not have any visibility to anything on the cloud in terms of overall compliance and container security. It definitely gave visibility to the CISOs. A lot of people are still concerned about whether the cloud is secure, whether they need to migrate to it, and whether they have proper security controls for containers and serverless security. It gives better exposure to them. We do have proper tools with CISO-enabled dashboards using which they'll be able to see the score. 

It has reduced runtime alerts by 60% to 70%. 

It has reduced the alert investigation time. False positives are reduced. So, we are able to focus on what has been highlighted. At certain times, we need to accept certain changes, and it also gives us the flexibility to mark something as safe. Based on the change control, we can disable the alert so that the alert is not repeated until the change is completed. We have the functionality to do it.

The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap.

We identified two things that we felt would be great to have, but they are under NDA. So, I can't disclose them. Other than those two things, we identified a generic bug in the secret key management service on AWS that needs to be fixed. We reported it to them, and we want them to fix it.

It is very good with predominant cloud vendors, such as AWS, Azure, and GCP, but I am not sure about its efficiency when it comes to other cloud vendors. They should expand its coverage to other cloud vendors such as Alibaba Cloud and Oracle Cloud, which are quite common in this region. I am not sure if they have a full-fledged Oracle Cloud controls evaluation. If they can improve it in terms of the MultiCloud aspect for the organization, it will be helpful, especially in this region.

I have been working with this solution for almost three years. In my previous organization, I worked with it for two years, and it has been about eight months since I joined my current organization. Here also, we have opted for Prisma Cloud.

Its stability is good. We didn’t have any issues with it.

In my earlier organization, we used it for a bigger client with about 3,000 VMs in AWS and about 30 to 40 clusters. We did not have any challenge with its scalability. As we started putting things, it was working well. 

In this organization, we only have two small customers. There is not much workload. We haven't had any issues. It works fine.

In my earlier organization, I worked directly with Prisma Cloud support. Their support was good. My engagement was minimal, but the initial support from them was quite good. When I had some RFCs and RFIs coming in, their turnaround times were quite less. We had a very good rapport with them. We had a specific account manager who handled any RFCs and PoCs. Their support was good, and we didn't have any challenges. 

In this organization, we have been working with a channel partner, and there have been a few challenges because they are also occupied with other proposals and tasks. The same partner also works with other competitor organizations. Overall, I would rate their support an eight out of ten.

Positive

In my previous organization, we were using the Skyhigh networks. Earlier, it was Sky network, and later on, McAfee acquired it and made it a CASB and cloud posture management product. We had a couple of challenges with it. So, we evaluated a lot of products and shortlisted Palo Alto Prisma Cloud. 

It is straightforward. They provide two options. You can configure it manually or just grant access. It can then easily sync up. They also provide the cloud formation templates to spin up in minutes. So, it is straightforward and very simple.

It is hard to measure cost savings at this time because it is quite a new investment for the organization. Cost savings will be there in terms of security and reducing the development time and error fixing time, but it will take some time to measure that.

Its price is reasonable as compared to other products. The main challenge is explaining the licensing model to customers. It isn't a problem related to Palo Alto. Commonly, people don't understand cloud licensing or security licensing. When they have fixed virtual machines, they know what they are going to be charged, but when it comes to cloud automation, it is hard for them to get clarity in case of high workloads or when they have enabled auto-scaling, etc. It would be helpful if Palo Alto can educate people on their licensing programs.

We evaluated multiple products after I came into this organization. We evaluated various CSPM and container security products, such as Aqua Security and Rapid7.

Nowadays, every vendor has come up with a cloud posture management tool. So, we carried out a couple of PoCs in specific customer accounts that had an almost similar type of infrastructure, and based on the outcome, we found Prisma Cloud to be better in terms of identification of miscontrols and security. The cost also played a major role. As compared to other products, it was reasonable. So, the feature set for fulfilling customer requirements and the cost were the two factors that played a major part.

The third factor was the flexibility to work with the vendor. In terms of partnership and support, we felt that being a Palo Alto product, Prisma Cloud would be better. Palo Alto has better service over here, and their channel partners are quite flexible to work with on initial customer demonstration and other things. We felt much more comfortable with Prisma Cloud in all these three aspects.

