Prisma Cloud by Palo Alto Networks Reviews

Financial companies want to restrict user access, which means the users need to go through a subnet to access their services. When the user connects to the internet via the Prisma Cloud VPN, they can use different types of IP addresses globally. The changing IP addresses can be pretty complex. It costs a lot for the application site to apply for access.  

We negotiated with Palo Alto to get 20 servers, and the customers will be added to those 20 subnets. On the Spectrum Access side, we only need a white list of those twenty subnets, and we won't have issues in the future. 

The solution is managed by Palo Alto. We're using Panorama, a popular management tool, for managing the connection between the physical portal, firewall, and VPN, as well as Prisma Cloud.

The user experience is better than our previous solution. It gives us visibility into all the traffic. 

The most valuable feature is the closed VPN connection, which provides better performance than traditional VPN boxes. For example,  let's say a user in New York State normally connects in the East, but if they travel to the UK, they can connect to the same portal, which automatically redirects to any VPN gateway. We can control traffic based on Active Directory groups instead of the user's IP. That means a user in New York can access his application based on his user ID and AD group access when he travels to the UK or anywhere else.

Prisma Cloud can provide decent security across cloud environments, depending on how each company sets security policies. Prisma Cloud makes adding new users and managing access more flexible.  

I like Palo Alto's automated tool for migrating user data from other systems. We previously did this manually most of the time, but now we can update twice hourly automatically. 

During deployment, we created a tunnel from the cloud to our gateway in the data center because the users need some way to connect with the resources there, but all other traffic goes directly to the Palo Alto cloud. When the traffic goes to the Internet, sometimes it will come up with different IPs, causing some financial websites to be blocked. We needed to work with Palo Alto closely to solve this problem. 

Sometimes, when you assign subnets to regions, the IP address will jump from one location to another because it will automatically change substantially. Then, we need to add those IP subnets to our firewall for existing access. The need to update those subnets potentially causes maintenance or access issues. So far, we can only provide bigger customers with six subnets, and a small company may not be able to access those services. 

I rate Palo Alto customer service 10 out of 10. 

Positive

The migration takes time because we're typically not starting from scratch. We need to migrate everything from the existing VPN. I've used Prisma Cloud for a large financial enterprise with a complex infrastructure, and we worked on that for almost two years. It's less complicated for a mid-sized company, but the migration might take six to nine months.

It's hard to tell if there is an ROI in the short term. It may take a long time before you realize a return because there is a substantial initial investment. You can see a significant improvement in performance, but it may not necessarily save money. However, you'll ultimately improve service.

I rate Prisma Cloud nine out of 10. We would recommend it to any large global enterprise because it improves performance and offers a better user experience. It also gives you application-level control instead of regular IP address control. The latest version has many new features. So they can use the in-app Application ID and point to MAC applications instead of regular TCP/IP ports.

We use Prisma Cloud for the banking sector to check the policies as required.

Prisma Cloud provides security scanning in multi and hybrid cloud environments. This is important because customers often ask if they need certain services, such as detection, auto-remediation, and policies. AWS has all of these features, but why would a customer use anything else? The answer is that Prisma Cloud is multi-cloud, so it can monitor multiple clouds as well as on-premise networks. This is often a key requirement for customers.

Prisma Cloud can help us take a preventative approach to cloud security. It is built for developers and provides a range of features, including RQL, multi-cloud support, and endpoint detection.

Prisma Cloud provides the visibility and control we need. It properly manages all cloud assets and provides information about assets in our cloud.

Prisma Cloud provides us with a single tool to protect all our cloud resources and applications, eliminating the need to manage and reconcile disparate security and compliance reports.

Prisma Cloud provides risk clarity at runtime and throughout the entire pipeline. It also shows issues as they are discovered during the build phases.

The developers are able to correct issues using the tools they used to code.

The alert investigation time has been reduced by half an hour.

Prisma Cloud's most important feature is its auto-remediation. This feature automatically fixes security vulnerabilities in our cloud or on-premises environment. This can help us to improve our security posture and reduce our risk of a security breach.

Prisma Cloud lags behind in terms of security automation capabilities. Specifically, the investigation feature is not fully automated and requires users to know the RQL language. This can be a barrier for new users.

Prisma Cloud is not updating the real-time information on the UI for our cloud assets. It takes approximately two to three hours for the information to be updated.

I would like Palo Alto to provide a three-month free trial for Prisma Cloud.

The stability has room for improvement.

I have been using Prisma Cloud by Palo Alto Networks for two months.

Prisma Cloud is not stable except for our AWS clients.

