Prisma Cloud by Palo Alto Networks Reviews

We use Prisma Cloud to check for vulnerabilities and handle integration with the Azure Cloud.

Prisma benefits the company by securing our infrastructure and monitoring the logs. We realized the benefits immediately. For example, our Windows Server went down the other day, and Prisma Cloud quickly caught it. 

It has helped us build confidence in our security and compliance. Prisma Cloud enables us to implement all these SOC 2 compliances and check the security. It provides visibility and control regardless of how complex our environment is. 

Prisma Cloud offers a single tool for checking all this information. It's saved us time and money, reducing the time we spend on these tasks by around 10 percent. It also decreased our runtime alerts by 10 percent. 

I like Prisma's identity and access management features. The AI event-driven model has helped us a lot.

The cloud integration is too complex. It should be simple to integrate Prisma Cloud with any cloud environment. Policy management could also be simpler. 

I have used Prisma Cloud for two years.

I rate Prisma Cloud 10 out of 10 for stability.

I rate Prisma Cloud nine out of 10 for scalability. 

I rate Palo Alto support seven out of 10. 

Neutral

We previously used FortiGate, FortiAnalyzer, and FortiCloud, but management decided to switch to Palo Alto. 

Deploying Prisma Cloud can be straightforward or complex, depending on the client. Previously, I worked for a managed service provider. We have multiple clients on the cloud, so it depends on the client's situation. We mostly work for large enterprises and some SMEs. It takes around a week to deploy by a team consisting of me and two or three managed service engineers. 

I rate Palo Alto Prisma Cloud eight out of 10. I would recommend it to large enterprises. 

We use the CSPM (Cloud Security Posture Management) module that provides good visibility across workloads. The solution in general provides visibility, compliance, and governance across all of our workloads. 

Prevention along with Prisma Cloud's detection capabilities can be leveraged by deploying Defender on your workloads. Additionally, out-of-the-box rules, like compliance rules, runtime rules, or vulnerability rules can be further created to secure any cloud-native workload.  

You can identify any access details and over-privileged permissions using the CIEM (Cloud Identity and Entitlement Management) module by running IAM queries.

You can ingest your Flow Logs to Prisma Cloud and further analyze them using the network queries. You get a detailed view of network flow, configuration details of each resource, mapping of how resources are connected to each other, etc. 

The cloud identity security and cloud network security capabilities are very helpful.

Prisma Cloud helps you identify vulnerabilities and misconfigurations in your code by integrating with your VCS (Version Control System) for example GitHub repository. You will get an overview page as well as a detailed view based on the type like vulnerabilities, IAC misconfigurations, secrets, licenses, etc. There are different options available. If you want full visibility, you can also go to the supply chain graph and see these details. It helps in identifying these risks. It also shows the package dependencies that need to be mapped. In a case where a package is dependent on something, both are provided so that you can see the vulnerabilities. That's a good feature. You can further integrate security into our CI/CD pipeline like Jenkins.

Prisma Cloud provides security that spans multi and hybrid cloud environments. It provides security across AWS, GCP, Azure, Oracle, and Alibaba. We usually engage with customers with workloads across multiple clouds and Prisma Cloud is a good fit for these environments.

The comprehensiveness of Prisma Cloud for protecting the full cloud-native stack is great. It's a single tool that does everything. When Prisma started off, it was more of a CSPM and CW tool. Now, they have also expanded towards Code Security, which is also increasing. It covers a lot of features in terms of its CNAPP (Cloud-Native Application Protection Platform) capabilities and yet the ease of use is exemplary. It offers great automation as well. It's not just about security, it is also about automating these procedures as much as possible. For example, if you want to deploy Defender, you get auto-defend rules. 

It supports taking a more proactive approach to Cloud Security. We can modify existing policies or create policies if required and get alerted if there are any security violations. It can be further integrated into third-party solutions, by alerting channels like Slack. 

Prisma Cloud provides the visibility and control you need regardless of how complex or distributed your cloud environments become. With it, you can view all of your assets on your cloud account. You can even filter. There are different filters based on the cloud providers, and from there you can filter based on the service that you are looking at. Those are grouped in a particular order so that you can go to those resources. For example, if I want to check for an AWS EC2 instance, once I go there, I can select that instance name and get the config details as well. There is an audit trail if I want to see any changes that have been detected in these resources. It gives me complete visibility to the most granular level.