When it comes to its security automation capabilities, currently, not every customer prefers to automate. We have been trying to implement automation, and when the right access was given, we did a certain amount of automation to immediately block the firewall rules or revoke access when any privileged access has been given. We have been doing a little bit of automation, and it has been good. We are able to achieve our goals. Out of two customers in this company and eight customers in my previous company, only three customers preferred to do automation to a certain extent. The rest of them wanted the alerts to be sent to the incident response team of their SOC. They wanted their team to act upon them. They only allowed us to automate high severity ones or highly critical ones. For example, they only allowed us to automate things like immediately blocking access to specific ports or IPs, but we haven't tried the automation to a full extent.

It enables you to integrate security into your CI/CD pipeline and add touchpoints into existing DevOps processes. We implemented it for just one use case. Before that, we were using Qualys Container Security in the CI/CD pipeline. After switching to Prisma Cloud, I did not have an opportunity to evaluate it completely because I moved to another organization. In my previous organization, we had expertise in DevOps. We had a dedicated DevOps team with almost six years of experience in automating the entire deployment of servers infrastructure, as well as applications. It was pretty easy for them to implement or integrate any security tool into the CI/CD pipeline. In my current organization, we don't have an expert team, and we struggle a bit in implementing things because there are multiple CI/CD deployments from Jenkins to Amazon's native one and Git. So, we take support from Palo Alto to get things deployed during the PoCs. In my previous organization, it was also easier for us to implement because the training provided from the Palo Alto side was quite good, and we had a lot of training materials in the partner portal. We utilized them. We got in touch with the technical team, and we implemented things quite faster, but here, there is a bit of lag because we don't have expertise in DevOps for implementations or integrations.

It can provide risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases. Shifting your security to the left cuts down the entire life cycle of application deployment, and it does help to fix the security issues at the beginning of the development life cycle itself. We have not seen a large amount of time being cut down. That's because, typically, teams deploy the code, and then initiate a security scan. By integrating these things into the early development cycle, the time can be cut down to three weeks from about one and half months.

I would rate this solution a seven out of ten.

I was working with a partner of Palo Alto Networks until around two months ago. I mainly worked with Prisma Cloud in the delivery line of products for projects for clients. For example, we deployed the tool for lifecycle protection for a client in Colombia.

I worked with Cloud Security Posture Management (CSPM), cloud workload protection, and the new data security module. About two years ago, for a banking client, we inserted the cloud-native firewall into Prisma Cloud.

Prisma Cloud supports the five major CSPs or Cloud Service Providers. Specifically, in the runtime protection mode, you can protect any workload. They are changing their approach from resource-based to application-based. Prisma Cloud now has the intelligence to understand the context and the relationship between resources and groups. 

I worked with the automation model, specifically on the features of app security, to prevent any issues from being deployed via infrastructure as code into the cloud environments. The auto-remediation feature enabled the developers to remediate issues directly in their visual editor with one click. Prisma Cloud is a good tool because it covers the software lifecycle. For example, you can use Prisma Cloud from your visual editor, such as VS Code or IntelliJ from IDEA. You can use auto-remediation to prevent any issue from being deployed into the cloud. It also provides run-time protection for all workloads. Prisma Cloud has a lot of features and modules. Its licensing model allows you to have more at less cost.

The integration with the entire lifecycle is the biggest benefit. You can use the tool to automate an internal process using the Prisma API. You can use all the data information to make business and technical decisions. It takes some time to realize its benefits. When we deploy the solution for a client, we have to wait about three to six months for it to mature to be able to make useful data database decisions.

Prisma Cloud has a lot of features. It can secure the entire cloud-native development lifecycle, across build, deploy, and run. At every step or phase, you can have specific controls to avoid the deployment of anything that can cause issues.

Prisma Cloud can reduce the risk and run-time alerts if you put the correct control at the correct stage. For one client, there was about a 30% reduction, and for another one, there was about a 50% reduction. Prisma Cloud gave us a table with the high-impact vulnerabilities. By closing one of them, we could reduce about 100 alerts.

