Try our new research platform with insights from 80,000+ expert users
Aditya Thakur - PeerSpot reviewer
Cloud Security Engineer at eSec Forte® Technologies
Real User
Top 10
Helps reduce run-time alerts, and investigation time, and provides deep visibility
Pros and Cons
  • "The most valuable features of Prisma Cloud are its cloud security posture management and cloud workload protection capabilities."
  • "We are encountering issues with the new permissions required for AWS integration with Prisma."

What is our primary use case?

Prisma Cloud by Palo Alto Networks is a comprehensive cloud security platform that encompasses vulnerability management, container management, Kubernetes management, and serverless management. It utilizes modules, such as Cloud Workload Protection, to provide comprehensive cloud security. Before deploying any applications, Prisma Cloud performs cloud scans to identify and address vulnerabilities, minimizing potential threats. The solution provides visibility into our cloud environment, enabling us to effectively manage and monitor our infrastructure. This capability is particularly valuable in the financial industry, where hybrid multi-cloud environments are prevalent.

We use all the modules Prisma Cloud offers.

How has it helped my organization?

Prisma Cloud offers security scanning for multi-cloud and hybrid cloud environments. This is crucial because managing multiple cloud accounts, such as AWS, GCP, and Azure, typically necessitates accessing each account individually to view the inventories of assets and services. Prisma Cloud eliminates this inconvenience by consolidating all of this information into a single unified interface, providing a comprehensive overview.

The comprehensiveness enhances threat protection by providing integrated and out-of-the-box policies, along with all the necessary components, to effectively secure cloud environments and achieve comprehensive visibility through Prisma's capabilities.

The security automation capabilities of Prisma Cloud are effective. We can automatically remediate some of the alerts using predefined policies. We utilize Defender to detect vulnerabilities in our containers, AKS, and GKE environments.

Prisma Cloud has benefited our organization in so many ways that we can't count them all on our fingers. The Cloud Security Posture Management module of Prisma provides a wide range of capabilities, including visibility, governance, compliance, auto-remediation, integration with hybrid cloud environments, vulnerability reporting, and blocking capabilities. It also offers compliance reports, integration with third-party tools for vulnerability and alert notifications, and Cloud Workload Protection capabilities for blocking, alerting, and specifying affected containers or servers. Additionally, it provides visibility into code security by monitoring the Infrastructure as a Code environment for unauthorized users.

It enables a proactive approach to cloud security, allowing us to prevent vulnerabilities, threats, and complications arising in cloud or hybrid cloud environments. We can easily investigate and obtain comprehensive reports.

We spent the first five months after implementing Prisma Cloud familiarizing ourselves with the solution and completing the training sessions provided by Palo Alto. During this time, we began to see the benefits that Prisma Cloud offered our organization.

Prisma Cloud works with the CIB. Therefore, when we build and deploy something, we can incorporate a Prisma scan, which assists us in scanning the images and gaining insights into the state of our environment. It provides us with comprehensive visibility and raises alerts or triggers notifications to inform us of any missing elements or potential issues. This is how Prisma can contribute to the build and deploy phases.

It provides deep visibility and control regardless of how complex our cloud environment becomes.

Prisma Cloud enables us to integrate security into our CI/CD pipeline and it provides us with a single tool to protect all of our cloud resources.

Prisma Cloud provides run-time risk clarity throughout the entire pipeline, revealing issues as they arise. This enables us to effectively block vulnerabilities and rectify identified problems.

We have reduced run-time alerts. The run-time protection has helped many of our clients protect their environments.

Prisma Cloud has significantly reduced our investigation time. The clear visibility it provides into our environment and the process flow has streamlined our investigations. Additionally, using Prisma to investigate issues rather than directly accessing our cloud accounts saves valuable time.

What is most valuable?

The most valuable features of Prisma Cloud are its cloud security posture management and cloud workload protection capabilities. Integrating Prisma Cloud with our cloud service providers provides a comprehensive view of our multiple cloud environments through a single dashboard. This enhanced visibility improves vulnerability management and compliance. With CWP, we can gain complete visibility into all workloads within our environment.

What needs improvement?

We are encountering issues with the new permissions required for AWS integration with Prisma. Specifically, we need a mechanism to automatically identify and integrate the missing configuration permissions that are introduced on a biweekly or monthly basis. We have requested the Palo Alto team to develop this automation, and we are eagerly awaiting its implementation. We appreciate the efforts of the engineering team for their contributions.

Buyer's Guide
Prisma Cloud by Palo Alto Networks
January 2025
Learn what your peers think about Prisma Cloud by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: January 2025.
831,158 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Prisma Cloud by Palo Alto Networks for two years.

What do I think about the stability of the solution?

Prisma Cloud is a stable platform. The only downtime we experience is scheduled, and Palo Alto notifies us in advance of the scheduled outage and its duration.

What do I think about the scalability of the solution?

I would rate the scalability of Prisma Cloud a nine out of ten. I have received positive feedback from our clients indicating that Prisma Cloud is an excellent fit for their environment.

How are customer service and support?

We have repeatedly contacted technical support to address issues encountered by both ourselves and our clients. The support is helpful.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously used AWS GuardDuty for vulnerability management and compliance visibility, but it was not user-friendly due to the requirement to log into separate accounts to access reports.

How was the initial setup?

