Prisma Cloud by Palo Alto Networks Reviews

Our use case for the solution is monitoring our cloud configurations for security. That use case, itself, is huge. We use the tool to monitor security configuration of our AWS and Azure clouds. Security configurations can include storage, networking, IAM, and monitoring of malicious traffic that it detects.

We have about 50 users and most of them use it to review their own resources.

If, for a certain environment, someone configures a connection to the internet, like Windows RDP, which is not allowed in our environment, we immediately get an alert that says, "Hey, there's been a configuration of Windows Remote Desktop Protocol, and it's connected directly to the internet." Because that violates our policy, and it's also not something we desire, we will immediately reach out to have that connection taken down.

We're also integrating it into our CI/CD pipeline. There are parts we've integrated already, but we haven't done so completely. For example, we've integrated container scanning into the CI/CD. When they build a container into the pipeline, it's automatically deployed and the results come back to our console where we're monitoring it. The beauty of it is that we give our developers access to this information. That way, as they build, they actually get near real-time alerting that says, "This configuration is good. This configuration is bad." We have found that very helpful because it provides instant feedback to the development team. Instead of doing a review later on where they find out, "Oh, this is not good," they already know: "Oh, we should not configure it this way, let's configure it more securely another way." They know because the alerts are in near real-time.

That's part of our strategy. We want to bring this information as close to the DevOps team as possible. That's where we feel the greatest benefit can be achieved. The near real-time feedback on what they're doing means they can correct it there, versus several days down the road when they've already forgotten what they did.

And where we have integrated it into our CI/CD pipeline, I am able to view vulnerabilities through our different stages of development.

It has enhanced collaboration between our DevOps and SecOps teams by being very transparent. Whatever we see, we want them to see. That's our strategy. Whatever we in security know, we want them to know, because it's a collaborative effort. We all need each other to get things fixed. If they're configuring something and it comes to us, we want them to see it. And our expectation is that, hopefully, they've fixed it by the time we contact them. Once they have fixed it, the alert goes away. Hopefully, it means that everyone has less to do.

We also use the solution's ability to filter alerts by levels of security. Within our cloud, we have accounts that are managed and certain groups are responsible. We're able to direct the learning and the reporting to the people who are managing those groups or those cloud accounts. The ability to filter alerts by levels of security definitely helps our team to understand which situations are the most critical. They're rated by high, medium, and low. Of course we go after the "highs" and tell them to fix them immediately, or as close to immediately as possible. We send the "mediums" and "lows" to tickets. In some instances, they've already fixed them because they've seen the issue and know we'll be knocking on the door. They realize, "Oh, we need to fix this or else we're going to get a ticket." They want to do it the right way and this gives them the information to enable them to make the proper configuration.

Prisma Cloud also provides the data needed to pinpoint root cause and prevent an issue from occurring again. When there's an alert and an issue, in the event it tells you how to fix it. It will say, "Go to this, click on this, do this, do that." It will tell you why you got the alert and how to fix it.

In addition, the solution’s ability to show issues as they are discovered during the build phases is really good. We have different environments. Our low environments are dev, QA, and integrations, environments that don't have any data. And then we have the upper environment which actually has production data. There's a gradual progression as we go from the lower environments and eventually, hopefully, they figure out what to do, and then go into the upper environment. We see the alerts come in and we see how they're configuring things. It gives us good feedback through the whole life cycle as they're developing a product. We see that in near real-time through the whole development cycle.

I don't know if the solution reduces runtime alerts, but its monitoring helps us to be more aware of vulnerabilities that come in the stack. Attackers may be using new vulnerabilities and Prisma Cloud has increased the visibility of any new runtime alerts.

It does reduce alert investigation times because of the information that the alerts give us. When we get an alert, it will tell us the source, where it comes from. We're able to identify things because it uses a protocol called a NetFlow. It tracks the network traffic for us and says, "This alert is generated because these attackers are generating alerts," or "It's coming internally from these devices," and it names them. For example, we run vulnerability scanning weekly in our environment to scan for weaknesses and report on them. At times, a vulnerability scanner may trigger an alert in Prisma. Prisma will say, "Oh yeah, something is scanning your environment." We're able to use this Prisma information to identify the resources that have been scanning our environment. We're able to identify that really quickly as our vulnerability scanner and we're able to dismiss it, based on the information that Prisma provides. Prisma also provides the name or ID of a particular service or user that may have triggered an alert. We are able to reach out to that individual to say, "Hey, is this you?" because of the information provided by Prisma, without having to look into tons of logs to identify who it was.

