Cortex Cloud by Palo Alto Networks Reviews

It's a service that we have acquired for our cybersecurity department. We deployed Prisma Cloud by Palo Alto in all our clouds, which are Amazon, Azure, and Alibaba.

We are doing cloud security compliance as a security posture, and we are also doing workflow protection.

The solution gives us a lot of visibility across all of our cloud solutions. It helps with the security posture across all of our clouds. 

The security posture and workflow protection are excellent.

From the initial POC, compared to what we had witnessed with Check Point, it's easier to use.

Prisma Cloud is quite a good solution. However, the price is not good. 

We'd like to have more native integration with clouds and additional security checks in the future. It will be nice to see a general evolution of the solution. 

I've been using the solution for about one year.

The stability has been good so far after less than a year of use.

We are early in the process in terms of using the solution. We're not expecting to scale in the next few years. The problem there will be the licensing costs.

Right now, the environment we use is quite big already. We have several clouds already and need the visibility the solution provides. 

Our consultants deal with technical support. I do not deal with support directly. 

We did not previously use a different solution. We wanted our partner to validate our security with a tool from time to time. However, it was a service they were providing to us.

My team was involved in the deployment. I was not directly involved. It was straightforward with the help of our consultants.

Our consulting partner helped us with the initial deployment. 

We witnessed an ROI. It helped reduce risks and sped up threat detection. We avoided human mistakes as well while using this solution. 

We noted the value almost immediately once it was deployed. 

The price is high. In the future, when there are more competitors at the same level with different clouds, maybe the position will be different. 

We evaluated Check Point due to the relationship we have with them. Yet, they did not completely support Alibaba. Alibaba was only compatible with Check Point and Prisma. However, Check Point was at a very early stage and not quite as developed. 

I'd rate the solution an eight out of ten. 

I was looking for one tool which, as a WAF, could provide me with information regarding applications  and with features where I can oversee things.

We use the solution's ability to filter alerts by levels of security and it helps our teams understand which situations are the most critical. Based on the priorities that I get for my product, I can filter the notices the team needs to work on, to those that require immediate attention. That means it's easier for me to categorize and understand things exactly, on a single dashboard. I can see, at one point in time, that these are my 20 applications that are running. Out of them, I can see, for example, the five major vulnerabilities that I have — and it shows my risk tolerance — so I know that these five are above my risk tolerance. I know these need immediate attention and I can assign them to the team to be worked on immediately.

Instead of going for multiple tools, this tool has helped me to have one platform where I can have all the features and information I'm looking for.

The tool is working on the principles of governance, risk, and compliance as well. It even helps me in application-level firewall security. It's not just a single tool. It has helped me find out details about multiple things.

The integration with user tools is pretty easy; it's user-friendly.

In terms of a reduction in alerts, it has helped me out in not putting unnecessary time into a couple of things, which can be figured out at a glance. I would estimate the reduction in alerts at about 40 percent.

I was looking for a vulnerability scanner and I was looking for one place in which I could find everything. This tool not only does vulnerability scanning, but it also gives me an asset management tool.

It has been good in my test environment when it comes to scanning my infrastructure.

We would like it to have more features from the risk and compliance perspectives.

On the governance side of it, we did want it, but the licensing costs for that are so high. As a result, I have to integrate this solution with a couple of additional tools. For example, suppose I wish to assign something to an organization or to another person. To do that I have to integrate it with something like JIRA or Confluence where I can ask them to provide the pieces of information. If the licensing costs were a little lower, I would have been able to assign it then and there. As it is, though, I need to assign it from one platform to another platform, one where the team of engineering people is working. I still need to go to multiple platforms to check if something was assigned, and I have to keep checking between the two platforms to see whether it's not done or not.

We have been using Prisma Cloud by Palo Alto Networks for five months, testing it and evaluating it during that time. We are planning to purchase it.

I have been evaluating this product from the point of view of DevOps. I have not been evaluating it from the security operations point of view.

Prisma Cloud actually has two solutions. One is a cloud-based solution and the other is their on-premise solution. I have had a look at and tested both of these tools.

It's a stable product.

It's scalable. We discussed that with them. We also discussed the scenario where I want to move from one cloud environment to another, or if I make some other changes. How flexible is the tool as far as working with different cloud environments goes? And it is perfectly fine in that regard.

If we deploy it, I will be using it quite extensively for my day-to-day vulnerability scans.