It provides some reports, but with API access, you can get all the data to build your own reports or dashboards. The default reports and dashboards are good, but if you need some customized reports or dashboards, you can do that with the API.

The most valuable feature of Prisma Cloud for our clients is CSPM, as it helps clients gain visibility into all the assets with their cloud providers.

Additionally, runtime protection is valuable for protecting runtime environments.

The RQL feature helps to do some queries in the cloud environments.

The data security model needs improvement due to integration issues with certain features and cloud providers. With Palo Alto now utilizing a tool from an Israeli startup in Prisma Cloud, the integration is slow, and some features are blocked or not supported.

In the beginning, with large-scale projects, the platform was down twice, but once the issues were identified, Palo Alto applied the correct solutions to ensure high availability and scalability.

The scalability of Prisma Cloud is good, covering both the front end and the back end. The entire solution is well scalable.

Customer service is good in general. There are three levels of support. I have interacted with levels one and two, where initial contact is made and detailed information is gathered. They can respond with technical documentation or pass on the case to the next level because it requires the development of a new feature or changing a feature due to a bug.

Positive

I have not used any alternative solutions such as Check Point, CrowdStrike, or Aqua Security. 

I worked primarily with SaaS adoption and was in charge of the deployment as part of the delivery team.

The initial setup is straightforward and does not require extensive deployment efforts, except for configuring the solution and deploying agents if necessary.

The maintenance is done directly by Palo Alto. Palo Alto is in charge of deploying new releases and updating the main components. Everything is informed to the client through the status page maintained by Palo Alto.

The pricing for Prisma Cloud is high. Providing a pay-as-you-go model or pricing options tailored for medium and small enterprises could help attract more clients.

In my last job, we compared Prisma Cloud to other tools, and it was ahead of the competition.

For new users, it is important to understand the specific objectives and needs to ensure a successful implementation of the solution. They should also focus on using the data to make data-driven decisions.

I would rate Prisma Cloud a ten out of ten.

We use the solution for cloud security, multi-cloud environments, compliance, and governance.

We have not had interruptions. It helps us to prioritize and gain resolutions faster. We can see what is happening in any particular environment. 

The visibility and control are very good. It offers good runtime protection. Risk prevention is also a valuable aspect.

Prisma Cloud provides security in multiple and hybrid cloud environments.

Prisma Cloud plays a crucial role as it is one of the key pillars in our security tech stack. It helps us secure the whole multi-cloud cloud infrastructure and protects the deployments, which are crucial to our production environment. 

The automation capabilities are there. In the general context of automation, it offers policy customization to eliminate false positive alerts and fine-tune detection. It constantly gives us more and more facilities to fine-tune the configurations over time. The automation itself also helps save time. 

The real-time protection and management of compliance (of multiple standards, such as ISO, and SOC 2, et cetera) is useful. We can custom-add policies for enhanced protection.

We began to observe benefits immediately after integration. When it comes to real-time protection or risk prevention, there were some initial drawbacks. Over time, however, when we started working on it and fine-tuning the alerts, we started seeing the results.

It provides comprehensive security from the initial phase of spinning up the instance to the termination of the instance. In that life cycle process, it is giving us visibility and control. 

Prisma Cloud provides the visibility and control we need regardless of how complex or distributed our cloud environments have become. 

This positively affected our confidence in your security and compliance. No matter how complex the environment is, the seamless integration from the top layer itself gives us immediate visibility on the number of services. The way Prisma Cloud is structured makes it so that even if the environment is complicated, the categorization will give us a clear picture of where we should focus, what it lacks, or which specific areas we should have more control. 

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications without having to manage or reconcile disparate security and compliance reports. Managing all of the infrastructure, security, compliance, and reporting can be done on the console itself. 

The fact that Prisma Cloud is the single tool for protecting all of our resources saved us money. If we were to replace Prisma Cloud; we'd need two to three other solutions. We'd need to cover replacement and management costs. It would be 30% more expensive, at least. 