Per day, because Prisma gives us the information and we don't have to do individual research, it saves us at least one to two hours, easily and probably more. 

One of the most valuable features is monitoring of configurations for our cloud, because cloud configurations can be done in hundreds of ways. We use this tool to ensure that those configurations do not present a security risk by providing overly excessive rights or that they punch a hole that we're not aware of into the internet.

One of the strengths of this tool is because we, as a security team, are not configuring everything. We have a decentralized DevOps model, so we depend on individual groups to configure their environments for their development and product needs. That means we're not aware of exactly what they're doing because we're not there all the time. However, we are alerted to things such as if they open up a connection to the internet that's bringing traffic in. We can then ask questions, like, "Why do you need that? Did you secure it properly?" We have found it to be highly beneficial for monitoring those configurations across teams and our DevOps environment.

We're not only using the configuration, but also the containers, the container security, and the serverless function. Prisma will look to see that a configuration is done in a particular, secure pattern. When it's not done in that particular pattern, it gives us an alert that is either high, medium, or low. Based on those alerts, we then contact the owners of those environments and work with them on remediating the alerts. We also advise them on their weaker-than-desirable configuration and they fix it. We have people who are monitoring this on a regular basis and who reach out to the different DevOps groups.

It scans our containers in real time. Also, as they're built, it's looking into the container repository where the images are built, telling us ahead of time, "You have vulnerabilities here, and you should update this code before you deploy." And once it's deployed, it's scanning for vulnerabilities that are in production as the container is running. And we're also moving into serverless, where it runs off of codes, like Azure Functions and AWS Lambdas, which is a strip line of code. We're using Prisma for monitoring that too, making sure that the serverless is also configured correctly and that we don't have commands and functions in there that are overly permissive.

The challenge that Palo Alto and Prisma have is that, at times, the instructions in an event are a little bit dated and they're not usable. That doesn't apply to all the instructions, but there are times where, for example, the Microsoft or the Amazon side has made some changes and Palo Alto or Prisma was not aware of them. So as we try to remediate an alert in such a case, the instructions absolutely do not work. Then we open up a ticket and they'll reply, "Oh yeah, the API for so-and-so vendor changed and we'll have to work with them on that." That area could be done a little better.

One additional feature I'd like to see is more of a focus on API security. API security is an area that is definitely growing, because almost every web application has tons of APIs connecting to other web applications with tons of APIs. That's a huge area and I'd love to see a little bit more growth in that area. For example, when it comes to the monitoring of APIs within the clouded environment, who has access to the APIs? How old are the APIs' keys? How often are those APIs accessed? That would be good to know because they could be APIs that are never really accessed and maybe we should get rid of them. Also, what roles are attached to those APIs? And where are they connected to which resources? An audit and inventory of the use of APIs would be helpful.

I've been using Palo Alto Prisma for about a year and a half.

It's a stable solution.

The scalability is "average".

Palo Alto's technical support for this solution is okay.

We did not have a previous solution. It was the same solution called Redlock, which was then purchased by Palo Alto.

The initial setup took a day or two and was fairly straightforward.

As for our implementation strategy, it was 

• add in the cloud accounts
• set up alerting
• fine tune the alerts
  
• create process to respond to alerts
• edit the policies.

In terms of maintenance, one FTE would be preferable, but we do not have that.

We implemented it ourselves, with support from Prisma.

One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process.

For example, when they brought in containers, we were able to utilize containers because it goes against our current allocation of work units. We were immediately able to do piloting on that. We're very appreciative of that kind of model. Traditionally, other models mean that they come out with a new product and we have to go through procurement and ask, "Can I have this?" You install it, or you put in the key, you activate it, and then you go through a whole process again. But this way, with Prisma, we're able to quickly assess the new capabilities and see if we want to use them or not. For containers, for example, we could just say, "Hey, this is not something we want to spend our work units on." And you just don't add anything to the containers. That's it.

The biggest lesson I have learned while using the solution is that you need to tune it well.

The Prisma tool offers a lot of functionality and a lot of configuration. It's a very powerful tool with a lot of features. For people who want to use this product, I would say it's definitely a good product to use. But please be aware also, that because it's so feature rich, to do it right and to use all the functionality, you need somebody with a dedicated amount of time to manage it. It's not complicated, but it will certainly take time for dedicated resources to fully utilize all that Prisma has to offer. Ideally, you should be prepared to assign someone as an SME to learn it and have that person teach others on the team.