I would rate their technical support at nine out of 10. They have been very supportive. Every time I have called them they have been there for me.

I was using multiple tools from here and there: one tool for vulnerability scans, one for risk management. But this has provided me an answer for not just one tool but for multiple requirements that I have.

The initial setup was easy. I got to help from their technical department and the device is more or less plug-and-play. If you have specifications which are required by the cloud, and your products are running on those specific cases, then it becomes quite easy. You just have to install it and it's good to go in your infra.

Since I did it for my development center only, I just had to install one installer and then the agents were installed automatically after running a script. For the whole environment, it could not have taken more than a day or two.

Security tools are not cheap. This one is a little heavy on the budget, but so are all the other security tools I have evaluated.

There are no additional costs to the standard licensing fees for Prisma Cloud.

I looked at Trend Micro Cloud One Workload Security. Both it and Palo Alto Prisma Cloud are good for container-level security and scanning. But the financial part of it and budgeting play an important role.

With Prisma, it's not just one feature. It has also provided me with solutions for a couple more of my requirements. That was not the case with Trend Micro. In addition, Prisma Cloud was easy for me to figure out. The only con I see in Prisma Cloud is that because of its cost, I have to use multiple tools.

It's a good tool. I would tell anybody to give a shot. It's easy, it's user-friendly; it's like a plug-and-play tool.

I am a single point of contact for this solution, right now. I'm working on it with my entire management to review things. I have to coordinate because of the multiple platforms they have. Roles have been assigned at different levels. There is a consultant's role, a reviewer's role, and there is an implementer's role. The latter is supposed to be working with them.

Root cause analysis needs to be done at my own level. The solution does inform me that a predicted vulnerability exists and this is the asset where it could be happening. But the intelligence has to be provided by the security consultant.

If something becomes visible during the build phase, we already have a pretty good area where we can change the product so that it does not impact the production environment.

The solution provides an integrated approach across the full lifecycle to provide visibility and security automation and, although we have not started using that part of it yet, it will definitely enable us to take a preventive approach to cloud security when we do use it.

Overall, it provides all the pieces of information that you require, in one place and time. I think it's going to be good to work with them.

We use Prisma Cloud for the banking sector to check the policies as required.

Prisma Cloud provides security scanning in multi and hybrid cloud environments. This is important because customers often ask if they need certain services, such as detection, auto-remediation, and policies. AWS has all of these features, but why would a customer use anything else? The answer is that Prisma Cloud is multi-cloud, so it can monitor multiple clouds as well as on-premise networks. This is often a key requirement for customers.

Prisma Cloud can help us take a preventative approach to cloud security. It is built for developers and provides a range of features, including RQL, multi-cloud support, and endpoint detection.

Prisma Cloud provides the visibility and control we need. It properly manages all cloud assets and provides information about assets in our cloud.

Prisma Cloud provides us with a single tool to protect all our cloud resources and applications, eliminating the need to manage and reconcile disparate security and compliance reports.

Prisma Cloud provides risk clarity at runtime and throughout the entire pipeline. It also shows issues as they are discovered during the build phases.

The developers are able to correct issues using the tools they used to code.

The alert investigation time has been reduced by half an hour.

Prisma Cloud's most important feature is its auto-remediation. This feature automatically fixes security vulnerabilities in our cloud or on-premises environment. This can help us to improve our security posture and reduce our risk of a security breach.

Prisma Cloud lags behind in terms of security automation capabilities. Specifically, the investigation feature is not fully automated and requires users to know the RQL language. This can be a barrier for new users.

Prisma Cloud is not updating the real-time information on the UI for our cloud assets. It takes approximately two to three hours for the information to be updated.

I would like Palo Alto to provide a three-month free trial for Prisma Cloud.

The stability has room for improvement.

I have been using Prisma Cloud by Palo Alto Networks for two months.

Prisma Cloud is not stable except for our AWS clients.

Prisma Cloud is scalable.

The initial setup is straightforward. The deployment can take anywhere from two days to 15 days. We deploy based on the customer's requirements. 

We implement the solution for our clients.

Prisma Cloud is more expensive than Check Point CloudGuard.

I give Prisma Cloud by Palo Alto Networks an eight out of ten.

Based on an organization's basic requirements for auditing and detection, I would recommend Prisma Cloud.