When I first started using Prisma, I found it to be very easy to learn. Several of our engineers were already familiar with Prisma Cloud and were able to help me understand how it worked, including the UI, navigation, and integration with other tools. They also showed me how to make API calls and integrate Prisma with third-party tools. Additionally, the Prisma team was incredibly helpful whenever I contacted them for assistance. They were always willing to answer my questions and help me troubleshoot any issues I was having.

What about the implementation team?

I completed the implementation myself after completing the training sessions with the Palo Alto team and attending a lab session for the Prisma Cloud deployment.

What's my experience with pricing, setup cost, and licensing?

I don't have direct access to financial information, so I'm not fully aware of the overall costs. However, I do work with clients and solution teams to provide relevant solutions. I also collaborate with the research team to explain Prisma's capabilities and its comprehensive range of features. When I see the credits and other similar programs may make Prisma's licensing costs appear lower than those of competing tools, it's important to consider the overall cost when evaluating cloud security solutions. For example, when implementing cloud security measures for CSPs or CWPs, other tools may be required, potentially leading to higher overall costs than Prisma Cloud's comprehensive solution.

What other advice do I have?

I would rate Prisma Cloud by Palo Alto Networks nine out of ten.

Prisma Cloud necessitates maintenance for both weekly and monthly updates.

My advice to new users and researchers is to delve into Prisma Cloud's capabilities and potential. Understanding the full scope of what it can do is crucial for new users. It's not just about visibility or the GUI; it's about the underlying work that engineers do, such as runtime protection, virus detection, and code security. New users should have a clear understanding of these capabilities. They should participate in sessions, practices, and labs to gain hands-on experience.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Lead- Information Security Analyst at archan.fiem.it@gmail.com
Real User
Easy to use, provides good visibility but interface isn't customizable
Pros and Cons
  • "Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them."
  • "Prisma Cloud's dashboards should be customizable. That's very important. Other similar solutions are more elastic so you have the power to create customized dashboards. In Prisma Cloud, you cannot do that."

What is our primary use case?

We primarily use Prisma Cloud as a cloud security posture management (CSPM) module. Prisma Cloud is designed to catch vulnerabilities at the config level and capture everything on a cloud workload, so we mainly use it to identify any posture management issues that we are having in our cloud workloads. We also use it as an enterprise antivirus solution, so it's a kind of endpoint security solution.

Our setup is hybrid. We use SaaS also. We mostly work in AWS but we have customers who work with GCP and Azure as well. About 60 percent of our customers use AWS, 30 percent use Azure, and the remaining 10 percent are on GCP. Prisma Cloud covers the full scope. And for XDR, we have an info technology solution that we use for the Gulf cloud. So we have the EDF solution rolled out to approximately around 500 instances right now.  

Prisma Cloud is used heavily in our all production teams. Some might not be directly using the product since our team is the service owner and we manage Prisma. Our team has around 10 members teams, and they are the primary users. From an engineering aspect, there are another 10 team members who use it basically. Those are the actual people who work hands-on with Prisma Cloud. Aside from that, there are some product teams that use Prisma indirectly. If we detect something wrong with their products, we take care of it, but I don't think they have an active account on Prisma Cloud.

How has it helped my organization?

Prisma Cloud has been helpful from a security operations perspective. When a new product is getting onboarded or we are creating a new product — specifically when we need to create a new peripheral— it's inevitable that there will be a kind of vulnerability due to posture management. Everything we produce goes through via CICD, and it's kind of automated. Still, there are some scenarios where we see some gaps. So we can discover where those gaps exist, like if someone left an open port or an instance got compromised. 

These kinds of situations are really crucial for us,  and Prisma Cloud handles them really well. We know ahead of time if a particular posture is bad and we have several accounts in the same posture. Prisma gives us a deep dive with statistics and metrics, so we know which accounts are doing bad in terms of posture, how many accounts are out of alignment with the policy strategy, how many are not compliant. Also, it helps us identify who might be doing something shady. 

So we get some good functionality overall in that dashboard. Their dashboard is not customizable, however, so that's a feature we'd like to say. At the same time, what they do provide on their dashboard is pretty helpful. It enables us to make the posture management more mature. We're able to protect against or eliminate some potential incidents that could have happened if we didn't have Prisma. 

What is most valuable?

Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them. It's really good at managing compliance. We get out-of-the-box policies for SOC 2, Fedramp, and other compliance solutions, so we do not need to tune most of the rules because they are quite compliant, useful, and don't get too many false positives. 

And in terms of Prisma Cloud's XDR solution, we do not have anything at scope at present that can give us the same in-depth visibility on the endpoint level. So if something goes bad on the endpoint, Prisma's XDR solutions can really go deep down to identify which process is doing malicious activity, what was the network connection, how many times it has been opened, and who is using that kind of solution or that kind of process. So it's a long chain and its graphical representation is also very good. We feel like we have power in our hands. We have full visibility about what is happening on an endpoint level. 

When it comes to securing new SaaS applications, Prism Cloud is good. If I had to rate it, I would say seven out of 10. It gives us really good visibility. In the cloud, if you do not know what you are working with or you do not have full visibility, you cannot protect it. It's a good solution at least to cover CSPM. We have other tools also like Qualys that take care of the vulnerability management on the A-level staff — in the operating system working staff — but when it comes to the configuration level, Prisma is the best fit for us. 

What needs improvement?