Prisma Cloud is scalable.

The initial setup is straightforward. The deployment can take anywhere from two days to 15 days. We deploy based on the customer's requirements. 

We implement the solution for our clients.

Prisma Cloud is more expensive than Check Point CloudGuard.

I give Prisma Cloud by Palo Alto Networks an eight out of ten.

Based on an organization's basic requirements for auditing and detection, I would recommend Prisma Cloud.

The best thing I have learned about Prisma Cloud is that it is a single platform, like SIEM. This is beneficial for network engineers because it reduces the complexity of finding the cause of an issue. With Prisma Cloud, everything can be found in one place.

I'm using the main module of Prisma Cloud, which manages security at scale in cloud environments.

Prisma Cloud offers a very interactive UI that lets you work more effectively, faster, and more efficiently. It can also be used as a dashboard for querying the cloud provider since it integrates with most of the APIs of the cloud service providers. It's a very unique tool in the sense that it lets you centralize the security control of all your cloud providers.

The first aspect that is important is the fact that Prisma Cloud is cloud-agnostic. It's actually available for the five top cloud providers: AWS, GCP, Azure, Oracle, and Alibaba Cloud. 

The second aspect is the fact that we can write our own rules to try to detect misconfigurations in those environments.

And Prisma Cloud is a single tool that protects cloud resources and applications without having to manage and reconcile disparate security and compliance reports. That's the main purpose of the CSPM module of Prisma Cloud: You can manage every cloud platform, every cloud account, from a single place, which is the Prisma Cloud dashboard. It gives you a very high overview of every asset, a full site inventory. And you can see the context as well as the severity of the errors that have been raised on each service and asset that has been deployed in the cloud.

In my experience, Prisma Cloud is a valuable asset for enterprises that tend to have a lot of cloud-native applications and that wish to secure, and take control of the security posture of these applications. One of the most important considerations is that Prisma Cloud is a product from Palo Alto Networks, a company that invests heavily in cyber security. There are a lot of features that have come out over time. In the beginning, Prisma Cloud was known for its CSPM capabilities, but today, Prisma Cloud is doing a lot of things that are very beneficial for cloud-native applications.

There are a couple of things that can be enhanced. The first is the coverage that Prisma offers. Today, there are hundreds of built-in policies for AWS and Azure, but GCP and Oracle are not covered as much as AWS. There is a lot of work to do on that part. There is, obviously, a tiny bit of favoritism towards AWS because it has the most market share. It's logical, but the other cloud providers are not as well covered as AWS.

The second issue is the alerting process. Today, it does monitor the resources—and I'm only speaking on the CSPM side of things. Prisma Cloud scans the environment and checks if there are misconfigurations, but it lacks context. There is a real lack when it comes to taking into consideration how the application was designed. For example, you can have an application that is deployed with an open S3 bucket, which is one of the most basic services in AWS. Prisma will tell you that there is a high-severity alert because, with that bucket, there is a possibility of having your data extracted. But sometimes, the data inside those buckets is actually public. So, the process lacks some intelligence.

I've been using Prisma Cloud by Palo Alto Networks for 10 months.

I'm using the SaaS version which is running on Palo Alto's infrastructure, so I've never encountered instability. 

There is some patching behind Prisma Cloud when Palo Alto delivers new features so there are some "patch intervals," but most of the time, Palo Alto does notify you when something like that is coming up. It will say, "Hi. This Friday, the application will be unavailable from 6:00 PM to 7:00 PM." But it is not very disturbing at all.

Because I'm using the SaaS version, there is no issue with scalability. It all depends on the credits and the amount of money that you have put into the tool. Aside from that, you can use it to onboard any cloud account no matter how many resources are in it.

I have contacted their tech support many times, and they are pretty quick. They are very invested and proficient. I get answers within a day or two, at most.

Sometimes, when an issue becomes pretty complicated, it can span a week because it is transferred to different people.

Positive

I did not use another solution before Palo Alto.

We have definitely seen ROI in that using Prisma Cloud is an eye-opener regarding cloud security. In general, Prisma Cloud helped us see a lot of blind spots that we left when designing applications. There were a lot of security misconfigurations that we wouldn't have been able to spot without Prisma. The return on value is in the securing of the applications that we are deploying, as well as through a better understanding of the types of issues in the type of environment.

The cost is run by credits. You can allocate them as you wish, so there are no issues there. I believe the credits, licensing, et cetera, are based on the size of the enterprise that is buying the product.

There are no additional costs beyond the standard fees.