Prisma Cloud hasn't reduced runtime alerts. However, it has helped us identify the true alerts. That helps save us time as we manage multiple clouds. Instead of chasing down each and every alert, we can see what matters and what doesn't. We can focus on the alerts that have the biggest impact on the most sensitive data.

We've been able to save a good amount of money using Prisma. When it comes to cloud security, it satisfies 90% to 95% of our needs and we don't need multiple solutions which would be more expensive. 

We do have many feature requests and custom policies. I don't have any specific notes for improvement; however, if they could continue to focus more on giving users the ability to create custom policies and configurations, that would be ideal. 

I've used the solution for more than three years.

We have not had any issues with stability. We've only had one or two instances where there we outages, however, it's never been down for a long period of time. 

The scalability is good. I'd rate scalability eight out of ten. 

I've contacted technical support on a regular basis. In most cases, they are pretty quick. For some, depending on the issue, it may take time. However, for us, it's not an inconvenience as we understand the physicality of the issue. 

Positive

We have tried a few solutions, however, we did not deploy them. This wasn't recently. This was a while ago. We weren't completely satisfied with the capabilities. 

The initial deployment was pretty easy. It wasn't too difficult. I found it fairly seamless. It was a hassle-free experience. 

We tried it in a test environment (non development) for three months. They we deployed it over nine months to a year in the cloud and production environments. We had three to four people deploying the solution. 

The solution does not require any maintenance after deployment. 

We did have help from the vendor. 

The licensing model is based on assets. The pricing for what we are using is pretty good. 

We're a customer and end-user.

I'd rate Prisma Cloud nine out of ten. 

From a customer point of view, even is a user has multiple products, they should test it out so that they are able to satisfy the requirements. Then, they can easily upgrade with additional add-ons and features. Instead of just creating the Prisma Cloud itself with too much complexity, start simple. 

We have deployed Prisma Cloud for one of our client premises. And we are managing it internally. Although we do have support and other stuff for this solution, it has two kinds of modes. One is the detect and protect mode, and one is only for the monitoring purpose. There's different licensing. If you need protection from Prisma Cloud, then you will purchase a firewall kind of module with that. Otherwise, by default, it comes in monitoring mode.

It's deployed on all VMs and workloads. With the Prisma Cloud, you can have it on a cloud server or you can deploy it as a stand-alone. That said, the container should be persistent. Otherwise, if you restart the container, you will lose your configuration and everything.

We were doing a deployment for a telecom client, and they have two different application pipelines. One was based in India with the Oracle team. They were developing their own application, so we have also incurred it to the Prisma Cloud in their CI/CD pipeline.

The second use case was to monitor the OpenShift environment. The solution was basically bare metal. Then on top of that, there was OpenStack. It's an on-prem cloud service. We have deployed the Prisma Cloud solution, so it was on top of an open stack.

If there is a large infrastructure involved, you need to run continuous vulnerability assessments. You also need comprehensive reports and complete inventory details. Doing everything manually would cost a lot of human resources. And it can take a long time. This helps automate and control vulnerability scanning that's continuous. It also helps with compliance. If I have to scan something monthly or quarterly, I can do it, and it will run. What Prisma Cloud actually does is that it keeps on doing this activity for you without any required request from the operator side. Its agents are deployed on the infrastructure, on all the components, on all the applications, on all the operating system images, VMs, or the old private cloud environment or your work on nodes. If you spread your agents all over your infrastructure, it'll keep scanning and reporting, and you can see everything from your dashboard. 

We have integrated OpenStack, OpenShift, RH, et cetera. You don't need to integrate every individual part; you only need to integrate the worker node. And once you deploy it on the worker node, all the parts running on that worker node.

Prisma gives you full-fledged posture management. You get detailed insights into all your modules, how they are communicating, and on which ports they are communicating. If there is any unknown port or unknown address, et cetera,  Prisma Cloud can show you the configuration, and the ports. That way, as an architect or product manager, you know through your documentation which application should be communicating on which ports. If there is any deviation from that documentation, Prisma Cloud can see that, and you can get the details for that. 

With respect to virtual protection, it tells you which image, VM, physical server, worker node, or port has what kind of vulnerability. It gives you everything in real time. 