Prisma Cloud provides us with a single tool that protects all of our cloud resources and applications without having to manage and reconcile these other security and compliance reports. There is a compliance section. You can even have compliance available out of the box. You can filter the alerts based on the compliance rules. You can further generate a report for a compliance standard by creating an alert rule. You can add your email address and you can get your weekly report sent to you. All of those things are available and customizable. You can do a deep dive for your workloads, as in your VMs, your container, serverless, etc.

Prisma Cloud provides risk clarity at runtime and across the entire pipeline showing issues as they are discovered during the build phases. If it's colored in red, it indicates there are serious alerts. If it's green, it means it's all good. That's a high-level overview of visibility. However, it also indicates all the risks and categorizes those. 

Prisma Cloud helped to reduce runtime alerts. You can even create runtime rules. If you want to apply it globally, you can have it for all of your workloads. Once you create these, you will also get alerts for all those runtime rules that you have created for your workloads.

So far, we've reduced investigation times. The visibility on alerts helps you investigate more easily and see details faster. It helps you investigate similar alerts and take action accordingly. 

It is one solution that has multiple capabilities. It's not just a CSPM (Cloud Security Posture Management); it has CWP (Cloud Workload Protection), CCS (Cloud Code Security), CNS (Cloud Network Security), and CIEM (Cloud Identity and Entitlement Management) capabilities. Since it's all under one product, we don't have to buy multiple solutions. In that sense, we have saved money.  

We could not use the data security module. It's not available to our Indian customers.

The automation must continue to become much smoother. There are automation capabilities, however, there are certain challenges with that as well. The approach we generally take is we have to raise a support ticket and have multiple calls with the support engineers. That takes some amount of time. If it's a POC, proof of concept, or something like that is still fine. However, if it is the customer's production workloads that we are testing, that delays that entire implementation. Errors need to be resolved or there has to be faster support for these aspects.

At one point, one of our customers was looking for a compliance standard, which is not available out of the box on Prisma Cloud. Maybe not all standards are covered at this point.

When we face challenges and need to raise a support ticket, it takes time for them to get back to us and investigate the issue. We'd like the process to happen faster. We'd also like to have a dedicated source of support. If you have five or six consecutive issues, you have to follow up across five or six separate tickets. It would be easier if we just had one touchpoint that could manage multiple requests. 

I've been working with the solution for close to two years. 

I've dealt with technical support, They are good, however, the turnaround time is slow. When you are working on a POC, it's fine, however, when you begin to deal with production workloads, issues need to be resolved faster. 

Neutral

We're an implementation partner. 

It took me some time, first of all, to understand the product. However, that is important. You need to understand the product, and then get the value. There are different aspects of the product that have different scanning times. Once you onboard, it takes a certain time to get all the details. Also, there will be certain alerts that might not be default alerts. After a certain amount of time, you might have to funnel them. Or, you might want to narrow down to those alerts which are important to you. After that, you'll begin to see the actual value added and to get there, it will definitely take a certain amount of time. 

I'd rate the solution nine out of ten. 

We utilize all the modules of Prisma Cloud by Palo Alto Networks, and it is fully integrated into the host control manager on GitHub. We employ this solution to achieve complete visibility from the moment we write our ISE to the actual management of the cloud environment. This approach offers a clear view of our security posture, and the container security component provides valuable insights to assist us in our architectural process.

Our security team is the primary user of the solution, followed by SREs and developers.

Prisma Cloud by Palo Alto Networks offers security that covers various environments. This is crucial as it provides visibility into running processes, allowing for a better assessment of the current security status and giving our knowledge center peace of mind. Moreover, it enables us to leverage all the available modules.

Prisma Cloud by Palo Alto Networks is highly comprehensive, and I would recommend this solution to anyone due to its complete visibility into the cloud and its efficient deployment process, which makes the solution worth the cost.

The solution's security automation capabilities, if configured correctly using various playbooks, can introduce different security gates. This automated playbook has the potential to save us 70 percent of the work.

I would rate Prisma Cloud by Palo Alto Networks a nine out of ten for its proactive approach to cloud security.

Prisma Cloud by Palo Alto Networks has significantly enhanced the functioning of our organization. Through CIM, we can examine IIM posture to determine the permissions granted to users and the status of all shared entities. Additionally, CSPM provides an accurate inventory of all running elements, which we utilize to bolster our security posture. This allows us to effectively identify various threat levels and obtain a precise overview of the environment.

Prisma Cloud by Palo Alto Networks is one of the most comprehensive solutions for securing the entire cloud-native development lifecycle, including the build, deploy, and run phases. By integrating with various components within my development cycle, I can access data from different data centers and formulate a security strategy to ensure ongoing protection.