Wiz was one of the tools we looked at. I was not the only one who made the choice, but we went with Prisma because of its capabilities as well as the support. We are investing a lot in Palo Alto Networks, meaning we use a lot of their products, so we know the enterprise itself. We know the quality of their catalog of services.

My advice is to take your time before going the CSPM route. Look at your environments and inventory everything in it. There is, obviously, no shadow IT in the cloud. It's very easy to get an inventory of the resources you are running on. Get an overview and see if having a powerful CSPM at your side is really a need. There are a lot of open-source solutions that can do the job for smaller environments.

From what I understand, Palo Alto is trying to push Prisma Cloud to become more than a simple CSP tool, since it offers the ability to cover the global environment of cloud applications, such as doing scanning and infrastructure-as-code, and managing IAM, rather than doing it directly in the cloud provider. They are trying to centralize things.

It can also be used to manage containerized applications. It can do runtime security in container-based managed services of cloud providers, such as EKS (Elastic Kubernetes Service) which is a service managed by AWS. You can rely on Prisma to put an agent in such environments to monitor and supervise the security. You can also use it to scan the container images that are stored in repositories, whether they are on-premises or in the cloud. I've heard that Palo Alto is doing a lot of things like this, but as of today, I'm only using the CSPM part.

And in terms of security automation capabilities, I've used Checkov, which is the tool they are using for scanning specialized code like Terraform. In its origins, Checkov is an open-source tool and I've been using it with my clients by deploying it in CI/CD chains to scan, automatically, the code that is pushed inside repos and deployed in the cloud. But I have never used the Chekhov that is built into Prisma Cloud.

Similarly, I know Prisma offers the possibility of auto-remediation, but I have not enabled this option. It could be a bit dangerous because there is the context and a lot of things to take into consideration before blocking something, before deployment or after deployment. So, I have not used its preventive actions.

The solution provides visibility into complex or distributed cloud environments, but I can think of a couple of scenarios where clients might not think the same. It supports the top five clouds, but if you are using another cloud provider, you won't be able to use Prisma Cloud for that instance. You would be able to use the Compute module, but it would be very hard to use the CSPM capabilities on such a cloud provider since their APIs are not working with Prisma. But if you are using the most commonly used clouds, Prisma Cloud is a very valuable asset.

Prisma Cloud is a very powerful tool and it can be used in various scenarios, but it doesn't cover everything. You might choose a cloud provider that is not supported or prioritized by Prisma. If you are using Oracle Cloud or Alibaba, you might want to get another solution, maybe one that comes with better policies and a better investment in those technologies.

Aside from that, Prisma Cloud is a good solution if you are using a mainstream cloud provider. Prisma Cloud can help enhance your security posture. Because it's a Palo Alto product, you can be sure that there is a lot of maintenance behind it. The product will be able to keep up with the market. They will keep the features coming and it will continue to be a better product over time.

It is pretty easy to onboard accounts with Prisma Cloud. We use Prisma Cloud Compute and Prisma Cloud policy management. The latter is our primary solution and we use Compute to manage our container security, including threats and vulnerabilities. But we primarily focus on managing the policies for our entire cloud configs, internal threats, and network patterns.

For our market requirements, we do need several other services to be maintained for the perfect security posture. For example, one of the primary resources that we are using in our cloud is EC2 instances. That does need some primary security features, like security groups with proper closures, and proper networking with our firewalls. To make sure all of these premade configs are working, Prisma Cloud helps us to identify whenever any deployments meet up with our cloud. It is helpful with our singular architecture.

Prisma Cloud is very helpful with a full native stack. We don't want to leverage any of the resources directly. Instead, Prisma provides us with the services to automate and increase security posture without any internal agents to run it. Other products have internal agents to run with our cloud to help with the security posture of that cloud, but Prisma does not do that. It has a very simple mechanism to onboard the accounts with their console, where we can use the IAM to scan all of the accounts and identify threats and config mismatches.

The solution has also been helpful when it comes to our investigation times because we have fully automated it with our ticketing system. We use ServiceNow and whenever there are any alerts from Prisma Cloud, we have it configured so that they go directly to ServiceNow. That means the user can identify their incident and can resolve it based on the priority of service level agreements. When they do remediate an issue, Prisma Cloud will resolve the alert within Prisma Cloud and ServiceNow will close it on behalf of the user.

Prisma Cloud saves a lot of manual effort that we had to do within our cloud organization.

Prisma Cloud policy management is more valuable than Prisma Cloud Compute. While we use Compute often, we are not leveraging container security as much. We have limited resources for the containers in our cloud environment. Sooner or later, we will launch multiple container features in our cloud, but right now, we don't have much scope so we haven't had a chance to explore the Compute side much.

