Prisma Cloud by Palo Alto Networks Reviews

My main experience with Prisma Cloud is with AWS. We have a huge AWS environment, and we are trying to manage its security with Prisma Cloud. 

We have about 7,000 assets of different customers. We are managing the security posture. Prisma Cloud is the product that we have to manage the security posture for different companies. They are e-commerce companies that do online shopping, payment companies, banks, and even online bakeries and cloth stores. Prisma Cloud is a very good product. We have never seen a breach. I have never come across a situation where Prisma Cloud caused data leakage.

We mainly use AWS, but we also have some of our workloads in Azure. Prisma Cloud is a multi-cloud solution. So far, I have not seen any other solution capable of doing all the jobs that we do in Prisma Cloud.

With respect to the AWS cloud, we can achieve whatever we want in terms of automation most of the time. I have not come across a scenario where I am not able to automate any security-related feature for AWS with Prisma Cloud.

Prisma Cloud helps to take a preventative approach to cloud security. It is about 97% there. It is very good for cloud security posture management. It is also good in terms of prevention.

Prisma Cloud was deployed before I joined the company, but within six months, I was able to see the ability of Prisma Cloud. Compared to the old solution that I was using in my previous company, it has more capabilities and more features. It has less than 1% false positives. It is a very nice product.

As it was already implemented when I joined, I only tried to use all of its features or enhance the features wherever I could. I have never come across a breach situation, but if there is a breach, it will provide immediate remediation or at least give us the information. If you have configured it properly, it alerts you that this breach is happening, and this could be a possible cause and a possible solution. In my experience so far, it has been quite comprehensive.

Palo Alto DSPM is one of the best features because we have customers across different domains. For data classification, it is a very nice product. It also has some customization capabilities where you can define your categories and categorize the data according to that. It is one of the top-rated solutions.

Palo Alto DSPM can help discover data that exists outside of your official IT systems, but I do not have experience with that. Based on the documentation and what people discuss on different forums, it is capable.

Palo Alto DSPM provides automated discovery of new data assets as they onboard. When we onboard a new customer or their new AWS environment, it helps a lot in discovering. This automated process is very nice. We are able to discover them as soon as possible. It is quite easy to discover and classify. We are more comfortable now.

Palo Alto DSPM provides us with a prioritized list of all the data security posture issues in our environment. We can categorize and prioritize what needs to be done. We can see what kind of alerts should be prioritized and what data we can prioritize to monitor. 

Prisma Cloud has good insights. You can have graphs and very good statistics. To present the statistics, it has very good reports. The representation within the reports is very nice. It takes you to the core of the things. You can get the statistics at a very granular level.

Prisma Cloud is one of the best products. We renew annually because it seems that we cannot survive without it.

We have integrated Prisma Cloud with our SOC operations. It is a Cloud Security Posture solution that can be integrated with multiple SOC standards or SOC solutions or products.

Prisma Cloud provides the visibility and control we need, regardless of how complex or distributed our cloud environments become. Otherwise, we would not continue with the solution. Our chief security officer and others find it to be one of the best solutions.

It is not very easy to deploy, but once you learn it and deploy it properly, it provides a very granular level view of your entire security environment. You can do a lot of customization. You can monitor. You can remediate. You can automate a lot of processes.

Prisma Cloud has reduced a lot of our manual work and a lot of our time from having to go into different environments and looking into them. We do not have to use different products for different purposes. That is why Palo Alto Prisma Cloud is one of the best solutions. We can have everything within one solution. It has helped us with cloud security posture management. We mostly work with AWS. We have time savings, and we have productivity improvements. We have moved towards a rapid remediation or an automation of remediation. We have moved towards more effective alerts related to any kind of vulnerability. That has helped a lot. We can report them to our management and our teams, and we can also communicate the same to our customers. That is where Prisma Cloud has an edge.