The solution offers the visibility and control we require, regardless of the complexity or distribution of our cloud environments. This visibility enables us to enhance our security and compliance posture by adhering to the recommendations.

Prisma Cloud by Palo Alto Networks enables us to integrate security into our CI/CD pipeline and add touchpoints to existing DevOps processes by integrating with the infrastructure code. This allows us to enhance security at various stages of the deployment process. The touchpoints in our DevOps processes are seamless. 

The solution provides us with a single tool to protect all our cloud resources and applications without the need to manage and reconcile multiple security and compliance reports. It allows us to have a better understanding of our environment, from the infrastructure code to the cloud, providing a more comprehensive picture.

Prisma Cloud by Palo Alto Networks provides risk clarity at the run and across the entire pipeline showing issues as they are discovered during the build phases. This makes it much easier for our developers to actually take into consideration some of the recommendations that are given.

The solution has helped us reduce run time alerts and shave down a few issues by 40 percent.

The solution has reduced alert investigation times because we can gather all the necessary information for investigation in one place.

Prisma Cloud by Palo Alto Networks has saved us approximately 20 million shillings.

Due to the maturity of most companies, security posture management is the most valuable feature.

The data container component can be improved since it lacks intuitiveness. Therefore, we need to thoroughly comprehend the tool in order to utilize it effectively.

The number of cloud providers in terms of data security needs improvement. The solution does not currently support servers for GCP.

I have been using Prisma Cloud by Palo Alto Networks for around three years.

Prisma Cloud by Palo Alto Networks is stable. Any issues we have are usually resolved within a few hours.

Prisma Cloud by Palo Alto Networks is scalable.

We transitioned from using EDR solutions, and after testing several options that necessitated extensive configuration, we ultimately switched to Prisma Cloud by Palo Alto Networks, which provided a balanced solution.

The initial setup is straightforward. The first time I deployed the solution, it took around three hours, but now I can do it in under an hour. The deployment is usually done through APIs, and we can also employ the production code to deploy containers.

The implementations are completed in-house.

The licensing structure is highly comprehensive. Although the cost can be high, the value is worth the price tag.

We evaluated Wiz.

I give Prisma Cloud by Palo Alto Networks a nine out of ten for its ease of use, value, and support.

One Prisma engineer or security person with training is able to maintain the solution. For our mature organization, we utilize all of Prisma Cloud by Palo Alto Networks tools.

I recommend Prisma Cloud by Palo Alto Networks. The solution is easy to use and intuitive for the most part. The licensing is comprehensive and straightforward, and the modules can be easily integrated to improve our development.

In Africa, many people do not typically associate the cloud with security due to the prevalence of on-premises security solutions. However, upon utilizing Prisma Cloud by Palo Alto Networks, we have come to realize that it is an excellent and secure tool.

We were using it for remediation. I was working on a client's project on behalf of our company, and they had multiple subscriptions. They were using not only Azure but also AWS. Rather than managing remediation and governance separately through different clouds, it was proposed to use Prisma Cloud as a single place for remediation of everything.

Prisma Cloud provided a single window for all security issues, irrespective of the subscription, account, or service provider I was trying to see. The information was totally transparent with Prisma Cloud. Otherwise, it was a daunting task for us to manage everything within AWS itself because each region's or subaccount's data needed to be moved over to another account to see a full picture, and a similar approach was required in Azure as well. The data from a different subscription needed to be copied, which required a batch process to do this job on a daily basis. By integrating AWS and Azure subscriptions with Prisma Cloud, the same task became easier. It was as simple as adding a new account and a credential. That was it. Prisma Cloud took care of the rest of the functions

Prisma Cloud provided security spanning multi-cloud and hybrid-cloud environments. We integrated it with AWS and Azure with multiple subscriptions for each.

With both AWS and Azure, the presentation of the native cloud data was not good. We were more comfortable looking at the same data in Prisma Cloud.

Automation is possible with Prisma Cloud, and that is why we liked it. Automation is still not that good in the native clouds, and Prisma Cloud definitely has an edge compared to the facility that AWS or Azure provides. Although it is an additional cost for IT, overall, there are cost savings. I am not aware of the features provided by GCP. I did not integrate it with Prisma Cloud, but at least with AWS and Azure, Prisma Cloud works much better.