The solution supports multi- and hybrid-cloud environments. It has multiple cloud strategies like GCP and Azure. It has policy fixes for those cloud environments. We leverage it for AWS and it's important that we can use it for that singular platform.

Prisma Cloud also has log retention periods for the alerts and policies that are triggered, for each account. For example, my account has a specific policy that is high severity. If I need to further investigate, I can do that investigation in the upcoming 30 days. After 30 days, the logs of the triggered alert are not retained by Prisma Cloud on the Palo Alto network.

It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization.

Another feature is the automation. It has certain types of policies that can identify network-based threats, such as unusual port or protocol activities. It has tremendous machine-learning capabilities to identify patterns.

When it comes to automation and machine learning, it still needs some more work because sometimes they can give false positives.

In addition, since cloud services are coming up with new features and solutions, Prisma should also keep up with the same level of security. For example, at the previous AWS Summit, numerous services were introduced. Our businesses wanted to develop some of the services with the features in our cloud, but Prisma hasn't come up with any new APIs. Prisma needs to keep up with quick changes as soon as any cloud platform comes up with a new invention.

And one of the main backlogs in their development is in the area of integration. For example, we have ServiceNow in place for ticket management, and Prisma Cloud is supposed to send closure emails for incidents. But from time to time, it fails to do so. We have several other mismatches between Prisma Cloud and ServiceNow. So we have had to focus on incident management.

Integrations with third-party vendors, such as ServiceNow, Slack, and other ticketing tools that Prisma supports have full automation, but there are still some bugs to fix. We see failures from time to time. When our team fixes vulnerabilities or threats, they still see the incidents in place, which makes them liable to pay for SLA failures. Those kinds of things can be avoided if we have fully fledged event management integration with those tools.

They also need to increase their log retention periods to allow further investigation. Sometimes it takes time to check with asset owners and do deep investigations. Because we have numerous accounts, it can take time for asset owners to investigate each and every alert. The log retention period is one of the cons. 

I have been using Prisma Cloud by Palo Alto Networks for more than a year. I started in my role as a cloud security engineer about two and a half years ago, and Prisma Cloud is one of the CSPM solutions that we use.

I use Prisma Cloud every day. It is one of the primary tools I need to monitor and manage the security of our cloud environment. I use it very extensively and my team members use it for identifying threats and managing them with the asset owners.

In terms of performance, they have cloud releases of security features during the first week of every month. Whenever they release new policies, all of a sudden it starts to throw multiple alerts within our console. It is a bit annoying for the DevOps team, but from a security perspective, it is a useful process. But a pre-announcement or pre-testing of the alerts would be a better way for them to do this, instead of creating 50 or 100-plus alerts for our DevOps. We are suggesting better pre-testing of new policies.

It is pretty scalable. When we deploy new AWS accounts within our organization, it applies the same security posture policies to those accounts as well. We can see the security postures it recommends whenever we onboard any new accounts with our organization. The scalability is very good with the management it provides for any accounts we onboard.

Palo Alto Networks is one of the fastest-growing security products in our organization.

From time to time we experience delays in support for critical scenarios. They do have engineering teams at the backend that work with the policies. I understand that. But I'm expecting a more responsive service on their side because sometimes it can even take a week to get a response back from the engineering team.

When we go through the toll-free number to submit a case, they suggest that they are working on it, but sometimes they don't give solutions for such cases for some time.

Positive

We used AWS native security, which is Security Hub. They have their own benchmarks which we leveraged. But we wanted to see more variables with the policies to have a stricter and more secure cloud environment so we moved to Prisma Cloud.

We have been customers of Palo Alto Networks for a very long time because they have several security products, including firewalls that we use in our organization.

The deployment was very straightforward. We were able to onboard IAM policies from our AWS master account to our console with a few clicks. We were able to see that Prisma had started to onboard and ingest for alerts and asset variations within our inventory.

We have a security architect and Palo Alto has a security architect. We deployed it together with the support of a Palo Alto engineer.

When we started using Prima Cloud a year ago, we had 7,000-plus alerts. We went through many of the policies that resulted in numerous false positives and we went through the RQL (Resource Query Language) queries that were not applicable to our environment and that created false positives from their side. We reported them with the details via their case submission. They checked on them and they modified some of the alerts as a result of our request. They are progressing with their changes. We have reduced to 500-plus alerts in the past eight months and we are in good shape in terms of security posture.

Overall, I would rate Prisma Cloud at seven out of 10. It has the scalability and easy onboarding where we can onboard an organization with a few clicks and the integration part will take care of the rest. I appreciate that. But the log retention and integration with third-party solutions need improvement.