Prisma Cloud's dashboards should be customizable. That's very important. Other similar solutions are more elastic so you have the power to create customized dashboards. In Prisma Cloud, you cannot do that. Prisma also should allow users to fully automate the workflow of an identified set. Right now, it can give us a hint about what has happened and there is an option to remediate that, but for some reason, that doesn't work. 

Another pain point is integration with ticketing solutions. We need bidirectional integration of Prisma Cloud and our ticketing tool. Currently, we only have one-way integration. When an alert appears in Prisma Cloud, it shows up in our ticketing tool as well. But if someone closes that ticket in our ticketing tool, that alert doesn't resolve in Prisma Cloud. We have to do it manually each time, which is a waste of time. 

 I am not sure how much Prisma Cloud protects against zero-day threats. Those kinds of threats really work in different kinds of patterns, like identify some kind of CBE, that kind of stuff. But considering the way it works for us, I don't think it'll be able to capture a zero-day threat if it is a vulnerability because Prisma Cloud actually doesn't capture vulnerability. It captures errors in posture management. That's a different thing. I don't know if there is any zero-day that Prisma can identify in AWS instantly. Probably, we can ask them to create a custom policy, but that generally takes time. We haven't seen that kind of scenario where we actually have to handle a zero-day threat with Prisma Cloud, because that gets covered mostly by Qualys.

For how long have I used the solution?

I've been using Prisma Cloud for almost two years now.

What do I think about the stability of the solution?

Prisma Cloud is quite stable. At times, it goes down, but that's very rare. We have some tickets with them, but when we see some issues, they sort it out in no time. We do not have a lot of unplanned downtime. It happens rarely. So I think in the last year, we haven't seen anything like that.

What do I think about the scalability of the solution?

Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions.

How are customer service and support?

I think Prisma Cloud's support is quite good. I would rate them seven out of 10 overall. They have changed their teams. The last team was comparatively not as good as the one we have right now. I would rate them five out of 10, but they have improved a lot. The new team is quite helpful. When we have an issue, they take care of it personally if we do not get an answer within the terms of the SLA. We tend to escalate to them and get a prompt answer. The relationship between our management and their team is quite good as well. .

We have a biweekly or weekly call with their tech support team. We are in constant communication about issues and operating problems with them. It's kind of a collab call with their tech support team, and we have, I think, a monthly call with them as well. So whenever we have issues, we have direct access to their support portal. We create tickets and discuss issues on the call weekly.

Transitioning to the new support team was relatively easy. They switched because of the internal structure and the way they work. Most of the engineering folks work out of Dublin and we are in India. The previous team was from the western time zone. That complicated things in terms of scheduling. So I think the current team is right now in Ireland and it's in the UK time zone. That works best for us. 

How was the initial setup?

We have an engineering team that does the implementation for us, and our team specifically handles the operations once that product is set up for us. And then that product is handed over to us for the daily BA stuff accessing the security, the CSPM kind of module. We are not involved directly. When the product gets onboarded, it's handed over to us. We handle the management side, like if you need to create a new rule or you need to find teams for the rule. But the initial implementation is handled by our engineers.

What other advice do I have?

I would rate Prisma Cloud six out 10. I would recommend it if you are using AWS or anything like that. It's quite a tool and I'm impressed with how they have been improving and onboarding new features in the past one and a half years. If you have the proper logging system and can implement it properly within your architecture, it can work really well.

If you are weighing Prisma Cloud versus some CASB solution, I would say that it depends on your use case. CASBs are a different kind of approach. When someone is already using a CASB solution, that's quite a mature setup while CSPM is another side of handling security. So if someone has CASB in place and feels they don't need CSPM, then that might be true for a particular use case at a particular point in time. But also we need to think of the current use case and the level of maturity at a given point in time and consider whether the security is enough.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Prisma Cloud by Palo Alto Networks
January 2025
Learn what your peers think about Prisma Cloud by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: January 2025.
831,158 professionals have used our research since 2012.
reviewer2293101 - PeerSpot reviewer
Sr Security Engineer at a financial services firm with 201-500 employees
Real User
Great support, helps with compliance, and offers good reporting
Pros and Cons
  • "The support is excellent."
  • "The UI is good, however, they could improve the experience."

What is our primary use case?

We used a couple of modules, mostly WAFs. We use it for detection. 

We use it for our modern infrastructure, mostly run on the cloud. We use it to measure the security of cloud-native infrastructure and to calculate the risk of the applications we use and APIs we interact with. We also use it to meet compliance requirements. We have plenty of use cases for this product.

How has it helped my organization?

We really wanted to capture all of the information. To make something in-house would be too much engineering work for us. We don't have to bui;d something from scratch; this allows us to use something that is highly accurate.

We're a fintech company and we deal with a bank. Doing certain tasks manually, like logging every node, server, and container, can take six to nine months. However, if you can automate the process, you achieve the same results in a short time span to help ensure product security.

What is most valuable?

We were using common CBE for general identities.

I personally used the web application API security, WAF for in-line controls. It helps with implementing an additional layer of security to block the attacks and get alerts on vulnerabilities. I am just focusing on that side.

The support is excellent. They'll call us personally and keep us updated. It's some of the best support I've dealt with.

It's great for protecting the full cloud-native stack. Being a security engineer, I have the visibility of the solution on the infrastructure. The tool is doing a good job of automating this process and making it less time-consuming for me. I don't need to handle as many manual tasks.