Prisma Cloud provides an agent that can scan container images or Docker images. Otherwise, for Docker images and accounts, AWS provides its own tool and its own format for the report. Similarly, Azure provides its own format to scan those images. We used the agent provided by Prisma Cloud. It unified the approach. Irrespective of the provider, the format of the output and reports was similar. It was easy to compare apples to apples rather than comparing apples to oranges, which definitely is a challenge when we use different cloud providers. Prisma Cloud solved that problem for us.

The level of abstraction is sufficient enough. The complexity is hidden. Only the information that is relevant is displayed, which is better from a developer's perspective because developers do not need to handle that complexity. If architects, like me, need to understand those complexities, they can go into a respective subscription and get the details. The level of abstraction was good enough with Prisma Cloud.

Prisma Cloud provides a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

Prisma Cloud reduced the alert investigation time because now, we have a single window. It is quite easy for anyone. A single resource can work on the alerts and memorize similar issues in the past and work on the current issues faster. It has improved productivity.

Prisma Cloud reduced costs. With the different service providers and different subscription models that we had previously, we divided the subscriptions between the analysts. They were responsible for the issues related to the subscription. We had a team of six people previously. After the implementation of Prisma Cloud, all the issues got consolidated, and our team size got reduced to two. The productivity increased because the same analyst could see past issues, revisit those issues, learn quickly, and fix similar issues. They got an idea of how to fix a similar issue, so the overall productivity increased, which reduced the cost.

When we work on, for example, AWS, we need to consolidate the data from different regions, which is an exercise in itself. The same exercise or similar exercise can easily be done in Prisma Cloud. It is as easy as registering a new subscription to AWS, and you start seeing all that data. For example, it is very easy to do analysis of the Defender data, which can include warnings, errors, etc. Although it is natively AWS data, the presentation is not easy for a developer. Prisma Cloud makes it a bit easier. 

The first time I looked at Prisma Cloud, it took me a while to understand how to implement the integration and how to enable features by using the interface for integration. That portion can probably be improved. I have not looked at the latest version. I used the version that was available three months back. It is portal-based, and they might have changed it in the last three months, but at that time, integration was a bit tricky. Even though documentation was available, it took a while for a new person to understand what integration meant, what will be achieved after the integration, or how the integration needed to be done on the Azure or AWS side. That was a bit challenging initially.

I used it for eight or nine months. I last used it about three months ago.

It is stable.

The client's team interacted with the customer support team. We used to highlight the issue to them, and they used to contact Palo Alto's support. We required their support two or three times, but I or my team was not directly involved with their customer support for help.

Positive

I have not used a similar solution before.

I was involved in the implementation. It was all cloud-based. There is a bit of a learning curve when trying to understand how to integrate it. Although some good documentation is available for Prisma Cloud, it was still a bit difficult to understand the product initially. However, the UI that analysts use to work on issues and remediation is quite good. It is not complex. After you have done one or two integrations with your AWS or Azure account or subscription, it becomes a routine activity. It is easy to integrate more subscriptions, but the initial one or two subscriptions of the AWS or Azure account will take some time because some features need to be enabled on the respective cloud as well. It is not only the configuration on the Prisma Cloud side. Some configuration is required on the AWS or Azure side as well.

It is a website, so deployment is not a challenge. It is as simple as registering an account and making the payment, which the IT team already did before they created an account for us, so, as such, there is no deployment. If we want to use an agent, then certainly some deployments are required on the machines, but that is the agent deployment. The product itself does not require any deployment.

From a maintenance perspective, not much maintenance is required. It is a one-time integration. It will then be set for a few years unless you want to remove some of the subscriptions or something changes in Azure or AWS. There is a limitation on the Azure or AWS side but not on the Prisma side, so maintenance is there, but it is low.

There was a cost reduction. That was the benefit that we had visualized while evaluating Prisma Cloud as one of the possible solutions. The complexity of IT operations had also reduced, and the team size had also reduced after implementing Prisma Cloud.

We used the enterprise edition. A standard edition is also there. I am aware of these two editions. I know that there is some cost, but I do not have the exact figures with me. The cost was not on the higher side. Overall, the cost gets recovered with its implementation.

I have not compared it with other tools, but overall, I found it to be pretty good when resolving the challenges that we were facing early on. I did not get a chance to look at the Gartner report in terms of where it stands, but based on my experience with this solution, I was quite satisfied.

It is a good solution. Each team should utilize it. Every good organization is now moving towards or trying to be provider agnostic, so if you are using multiple providers, you should at least give Prisma Cloud a try.