I would rate Prisma Cloud at nine out of 10, compared to what's out there.

We use the GlobalProtect module within Prisma Cloud to ensure the security of our mobile users.

Prisma Cloud provides security spanning for multi and hybrid cloud environments.

It includes automation capabilities that we can deploy if the environment is suitable.

Prisma Cloud has enabled us to migrate from multiple vendors, creating a more user-friendly experience for everyone.

Prisma Cloud enhances the security of our cloud-native development lifecycle from start to finish.

One of the advantages of Prisma Cloud's GlobalProtect module is that it provides a centralized tool for monitoring applications, user connections, and latency. Additionally, it allows us to track the percentage of availability.

Prisma Cloud saves the equivalent time of one full-time employee.

The most valuable aspect of Prisma Cloud compared to other VPNs is its security and performance.

In the GlobalProtect module, we can easily guide users experiencing connection issues through the notification column. Within that column, we can submit and escalate notifications on host entries for troubleshooting purposes. Additionally, we can troubleshoot by collecting direct logs during user data connections. On the security front, we have a wide range of SaaS-based items at our disposal. Using Prisma Cloud, we can send internet-based reminders about the option to create a VPN tunnel internally.

Palo Alto needs to add more support staff to improve their response time.

I have been using Prisma Cloud by Palo Alto Networks for two years.

I would rate the stability of Prisma Cloud ten out of ten.

I would rate the scalability of Prisma Cloud ten out of ten.

The support response time is slow, with resolutions sometimes taking up to two days.

Neutral

The initial deployment is straightforward. I have experience with two deployments. In my previous job, the deployment took six months to complete. Currently, we have 15 tenants to deploy and have successfully deployed ten within the first seven months.

The price for Prisma Cloud is reasonable.

I would rate Prisma Cloud by Palo Alto Networks eight out of ten. However, the delay in support time negatively impacts my overall assessment.

We have 90,000 accounts and have already migrated 50,000 users over to GlobalProtect.

Palo Alto does the maintenance.

I recommend Prisma Cloud to others, as long as the solution meets their requirements for cost, support, and number of locations.

Our enterprise customers tend to use it for compliance. 

A big drive towards Prisma Cloud came during COVID-19 when many organizations were moving away from traditional VPNs. There was a drive to facilitate people working from home, and traditional VPNs were not the right solution for large customers who had a huge amount of staff working from home. Prisma Cloud offered multiple solutions that facilitated the ability to work securely from anywhere. That was one of the big things, and that continues to be a big thing today.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments. That is what its big strength is.

It is one of the most comprehensive solutions available. If you compare it with the likes of Netskope and Skyhigh, Prisma Cloud is fairly similar in terms of features and depths of features. Automation capability is built in. It has got extensive logging. Automation is there, but it is not extensive. You can combine it with other tools like XO. The integration capability is already strong. That itself makes it a good contender.

Prisma Cloud takes away a lot of manual work for our clients. It has reduced costs by not having to work with pre-COVID-19 traditional networking scenarios. It has given them the ability to have staff working securely from anywhere on the globe. I do not have the metrics for cost savings, but all customers who bought the solution from us say that it has reduced their costs. Over the last three years, we have not had a customer who has not renewed, and it is based on the reduced costs.

As long as it is set up correctly and it is integrated correctly with the SOAR and the SIEM components, it provides very good visibility. It is a very good enterprise solution. No one toolset or platform can protect every single cloud resource, but it can cover a lot of cloud resources.

They claim to secure the entire cloud-native development lifecycle, across build, deploy, and run, but I am not 100% sure. It probably can do 80% of the job.

Visibility is a key feature. Integration with other technologies across the board, whether they are Palo Alto technologies, Windows technologies, or cloud technologies, is probably the biggest thing.

They can improve the integrations into the SDLC lifecycle.

Their support is good. I would rate the Palo Alto technical team an 8 out of 10.

Positive

It is not easy, and it has to be well-planned. You need good skills to deploy any of these tools, but that is the same for many solutions. These platforms are complex, and it is important to understand exactly what outcome you want when you are deploying any tool like this. 

