What advice do you have for others considering Cortex Cloud by Palo Alto Networks?

The influence of the AI-powered prioritization and action plans on my customers' risk management processes is significant. The AI Copilot has actually helped customers with a lot of reporting and real-time monitoring. There is a storage-based monitoring that we used to do where only the storages were basically monitored or certain PII-based data used to be monitored, which was under an object store or maybe a block storage. This used to be very helpful for our customers. Cortex Cloud by Palo Alto Networks has reduced the time spent on incident investigations to a degree. The investigation team and the tool work on these incidents. I have observed a change in mean time to response since implementing Cortex Cloud by Palo Alto Networks. It has been very quick. There has never been a long time, so it is very spontaneous. If you talk about the SLA, I would still say ninety-nine percent, and it is fairly very spontaneous. There is no downtime that I have seen till date, even after the deployment is done, so it is quite good. Cortex Cloud by Palo Alto Networks does offer a cloud security ops dashboard, but it is in a very early stage right now. Customers can use or modify the dashboards based on the filters that are provided. The filters would be quite generic, such as alerts raised over time, vulnerabilities or CVs raised in twenty-four hours. Only the filters that are provided would allow customers to monitor and extract reports based on those filters, but not the custom filters that are provided yet. The unified data setup in Cortex Cloud by Palo Alto Networks has helped to streamline security intelligence efforts for my customers. It is all linked to the machine learning that runs behind the AI Copilot and the anomaly detection that was mentioned. It is all integrated in the product and the tools. Customers make a lot of benefit out of it. I would say it is fairly done well. Cortex Cloud by Palo Alto Networks' cloud runtime security in terms of stopping attacks in real time is impressive. The workload protection module is specifically meant for the runtime workloads. The platform offers this capability using the runtime protection in real time. It is quite a perfect and very capable tool. The entire idea behind the creation of Cortex Cloud by Palo Alto Networks runs on this basic nature, that it helps both the security posture management and runtime security. It is a fairly good tool and is only built for that. When there are updates and upgrades of the product, there are certain challenges. Generally, when there is an upgrade for the platform, there is a self-hosted edition where everything is maintained by the customer themselves. We are not supposed to make any sort of changes with their environment. Customers would face certain challenges and different maintenance windows are rolled out, so they have to tag along with that and then make certain changes to their environment. It is completely handled by them. This is when we see some challenges and support tickets raised. On the other platform, which is the SaaS version, we only take care of all the upgrades, so there is no problem there. I give this review an overall rating of nine out of ten.

The capabilities of Cortex Cloud by Palo Alto Networks are valuable because it is the best product in the market. I have been working with cloud security over the last several years, and there are only two or three products that are mature enough to promote security from the beginning without proper access to assets such as VMs or containers, through to the end of the maturity level, including runtime protection. There are just three products in the market that are able to do this: Cortex Cloud by Palo Alto Networks, previously known as Prisma Cloud; Falcon Cloud Security from CrowdStrike; and Cloud One from Trend Micro. Cortex Cloud by Palo Alto Networks is easy to adopt. I usually use Cortex Cloud by Palo Alto Networks tools, such as attack surface management and the observability that is included with the platform. The effectiveness of Cortex Cloud by Palo Alto Networks' behavioral threat protection and anomaly detection features is the best solution that I know, because Palo Alto has the knowledge for detection and to respond with Cortex XSOAR. In fact, inside Cortex Cloud by Palo Alto Networks, they already have orchestration playbooks able to protect cloud environments. I am confident with the protection that Cortex Cloud by Palo Alto Networks already has. The automation features of Cortex Cloud by Palo Alto Networks are excellent because the reports have all of the procedures required to conduct automation. We can develop playbooks inside the platform, which is easy and effective. My impression of Cortex Cloud by Palo Alto Networks' cloud runtime security in terms of stopping attacks in real time is that it is impressive. I created some policies to prevent malware and crypto miners, and it worked very well. The influence of the AI-powered prioritization and action plans on my risk management process with Cortex Cloud by Palo Alto Networks is significant because attacks are faster today than they were before. I know that Palo Alto has a large data lake to provide faster detection response. They are using machine learning and AI models to accelerate detection. For me, this is essential. I have noticed that Cortex Cloud by Palo Alto Networks' Cloud Security Ops dashboard has a better ability to monitor and manage cloud security posture than Prisma Cloud did. Because it is quite similar to the XSIAM dashboard and I can see all of the sources, it is easier to see all data sources and navigate. I am confident that there are some improvements in the usage of the dashboard. Even though the product is still not the cheapest one, it is worth the money that you have to pay for it. Customers will have additional benefits by adopting the Palo Alto ecosystem products such as XSIAM, XSOAR, XDR, and firewalls. My overall rating for this review is 9.