Prisma Cloud enables you to integrate security into your CI/CD pipeline and add touchpoints into existing DevOps processes. I know it is possible, but we were already using some other tools, so we did not try this feature. We already had a good process utilizing other scanning tools, so we did not try that feature, but I know that they have this feature.

Prisma Cloud provides risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases, but this is linked to the CI/CD pipeline, which we did not implement. We looked at the risk level of the infrastructure deployed. We also looked at which cloud platform is having issues. The risk-level clarity was certainly there. It was possible to see the risk level and prioritize the activities or other items with a higher risk, but we never tried CI/CD pipelines.

Overall, I would rate Prisma Cloud a nine out of ten.

We use Palo Alto to secure our network.  We are using the PA-820 firewall and all of the Prisma Cloud modules. It helps reduce our vulnerability to hacking and any malicious attacks on the network. With that appliance, we can minimize those things and control what goes in and out 

We have reduced network calls by 80 percent. The benefit of Palo Alto is the ability to create security across multiple levels and protect against hacks and vulnerabilities. You start to see these benefits within one or two days after implementing these devices. 

We are also using a honeypot to detect a target on our site. Once we have the target, we are blacklisting those using the firewall. The solution has reduced our investigation times by about 50 to 75 percent. It minimizes the alerts, so we're seeing fewer.

I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent.

The UI could be improved.

I have been using Palo Alto for almost eight months.

Palo Alto provides good support and doesn't take long to resolve an issue. 

We previously used Cisco ASA. We decided to switch because we wanted to adopt a UTM approach in which all the logs and reports go to a single dashboard. Everything is visible in Panorama, which comes with the Palo Alto appliances. We need to purchase a separate license for Panorama, but it's there. 

There are many competitors, such as FortGate, but Palo Alto is better. FortiGate has some advantages in terms of throughput. You can get better throughput if you enable all the engines in parallel. However, I've heard about Fortinet devices being compromised, but I've never heard of that happening with Palo Alto. 

I rate Palo Alto Prisma Cloud nine out of 10. Everything is neat, clean, and easy to use. However, when you commit changes through the UI, it takes some time to load on every system. 

In my organization, we use Prisma Cloud to Protect the cloud environment to identify misconfigurations and send the reports to the cloud account owners. We can use Prisma Cloud based on location or based on cloud accounts. 

The policies that we are using in our organization help us to work more effectively to identify misconfigurations based on severity and the dashboard is very user-friendly to work with. 

I am very happy to use this product and find it to be highly impressive.

Prisma improved our cloud environment. It helps to identify the misconfigurations by monitoring regularly which helps to secure the organization's cloud environment. 

This product helps our organization in various ways, including identifying account-level misconfigurations. It will protect the environment in many ways. With this, we can avoid data leakage and avoid/identify public and internal cloud-level misconfigurations will be identified.

Identifying misconfigurations and vulnerabilities from the cloud account level as well as the development and operational level helps to secure everything effectively. 

Vulnerabilities can be identified before deployment - which helps our DevOps team to minimize or reduce time in an effective way. 

Identifying misconfigurations and vulnerabilities at the first stage itself will help the organization save time and money - which is highly appreciated. 

For some custom policies, we need more features. For example, at the investigation tab level, while adding columns for required fields, you can't have more than three or four custom fields. New cloud policies can be added in the next release to address severity changes for the cloned policies. It would be nice to have alerts at the dashboard level. For example, if five members are working with 50 different policies, based on the user name, policies should be assigned with alerts that can be displayed either in a graphical or listed way.

I've used the solution for three years.

I'd rate the stability 4.5 out of five. 

I am highly impressed with the product's scalability. Whenever I have issues with the solution, I will get an immediate response from the product team. They will try to close the issue as soon as possible - which is highly impressive.

I am very happy with the customer service. Whenever I have issues with the solution, I will get an immediate response from the product team and they will try to close the issue as soon as possible. This level of service is highly impressive.

Positive

This is my first solution. I did not previously use anything else. 

The product team helped us when the Initial setup happened.

We implemented through a vendor team and I'd rate the service five out of five. 

When compared to other products, Prisma Cloud is high in pricing and licensing. However, when there is high security it can be expensive. Smaller organizations can't afford Prisma Cloud.

As this is my first solution, I didn't choose any other product other than Prisma Cloud.