We use Prisma Cloud primarily for clients with a multi-cloud environment who require all these posture checks to be done uniformly from a single pane of glass to ensure they are in compliance. They have regulatory policies that require integration with the SIEM to generate alerts and reports. That's the primary use case for a CSPM solution. For cloud workload protection, we need vulnerability management, runtime defense, as well as image, container,  and registry scanning.

In terms of modules, we started with Redlock, the cloud security posture management component, and followed with Twistlock for cloud workload protection. Lately, I've been using Aporeto for identity-based micro-segmentation and BridgeCrew for cloud security.

Identity-based micro-segmentation allows you to create microparameters across workloads on the cloud and on-premises. You can enforce a pure wireless model through whitelisting flows in various workloads. Cloud security is primarily for core security, including SaaS and PaaS tools for scanning container images and core infrastructure. We have Terraforms, which we need to scan if we forget to remove any passwords or if there is some consideration drift between what you've configured in the IaC and what has materialized into the cloud infrastructure. 

I don't think we have had more than four or five admins for any project. We provide read-only access to the monitoring guys and custom authentication authorization privileges to a couple of users. The number of authorized users varies from plan to plan. Lots of people don't need to have access to the solution. 

Prisma Cloud helped us with compliance. Most of my deployments have been greenfield, so I don't have a benchmark to compare how the security posture has improved. I've always used this from day zero of the configuration. However, I can say that the compliance checks for PCI, DSS, HIPAA, etc., made my life simpler. I don't need to look at each of these standards and compare the rules I have in place.

It also enabled us to adopt a preventative approach to security. It gives us an option to monitor and remediate, so I don't think there is any challenge. If we see something going wrong, the solution offers a way to implement preventative controls. 

You can incorporate Prisma into DevSecOps and put it into any of the pipelines, like Jenkins and Azure DevOps. I don't think there are any challenges. You have all the ready-made plugins on these CI/CD tools, so you don't need to do or write a custom script plugin or anything. It's already available. It takes care of your end-to-end security from build to deployment and runs.

The cloud workload protection module Twistlock has ready-made plugins. Still, I don't think there was a plunging for identity-based micro-segmentation sites in the past, so we had to build a pipeline manually, I think they released a plugin for IBMS, but I never worked on it.

Prisma provides a single pane of glass for all our cloud resources to control all these different functionalities from various menus. It also helps us assess risk at runtime and throughout the whole pipeline. I have never compared Prisma with other tools, like Qualys or Tenable, so I cannot say which gives better results regarding runtime. However, I get a lot of actionable insights and suggestions from the tool about the next steps to follow.

The solution provides excellent security coverage of multi-cloud and hybrid environments. Without it, I would need to create a manual playbook for each cloud. There is a lot to maintain for each cloud, and you can't monitor from a single pane of glass. That's an administrative nightmare because you can't pull compatible reports. If I identify some compliance issues on AWS, I don't have a similar set of parameters to compare those for Google Cloud or Microsoft Azure. I definitely need this for a multi-cloud environment. 

I can get a relatively good amount of end-to-end security within the cloud. All these pieces fit together to address all my cloud needs. Of course, I don't think any vendors target security within the microservices, analytics, or data warehouse. I'm unsure because I haven't done it, but I don't think anything is missing.

It gives developers the tools they need to correct issues so they do not have to write their own scripts. Sometimes, I need an administrator to work with these developers, so it's not fully automated. Maybe I didn't find the best way to do it. Perhaps I need to find a linter or something, but there were many instances where I needed to involve someone to work with the developer. I don't think we are doing everything from the developer's end. 

Prisma also substantially reduced alert investigation times because we previously did everything by hand. We used to scan it manually, so it depended on the periodicity of scans. Earlier, we used to run scans for a couple of customers about every 15 days, and then we did the remediation. Now, all these scans run every minute or 15 minutes, so it's faster.  

Prisma's identity-based micro-segmentation is better than all its competitors. I've already evaluated Guardicore and Illumio, but Prisma stands out for the ease of configuring rules and how seamlessly it works with your cloud workloads and container environments. I used it for Kubernetes as well as K3s. I prefer Prisma's identity-based micro-segmentation. I can't think of any competitors doing this as well as Prisma Cloud.

We integrated this solution as a part of DevSecOps, so we have a dedicated pipeline for cloud workload protection. That works brilliantly. You don't need to log in to the control unless you want to do some management or full reports. I can bake in all these functionalities within the pipeline, and I can do the same for IBMS. 