I did not use the AI and automation features of Cortex Cloud by Palo Alto Networks at the forefront initially. What I use it for is to ask questions and get answers. I conduct my research on upcoming threats and vulnerabilities and straight away ask the AI whether I am vulnerable to a specific CVE or whether a particular threat is valid for my environment. From last quarter itself, I started exploring the AI feature. My experience is that it is very, very good because I don't need to dig deep into the asset inventory to look for vulnerabilities. I just need to ask the AI by giving the CVE number and asking whether I am vulnerable to it, and it will show me what assets are involved that have this vulnerability. I have not worked on runtime security with Cortex Cloud by Palo Alto Networks. In most cases, I work on CSPM, which is Cloud Security Posture Management, and application security. However, my team works on runtime security as well. Last year, they started this module and integrated it into Cortex Cloud. As I talked with my team, they shared their experience that it reduces the MTTR for attacks, which is actually the Mean Time To Detect. This is because Palo Alto Networks has around 10,000 plus detectors. Because of these capabilities, it detects runtime attacks very quickly and reduces the MTTD.

From the features perspective, anomaly detection and behavioral threat protection features are all present in the product, and they work very well. MITRE confirms this because Palo Alto achieves 100% detection and reaction without any modification of the software or patching. AI is one of the main engines inside the system. AI is very present in all Palo Alto solutions, so there is nothing new from this point of view. Palo Alto was probably the first to invest significantly in AI when others did not even understand what AI meant. Palo Alto always mentions MITRE, which provides 100% detection and reaction with the default configuration from the software factory. I believe any other discussion is trivial. You have a cloud instance, and then you have to install the endpoint agents in your infrastructure where needed. Cortex Cloud by Palo Alto Networks is in a cloud managed by Palo Alto. I remember that it is probably on Google Cloud. Whether it is easy to answer depends on how you configure it. From what my colleagues tell me, in general it works well. Automations due to AI mean that sometimes you do not need to do anything, and in other cases you have evidence of an issue and then you need to analyze. The requirement is very variable. These tools help a lot because in general in cloud there are many parameters to consider, and having something that provides you prioritization is very helpful. This is especially true when you have dozens of thousands of issues to manage because you are using open-source software and do not know where to start. The solution itself is very good. Considering the limitations due to licensing and other factors, if we talk about Cortex Cloud by Palo Alto Networks specifically, it is a different product because the licensing has improved significantly. Cortex Cloud by Palo Alto Networks has the possibility to integrate other solutions by Palo Alto and firewalls. This makes it a framework, whereas Wiz, for example, is standalone software doing only that one thing. If you need to integrate other pillars of the customer, it becomes difficult; you cannot do it with this solution. If I consider Cortex XDR, the rating would probably be lower because the commercial licensing for Cortex XDR is still too weak. My overall review rating for this solution is nine out of ten.