Prisma Cloud has saved us money. Previously, we were using multiple products. We were using one product to check the encryption and multiple products to maintain a security posture and capture vulnerabilities or issues with our CI/CD pipelines. The company was using four or five products. We are now able to get all those functionalities in Prisma Cloud, so the license cost of the products we were using previously is gone. Prisma Cloud initially seemed expensive to us, but when we started utilizing it, we were able to save the cost of other products that were giving us just a slice of the pizza but not the entire pizza. Prisma Cloud has helped us reduce costs, and there is also efficiency. The cost management team knows exactly how much we have saved, but as per the 2023 report, we have had about 37% savings from not having to spend on multiple products. We were able to achieve the same things with Prisma Cloud.

Through Prisma Cloud, we can write Lambda functions, configure policies to check the security posture, and get reports. We can do a lot more. That is my main expertise, and that is one of the advantages of Prisma Cloud. For example, we have almost 7,000 AWS assets. If I want to check how many of my S3s have encryption, I can write a Lambda function in Prisma Cloud and get that report. Things like this are helpful in understanding where we lack security and where we can improve it.

Prisma Cloud is very comprehensive, but there should be better support for the customization of the reports. If Palo Alto can have more customized reports available or give an option to the users to customize the reports, that would be great.

As Palo Alto is developing Prisma Cloud, they can provide more graphical visibility. That would help organizations like ours where we have to generate multiple reports and share them not only with the technical people but also with the management of customers. The reports should be as per the requirement of non-technical people.

I have been using Palo Alto Prisma Cloud for almost four years.

We are renewing its license because we are getting a lot out of it.

It supports multi-cloud environments. It is already scalable. It has very good features such as discovery.

We are a multinational company spread across the globe. I am in the UAE. Some people are connecting from the US, and some are connecting from the UK. All of them are working within their domain. The cost optimization team is within the US. In the technical team, eight members are from the UAE. A couple of them are from India and the US as well. Our customer base is mostly in the US, UK, and some of the European regions. We have very few from the UAE.

Their support is very good. If we have anything to discuss or want to learn something that has been added, we engage the support.

I would rate them a nine out of ten because whenever there are issues, they are able to resolve them within the timelines and SLAs.

Positive

Prisma Cloud was already deployed when I got into this company.

In my previous company, we were using a Cloud Security Posture Management solution from a smaller US company. I do not know if they are still using that or not. I do not remember the name, but we were getting a lot of false positives and things like that. We even gave this feedback to them.

I was not involved in its deployment. It was already deployed when I got here.

It does not require any maintenance from our side.

Prisma Cloud is no doubt one of the best solutions in the market. Among cloud security or cloud-based posture solutions, Prisma Cloud is one of the best.

We are getting what we want, so I would rate Prisma Cloud a nine out of ten.

I work with various modules, including CSCM, CWP, Code Security, and NS.

We use the solution for day-to-day activities, from onboarding accounts to deploying Defender to creating rules to monitoring incidents. It's used for alerts and monitoring of what happens on the workloads. 

Our customers use the solution to try to meet their compliance standards, and for audit purposes. It helps create policies. SmartCloud itself has around 2,000 policies. It can cover compliance standards around banking, for example, around workloads and data. It helps align with governing bodies' compliance standards. We can create custom policies and anyone can create workloads.

There are many modules that have various capabilities. We can look at the misconfiguration of cloud resources, for example. They can help with compliance as well. We get notified and get data alerts and this is automated. However, we can manage items manually as well. 

It's good for monitoring your environment for AWS.

For visibility, we can create one service account.

Regarding the assets, regarding the alerts, we get all the data. It's great for our cloud security posture and management.

It's cloud-native and is used in major cloud environments. With it, we can monitor clouds like AWS, DPP, Azure, Alibaba, and Oracle. This is important. Many customers work with various key cloud providers. They often have their resources across different cloud providers and all resources must be protected and monitored. With this product, we can monitor all the things even if they are on different clouds - and it can be done on one platform. 

The most valuable aspect of the solution is the computing part.