As part of application security or whatever my developers are working on, I can have them bake all the configurations they need to do, like listening and patching remediation. I think it's relatively automatic, but I would consider it to be more of a DevSecOps functionality.

Prisma is the result of multiple Palo Alto acquisitions, like CWPP, Twistlock, and Aporeto. Though they are part of a single pane of glass, there is no correlation between the solutions. I don't see vulnerability scans done for tools that have been micro-segmented. 

A better correlation between the multiple products Prisma Cloud contains would be crucial. It would reduce the time spent looking at reports and enable you to get all the actionable insights across products. I think that Palo Alto is working on it, but they need to work faster because it doesn't make sense to have all these products in a single pane of glass without any correlation between them. 

At some point, things get a bit unwieldy when working with complex environments, but I don't think that challenge is unique to Prisma Cloud. It's an issue for any solution deployed in massive and complex environments. Let's say you have an enterprise with 30,000 workloads in the cloud, so it's unwieldy to have it configured for a single instance of Prisma Cloud. In that case, it would be better to segregate it across multiple tenants.

In the future, I'd like to see Palo Alto create a single consolidated agent software for workload production and identity-based micro-segmentation. Currently, I need to install two agents for the same platform to get two different functionalities. The second is maybe ease of licensing. That would also be helpful.

I have been using Prisma Cloud for nearly three and a half years.

I never faced any challenges because of internal hardware issues or the agent. Because I've always worked on the cloud-managed version, we have never faced any problems with the functionality. We did have a couple of hangups with the user and administrator onboarding and privileges, but I don't think that affects the functionality of the overall product.

The product itself is scalable, but it can become unwieldy from the administrative side of things. I can push Prisma Cloud out for 10,000 workloads, but the reporting and management would be a bit difficult. I prefer to have it segmented across multiple tenants, but it's somewhat complicated. 

I rate Palo Alto support a nine out of ten. My company is a CPSP partner with premium support, so I can't speak to the typical support experience. Even if we don't raise a ticket, we have an internal account manager to take care of all this. 

Positive

Redlock was the original company doing CSPM, so I got into Prisma Cloud because they acquired Redlock. I previously used  Qualys and Tenable for vulnerability management. I thought putting the CSPM and cloud workload protection pieces of Prisma Cloud under one roof would simplify my life.

Also, all these are cloud-managed and take care of the end-to-end requirements for cloud workloads. Qualys and Tenable have all these vulnerability management capabilities, but they might lack some native remediation capabilities. It's not that the other products are falling short, but I need that consolidated single pane of glass for cloud security. 

Setting up Prisma Cloud is straightforward. You get an activation email and deploy a couple of scripts. I work for a consulting firm that is a CPSP partner. All I needed to do is email Palo Alto with a bill of material describing our environment and the components, and then we get the activation email. After that, I followed the self-service enrollment steps, and it's running. Depending on your environment, you need to install all these applications. It's a seamless onboarding experience.

The total deployment time varies depending on the client because some of them have restrictions. One mid-sized company with around 700 workloads took less than three weeks. However, we needed to do a step-by-step approach for some, moving from the on-premises environment to the cloud and from dev to production. Those deployments took a couple of months.

Usually, the deployment requires no more than two or three people, but it depends on the approach. One should be enough if it's a batch approach. I've been doing this alone for a lot of my clients. In some situations, if you may need some help troubleshooting an app that isn't working, or the client may need someone with specialized expertise. It also depends on the client's size. At most, you'll need a half-dozen.

It's a costly solution, so we spend a lot on the licenses. At the same time, we can perform compliance checks, external audits, etc., faster because we have all the right pieces in place. That definitely helped, but I've never calculated the total cost of ownership or return on investment.

Prisma Cloud Enterprise is a costly solution. You need a license for all the components. At the same time, you have everything under one roof, so I think it's still justified. 

I rate Prisma Cloud an eight out of ten. I deduct a couple of points because I would still like to see all the products in the platform correlated. They should also do away with the need to install multiple agents for various functionalities or burn it all down into a single agent that takes care of it.

My advice is to start early if you are moving from on-premises to a hybrid or cloud environment. Implement Prisma Cloud as soon as possible, especially for greenfield deployments. This isn't a problem with Prisma Access, but it's usually a challenge. You need time to customize your rules and tailor them to your setup. 

The second recommendation I have is for Prisma Cloud Compute, the cloud workload protection piece. It's available in self-managed and cloud versions. You should opt for the cloud-managed version because you can get two single-cloud platforms. 

We use Prisma Cloud to check for vulnerabilities and handle integration with the Azure Cloud.