Monitoring mode is great if a company wants to know every single vulnerability and loophole in its infrastructure. It gives you a complete inventory list of VMs and devices within your infrastructure from the dashboard. You can add new policies or elements easily. You just integrate it within Prisma Cloud. That way your inventory automatically gets updated. 

Real-time continuous vulnerability assessment and reporting are key features. It's critical to most large-scale enterprises.

Prisma Cloud provides security scanning for multi and hybrid cloud environments. Sometimes, if we, for example, have some infrastructure on a public cloud, like AWS, then you need to monitor them continuously and you will require the inspector module of AWS. The inspector module is initially free of charge. And after two weeks, they'll start charging you. However, you can just put the credentials or access keys for AWS within the Prisma Cloud and assign the agent to that. It will start monitoring your cloud infrastructure as well with less overhead.

Prisma Cloud provides the needed visibility and control regardless of how complex and distributed the cloud environments become. What you do is you need to open the communication matrix. That communication matrix is the baseline or the product for the Prisma agent or CLIs, to communicate with the Prisma Cloud and share its findings directly. Whatever the agent finds on its local host, it will respond and share it with the Prisma Cloud. 

Prisma Cloud has two types of interfaces. One is towards the Internet to the main Palo Alto cloud environment. The second interface is towards the infrastructure or architecture. Most of the time, the operators focus on the corporate side since their responsibilities are related to that scope. The other side should be automatically updated, similar to how Microsoft. They simply tell you updates have been downloaded and installed, and you need to restart your system. The update processes are transparent. There is nothing manual to worry about.
There are a lot of compliance rules that you can configure. If the product manager knows that there's a new compliance rule, they ensure that the new compliance rule is compatible with their product. Compliance is not an issue, however, rules should be configured. It's just like any other compliance activity. 

Prisma Cloud enabled our customers to integrate security into their CI/CD pipeline. Our client was developing a large-scale application for billing purposes. And Oracle India was involved in that, and there was a DevOps pipeline. We have integrated the Prisma routes to the CLI within their pipeline; it was being handled through Prisma Cloud automatically within different DevOps gateways. It's seamless. Once you integrate it, then it's part of the pipeline, and it's being done automatically just like any other pipeline gate.

Having a single tool to monitor cloud sources has had a positive impact on our customers. Tasks that were headaches have become easier. It's easier to assess vulnerabilities and compliance thanks to automation. 

Prisma Cloud provides risk clarity at runtime and across the entire pipeline showing issues as they are discovered in the build phases. The vulnerability will stay on the dashboard until you fix it as well. It will keep showing you the issue until it is resolved. Vulnerabilities that are identified are documented and stored in the vulnerability management system.

Prisma Cloud has reduced alert investigation times thanks to the comprehensive dashboard. You can directly search for any host you are targeting or go through the entire list and check everything. 

It's helped customers save money in that it's helped them catch vulnerabilities thanks to 24/7 scanning. That helps you fix the issue earlier. If a vulnerability gets through and the company is breached, they can lose their reputation. The same is true if their service goes down - especially in a banking scenario. It can lead to a big financial loss. Having proper security controls and monitors in place mitigates this. 

They have very rich documentation, and everything is very clear with respect to integration and configuration.

It provides a lot of compliance rules. It provides us with around 160 different rules. That way, you can define everything during scanning and the system will keep checking for compliance, which is automated.

One single drawback is that updates are not directly based on push notifications. There is a lot of software that gets updated automatically. Since this is a security product, this product should be automatically updated. Right now, it must be manually updated. I should be able to focus on vulnerabilities and security, not updating.

Delays can be very costly. Even with a minute delay in updating, if an attack is successful, when you have this corrupted million-dollar product, it's useless to you then. That's why updates should be automatically done. 

It doesn't patch your products; it only provides insights into vulnerabilities. It's merely a value-added service for your overall security posture. 

They are missing some compatibility details in their documentation. If I am choosing a product, the first thing I look at before recommending it to my organization, is the documentation, including how it is organized, if their documentation is informative, what information they are providing, et cetera. Prisma Cloud has one issue within its documentation, and that is that it does not provide exact details of every single plugin. I was very concerned about which version of Prisma Cloud was compatible with which version of the solutions we had in our CI/CD pipeline. They need to be more clear. 