The best thing I have learned about Prisma Cloud is that it is a single platform, like SIEM. This is beneficial for network engineers because it reduces the complexity of finding the cause of an issue. With Prisma Cloud, everything can be found in one place.

We use cloud solutions generally for client demos of products.  

It has not been implemented, but Prisma or Dome9 will provide us with better cloud security and less administration time for our cloud instances. 

RedLock is quite good for providing multi-clouds or cross-cloud security.  

In our testing, we have found the Check Point product CloudGuard Dome9 to be more user-friendly at this point. Palo Alto Prisma's interface was not as user-friendly. Palo Alto should work on this part of its solution to be more competitive with ease-of-use. I do not feel Palo Alto is short of any features, but if we compare the two side-by-side, I think the user interface for Palo Alto needs to be improved to make it at least as good as Dome9.  

We just started evaluating it, so we have just been using it for a little more than a month doing some evaluations and proof of concept.  

The product is stable.  

We have not tested scalability extensively to this point because our cloud accounts are not being used so much that it warrants scaling it up. We only dedicated a small amount of resources for the product at this point while exploring it.  

There are up to 10 users on RedLock in our company and there are never more than 10 at this point.  

We worked with both the Palo Alto and Check Point technical support teams during our evaluations. So we were connected to the technical team at Palo Alto. Their technical support was excellent. The presales team was very proactive and helped us in every aspect we needed to resolve our queries during implementation and they provided knowledge to our team internally. The technical support from both vendors was very good. This was not a problem.  

We have been using the native security solutions from each of the clouds or cloud service partners we deal with, but they have limited functionality. That is why we began to look into other options. 

The initial setup was not too easy and yet not too complex. It was pretty good. The deployment took a couple of days. For deployment, it required only one person. For maintenance, it requires a team of engineers. We have a team with different roles and responsibilities. We have someone from the network team, we have someone from the infosec [information security] team, we have someone from the cloud team, and we have someone from our Unix team. So there is one person from each team who has been assigned roles and responsibilities with explorations of Prisma. The team monitors the system on a day-to-day basis and checks for threats and then, according to what they find, then they decide on any necessary course of action.  

Our company did the deployment ourselves with an internal team. We did not use an integrator or consultant.  

We did not use any specific or dedicated cloud security product before evaluating the options we chose to review. Currently, we do not have any specific product that we purchased specifically for cloud security. Recently we came across Palo Alto Prisma Cloud Security and Check Point Cloud Guard Dome9 products and we chose to evaluate both and engage in POCs.  

We wanted to find some solution where we could see all our cloud accounts and manage them in one single pane of glass. When we used the native solutions that were in place through our cloud providers, we had to manage several different clouds by going to each individually. These dedicated products have everything for cloud security management in one place and we can monitor all our cloud activity from there. There is also the benefit that the functionality of dedicated products is more robust.  

Currently, we have stopped using RedLock. We are focusing on exploring Dome9 by Check Point. We have found it very easy to use and the interface is quite user-friendly.  

The advice I would give to someone seriously considering these cloud solution products is to be careful with procedures you use while testing them. During the setup phase, there were not many challenges. But while integrating the cloud accounts, I would recommend the users initially provide only read-only access not read-write access, just as a precaution. The users should also be cautious not to expose cloud data to vendors like Dome9 or Palo Alto or whomever the vendor will be.  

On a scale from one to ten where one is the worst and ten is the best, I would rate the Palo Alto product overall as a seven-out-of-ten. Dome9 I would currently rate eight-out-of-ten. Palo Alto's rating could improve with enhancements to ease-of-use.  

I have onboarded AWS environment accounts for some clients and some online hosted repositories on third-party platforms.

We currently have four modules. We have Application Security, Runtime Security, and Cloud Security. The latest one is Data Security, but I have only been using the other three modules.

I have mostly onboarded accounts. I have not used its other features much. I am aware of the environment dashboard that we get after 24 to 48 hours of scanning. The suggestions that they give are in a curated manner. We can see what steps we can take to minimize risk or remove critical or high-level vulnerabilities. This categorization based on severities helps us to prioritize which risks need to be remediated first.

It helps us to prioritize. We can see what is the scenario at the network level, identity level, or Internet exposure level. On the basis of these categories and on the basis of severity, we get the whole cloud security posture of the environment and also the suggestions.