Prisma Cloud makes it easy to host virtual machines and cluster environments like container Kubernetes. It does this while providing a single dashboard, from which we can monitor all of the workloads and perform vulnerability scanning.

It's very good at helping us take a preventative approach to security. Many bans are using it as a cloud security tool based on the level of prevention they offer. 

It supports the multi-cloud environment beautifully. If there is any kind of anomaly, it helps alert you to it. If there are malware or brute force attack attempts, it will report that. We can both monitor and audit the system. They have their own out-of-the-box configurations or we can customize them to create our own monitoring and auditing policies. 

The solution provides us with data sessions to help gain visibility of workloads in various regions. For example, if there is a workload created just in the US region, we can see that. It will give an overview also. It supports all kinds of workloads, from host protection to Kubernetes and container environments. It even provides support for the Oracle Kubernetes environment.

It ensures that nothing impacts operations. It will block vulnerabilities or implement fixes. 

The solution provides the visibility and control you need regardless of how complex or distributed your cloud environments become. It's very easy to see the entire security posture from every angle - region, data, compliance, et cetera.

We can integrate it into our CI/CD pipelines into existing DevOps processes. We can integrate via APIs or code. When a developer is in the code and integrating, if there's a vulnerability present, or a misconfiguration, it will scan and provide data. With Terraform templates, we can create a lot of instances. With one Terraform code, we can create hundreds of instances. 

The solution helps developers go to very specific locations, to exact areas, at which point they can perform fixes. 

Overall, it provides us with a single tool to protect all of our cloud resources and applications. It's got the best features for web applications and ETL security.  By enabling data, we can monitor whatever is deployed on the cluster or on the IT environment. It provides risk clarity across the entire pipeline. For example, the vulnerability explorer gives you a view of the top critical vulnerabilities. That way, developers can see what the priorities are for what needs fixing. 

It reduces runtime alerts. They provide us with a runtime alert console. It's also reduced alert investigation time. By clicking right on the investigation, we get all the data, including the source IP and any kind of suspicious detail in the workload. We can quickly go ahead and block IP as necessary.

We're able to directly integrate alerting to tools like QRadar.

The solution has helped our customers save money. They don't have to go ahead and hire individual experts for different areas like AWS and Azure. Having everything separate can be hectic and expensive. This is centralized. YOu don't need different teams. With its user-friendly interface, you only need one or two resources to monitor the whole cloud environment.  

Prisma Cloud introduced some new permissions so we have to go and manually add that permission. It is a little bit hectic. If someone onboards single accounts they have to go through each account in that IIM role, and they have to manually add that permission. It's a manual job that takes time. It would be ideal if there was some sort of automation involved.

In scanning, it does not provide runtime protection. 

The licensing could be better. You need to deploy an agent and it would be more convenient if it was agentless, which should be possible. With agents, you are consuming the same amount of credit, yet it does not provide the same amount of features. The automation needs to be improved and included in terms of AWS onboarding. For Azure, it's good, however, with AWS it requires manual intervention. 

Sometimes we do get false alerts. That should be improved. 

I've used the solution for around one year.

The solution is stable. There is occasionally some downtime.

The solution has been scalable. 

Technical support is strong. They have different levels of support, critical, high, medium, and low. For issues rated as a high priority, they provide assistance within one to two hours. Lower priorities may take 24 hours. 

Positive

I did work with a different product previously. Often, other solutions do not have as much visibility. AWS native services, for example, are not able to monitor the workload or data of Azure. You'd need another product for that. Similarly, Defender will only monitor an Azure environment. I have not worked with something that moved across clouds like this solution does. 

I've helped deploy the solution for five to six clients. 

In the early stages, it's a bit complex to set up due to the fact that it's new and we need to train. We need to give users a session and a POC or demo. So the complexity comes from the training and onboarding, not necessarily from the product itself.

Typically, we can deploy it in one week, and deploying it to any cloud environment would take one to two hours. After onboarding the new cloud environment, we need to create rules and integrate the ticketing tool. That might take two weeks also. There's a dependency with the cloud team in that sense, since, if you are going to integrate anything you need to schedule a call. If Defender is included, we need to deploy it manually. We'd also decide what is being automated. 