The solution is stable and is capable of covering large enterprises. I've never faced issues once I've deployed it. However, if you will be holding the data for the long run, you need to think about storage. That's it.

It's scalable. You can scale horizontally or vertically. 

Their support is not very good.

Negative

I've deployed it from scratch in a containerized environment. I am running a persistent container for Prisma Cloud.

The setup is very straightforward, thanks to their documentation. It's rich and comprehensive. They just don't provide version compatibility.

We deployed the solution in a day.

There is no other complexity in the implementation. It can be anywhere in the VM or any other component of your infrastructure. The agent should be able to ping its Prisma Cloud server. Once that is done, there is no other complexity. You just deploy the agent. The agent will keep updating automatically via the Prisma Cloud, and it will start finding new vulnerabilities. That's it. There are no such complex issues with the Prisma cloud deployment.

The implementation strategy was that we knew for which kind of infrastructure we were going to deploy it. 

There isn't much maintenance needed. The only thing is that sometimes you integrate Prisma Cloud with something that is not supported by Prisma Cloud or documentation does not explain it. In that case, you need to engage their support team. Their support is not very good. 

The solution is very expensive. They must have decided internally not to go after SMEs or startups. They are targeting multi-million or trillion-dollar organizations. Those are the companies that can afford their products. 

We're an MSP; we provide this product to customers. We provide security as a service.

We wouldn't recommend the solution for SMEs or startups. This is for larger corporate enterprises like large banks, fintechs, or telcos. It's good for larger infrastructures that might have legacy controls or devices.

Prisma is not the only solution in the market; there are others as well. It offers good core functionality, and it covers your whole cloud environment. It's a fully-fledged package that can help provide insights into security threats in any kind of development environment, from production to staging.  

I'd rate the solution seven out of ten.

If you are interested in Prisma Cloud, look at your business cases first. If you have a massive, large-scale infrastructure, they should not go into new products blindly.

We use it for compliance management and policy detection, especially for hybrid clouds.

If you have just one or two clouds the detection policy provided by the cloud provider is sufficient. But if you have more than two clouds, a tool like Prisma Cloud is required because you want to go to one place and do things once. The value of a solution like this is that when you have multiple cloud providers, it plays a vital role in security posture management, security detection management, and alert management.

The solution also enables us to make security alerts and security risks visible to our tenants, as we have a common dashboard. In addition, it helps us to improve knowledge of the environment by allowing people, and not just the central team, to always access the data and to see what the security posture looks like. It gives us a central location to see what the security posture is like for multiple cloud providers.

Prisma Cloud also provides the visibility and control you need, regardless of how complex or distributed your cloud environments become. It helps to simplify that complexity. Now we know what the best practices are, and if something is missing we know.

It also helps us to confidently certify compliance for a customer. The reports it provides become a basis for compliance certification. It gives us a single tool to protect all of our cloud resources and applications without having to manage and reconcile disparate security and compliance reports.

In addition, by using the Prisma Cloud 2.0 Cloud Security Posture Management features, our security teams get alerts with the context to know which situations are the most critical. That helps because we have visibility without having to log in to multiple cloud providers. It gives us one simple way to look at all the three cloud provider policies. Those alerts provide us with a good place to start. Our teams get all the data they need to pinpoint the root cause.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments. That is very important when you have a multi-cloud environment because it gives you a single pane of glass for all of them.

In that single pane of glass it gives you Cloud Security Posture Management, Cloud Workload Protection, and Cloud Infrastructure Entitlement Management, and the vast majority of Cloud Network Security. Without this kind of tool, you would have to go through the three cloud providers and do the mappings for each one. It would be a huge amount of mapping and cross-referencing work, but that work is already done with this solution. Not just the referencing work is done, but it also does the monitoring and scheduling. And a given workload that needs to be compliant with the requirements of a certain country or with your business will be compliant, based on the regionality. Visibility and monitoring are things that are required and Prisma Cloud provides them.