There are various cloud configurations that can help you gain insights. If a threat is on the portal, it will give you insight into the cloud infrastructure to help you improve the configuration to make it more secure. In terms of threat detection, you can see different kinds of payloads coming to the API. It helps you consider fixes, like adding more validation.

It is very easy for us to generate reports and download the findings while working with the team to resolve issues.

It's good for build, deploy, and run, however, we still need to figure out how to better integrate it. We're still in the early stages of exploring this for CI/CD. 

The solution does provide the visibility and control we need regardless of how complex or distributed your cloud environment becomes. When we were using our core infrastructure previously, we didn't have the visibility, for example, on which APIs we had or were using. Now, there's a better understanding. It's helped us become more confident in our security and compliance posture. If someone comes tomorrow to audit, we can do a fast report and we can pass that over to show to compliance. It would show the risk factors and what we are monitoring. It's the first thing we would go to during an audit, to provide transparency. 

The solution provides a single tool to protect all of our cloud resources and applications without having to manage and reconcile disparate security and compliance details. It's mandatory to have a tool like this to run a fintech in India as we need to have an audit trail in order to be able to submit reports. Operationally, it's helping us stay compliant. 

We are able to enable alerts. We are using it more manually. We can see alerts on Slack. We can configure alerts as we like.

What needs improvement?

The UI is good, however, they could improve the experience. The animations on the dashboard could be better. They may already be working on an update to improve this.

We'd like to understand better how to automate between the pipeline and CI/CD. There's a bridge needed between DevOps and security. We need to understand the alerts. There seems to be a gap in DevOps that we need to reconcile. 

For how long have I used the solution?

I've been using the solution for more than six months. 

What do I think about the stability of the solution?

While running the solution, we have no issues at all. 

What do I think about the scalability of the solution?

We have Prisma installed on Google Cloud, across multiple accounts and environments. We also have data recovery in another region. I'm not sure if that is covered by Prisma. 

It's scalable. It's not difficult. In fact, it's easy. You just need to add agents to the nodes you want. 

How are customer service and support?

Technical support is great. There are two teams. One is always available. Another is creating tickets and looking into issues. Both are quite good. They are eager to support the customer. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We were using another product previously. It was called Lacework. The virtual business aspect was a reason we switched. We also wanted to have more functionality and more insight and control into APIs. The visibility was also better with Prisma. 

How was the initial setup?

The deployment was handled by the DevOps team, not the security team, which is the team I am a part of. There was a requirement to install it on every node of the infrastructure. However, my understanding is it did not take too much time. My understanding is that it was easy to install and it was done within 30 minutes to an hour. It was deployed in a very short amount of time. One person was able to deploy it; we didn't need a team. 

There may be some maintenance required. 

What's my experience with pricing, setup cost, and licensing?

I'm not sure of the licensing terms or the exact pricing. 

Which other solutions did I evaluate?

We did evaluate multiple tools. We knew what we needed the tools to do and we were comparing them all together. We realized that Prisma did a better job and decided to go with them. 

What other advice do I have?

I am a customer and end-user. 

I'm not sure if the product is useful in a multi-cloud environment. I hope it is. We just have the one cloud environment we use it in. That said, we are using it in multiple staging environments. 

We have not enabled the Code Security module. We still need to integrate in that sense with Prisma. We did do the integration with cloud infrastructure. 

For any product you choose, it's good to consider security. I'd recommend Prisma as it offers good security. 

I'd rate the solution eight out of ten. There isn't really anything missing in the product. However, there's always scope for improvement. 

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Technical Lead at a consultancy with 11-50 employees
Real User
Top 20
Provides visibility, runtime protection, and integration with the entire lifecycle
Pros and Cons
  • "The most valuable feature of Prisma Cloud for our clients is CSPM, as it helps clients gain visibility into all the assets with their cloud providers."
  • "I would rate Prisma Cloud a ten out of ten."
  • "The data security model needs improvement due to integration issues with certain features and cloud providers. With Palo Alto now utilizing a tool from an Israeli startup in Prisma Cloud, the integration is slow, and some features are blocked or not supported."
  • "The data security model needs improvement due to integration issues with certain features and cloud providers."

What is our primary use case?

I was working with a partner of Palo Alto Networks until around two months ago. I mainly worked with Prisma Cloud in the delivery line of products for projects for clients. For example, we deployed the tool for lifecycle protection for a client in Colombia.

I worked with Cloud Security Posture Management (CSPM), cloud workload protection, and the new data security module. About two years ago, for a banking client, we inserted the cloud-native firewall into Prisma Cloud.

How has it helped my organization?

Prisma Cloud supports the five major CSPs or Cloud Service Providers. Specifically, in the runtime protection mode, you can protect any workload. They are changing their approach from resource-based to application-based. Prisma Cloud now has the intelligence to understand the context and the relationship between resources and groups. 

I worked with the automation model, specifically on the features of app security, to prevent any issues from being deployed via infrastructure as code into the cloud environments. The auto-remediation feature enabled the developers to remediate issues directly in their visual editor with one click. Prisma Cloud is a good tool because it covers the software lifecycle. For example, you can use Prisma Cloud from your visual editor, such as VS Code or IntelliJ from IDEA. You can use auto-remediation to prevent any issue from being deployed into the cloud. It also provides run-time protection for all workloads. Prisma Cloud has a lot of features and modules. Its licensing model allows you to have more at less cost.