We are a Palo Alto Alliance partner and our clients are Fortune 500 companies. We utilize a multi-cloud network architecture, with the primary constraint being the inability to manage everything through a single interface. By implementing uniform guardrails, we address the issue of inconsistent security policies when using native cloud security controls. This is one of the key considerations. Additionally, we employ micro-segmentation using cloud network security modules of Prisma Cloud to minimize the attack surface for various workloads.

The primary use case that was lacking was a single pane of glass. Additionally, prior to implementing Prisma Cloud, we used to manually perform these tasks using AWS CloudFormation Templates or Azure Resource Manager Templates. However, Prisma Cloud helped us address this issue by providing a unified administration interface. One of the problems we faced was the inability to view vulnerabilities across different cloud workloads and compare risks across different platforms. These were the challenges we encountered before deploying Prisma Cloud. While we didn't completely solve all of them after implementing Prisma Cloud, we did make significant progress in that regard.

Prisma Cloud offers security scanning for various cloud environments. In some client environments, there is only a single cloud, so the fact that Prisma Cloud can scan multiple clouds doesn't make a significant difference. These clients have a limited presence in the cloud, with few workloads or resources deployed. Consequently, it doesn't provide substantial value in such cases. However, for large companies, manufacturing companies, or companies with significant IT intellectual property in the cloud, with multiple tenants and a widespread cloud presence across different regions and replication, deploying a solution like Prisma Cloud becomes necessary.

Prisma Cloud enables us to adopt a proactive approach to cloud security. It goes beyond providing visibility and monitoring capabilities by offering a wide range of auto-remediation features. It provides numerous security controls and the ability to enforce commonly configured guardrails, primarily in monitoring mode. It is a comprehensive product that caters not only to detection but also prevention.

Prisma Cloud has helped reduce the number of people required to support or manage these cloud platforms, especially in terms of security. So now, instead of needing three different individuals to manage three different clouds, it may be possible to use just one resource to handle all three clouds, particularly focusing on security. This approach facilitates resource reduction, which is especially beneficial for clients operating within tight budgets. Additionally, there's the advantage of having a single pane of glass, where we can access various informative graphs, charts, and reports. These resources assist in explaining technical matters to non-technical leadership, making it easier to articulate concepts and insights to executives and other non-technical individuals. Personally, this has been helpful for me and our organization. The benefits for clients vary depending on the size of the environment. Personally, when we started using Prisma Cloud as an offering, it took two and a half to three months, which was the rough estimate. However, back then, not all the modules that are available today existed. So those numbers might have changed if all the modules were available at that time.

Prisma Cloud offers the visibility and control we require, regardless of the complexity or distribution of our cloud environments. Since it is built on top of these existing clouds and utilizes many of the services provided by large-scale cloud platforms, there is typically no issue with visibility. Regardless of the complexity of the environment, we always achieve visibility. The way we store and analyze the data, as well as how we visualize information, depends on the operator of the tool. Prisma Cloud is a reliable tool that never fails.

Prisma Cloud enables us to integrate security into our CI/CD pipeline. We primarily use it for the container. We have integrated image scanning and registry scanning into our CI/CD pipelines, specifically Azure DevOps. The DevSecOps team is responsible for managing this process.

Prisma offers us a unified tool that safeguards all our cloud resources and applications, eliminating the need to handle and reconcile separate security and compliance reports, with the exception of billing costs and management. From a security perspective, we haven't encountered any other reports for the majority of our clients. While a few clients may have additional requirements, Prisma Cloud efficiently handles all of those as well.

Prisma has reduced runtime alerts.

Prisma has reduced the time required for alert investigation. We now have a comprehensive understanding of the entire lifecycle of where things went wrong or which part of the runtime or execution for a specific process went wrong, particularly in terms of security.

Prisma Cloud has saved us money by reducing resources. 

Cloud security posture management is the preferred feature among other vendors.

There is room for improvement on the logging and monitoring front because it's still not as holistic as I would want it to be. Especially in the sense that we have different modules within Prisma Cloud, but then the visibility that we get from the output of each of these modules cannot be stitched together. Perhaps we could deploy something like a SIEM or SOAR platform to get this telemetry. As of now, we are lacking that part. So now I'm sure that was not the primary intent for that. It would really make a difference if Palo Alto Networks improves this.

The identity-based micro-segmentation in our cloud-native services requires a significant improvement. It fails to address many of the problems that its predecessor used to solve. Previously, there was identity-based micro-segmentation, but it was phased out, reaching its end-of-life and end-of-support. Now, we have cloud network security, which lacks a crucial feature that IBM used to offer. This is something we strongly desire, as we have had multiple discussions with Palo Alto regarding this matter. I am uncertain if there is a roadmap for implementing this feature, but the cloud network security module requires a substantial upgrade.