It provides mapping for all compliances so that you do not have to do it. Mapping policies to different compliances can be tricky but it's also a good thing. And you can reuse it as-is. You do not have to do anything. It also provides mapping to the compliance history.

And when it comes to detection, it allows you to write policies that are not just based on compliance but also on your cloud security controls. It allows you to write customizations. It is also the sort of tool in which customization of alerts, notifications, and cloud posture management is possible.

In addition, Prisma Cloud gives you visibility over all of your policies. I know that it can do auto-collection, but I have not seen that implemented by anyone because auto-collection requires organizational maturity, but that lack of implementation is not due to tool immaturity.

And it is a perfect tool, in terms of security policy detection, when it comes to the comprehensiveness of the solution for protecting the full, cloud-native stack. It's very effective.

Another great feature of Prisma Cloud is its integration with Jira and ServiceNow. With those integrations, you do not have to manually intervene. If you do an integration, alerts can be assigned to the respective group, using Jira and ServiceNow. That definitely helps in reducing a good amount of work.

It also provides integration with Agile tools, and that is a great thing. It integrates security into the CI/CD pipeline for container workloads. (We have not used it for non-container workloads, but that's not an issue with the tool). The touchpoints in our DevOps processes are just API calls, making the integration very easy and very smooth.

Developers are able to correct issues using the tools they use to code. The way we have it set up, it's a process of reverse engineering. When an alert comes up it is used to see what was detected and how that can be converted into a preventive policy. That feedback loop is manual, but that input helps to turn the policy into a preventive one. Prisma Cloud has helped to reduce runtime alerts by about 30 percent because we are converting everything into preventive policies. And because it gives you an idea of what needs to be done, it has reduced alert investigation times by 30 to 40 percent.

There is some work to be done on preventive security policies. I would give the existing preventive approach a seven out of 10. I'm sure they will be doing something in this area.

In terms of securing cloud-native development at build time, a lot of improvement is needed. Currently, it's more a runtime solution than a build-time solution. For runtime, I would rate it at seven out of 10, but for build-time there is a lot of work to be done.

Another area for improvement is support for OPA (Open Policy Agent) rather than the proprietary language. Nowadays, people mix things, but you don't want to write a policy in different languages.

I have been using Prisma Cloud by Palo Alto for almost two years.

We haven't seen any issues with the stability of the solution in the last two years. It's good, with no problems at all.

As for the scalability, we haven't seen any issues. We are not cloud-busting, but so far, so good.

We want to extend the solution more in the container world and have more service automation. Those are scenarios we have not gotten to yet.

I am happy with Palo Alto's technical support. It has been good.

Positive

Before Palo Alto, we used the cloud providers' native tools. We switched because, while the native tools were great, managing three different cloud provider portals was not ideal. We needed some centralization and customization.

The initial deployment was a simple and automated process. It was good. It took four or five hours per cloud provider. We use it with AWS, Azure, GCP, and Oracle. There was some strategy involved in the implementation because there are differences among the cloud providers. For example, in AWS you have a Control Tower. A good strategy reduces manual intervention, but it's a SaaS solution so we did not have to do much.

We don't need any staff members to maintain the solution but we do need people to write the custom policies and to make sure that someone is there to take action when there are alerts. We have three staff members involved because writing the policies is not easy. One of the guys is responsible for policy writing, one of the guys is responsible for communication and checking the portal to make sure we communicate with people, and the other guy is helping them both with whatever tasks they need help with.

We tried a few other options but once we looked at Prisma Cloud we decided it was a better option.

The advantage of Prisma Cloud was its support for all the cloud providers and its automation. The ease of automation was one of our selection criteria. Cost was another consideration. While Prisma Cloud is not cheap, it's in the medium range. But if an organization is already using Palo Alto, they can negotiate a good price.

It makes sense for a smaller company to use the native cloud tools, but for a large organization it makes sense to have a tool like Prisma Cloud with centralized information, especially for security.

We had Azure, AWS, and a little bit of GCP, so we gave Prisma read access to all those accounts, subscriptions, etc., and monitored the alerts to mitigate risks based on what popped up in the dashboard.