The integration with the entire lifecycle is the biggest benefit. You can use the tool to automate an internal process using the Prisma API. You can use all the data information to make business and technical decisions. It takes some time to realize its benefits. When we deploy the solution for a client, we have to wait about three to six months for it to mature to be able to make useful data database decisions.

Prisma Cloud has a lot of features. It can secure the entire cloud-native development lifecycle, across build, deploy, and run. At every step or phase, you can have specific controls to avoid the deployment of anything that can cause issues.

Prisma Cloud can reduce the risk and run-time alerts if you put the correct control at the correct stage. For one client, there was about a 30% reduction, and for another one, there was about a 50% reduction. Prisma Cloud gave us a table with the high-impact vulnerabilities. By closing one of them, we could reduce about 100 alerts.

It provides some reports, but with API access, you can get all the data to build your own reports or dashboards. The default reports and dashboards are good, but if you need some customized reports or dashboards, you can do that with the API.

What is most valuable?

The most valuable feature of Prisma Cloud for our clients is CSPM, as it helps clients gain visibility into all the assets with their cloud providers.

Additionally, runtime protection is valuable for protecting runtime environments.

The RQL feature helps to do some queries in the cloud environments.

What needs improvement?

The data security model needs improvement due to integration issues with certain features and cloud providers. With Palo Alto now utilizing a tool from an Israeli startup in Prisma Cloud, the integration is slow, and some features are blocked or not supported.

What do I think about the stability of the solution?

In the beginning, with large-scale projects, the platform was down twice, but once the issues were identified, Palo Alto applied the correct solutions to ensure high availability and scalability.

What do I think about the scalability of the solution?

The scalability of Prisma Cloud is good, covering both the front end and the back end. The entire solution is well scalable.

How are customer service and support?

Customer service is good in general. There are three levels of support. I have interacted with levels one and two, where initial contact is made and detailed information is gathered. They can respond with technical documentation or pass on the case to the next level because it requires the development of a new feature or changing a feature due to a bug.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have not used any alternative solutions such as Check Point, CrowdStrike, or Aqua Security. 

How was the initial setup?

I worked primarily with SaaS adoption and was in charge of the deployment as part of the delivery team.

The initial setup is straightforward and does not require extensive deployment efforts, except for configuring the solution and deploying agents if necessary.

The maintenance is done directly by Palo Alto. Palo Alto is in charge of deploying new releases and updating the main components. Everything is informed to the client through the status page maintained by Palo Alto.

What's my experience with pricing, setup cost, and licensing?

The pricing for Prisma Cloud is high. Providing a pay-as-you-go model or pricing options tailored for medium and small enterprises could help attract more clients.

Which other solutions did I evaluate?

In my last job, we compared Prisma Cloud to other tools, and it was ahead of the competition.

What other advice do I have?

For new users, it is important to understand the specific objectives and needs to ensure a successful implementation of the solution. They should also focus on using the data to make data-driven decisions.

I would rate Prisma Cloud a ten out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
reviewer2514021 - PeerSpot reviewer
Lead Security Engineer at a comms service provider with 10,001+ employees
Real User
Helps to improve remediation time, visibility, and control
Pros and Cons
  • "I like the scanning features provided by Prisma Cloud, including the image scan and source scan."
  • "It provides all the cloud details but is not entirely linked to the compute model."

What is our primary use case?

We use Prisma Cloud for cloud security management. We use the CSPM and compute modules.

How has it helped my organization?

Prisma Cloud provides security spanning multi and hybrid cloud environments, which is moderately essential to our organization.

The security automation capabilities help remediate vulnerabilities, which correlate to cost savings.

After a few months, the benefits of Prisma Cloud became apparent. We have begun integrating the Prisma Cloud alert or inventory module into the computing environment. This is a positive development as it enhances tool interoperability and consolidates a significant amount of previously inaccessible data.

Prisma Cloud can secure 60 to 70 percent of the entire Cloud-native development life cycle.

Prisma Cloud provides the visibility and control we need regardless of how complex or distributed our cloud environment becomes. This improves our compliance posture.

Prisma Cloud provides 70 percent of coverage in a single tool to protect our cloud resources and applications.

It has helped save our organization around 20 percent, protecting our cloud resources and applications.

Prisma Cloud compliance monitoring helps us improve our overall compliance posture.

What is most valuable?

Prisma Cloud's most valuable features are its ability to detect vulnerabilities as they occur and its CSPM function, which provides a complete inventory of assets.

I like the scanning features provided by Prisma Cloud, including the image scan and source scan.

What needs improvement?

Prisma Cloud needs to improve its reporting. If they report a Go vulnerability and claim that Prisma Defender hasn't released a patch, it won't help us. However, if they report that Prisma Defender has released a patch, that is beneficial. Reporting the Go vulnerability within Defender is ineffective because I cannot directly fix a Go vulnerability.

The integration with other tools can be improved. It provides all the cloud details but is not entirely linked to the compute model.

There needs to be more transparent communication when they will have downtime.

For how long have I used the solution?

I have been using Prisma Cloud for over two years.

What do I think about the stability of the solution?

I would rate the stability of Prisma Cloud nine out of ten.

What do I think about the scalability of the solution?

I would rate the scalability of Prisma Cloud five out of ten because it is dependent on vendor resources rather than its own. For example, image scanning is entirely reliant on us.

How are customer service and support?