I have never encountered any challenges regarding any modules. Occasionally, they do undergo planned maintenance outages, but those are well-communicated in advance. Therefore, I don't consider them to be challenging. Prisma Cloud is reliable, and I would rate its stability at nine out of ten.

I would rate the scalability of Prisma Cloud as an eight out of ten. The only concern lies not with Prisma itself, but rather with the existing client environment. Many clients have flawed infrastructures, making it challenging to achieve the level of optimization required to fully realize the benefits of Prisma Cloud. However, this issue cannot be attributed to Prisma.

We extensively contacted technical support because we used to experience numerous issues. However, our main purpose is to inquire about additional capabilities and make minor tweaks. The tech support provided by Palo Alto is excellent, without a doubt. This could be one of the reasons why Prisma Cloud is relatively expensive. 

We are an advanced partner, rather than an end user, which grants us easier access to technical support compared to clients. However, based on feedback from our clients, their technical support is exceptional.

Positive

The initial setup is straightforward. In the beginning, we used professional services for a couple of clients but now we do it all in-house. 

The implementation is completed in-house.

From a security standpoint, we have significantly enhanced our client's security posture by implementing Prisma Cloud. However, we still need to assess the return on investment. While we have achieved notable resource reduction, it remains uncertain whether it has yielded a better long-term ROI.

Prisma Cloud is remarkably expensive. Not everyone can afford it, without a doubt. Although we don't directly sell the product, we occasionally engage in reselling certain components, and it requires significant effort to make sales. There's no denying that it's expensive.

I evaluated Snyk, which is a competitively priced product. However, I personally am not very familiar with how it works or the benefits gained by the different clients I've worked with, as I haven't had much experience with it. I conducted a couple of use cases and found it to be quite similar to Prisma Cloud in terms of features, although the interface has a different look and feel. I have been informed that Snyk is considerably cheaper compared to Prisma Cloud.

I would rate Prisma Cloud by Palo Alto Networks a seven out of ten, primarily due to the need for improvement in identity-based micro-segmentation and cloud network security. I appreciate the potential it offers for deployment, but the new module has yet to reach a point where we can effectively reduce risks.

All the cloud environments existed before Prisma Cloud came in. I don't believe we can build many things using Prisma Cloud, except for implementing guardrails. For instance, we can secure these workloads, but it will take time for them to be fully developed. The scanners, such as the infrastructure as code scanners that Prisma Cloud can certainly check, are capable of performing static and code analysis, among other tasks. However, I don't think Prisma Cloud is designed specifically for that purpose.

Prisma offers risk clarity from a core security perspective, but it does not cover the entire pipeline. To cover the entire pipeline, we would need to utilize a SaaS or DaaS tool. Prisma Cloud cannot serve as a substitute for those tools.

I used to primarily work with cloud-native services. So, I would leverage cognitive services across all three clouds. That was my main focus initially. However, now I have started using other tools such as Snyk and various reports. Additionally, I have also recently started using CSPM. I'm not entirely familiar with all of them yet, but I have been working on them since the beginning.

No maintenance is required from our end.

We use the solution for three areas, CSPM, CWPP, and Cloud Security.

We use Prisma Cloud by Palo Alto Networks mostly for CSPM. CSPM helps us identify and fix misconfigurations in our cloud environment. This can help us prevent security breaches and improve our overall cloud security posture.

Prisma Cloud also provides CWPP. CWPP helps us protect our cloud workloads from malware, ransomware, and other threats. This can help us keep our data safe and secure.

Prisma's Cloud security is something we are still working on.

The solution is deployed as SaaS.

The solution provides security across multi and hybrid-cloud environments. However, we are currently only using it for the public cloud. We do not use it for any hybrid solutions, and we are not running any on-premises solutions on it.

The solution covers the full cloud-native stack with a single pane of glass. If we need a holistic view of our security posture, Prisma Cloud is a good option. It provides a single pane of glass for managing our security across all of our CNCF workloads.

Overall, Prisma Cloud by Palo Alto Networks is a very good product. I have been using it for the past four years, and I found it to be very effective in helping me to understand my cloud security posture. 