It has helped save some time. The customer environment can be very vast, and the use cases can vary. A startup environment or beginner-level cloud environment is easy to check manually, but for users who have been using cloud environments for three or four years, manual checks are not efficient. Prisma Cloud saves time and costs. We are able to give a much more informative review of the cloud environment.

Prisma Cloud is a cloud-native application protection platform. That is what we showcase to our potential customers. It has helped us to gain the confidence that we can proactively monitor a cloud environment or a repository. One of my recent use cases was related to the repository. The establishment of trust is there, and the extent of cloud security services has also rapidly increased for our organization. This offering has been a great pillar for our organization.

It not only provides the risks and misconfigurations; it also includes compliance, so the industry-level standards are also monitored.

I started onboarding environments only two or three months ago. After the first scan, I could see the cloud security posture on the dashboard. In some cases, I could see misconfigurations and some package-level vulnerabilities. They were all categorized on the basis of severity. I discovered all these things. Out of them, some issues were commonly found. We are able to resolve them in the easiest manner. Considering the number of issues that it discovered, it would have taken us months to monitor all the events manually. The customer environment keeps changing and the requirements also change, so the cloud security posture also changes. Prisma Cloud scans on a regular basis and saves a lot of time.

The visibility level that it provides is the best. It is not restricted or limited to a few attacks or vulnerabilities. Every day, any type of attack can happen. There can be an attack of any severity. We are able to see all the possible incidents and all the possible issues in the environment. It has made us proactive, so our confidence has also improved.

The dashboard gets updated on a real-time basis. The first time, it takes 24 to 48 hours. After that, the latest scan is always available. It is consolidated. We get a detailed and comprehensive view from Prisma Cloud. It is easily accessible from the command center.

Prisma Cloud has saved us time. It helps us to fulfill our commitments. Without Prisma Cloud, it would take us double time to deliver to our customers what they want.

I believe it covers the containers and host-level security. It does provide information about how many hosts are in the environment and how many containers are deployed on Prisma Cloud. It tells us if any of the containers or hosts are affected and by which vulnerability. A comprehensive view of all that is available. We can see package-level vulnerabilities for PHP packages, Python packages, etc.

Visibility and control are the most utilized features. A dashboard is available to us where we can view different categories. We can see any IAM-related risks, any discovered vulnerabilities, any incidents, or any network-level issues. So, visibility and control are the most utilized parts. We can also view possible remediation or suggestions for each of the issues.

I recently onboarded some of the repositories, and for that, the issues were categorized into four types. The view was not very easy to understand. The Application Security dashboard was not as user-friendly as the Cloud Security dashboard. The Application Security dashboard can be improved in terms of UI. The categories provided should be helpful for the ones who are using it for the first time.

Other than this, I do not have any areas for improvement. I am a new user. I entered the domain of cloud security only six months ago. Before that, I was in a different domain. As of now, I see Prisma Cloud as an excellent tool.

I have been using Prisma Cloud in my current job role for the last six months.

It is stable. I have not had any issues.

I have not faced any limitations.

I have not interacted with their support.

I have not worked with any similar solution previously.

It was already installed when I joined. I only had to ask for some admin access, which was configured by the internal team in the organization, and my account was easily onboarded. 

The client account onboarding was also seamless. So far, we have onboarded five to ten accounts. Regarding the number of users, we provide limited access because it is a matter of cloud security. Overall, there are five to ten users, which also includes customers with view-only access.

It was already here when I joined.

I would absolutely recommend Prisma Cloud for cloud security posture management. It is great for onboarding cloud accounts. It is also good for onboarding repositories to improve application security.

I would rate Prisma Cloud a ten out of ten.

In terms of our use cases, we are a telecom firm and we work a lot with telecom firms around the world, and so we have a lot of solutions other than Twistlock. We have applications, we have consumer-based solutions that we run on a daily basis, and heavily regulatory processes as well. We found it's better that we move our core application than our user systems on container because they're quick, they're effective, easy to deploy, and easy to maintain. But because of the sanctions, heavily regulated security is a very core part of the entire environment, and thus we had to go ahead and look for a solution that would help automate that security part and because it was almost impossible to go about doing that manually.

In terms of improvement, there are some small things like hardening and making sure the Linux resources are deployed well but that's more at an operational level. Day-to-day, we do find a lot of issues but having a tool to help us with them is what we want because manually, it's not feasible for us. Other than that, we not really looking for any other add-ons or plug-ins because that was our core problem.