The technical team requires a lot of information for every ticket we submit, and if there is ever an out-of-the-box issue, they don't respond to us or take a long time to respond.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I previously used AWS tools and Tenable products, but we switched to Prisma Cloud because of its real-time vulnerability identification.

How was the initial setup?

Initial deployment is straightforward and takes one to two hours when all required information is available. However, if complete requirements are missing, manual deployment of all agents is necessary, which is a significantly time-consuming process.

What's my experience with pricing, setup cost, and licensing?

Prisma Cloud is affordable.

What other advice do I have?

I would rate Prisma Cloud eight out of ten.

We have over 100 users.

Our environment is complex. Prisma Cloud is deployed across multiple locations using many tools.

Prisma Cloud requires a lot of maintenance for upgrades and Defender.

I would recommend Prisma Cloud to others. The scanning and runtime are one step ahead of the competition.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
reviewer1192362 - PeerSpot reviewer
Technical Program Manager at a computer software company with 10,001+ employees
Real User
At any single point of time, we can see our entire cloud posture across our environment
Pros and Cons
  • "It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state."
  • "Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures."

What is our primary use case?

We are using the solution to manage vulnerabilities in containers. We use it to detect vulnerabilities and remediate vulnerabilities found in containers running in the public cloud, like AWS.

We are using the latest version.

How has it helped my organization?

It helps us in detecting our vulnerabilities and protecting our security posture. It also provides automated remedies. We don't see this as a preventative measure, but it helps us in timely detection and remediation of our problems. This means we will not be exploited and made vulnerable to bad actors.

Prisma Cloud provides the visibility and control that we need, regardless of how complex or distributed our cloud environments become, which is very nice. We have an extremely distributed system. Prisma Cloud provides good visibility across the distribution of our system. This definitely adds to our confidence. At any single point of time, we can see our entire cloud posture across our environment, which definitely helps and gives us more confidence to use this product.

It has definitely worked. It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state. 

What is most valuable?

We have only used two of its features: vulnerability scanning and compliance. We found that the vulnerability scanning has been the most useful feature so far. It has good detection capabilities that we have been able to integrate with our CI/CD pipeline.

The solution provides the following in a single pane of glass: Cloud Workload Protection and Cloud Network Security. These are very important features because they represent some of the basic security requirements that we have to harden our infrastructure. These are non-negotiable requirements. They form some of the basic building blocks for our entire security infrastructure, which is why they are required.

What needs improvement?

Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures.

Prisma Cloud has enabled us to integrate security into our CI/CD pipeline and add touchpoints into existing DevOps processes. It is not 100 percent seamless since we still need to do some manual interventions. Because the way that we have designed our CI/CD for Prisma Cloud, the integration was neither smooth nor was it 100 percent seamless.

For how long have I used the solution?

I have been using it for a year.

What do I think about the stability of the solution?

We had some initial hiccups. Wherein, if the number of defenders increased beyond a point, we started seeing some scalable alerts and concerns. Over time they fixed it, and it is better now.

What do I think about the scalability of the solution?

It is scalable only to a particular number. Up to 10,000 defenders connecting to the console for small- to medium-sized companies is the perfect fit.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments. This is very important because we want our solutions to scale with us. We should be able to operate in all public clouds.

We have plans to increase usage. We will be using it extensively.

How are customer service and support?

The service was okay. It was an average experience. I would rate them as seven out of 10.

They respond to our needs on time. Technically, they are sound. 

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We didn't use another solution previously.

We wanted a non-SaaS, in-house solution.

How was the initial setup?

The initial setup was a bit challenging, but that is typical with any big company. It took some discussions and collaborations to get them at par to onboard us.

The deployment took three to four months.

We followed our standard CI/CD process. Defenders were deployed into the cloud through our public cloud deployment channels using CI/CD. In order to accommodate their containers, we had to make some changes

What was our ROI?

Our management is happy, so I think that they are happy with what they are paying for it.

Prisma Cloud provides risk clarity across the entire pipeline, showing issues as they are resolved. It has expedited our operations, which are definitely better. We have been able to detect things faster and remedy them faster. 

Investigation time has definitely shortened because we now know things immediately. It has generally increased the detection and alerting time.

Which other solutions did I evaluate?

We also evaluated Aqua Security.

What other advice do I have?

Focus on operationalizing the service. Don't just keep focusing on features, but also how you will deploy the solution and how it will be part of your entire CI/CD pipeline, then how will you manage all the features and the long-term running of this service. This is where you should start your focus. You can only use the features if you are doing a seamless integration, so focus your requirements on running, maintaining, and continuous use of it.

The comprehensiveness of the solution is good for securing the entire cloud-native development lifecycle, across build, deploy, and run. There is room for improvement, but it is better than other solutions. It is somewhere between seven to eight out of 10, in terms of its comprehensiveness. It doesn't affect our operations that much because we have some long-term goals and we are hoping that this solution will also deliver in that time. For the long term future, we made some changes to our design to accommodate these things.

I would rate the solution as eight out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Works at a comms service provider with 1-10 employees
Real User
It provides a lot of vulnerability data, some of which is unreliable
Pros and Cons
  • "One feature we like is the amount of data Prisma gives us. Some infrastructure and platform vulnerabilities that in the cloud are hard to detect, and we were unaware of some of these. It's critical to shed light on these. For example, you create virtual machines and forget about them, but when you revisit them, some vulnerabilities may be detected."
  • "Prisma could improve the data quality. One challenge is that when an application is deployed on multiple virtual machines, we get an alert for each machine, but the biggest challenge is container flapping. When containers go up and down, we get 100 alerts on one day, but it reports 20 the next day. The numbers keep changing, and the app owners tell us, "You reported a hundred vulnerabilities from my app, and today, you report 20. I haven't made any changes in production, so is your data correct or not?""