The deployment duration depends on the size of the environment. It can take anywhere from two weeks to four or five months depending on the size of the environment and the complexity of the environment. Some customers have a very simple setup in Azure only or in AWS only. It is very quick to deploy. Other customers have complex hardware environments where they are in the process of migrating to the cloud. Those implementations typically take much longer. It depends on how many global offices they have.

It is an expensive tool. It is not cheap technology. It is a serious investment for any customer. Customers typically buy it together with services. In my experience, customers buying Prisma Cloud are prepared to pay for the implementation and the tool itself.

Overall, I would rate Prisma Cloud an 8 out of 10.

The main reason why we are using Prisma Cloud is to identify any compliance issues. We have certain compliance requirements across our different resources, such as something should be completely inaccessible, logging should be enabled, and certain features should be enabled. So, we are using it to identify any such gaps in our cloud deployment. Basically, we are using it as a Cloud Security for Posture Management (CSPM) tool.

It is a SaaS solution. 

One of the things that we have been able to do with Prisma Cloud is that we have been able to generate real-time alerts and share them with our technology team. For certain resources, such as databases, we have certain P1 requirements that need to be fulfilled before our resource goes live. With Prisma, if we identify any such resource, then we just raise an alert directly with the support team, and the support team gets working on it. So, the turnaround time between us identifying a security gap and then closing it has gone down drastically, especially with respect to a few of the resources for which we have been able to put this plan into motion. We have reduced the timeline by 30%. That's because the phase of us identifying the gaps manually and then highlighting them to the team is gone, but the team still needs to remediate them. Of course, there is a provision in Prisma Cloud where I can reduce it further by allowing auto-remediate, but that is not something that we have gone for as an organization.

We are using it to find any gaps, create custom policies, or search in our cloud because even on the cloud portal, you don't get all the details readily available. With Prisma, you have the capability of searching for whatever you're looking for from a cloud perspective. It gives you easy access to all the resources for you to find any attribute or specific values that you're looking for in an attribute. Based on my experience with Azure and Prisma, search becomes much easier via Prisma than via your cloud.

As a pure-play CSPM, it is pretty good. From the data exposure perspective, Prisma Cloud does a fairly good job. Purely from the perspective of reading the conflicts, it is able to highlight any data exposures that I might be having.

There are two main things that Palo Alto should look into. The first is the reporting piece, and the second one is the support. 

Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into.

Their support needs to be improved. It is by far one of the worst support that I have seen.

We are using Azure Cloud. With AWS, Prisma is a lot more in-depth, but with Azure, it's still developing. There are certain APIs that Prisma is currently not able to read. Similarly, there were certain APIs that it was not able to read six months ago, but now, it is able to review those APIs, top-up resources, and give us proper security around that. Function apps were one of those things that were not there six months ago, but they are there now. So, it is still improving in terms of Azure. It is much more advance when it comes to AWS, but unfortunately, we are not using AWS. A problem for us is that in terms of protecting data, one of the key concepts is the identification of sensitive data, but this feature is currently not enabled for Azure. This feature is there for AWS, and it is able to read your S3 buckets in the case of AWS, but for Azure, it is currently not able to do any identification of your storage accounts or read data on the storage to give security around that. So, that is one of the weak points right now. So, from a data exfiltration perspective, it needs some improvement.

It is currently lacking in terms of network profiles. It is able to identify new resources, and we do get continuous alerts from Prisma when there is an issue, but there have been a few issues or glitches. I had raised a case with Palo Alto support, but the ticket was not going anywhere, so I just closed the ticket. From a network security group's point of view, we had found certain issues where it was not able to perform its function properly when it comes to the network profile. Apart from that, it has been working seamlessly. 

I've been using Prisma Cloud for around six months.

It is a stable platform. Especially with it being a SaaS platform, it just has to make API calls to the customers' cloud portals. I haven't found any issues with regard to stability, and I don't foresee any issues with stability based on the architecture that Prisma has.

It is pretty scalable. The only limitation is the licensing. Otherwise, everything is on the cloud, and I don't see any challenges with respect to scalability. I would consider it as a scalable solution.

Currently, there are around eight to 10 people who are working with Prisma, but we are still bringing it up to maturity. So, majorly, I and a couple of my colleagues are working with Prisma. The others have the account, but they are not active with respect to Prisma. Almost all of us are from InfoSec.

The support from Palo Alto needs to be improved a lot. It is by far one of the worst support services that I have seen. It takes a lot of time for them to come back, and nothing conclusive happens on the ticket as well. 