I will use the CNCF as an example. I really like the complete tool. When we first started to use the cloud, we didn't know what we were doing. Only the admins knew what they were doing wrong and what the threats were in the cloud. Cloud is a shared responsibility between us and the cloud provider. This is true for any cloud provider, such as GCP, Azure, or AWS. We don't have visibility into what admins are doing wrong or right, or how many admins keep our configuration secure. On-premises has parameters, but the cloud does not. The solution provides visibility into what is wrong in our environment, what has been done wrong, and what we can do to correct it. This is because of the configuration and the misconfiguration. From an architectural perspective, if we are doing the first step wrong, there is no point in going to the second step and making it correct. We should make our first step correct. Prisma Cloud provides visibility for us to do this.

Prisma Cloud's comprehensiveness for securing the entire cloud-native development lifecycle across build, deploy, and run is good. The solution provides a single pane of glass for everything, including core security, data security, CSP, CWPP, and EIM security. Other good options are available, but they do not offer a single pane of glass. Instead, they are individual products or modules that must be used separately. Prisma Cloud can improve IM and data security, but if we do not want to use multiple tools, Prisma Cloud is a good option because it offers a single pane of glass for all our security needs.       

Prisma Cloud provides the visibility and control we need, regardless of how complex or distributed our cloud environment becomes. We can see how many complaints and alerts we have, which gives us a sense of security. 

Prisma Cloud enabled us to integrate security into our CI/CD pipeline and add touchpoints into existing dev ops processes.

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications without having to manage and reconcile discrete security and compliance reports. For operations, the capability of CSPM works well.

Prisma Cloud provides risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases. Our developers are able to correct issues using the tools they used to code. Some of the results are false positives but the majority are not.

Prisma Cloud helps reduce some of our runtime alerts by 40 percent.

Prisma Cloud helped reduce our investigation time by up to 60 percent. 

I find the CSPM area to be a more valuable and flexible feature. We have control in our hands, and we can do anything we want with our cloud security posture management.

Prisma covers all the CNCF areas. However, they are not the best in all of them. For example, their identity controls are not the best. They have modules for identity controls, but they are not the best in the market. The same is valid for data security. AWS and Azure have better native data security than Prisma. Individual modules, other than CSPM and CWPP, could be improved.

The security automation capabilities are average. They have a semi-automated remediation policy, but many tools on the market can automatically remediate based on the resource and desired outcome we need. Therefore, I think the automation of alerts could be improved.

The visibility of the reporting data for CI/CD can be improved in our console to make the output visible to management and developers.

I have been using Prisma Cloud by Palo Alto Networks for four years.

Prisma Cloud is stable.

Prisma Cloud is a scalable platform that releases new modules every six months.

The technical support is good.

Positive

The initial setup is straightforward for an experienced person who follows the instructions. If we have all the necessary resources, the deployment can be completed in one day.

I first started with the CSPM, then the CSP medium, about a year before moving to computing. I then tried data security for native security and more outside and code security.

We used Palo Alto Networks' Professional Service, which was included in our credit and license. They provided us with assistance with the initial implementation, and we were satisfied with their services.

We have seen a return on investment from using Prisma Cloud because it has improved our compliance and security posture.

The pricing is reasonable. However, I think some modules need to be restructured, particularly those related to data security. The licensing model for data security should be compared to the native security offered by AWS and Azure.

We evaluated Wiz and CrowdStrike. We initially started with CSPM, so Prisma Cloud was more flexible. The representative of the Prisma Cloud CSPM was better and more user-friendly. It gave us more permissions, more controls, and it wasn't complex. We could still do whatever we wanted if it was not given by Prisma out of the box. Therefore, we chose Prisma Cloud.

I give Prisma Cloud by Palo Alto Networks an eight out of ten.

If you are new to the cloud and you are not sure where to start, I would recommend using Prisma Cloud. It will give you a comprehensive view of your cloud security posture and help you to identify any areas where you may be vulnerable. You can also use Prisma Cloud to test and evaluate different security controls before you deploy them in your production environment.

Our entire company uses Prisma Cloud. Anything we deploy in the cloud is protected by the solution.

Prisma Cloud does not require maintenance from our end.

If someone is new to the cloud and looking for cloud security, I think the best place to start is Prisma Cloud. Prisma Cloud offers a comprehensive set of security capabilities, including CSPM, workload security, and cloud security. We can start by using the CSPM module to assess our cloud security posture and identify any potential vulnerabilities. Once we have addressed any critical vulnerabilities, we can then move on to the other modules.

Everything is a lesson because we started with no knowledge. We did not know that there would be many risks and offenses involved in our cloud security environment. We need to know all of the risks, and we can overcome them with Prisma Cloud.