What is our primary use case?

We have a console set up in Prisma that scans all the cloud environments and collects data about platform, infrastructure, and app vulnerabilities.

How has it helped my organization?

We are responsible for app vulnerabilities, and 90 percent of the vulnerabilities were detected by other products before Prisma scans. Other scanners also do some of the same things. Prisma's ability to consolidate and identify the uniqueness of the vulnerability is a huge help. Based on the different scans, we can determine duplicate vulnerabilities.

Prisma provides visibility regardless of how complex or distributed my cloud environment becomes. It adds value, especially from the infrastructure and platform side. From an application perspective, there were many other challenges.

I wouldn't say we can protect everything with Prisma. It identifies the issue but doesn't resolve it. Protection is something else that we have to do in the cloud environment. 

We use Prisma to scan for vulnerabilities and place them in a centralized repository where they are assigned a severity. Based on that severity, App Runner will get time to fix it after something is already in production. 

What is most valuable?

One feature we like is the amount of data Prisma gives us. Some infrastructure and platform vulnerabilities in the cloud are hard to detect, and we were unaware of some of these. It's critical to shed light on these. For example, you create virtual machines and forget about them, but when you revisit them, some vulnerabilities may be detected. 

Prisma allows us to adopt a preventative approach. We can scan some containers before they go into cloud production. The only caveat is identifying the cloud environment in a production or non-production environment.

What needs improvement?

Prisma could improve the data quality. One challenge is that when an application is deployed on multiple virtual machines, we get an alert for each machine, but the biggest challenge is container flapping. When containers go up and down, we get 100 alerts on one day, but it reports 20 the next day. The numbers keep changing, and the app owners tell us, "You reported a hundred vulnerabilities from my app, and today, you report 20. I haven't made any changes in production, is your data correct or not?"

 Containers can go up and down, so it can't tell whether the container is down for good or if it was only down at the time of the scan. That's one of the biggest issues we had. The second is data deduplication because we get vulnerabilities from multiple sources through Prisma scans. A vulnerability is reported by Prisma scan and software composition analysis, SAS, DAST, or BLAST scans. You've got all these different scans reporting the same vulnerability. 

For how long have I used the solution?

We have used Prisma Cloud for a year and a half.

What do I think about the stability of the solution?

Often, we don't get the data for a particular console because it's down. While we're working to fix the issue, we get the previous data and all the other stuff.

What do I think about the scalability of the solution?

At my company, we have many resources, and I haven't had any issues with vulnerability. Prisma can scale vertically or horizontally very well.

What was our ROI?

I can't say whether Prisma has saved us money because that's not the goal. The objective of Prisma is to identify incidents inside the company. Reputation and data security are the two most important things to a financial institution. We spend money to prevent improper data usage or vulnerability exploitation. I don't know whether it can save money, but it protects our data.

What other advice do I have?

I rate Prisma Cloud seven out of 10. It does do a lot of things, but the data reliability and other issues make our lives more difficult. It presents more challenges than just getting the data and porting over.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Mohammed Talib Khan - PeerSpot reviewer
Cloud Security Engineer at a tech vendor with 51-200 employees
Real User
Top 20
Good visibility and monitoring with useful reporting capabilities
Pros and Cons
  • "It supports the multi-cloud environment beautifully."
  • "Sometimes we do get false alerts. That should be improved."

What is our primary use case?

I work with various modules, including CSCM, CWP, Code Security, and NS.

We use the solution for day-to-day activities, from onboarding accounts to deploying Defender to creating rules to monitoring incidents. It's used for alerts and monitoring of what happens on the workloads. 

Our customers use the solution to try to meet their compliance standards, and for audit purposes. It helps create policies. SmartCloud itself has around 2,000 policies. It can cover compliance standards around banking, for example, around workloads and data. It helps align with governing bodies' compliance standards. We can create custom policies and anyone can create workloads.

How has it helped my organization?

There are many modules that have various capabilities. We can look at the misconfiguration of cloud resources, for example. They can help with compliance as well. We get notified and get data alerts and this is automated. However, we can manage items manually as well. 

What is most valuable?

It's good for monitoring your environment for AWS.

For visibility, we can create one service account.

Regarding the assets, regarding the alerts, we get all the data. It's great for our cloud security posture and management.

It's cloud-native and is used in major cloud environments. With it, we can monitor clouds like AWS, DPP, Azure, Alibaba, and Oracle. This is important. Many customers work with various key cloud providers. They often have their resources across different cloud providers and all resources must be protected and monitored. With this product, we can monitor all the things even if they are on different clouds - and it can be done on one platform. 

The most valuable aspect of the solution is the computing part.

Prisma Cloud makes it easy to host virtual machines and cluster environments like container Kubernetes. It does this while providing a single dashboard, from which we can monitor all of the workloads and perform vulnerability scanning.

It's very good at helping us take a preventative approach to security. Many bans are using it as a cloud security tool based on the level of prevention they offer. 