There was a ticket for which I called them for three months, and nothing was happening on that ticket. They were just gathering evidence that I had already shared. They asked for it again and again, and I got frustrated and just closed the ticket because I was just wasting my time. I was not getting any response. There was no progress that I was seeing in getting my issue getting resolved even after three months. This is not just for one ticket. There have been a couple of other tickets where I've faced similar issues with Palo Alto. So, support is definitely something that they should look into. 

Today, I won't recommend Palo Alto Prisma to someone because I'm not confident about their support. Their support is tricky. I would rate them a three or four out of 10. They are polite and have good communication skills, but my requirement from the support team is not getting fulfilled.

We haven't used any other product. 

I've been involved with the entire implementation of Prisma Cloud. I've manually done the implementation of Prisma in my current organization in terms of fine-tuning the policies, reviewing the policies, and basically bringing it up to maturity. We have not yet achieved maturity with the product. We have also encountered some problems with the product because of which the implementation has been a bit delayed.

The integration piece is pretty straightforward. In terms of the availability of the documentation, there is no issue. If you reach the right document, your issue gets resolved automatically, and you don't have to go to the support team. That was pretty smooth for me.

The initial integration barely took half a day. You just have to make some changes on your cloud platform, get the keys, and just put the keys manually. We had a lot of subscriptions, and when we were doing the integration, tenant-level integration was not available. So, I had to manually integrate or rather onboard each subscription. That's the reason why it took me half a day. It might have even been just a couple of hours.

As of now, we have not seen an ROI because we are not yet mature. We have not yet reached the maturity level that we want to reach.

My colleague had reviewed other solutions like Aqua and Cloudvisory. One of the reasons for selecting Prisma was that we have planned a multi-cloud approach, and based on our analysis, we felt that Prisma will be better suited for our feature requirements. The other reason was that we already have quite a few Palo Alto products in our environment, so we just thought that it will be easier for us to do integrations with Prisma. So, these were the two key reasons for that decision.

Currently, there are not many options to choose from across different products. So, from that perspective, Prisma is pretty decent. It works how CSPMs are supposed to work. They have to read up the config, and then throw you an alert if they find any misconfiguration. So, from that perspective, I didn't find it to be that different from other CSPMs. The integration pieces and other things are pretty simple in Prisma Cloud, which is something that we can take into account when comparing it with others.

I would recommend others to consider a CSPM product, whether they go with Prisma or another flavor of CSPM. It also depends on the deployment that the organization has, the use case, and the budget. For an organization similar to mine, I would definitely recommend going for CSPM and Palo Alto Firewall.

I would advise others to not go with the higher level of Prisma support. They should go for third-party professional services because, in my experience, they have a better understanding of the product than the Prisma support team. Currently, we have one of higher levels of support, and we are not getting the return on that support. If we go for a lower tier of support, we save that money and give it to a third-party professional service. That would be a better return on investment.

Prisma Cloud hasn't helped us to identify cloud applications that we were unaware that our employees were using. That has not been the case so far because when we had initially done the deployment, we had done it at the subscription level rather than at the tenant level. So, in our case, it is quite the opposite where there would be subscriptions that the client is not aware of. I think Prisma has come up with a release wherein we can integrate our cloud on a tenant level rather than the subscription level. That is something that we will be doing going forward.

I would rate this solution a seven out of 10.

I primarily use the solution to uncover misconfiguration and for cloud code security. We can find gaps that hackers might access in order to steal data. It can trigger alerts and show you everything.

It's been helpful for managing multiple accounts. If we had to handle hundreds of accounts manually, it would take a lot of time. 

We've been able to mitigate issues and fix them before they become bigger problems. If the system detects any critical misconfiguration, we'll receive alerts. 

The risk control is very good. They have scanning that runs often and we can see the latest configurations and get alerts.

The solution offers very good configuration capabilities. It can show you how to resolve and remediate issues, and you can pull reports that will show you everything you need to know.

It provides security across multi- or hybrid-cloud environments. It can work with AWS, Azure, Google, Oracle, et cetera.

We have many projects within our organization, and we need protection from people trying to steal our information. We can see gaps from every corner of the cloud. Having a solution like this is important to our organization so that we have the capability to see and monitor everything from everywhere, which would be hard to do manually. 

We can take a preventative approach to cloud security. If anything is open to the public, we can find it and see it. That said, we are using other solutions also. Still, this product will alert you and engage you if there are any areas where information weaknesses filter up. It will guide you and show you how to fix the issues with configurations.