The solution does require some maintenance. On the portal, it would show whenever some maintenance is needed or if they are updating their versions. There may be maintenance downtime. The maintenance is provided by Palo Alto itself. We'd notify the customer if they need to be prepared for some downtime. 

Customers have witnessed a good ROI based on the ability to create and customize multiple policies. It helps them meet compliance and auditing requirements. 

I don't know the exact cost; that's handled by another team. However, my understanding is that the cost is based on consumption. 

It takes a little bit of time to create time to value for the solution. A new customer might not have any idea of a cloud's capability. Some people need training and this might be on a quarterly or monthly basis to get the customer up to speed. Once they are more knowledgeable about the solution, they can utilize its capabilities more fully.

I'd recommend the solution. It's comprehensive for securing the entire cloud-native development life cycle across the build, deploy, and run. It not only provides security protection in the runtime environment - it also covers CI/CD. We can integrate Azure DevOps or any kind of solution like Jenkins. 

For new customers, I'd recommend they take on a demo or POC. They can get a one-month license and try it out. Customers can coordinate with partners and see how it would work in their environment. If a customer has a multi-cloud environment, this is a good choice. 

I'd rate the solution nine out of ten. 

We use Prisma Cloud by Palo Alto Networks for architecture and design.

We found Prisma Cloud by Palo Alto Networks very important in solving architecture and design problems within the company, and it improved our company because it showed us different ways of doing things and gave us a better understanding of an architectural entity.

Prisma Cloud by Palo Alto Networks has helped our company progress.

From the time of deployment, it took a few months for our company to realize the benefits of the solution.

Prisma Cloud by Palo Alto Networks is a valuable solution. It is useful as it provides some security on multi and hybrid cloud environments, which is very important to my company.

Prisma Cloud by Palo Alto Networks is also a comprehensive solution that helps protect the full cloud-native stack and helps us secure the entire cloud-native development, which is another reason it is useful for the company.

The solution also has good security automation capabilities and is useful for helping my company take a preventive approach to cloud security.

It provides the visibility and control we need, and it helps a lot in giving us confidence in our security and compliance postures.

Prisma Cloud by Palo Alto Networks also enabled the company to integrate security into our (CI/CD) pipeline.

We also found how seamless Prisma Cloud by Palo Alto Networks touchpoints are to our DevOps processes, and we find them very helpful.

The solution even serves as a single tool to protect my company's cloud resources. It does not affect our operations.

Prisma Cloud by Palo Alto Networks provides risk clarity at the runtime and across the entire pipeline. It shows us the issues, and the developers can correct them without affecting our operations.

The solution also helped in reducing runtime alerts very quickly. It also reduced our alert investigation time because it's all automated.

We had some teething issues with Prisma Cloud by Palo Alto Networks, but overall, it did what we expected. It has some areas for improvement, but I cannot remember exactly off the top of my head.

I've worked with Prisma Cloud by Palo Alto Networks for four years.

I found Prisma Cloud by Palo Alto Networks stable. I'm impressed by its stability. I cannot recall any downtime with the solution. I rate it as eight out of ten, stability-wise.

I found Prisma Cloud by Palo Alto Networks scalable, and it's an eight out of ten for me, scalability-wise.

The technical support for Prisma Cloud by Palo Alto Networks was very good. I would rate its technical support eight out of ten.

Positive

Prisma Cloud by Palo Alto Networks is what my company has. It's the solution my company wants to use.

I was involved in the deployment of Prisma Cloud by Palo Alto Networks, and I found its initial setup straightforward. It took a few months to deploy the solution.

Our team deployed the solution.

Prisma Cloud by Palo Alto Networks has helped the company save some money. Cost-wise, it's okay.

I advise others who may want to implement Prisma Cloud by Palo Alto Networks to check it in a test environment first to ensure it does what they expect.