Prisma benefits the company by securing our infrastructure and monitoring the logs. We realized the benefits immediately. For example, our Windows Server went down the other day, and Prisma Cloud quickly caught it. 

It has helped us build confidence in our security and compliance. Prisma Cloud enables us to implement all these SOC 2 compliances and check the security. It provides visibility and control regardless of how complex our environment is. 

Prisma Cloud offers a single tool for checking all this information. It's saved us time and money, reducing the time we spend on these tasks by around 10 percent. It also decreased our runtime alerts by 10 percent. 

I like Prisma's identity and access management features. The AI event-driven model has helped us a lot.

The cloud integration is too complex. It should be simple to integrate Prisma Cloud with any cloud environment. Policy management could also be simpler. 

I have used Prisma Cloud for two years.

I rate Prisma Cloud 10 out of 10 for stability.

I rate Prisma Cloud nine out of 10 for scalability. 

I rate Palo Alto support seven out of 10. 

Neutral

We previously used FortiGate, FortiAnalyzer, and FortiCloud, but management decided to switch to Palo Alto. 

Deploying Prisma Cloud can be straightforward or complex, depending on the client. Previously, I worked for a managed service provider. We have multiple clients on the cloud, so it depends on the client's situation. We mostly work for large enterprises and some SMEs. It takes around a week to deploy by a team consisting of me and two or three managed service engineers. 

I rate Palo Alto Prisma Cloud eight out of 10. I would recommend it to large enterprises. 

I was managing Prisma Cloud for a client. They were scanning container images for vulnerabilities and remediation.

Prisma Cloud is a terrific resource for preventing security concerns, from breaches to malware. They provide a compliance index, which is an excellent feature. Prisma Cloud provides visibility into and control over complex cloud environments. It could provide more awareness about the need to implement different types of benchmarks. Prisma helped our governance evolve. It enabled us to build more policies and determine where we needed exceptions.

We could use Prisma to integrate security into our client's CI/CD pipeline and add touchpoints to existing DevOps processes. However, the touchpoints weren't as seamless as we would've liked. It was a little tricky because they were moving to two different types of cloud accounts. They had to decide whether to use Prisma Cloud or another tool for those new cloud accounts. It's a difficult question because they were doing a lot of cleanup for PTS and moving to the more recent version of AKS. It depends on the strategy.

The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid.

Prisma Cloud provides security across multi-cloud and hybrid environments. My client was migrating to Azure, but it's great for anyone with a hybrid environment. Prisma offers visibility to developers and high-level leadership because the dashboard is excellent and the alerts are comprehensive. You can understand it even if you don't know all the technical terms. For example, when I wanted them to use another feature that would've been beneficial, I could demonstrate it to them visually so they could understand. 

The automation is a mixed bag. Sometimes you'll run into issues while mitigating various vulnerabilities, and it's still a manual process. You can automate with an API, but it depends on the corporate policies for containers. You have the option. However, it's still a struggle, but that's not necessarily due to Prisma Cloud. You have many workloads in the pipeline, and things are constantly being repaved. The containers are up and down, and the environment changes continuously, so many things are hard to automate. It's possible if you put the work into it.

Prisma can comprehensively protect a cloud-native development environment. You must also consider cloud security posture management. That's where infrastructure-as-code comes into play. You must ensure that you're utilizing the alert feature in the dashboard for the analytics. If you're not, then you need to integrate something else. The client wasn't using CSPM, but it was on the roadmap. They didn't because they're moving to an Azure environment. 

Prisma is good about compliance, and their support is excellent, but they struggle with automation and integration. They need to stay on top of the newest types of connectors. How can you connect other applications and other tools in order for this to work cohesively? That's a challenge.

I've been managing that solution for a year.

Prisma Cloud is solid. 

Prisma Cloud is highly scalable. 

I rate Palo Alto's support an eight out of ten. 

Positive

I don't think Prisma saved this organization any money, but it could have. They didn't know how to optimize Prisma Cloud. I was trying to help them do that, but they had other high-level projects that got in the way. They needed to consider their budgets and which Prisma features they wanted to use.

If they were to build out those use cases and map out anything involving governance and compliance, they would find that this tool could save them lots of money. If Prisma Cloud is optimized, it's an excellent tool that isn't as costly as some think. You need to invest time and effort to determine the number of cloud accounts you're connecting and how many containers you expect to stand up.