We might have witnessed some cost savings. If anything gets stolen, it would cost our company monetarily; however, that hasn't happened.

It does help us save time since we don't have to check every console ourselves manually. 

We've noted the benefits of the solution across the last five years.

The remediation data is already available in its logs. You don't have to Google fixes. It's already there on the platform.

We're using containers and Docker. Instead of using open-source, we can use our own code and cloud. We'll be able to know if there is a misconfiguration. For example, if there is an AWS-level misconfiguration, Prisma will help us discover this. 

We use a variety of tools, and we can use Prisma to handle various types of misconfiguration. It covers our entire cloud-native development life cycle.

It provides us with the visibility and control we need regardless of how complex or distributed our cloud environment becomes. It's very helpful. It mitigates 98% to 99% of mitigation issues. It's helped us maintain confidence in our compliance and security reporting. I'm able to see configuration changes. If something changes, I know.

It helps us reduce runtime alerts. You can log in and check each and every account via the portal quite easily. If I see an alert, I can quickly fix issues. Or I can go through each alert and find out which are important or not. It reduces the time we take to handle these tasks by 75%. We can focus on the alerts that have the most impact. It prioritizes alerts to critical, high, and low. 

The console is good and user-friendly. We can see the logs very easily. People without experience can also easily adopt the solution.

We only use the solution for misconfigurations. There may be other features that are lacking, however, we don't use the full scope of the product.

Technical support could use some improvement. 

I've been working with the solution for the last seven years.

The stability is very good. There is no issue. 

We only have two security people using the solution currently. We have it across multiple clouds and regions. 

We haven't had any issues scaling the solution. 

We've only used support if we've had issues around false positives. In those cases, we create a ticket.

Neutral

I also work with CrowdStrike. Both offer a lot of features. We've recently switched to CrowdStrike. 

The initial deployment is very easy. You can add it, for example, to your AWS account. You just need to configure it in Prisma Cloud. You may have to create a policy and allow access. After that, you'll be able to see the console. 

We had two people managing the setup process. The time it takes to deploy depends on how many accounts there are. If you only have one account, it's very easy and only takes one to two days. If you have 100+ accounts, you will need a few weeks. 

There is no maintenance needed from our end. 

We didn't use any consultants during the implementation. 

I don't manage the licensing aspect of the solution. 

We are not using application-level security here. At the application level, we're using other tools. We're also using other XDR and EDR tools. We're only using this product for misconfiguration.

I'd advise other users to try the solution. It's a product that offers many features. It's a good idea to go and look at the market and see which solution is the best. It depends on your environment and what you might need. 

I'd rate the solution eight out of ten.

We use Prisma Cloud Data Security for security compliance and detection.

We implemented Prisma Cloud because it eliminates the need for hardware appliances, thereby reducing our on-premises footprint.

Prisma Cloud provides security scanning multi and hybrid cloud environments which is important.

Prisma Cloud provides comprehensive protection for the entire cloud-native stack, encompassing threat protection, global protection, threat intelligence, and zero-trust architecture.

Prisma Cloud's security automation capabilities are effective. It utilizes AI-powered cloud-based technology to analyze unknown files and identify potential threats.

Prisma Cloud employs a combination of features to safeguard against both known and unknown threats, including IPS and threat intelligence integration.

Prisma Cloud has benefited our organization by providing URL filtering, facilitating secure customer connections, implementing endpoint security with a zero-trust architecture, and enabling user identification.

Prisma Cloud safeguards our entire cloud-native development lifecycle. Palo Alto's architecture encompasses multiple engines, each with distinct functionalities. These engines include the SP3 engine, application visibility control engine, URL filtering engine, Wildfire, intelligent saving, zero trust, threat prevention, and content infection. Together, these engines enhance security, reliability, and threat monitoring.

Prisma Cloud provides visibility and control of our web traffic at the URL level and across other technologies.

Prisma Cloud's visibility improves our confidence in our security compliance posture.

Prisma Cloud effectively integrates security into our CI/CD pipeline and seamlessly harmonizes with existing DevOps processes.

Prisma Cloud provides a single monitoring tool. The single point of monitoring makes our company more secure.

Prisma Cloud provides up-to-date information about real-world threats at runtime and across the entire pipeline, through communications, community, and mail.