It supports the multi-cloud environment beautifully. If there is any kind of anomaly, it helps alert you to it. If there are malware or brute force attack attempts, it will report that. We can both monitor and audit the system. They have their own out-of-the-box configurations or we can customize them to create our own monitoring and auditing policies. 

The solution provides us with data sessions to help gain visibility of workloads in various regions. For example, if there is a workload created just in the US region, we can see that. It will give an overview also. It supports all kinds of workloads, from host protection to Kubernetes and container environments. It even provides support for the Oracle Kubernetes environment.

It ensures that nothing impacts operations. It will block vulnerabilities or implement fixes. 

The solution provides the visibility and control you need regardless of how complex or distributed your cloud environments become. It's very easy to see the entire security posture from every angle - region, data, compliance, et cetera.

We can integrate it into our CI/CD pipelines into existing DevOps processes. We can integrate via APIs or code. When a developer is in the code and integrating, if there's a vulnerability present, or a misconfiguration, it will scan and provide data. With Terraform templates, we can create a lot of instances. With one Terraform code, we can create hundreds of instances. 

The solution helps developers go to very specific locations, to exact areas, at which point they can perform fixes. 

Overall, it provides us with a single tool to protect all of our cloud resources and applications. It's got the best features for web applications and ETL security.  By enabling data, we can monitor whatever is deployed on the cluster or on the IT environment. It provides risk clarity across the entire pipeline. For example, the vulnerability explorer gives you a view of the top critical vulnerabilities. That way, developers can see what the priorities are for what needs fixing. 

It reduces runtime alerts. They provide us with a runtime alert console. It's also reduced alert investigation time. By clicking right on the investigation, we get all the data, including the source IP and any kind of suspicious detail in the workload. We can quickly go ahead and block IP as necessary.

We're able to directly integrate alerting to tools like QRadar.

The solution has helped our customers save money. They don't have to go ahead and hire individual experts for different areas like AWS and Azure. Having everything separate can be hectic and expensive. This is centralized. YOu don't need different teams. With its user-friendly interface, you only need one or two resources to monitor the whole cloud environment.  

What needs improvement?

Prisma Cloud introduced some new permissions so we have to go and manually add that permission. It is a little bit hectic. If someone onboards single accounts they have to go through each account in that IIM role, and they have to manually add that permission. It's a manual job that takes time. It would be ideal if there was some sort of automation involved.

In scanning, it does not provide runtime protection. 

The licensing could be better. You need to deploy an agent and it would be more convenient if it was agentless, which should be possible. With agents, you are consuming the same amount of credit, yet it does not provide the same amount of features. The automation needs to be improved and included in terms of AWS onboarding. For Azure, it's good, however, with AWS it requires manual intervention. 

Sometimes we do get false alerts. That should be improved. 

For how long have I used the solution?

I've used the solution for around one year.

What do I think about the stability of the solution?

The solution is stable. There is occasionally some downtime.

What do I think about the scalability of the solution?

The solution has been scalable. 

How are customer service and support?

Technical support is strong. They have different levels of support, critical, high, medium, and low. For issues rated as a high priority, they provide assistance within one to two hours. Lower priorities may take 24 hours. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I did work with a different product previously. Often, other solutions do not have as much visibility. AWS native services, for example, are not able to monitor the workload or data of Azure. You'd need another product for that. Similarly, Defender will only monitor an Azure environment. I have not worked with something that moved across clouds like this solution does. 

How was the initial setup?

I've helped deploy the solution for five to six clients. 

In the early stages, it's a bit complex to set up due to the fact that it's new and we need to train. We need to give users a session and a POC or demo. So the complexity comes from the training and onboarding, not necessarily from the product itself.

Typically, we can deploy it in one week, and deploying it to any cloud environment would take one to two hours. After onboarding the new cloud environment, we need to create rules and integrate the ticketing tool. That might take two weeks also. There's a dependency with the cloud team in that sense, since, if you are going to integrate anything you need to schedule a call. If Defender is included, we need to deploy it manually. We'd also decide what is being automated. 

The solution does require some maintenance. On the portal, it would show whenever some maintenance is needed or if they are updating their versions. There may be maintenance downtime. The maintenance is provided by Palo Alto itself. We'd notify the customer if they need to be prepared for some downtime. 

What was our ROI?

Customers have witnessed a good ROI based on the ability to create and customize multiple policies. It helps them meet compliance and auditing requirements. 

What's my experience with pricing, setup cost, and licensing?

I don't know the exact cost; that's handled by another team. However, my understanding is that the cost is based on consumption. 

What other advice do I have?

It takes a little bit of time to create time to value for the solution. A new customer might not have any idea of a cloud's capability. Some people need training and this might be on a quarterly or monthly basis to get the customer up to speed. Once they are more knowledgeable about the solution, they can utilize its capabilities more fully.

I'd recommend the solution. It's comprehensive for securing the entire cloud-native development life cycle across the build, deploy, and run. It not only provides security protection in the runtime environment - it also covers CI/CD. We can integrate Azure DevOps or any kind of solution like Jenkins. 

For new customers, I'd recommend they take on a demo or POC. They can get a one-month license and try it out. Customers can coordinate with partners and see how it would work in their environment. If a customer has a multi-cloud environment, this is a good choice. 

I'd rate the solution nine out of ten. 

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free Prisma Cloud by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.
Updated: January 2025
Buyer's Guide
Download our free Prisma Cloud by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.