Once you're more aware of how to optimize Prisma, you can determine how many credits you need. It's all based on credits, which will be expensive if you purchase too many credits. This client bought more credits than they needed. I told them it was unnecessary because somebody in the DevOps team decided they were going to push everything to the dev environment needlessly. They crossed a threshold that didn't need to happen and panicked. A strategy to optimize costs will save you money.

I rate Prisma Cloud a nine out of ten. Before implementing Prisma, research the different features and look at your current tools to identify the gaps. What is not meeting your compliance needs? What policies do you have, and how can Prisma align with the strategy?

We use Prisma Cloud by Palo Alto Networks for our cloud security posture management.

Prisma Cloud by Palo Alto Networks has multiple aspects that help protect the full cloud-native stack. We are not concerned with just one cloud at the enterprise level; we are focused on the multiple cloud environments we have. The solution provides us with a comprehensive dashboard and a comprehensive view of our cloud security posture. Furthermore, the solution not only covers the security posture but also informs us of our compliance with leading industry standards.

The solution does have security automation capabilities, but we do not use much of it in this case. We use automation for the alerts; if there are any misconfigurations, the alerts are automated. However, we do not mitigate any specific items using automation, as that is something we have not configured. We prefer to first look at the problem manually, and then take action against it.

There is no single comprehensive cloud security solution. We will need to use multiple tools, such as those offered by Palo Alto Networks and Check Point. Every security firm has a range of products, so if we consider all of them, we can have anti-virus, anti-malware, vulnerability assessment solutions, EDP software, and cloud security posture management. We need to evaluate each tool, and Prisma and Check Point both offer good solutions, including next-generation firewalls.

The solution provides the visibility and control we need, regardless of how complex or distributed our cloud environment becomes.

The solution can enable us to incorporate security into our CI/CD pipeline and add checkpoints to existing DevOps processes. From an automation standpoint, we enabled certain monitoring features. However, the remediation steps are still manual. This can be integrated into our DevOps pipeline, though some of the features are not being used as we prefer to keep it manual.

The solution provides us with a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

The solution reduced runtime alerts. We don't need to receive all the runtime alerts every time, as they will overwhelm us with messages. People often neglect this. Depending on the situation, generally, only very important alerts should be sent. I prefer that the solution be configured for when there is a major business impact. For minor alerts and notifications, we can still check the dashboard. Generally, we monitor the dashboards at certain times. We don't need to be alerted for everything, as this will defeat the purpose of this mechanism.

The solution significantly improved the time taken to investigate alerts by 40 percent with the alert monitoring and all its mechanisms, we receive our critical alerts quickly via email. We can even configure the remediation, although we have not done so yet. 

I appreciate the multi-cloud support that this solution provides; I can use it with AWS, Microsoft Azure, and Google Cloud. I find the ability to configure alerts and monitor misconfigurations in the cloud to be particularly useful, and we take advantage of this feature as well.

Prisma Cloud by Palo Alto Networks is an impressive solution. The solution continuously assesses our security posture, making it the ideal preventive measure. If any misconfigurations occur, I am immediately notified of any unnecessary ports that are open in my cloud. This alerting system allows me to take the necessary steps to secure it before any attack can occur, making it the best preventive measure for our cloud.

I now extensively use cloud security posture management. There needs to be a mechanism that allows me to manually configure compliance more easily. Currently, it requires programming knowledge, so if someone without hardware programming knowledge could customize certain features to their requirements, it would be very helpful.

I have been using the solution for five months.

The solution is stable because it is a SaaS offering.

Nowadays, all cloud solutions are scalable; scalability should be a given feature and does not need to be asked for.

A maximum of ten people have administrative-level access, which will be used by 50 to 60 Security Operations Center personnel. This personnel must log in with various role-based access rights. In total, we have around 70 people using the solution.

In my previous project, we had a dedicated team associated with the account, so we did not have to pay for support. This was beneficial because, most of the time, we would go to our account team instead of the technical support, and our issues would be resolved quickly.

Positive

The initial setup is seamless. We only need to integrate our API key and connect it.

The deployment took one hour.

I can see one return on investment due to continuous monitoring. Before, we had a few staff members who monitored our environment, but now the alerting and other processes happen automatically, so there is a good ROI in terms of resources. Additionally, the security posture of the environment is increased and fewer incidents occur, which improves our response time and resource efficiency. There are also indirect ROIs.

The pricing is competitive; for the most part, the security firms have similar prices. Therefore, I believe it is competitive and a good investment. The solution is good quality, so I would not hesitate to invest in Prisma Cloud by Palo Alto Networks.

I give the solution a nine out of ten.

I absolutely recommend Prisma Cloud by Palo Alto Networks at an enterprise level because the solution is an enterprise-grade product.