Regarding AI features, I do not know anything about the AI features on Cortex Cloud by Palo Alto Networks that I am aware of. In evaluating detection coverage in a MITRE ATT&CK evaluation regarding protection, I think Cortex Cloud by Palo Alto Networks has a larger threat protection landscape than its competitors, making it probably a strong solution in its market. In terms of effectiveness, the behavioral threat protection and anomaly detection features in Cortex Cloud by Palo Alto Networks have received no complaints from the customers I have put it through, so I think the answer to that question is strong. Cloud Security Ops Dashboard does impact cloud security posture monitoring, as it provides strong visibility, making it a lot easier to view, and I think it reduces the time spent navigating the solution. Regarding improvements in incident close rates with the adoption of the product, I am not certain. I did not have visibility into the close rates beforehand, so I cannot say what improvements it has brought in. Regarding AI features in the product and potential new features needed, I would not know how to differentiate between a product that presents findings based on what it has seen versus one that uses AI, but from my understanding, I have not potentially used those features yet. It could be using a different engine powered by AI, and I would not recognize it, but it is hard for me to answer that question clearly. I would rate this solution a nine overall.

Cortex Cloud by Palo Alto Networks integrates effectively with standard vendors, supporting all major cloud providers and allowing for ingestion of third-party threat intel. Although we do not utilize this feature as we rely on Palo Alto's Unit 42 for our threat intelligence needs, the integration capabilities with tools such as ServiceNow and email solutions are quite seamless. The time spent on incident investigations has drastically reduced after adopting Cortex Cloud by Palo Alto Networks, as we moved from no solutions to an all-encompassing one. The tool has significantly decreased resolution times, although some complex incidents still require lengthy investigations due to their nature. The Cloud Security Ops dashboard of Cortex Cloud by Palo Alto Networks provides an excellent overview of our security posture, enabling us to track trends and prioritize incident handling. It facilitates quick assessments of vulnerabilities, though manual judgment remains essential. I am unsure about the impact of the unified data setup in Cortex Cloud by Palo Alto Networks on my security intelligence efforts, as I do not recall activating it in our environment. I would rate Cortex Cloud by Palo Alto Networks a seven out of ten overall.

We help our clients with this product and are closely working with them on these products.We are partners of Palo Alto Networks and sell the solution. From switching from IBM to Palo Alto Networks, I am not certain if I noticed a change in mean time to response, such as MTTR, since implementing Palo Alto Networks. It is easier, but I cannot specify by how much. Overall, I rate Cortex Cloud by Palo Alto Networks as an eight out of ten. I think that it could improve on price, as I know that the Google solution has the best price, and this is one of the conditions. My overall rating for this product is eight.

I'm currently moving to Palo Alto in CyberSafe. I'm totally with Cortex Cloud by Palo Alto Networks solution. I'm working with technology of Palo Alto, and the company is making a change in terms of investment in this positioning. We have developed a good partnership with Palo Alto at the moment. We are one of the three main partners here in Portugal. We have changed our strategy accordingly. At the moment, the feedback we have is that Cortex Cloud by Palo Alto Networks covers the needs of our clients. We have no issues related to this service because although it's a service being developed, I think this is version two of Cortex Cloud by Palo Alto Networks. Cortex Cloud by Palo Alto Networks has a really high price. This product is for very mature companies. We are talking about insurance companies and banking companies who need compliance. This is for a mature market, not for small or medium enterprises. The pricing for a bank or big companies is acceptable, and I understand that. It's the platformization that Palo Alto and others are doing, consolidating everything into one platform. You have several solutions and they are centralizing it. That's why Cortex, Prisma was the initial name of this solution, and it's now Cortex. We are exclusively selling Cortex Cloud by Palo Alto Networks. I'm both a reseller and integrator. I would give Cortex Cloud by Palo Alto Networks a nine out of ten. I have never seen anything like it for cloud protection from any vendor. My final rating for Cortex Cloud by Palo Alto Networks is nine.

Overall, Cortex Cloud by Palo Alto Networks is a technically strong product, and I rate it ten out of ten. I recommend it due to its strengths in security management.