We have been using Twistlock for just under five months. 

We had deployed it on-prem like it was on our infrastructure. It is primarily in our hands how we want to scale it because we could have run that across all of our data centers and multiply the licenses because it was fairly easy to acquire this. We have a running relationship with Palo Alto but we did not face any direct issues with scalability at the moment because we were running it on our premises.

We have people from Palo Alto. We have not had any major issues as such therein we had to reach out but there are some times we create service tickets that go to Palo Alto because Twistlock has networking image of audio open-source development so maybe sometimes there are glitches in that, and we reach out to them but more often the network is just that. We've never had any issues, major or drastic, issues that we need to reach out to L1 and L2. 

The initial setup was very complex. We have more than 10,000 servers on-premises and this is excluding what we have off-prem and on cloud deployment as well.

We used an integration because we got them from Palo Alto. We have a network firewall from them. 

I would say Twistlock is a fairly sophisticated tool. It's not the most user-friendly so if somebody wants to use it for their deployment, their firm, they need to have the right people on your team to know how to use it because it's not a plug and play kind of software, like Aqua Security which is a little more plug and play. I think it's easier, more user-friendly, and has a more flexible kind of deployment. If you can configure it well, Twistlock is a lot better in providing you real-time statistics than Aqua Security.

I would rate it an eight out of ten. 

I recommend two months of POC in this. It's fairly new but until now it's been pretty good.

We use Prisma Cloud to check for vulnerabilities and handle integration with the Azure Cloud.

Prisma benefits the company by securing our infrastructure and monitoring the logs. We realized the benefits immediately. For example, our Windows Server went down the other day, and Prisma Cloud quickly caught it. 

It has helped us build confidence in our security and compliance. Prisma Cloud enables us to implement all these SOC 2 compliances and check the security. It provides visibility and control regardless of how complex our environment is. 

Prisma Cloud offers a single tool for checking all this information. It's saved us time and money, reducing the time we spend on these tasks by around 10 percent. It also decreased our runtime alerts by 10 percent. 

I like Prisma's identity and access management features. The AI event-driven model has helped us a lot.

The cloud integration is too complex. It should be simple to integrate Prisma Cloud with any cloud environment. Policy management could also be simpler. 

I have used Prisma Cloud for two years.

I rate Prisma Cloud 10 out of 10 for stability.

I rate Prisma Cloud nine out of 10 for scalability. 

I rate Palo Alto support seven out of 10. 

Neutral

We previously used FortiGate, FortiAnalyzer, and FortiCloud, but management decided to switch to Palo Alto. 

Deploying Prisma Cloud can be straightforward or complex, depending on the client. Previously, I worked for a managed service provider. We have multiple clients on the cloud, so it depends on the client's situation. We mostly work for large enterprises and some SMEs. It takes around a week to deploy by a team consisting of me and two or three managed service engineers. 

I rate Palo Alto Prisma Cloud eight out of 10. I would recommend it to large enterprises. 

Our primary use cases are for container security and for auditing purposes. 

We have multiple clusters. 

Palo Alto enables us to know what security threats are happening in the background. 

It provides the visibility and control we need regardless of how complex or distributed our cloud environment becomes.

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications, like what we need to manage and reconcile security and compliance reports.

We have been enabled to reduce runtime.  

Prisma Cloud provides risk clarity at runtime and across the entire pipeline. It shows issues as they're discovered during the build phases.

The most valuable features are code security and container security.

It gives us awareness about any security breaches and if there are any vulnerabilities. 

Palo Alto provides security scanning for multi and hybrid cloud environments. We need to know where there is a threat. Palo Alto monitors and reports it.

It can be integrated into any alerting tool that has enough automation and capability. It can pull some of the metrics without an agent.

Prisma Cloud provides risk clarity at runtime and across the entire pipeline, like, showing issues as they're discovered during the build phases.

There are some operational issues but testing it is good. 

The UI is the worst. 

I have been using Palo Alto Networks for two years.

The stability is good. I would rate it an eight out of ten. 

The scalability is good. 

Their technical support isn't on an expert level. They need to improve. 

Neutral

The deployment time takes around two to four weeks. The understanding of the product takes around six months.

The initial setup was straightforward. 

It does not require regular maintenance. You need to do maintenance around every six months by updating the agent. 

I would rate Prisma Cloud by Palo Alto Networks a seven out of ten.