Prisma Cloud reduces the number of runtime alerts. The extent to which alerts are reduced depends on the appliance and the number of throughputs purchased.

Prisma Cloud has saved our organization money. 

What I like most about Prisma Cloud is its zero-day signatures, maximum security, minimal downtime, cloud visibility, control, and ease of deployment.

Firewalls can identify application and user activity within network traffic. This includes information such as, what applications are being used, what URLs are being accessed, how frequently applications are being accessed, and how much time users are spending on particular applications.

The Palo Alto support needs to improve. Their response time is not good.

I have been using Prisma Cloud by Palo Alto Networks for two years.

Prisma Cloud is stable.

Prisma Cloud is scalable.

The technical support is slow to respond.

Neutral

We previously used Fortinet, CheckPoint, and Cisco. Palo Alto Prisma Cloud is more efficient in single scans.

The initial deployment was straightforward. Using a basic configuration, we can deploy within six hours. I completed the deployment myself.

Prisma Cloud by Palo Alto Networks carries a higher cost, but its enhanced security measures justify the expense.

I would rate Prisma Cloud by Palo Alto Networks nine out of ten. Its architecture is well-designed, more reliable, and more secure.

We have Prisma Cloud deployed in multiple locations across the globe.

The maintenance is done on the cloud.

I recommend Prisma Cloud to others.

Our customers' primary use case involves utilizing Prisma for various security purposes, such as application, cloud, and container security. I also employ the solution in different environments, including the European, Middle Eastern, and African regions.

Prisma Cloud saves time for technical teams by consolidating all necessary security tools into one platform. This eliminates the need to learn and manage multiple tools, streamlining workflows and increasing efficiency. Prisma Cloud provides comprehensive security across applications, cloud environments, and containers, ensuring complete protection within a single, unified solution.

Our clients take advantage of Prisma Cloud's multi-cloud and hybrid environment capabilities.

We can deploy the agents using automation, allowing clients to connect Prisma Cloud with Terraform and other tools via their well-documented API page.

Prisma Cloud's integration abilities with existing environments enhance its attractiveness.

Prisma Cloud can be used in prevention mode to protect against vulnerabilities.

Prisma Cloud's comprehensive platform offers a range of features, including runtime security and vulnerability assessments, through its Prisma Cloud Compute component. This component extends its capabilities to on-premises, OpenShift, and Kubernetes environments, ensuring broad coverage. Its ability to centralize and address security vulnerabilities across these diverse environments makes it a crucial and decisive element within the Prisma Cloud ecosystem.

Prisma Cloud's application security capabilities should be enhanced. The next update should include static application security testing and expand the functionalities of dynamic and API security testing.

I am a reseller that sells Prisma Cloud by Palo Alto Networks. 

The customer service has various levels of support, including access to a customer success engineer. This indicates a structured approach to customer service.

Positive

Due to its cloud-based architecture, Prisma Cloud offers a strong return on investment. It eliminates the need for additional hardware, making it a financially and technically sound investment.

I would rate Prisma Cloud by Palo Alto Networks ten out of ten.

Our clientele consists of enterprise-level businesses.

We're using the solution for container monitoring in one project and workload security in another. We've installed the agents on the servers to monitor for threats.

We haven't had an issue with the product for over a year. 

Its threat-hunting capabilities are very good. Security is a major thing for us.

We're using it in a banking setup and are using it only on a private cloud. 

The security automation is very useful.

Compared to AWS, the cost management is very low. The automation ensures we have limited tasks to do. In other security tools that I am using, there is no automation option at all.

We can integrate it very easily.

It's very easy to remotely connect. We can do that within fractions of a second.

We are getting a lot of visibility and control.

We've been able to reduce runtime alerts with Prisma Cloud.

We'd like to have more tools for threat hunting.

Sometimes, on the Azure side, there are issues. Some errors aren't being found on Prisma Cloud.

I've used Prisma Cloud for my past two projects. I've used it for one and a half years. 

We haven't had issues with downtime.

The solution is scalable. 

We've contacted support during some deployments on Windows servers in order to open ports. We had issues when we opened some ports and had no connection. Sometimes, their responses were slow or late.

Positive

The solution was very easy to deploy and integrate. We had a three-member team working on the setup. We only have ten to 20 servers. 

There is no maintenance needed after deployment.

The pricing can be a bit costly. However, it has low cost management.

We're a customer.

I'd rate the solution nine out of ten.