While it's not our only tool, Prisma is managing about 80 percent. We still occasionally go into cloud-native tools to ensure certain compliance standards are being met. Sometimes, urgent issues need to be fixed that haven't been reported in Prisma because the native tools will catch them first. As a third-party solution, Prisma might take a little longer to build a report directory.

We had around 30 to 40 users who were a mix of cloud and DevOps engineers. There were also members of the security team who made decisions about what kind of security policies we had to follow. We used it extensively within the public cloud across all our Azure, AWS, and GCP subscriptions and projects. There was interest in using it on-premises with our vSphere environment as well. I don't know if that ever happened.

Prisma enabled us to get up-to-speed on enforcing TLS 1.2. It helped us look at different types of resources, like storage accounts and app services. I'm thinking particularly of Azure because that was my focus. I found all the resources from the Prisma list and remedied those issues so that they were displayed as resolved in Prisma.

It gave us visibility into and control over complex cloud environments, which helped us feel better about our security and secure the environment with the clinical data. Our security team was pleased when we showed them clean Prisma reports. It boosted their confidence and their comfort level that we were being compliant.

Prisma made it much easier to ensure that all of the security pieces are handled. It simplified our security issue resolution. It cut down our investigation time by giving us one place to look. It cleaned up our operations considerably because finding what resources needed to be resolved, mitigated, or updated was easier. It probably saved us several hours every week. It also saved us some money, but I couldn't quantify the savings because other environments also used it.

It helped us develop a preventative approach to security. Nine out of ten times, we could find issues that needed to be fixed ahead of time. We had a monthly meeting where we would review the high-severity alerts on the dashboard and assign people to remedy them. Once we got through the high severity alerts, we looked at mediums and low severity alerts. Prisma enabled us to identify resources we needed to fix, which was quite handy.

We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features. 

Prisma's multi-cloud capabilities were essential. We wouldn't have used it without them. We would have just used the native cloud vendors' security solutions. Its protection of our full cloud-native stack is pretty comprehensive. I would rate it at least an eight out of ten. It stacks up well compared to the security alerts and notifications we got from solutions like Defender.

It sometimes took Prisma a little while to build queries, so new services or features wouldn't appear. It wouldn't get flagged in Prisma for a bit. It would be helpful if they sped up how quickly they got their default notifications, queries, and alerts.

The access controls for our bank roles were not granular enough. We needed specific people to do particular actions, and we often had to give some people way too much access for them to be able to do what they needed in Prisma. They couldn't do their jobs if they didn't have that level of access, so other people had to do that part for them. It would help to have more granular role-based access controls.

We used the solution for about three years at my previous company. 

Prisma seemed highly stable, but I wasn't managing the solution. I was more of a user.

Prisma seemed to scale pretty well. It covered several large environments and didn't seem to struggle when loading information for us. I think it did well.

I rate Palo Alto support a six out of ten. The support was adequate, but I can't say it was great. If we had an issue with a feature or a query, it could take them a little while to get back, especially if it was a feature improvement or a new alert. They were very slow to add new warnings and features.

Neutral

The company never had a public cloud solution before Prisma, but they had something for on-prem. I don't know what it was. They also used cloud-native solutions like Defender for Cloud and the native tool for AWS.

We switched to Prisma because we wanted a single pane of glass that would allow the security team to see security issues across all of the public cloud vendors that we used, so they wouldn't have to jump to each individual cloud vendor's tool.

I was involved in the POC several years ago. It was like a lab test. After we tested that for several months, we rolled out the official one. At that point, I was just helping them test as they tried out the product. I didn't actually install the software.

The setup seemed pretty straightforward. There were clear instructions on how we just needed to create service principles with specific permissions and then grant Prisma the credentials for the service. I think they only had about five people maintaining the Prisma environment, and each was responsible for bits and pieces of it.

I believe the company saw a return using Prisma.

I know that the guys who handled the pricing said Prisma was costly, but I don't know how that compares to other products.

I know the team evaluated other options, but I wasn't involved.

I rate Prisma Cloud an eight out of ten. Having one place to go for all of your security alerts and notifications makes it easier to solve issues than going to each vendor's security tool.