My rating for Prisma Cloud by Palo Alto Networks, overall, is eight out of ten.

I was working with a partner of Palo Alto Networks until around two months ago. I mainly worked with Prisma Cloud in the delivery line of products for projects for clients. For example, we deployed the tool for lifecycle protection for a client in Colombia.

I worked with Cloud Security Posture Management (CSPM), cloud workload protection, and the new data security module. About two years ago, for a banking client, we inserted the cloud-native firewall into Prisma Cloud.

Prisma Cloud supports the five major CSPs or Cloud Service Providers. Specifically, in the runtime protection mode, you can protect any workload. They are changing their approach from resource-based to application-based. Prisma Cloud now has the intelligence to understand the context and the relationship between resources and groups. 

I worked with the automation model, specifically on the features of app security, to prevent any issues from being deployed via infrastructure as code into the cloud environments. The auto-remediation feature enabled the developers to remediate issues directly in their visual editor with one click. Prisma Cloud is a good tool because it covers the software lifecycle. For example, you can use Prisma Cloud from your visual editor, such as VS Code or IntelliJ from IDEA. You can use auto-remediation to prevent any issue from being deployed into the cloud. It also provides run-time protection for all workloads. Prisma Cloud has a lot of features and modules. Its licensing model allows you to have more at less cost.

The integration with the entire lifecycle is the biggest benefit. You can use the tool to automate an internal process using the Prisma API. You can use all the data information to make business and technical decisions. It takes some time to realize its benefits. When we deploy the solution for a client, we have to wait about three to six months for it to mature to be able to make useful data database decisions.

Prisma Cloud has a lot of features. It can secure the entire cloud-native development lifecycle, across build, deploy, and run. At every step or phase, you can have specific controls to avoid the deployment of anything that can cause issues.

Prisma Cloud can reduce the risk and run-time alerts if you put the correct control at the correct stage. For one client, there was about a 30% reduction, and for another one, there was about a 50% reduction. Prisma Cloud gave us a table with the high-impact vulnerabilities. By closing one of them, we could reduce about 100 alerts.

It provides some reports, but with API access, you can get all the data to build your own reports or dashboards. The default reports and dashboards are good, but if you need some customized reports or dashboards, you can do that with the API.

The most valuable feature of Prisma Cloud for our clients is CSPM, as it helps clients gain visibility into all the assets with their cloud providers.

Additionally, runtime protection is valuable for protecting runtime environments.

The RQL feature helps to do some queries in the cloud environments.

The data security model needs improvement due to integration issues with certain features and cloud providers. With Palo Alto now utilizing a tool from an Israeli startup in Prisma Cloud, the integration is slow, and some features are blocked or not supported.

In the beginning, with large-scale projects, the platform was down twice, but once the issues were identified, Palo Alto applied the correct solutions to ensure high availability and scalability.

The scalability of Prisma Cloud is good, covering both the front end and the back end. The entire solution is well scalable.

Customer service is good in general. There are three levels of support. I have interacted with levels one and two, where initial contact is made and detailed information is gathered. They can respond with technical documentation or pass on the case to the next level because it requires the development of a new feature or changing a feature due to a bug.

Positive

I have not used any alternative solutions such as Check Point, CrowdStrike, or Aqua Security. 

I worked primarily with SaaS adoption and was in charge of the deployment as part of the delivery team.

The initial setup is straightforward and does not require extensive deployment efforts, except for configuring the solution and deploying agents if necessary.

The maintenance is done directly by Palo Alto. Palo Alto is in charge of deploying new releases and updating the main components. Everything is informed to the client through the status page maintained by Palo Alto.

The pricing for Prisma Cloud is high. Providing a pay-as-you-go model or pricing options tailored for medium and small enterprises could help attract more clients.

In my last job, we compared Prisma Cloud to other tools, and it was ahead of the competition.

For new users, it is important to understand the specific objectives and needs to ensure a successful implementation of the solution. They should also focus on using the data to make data-driven decisions.

I would rate Prisma Cloud a ten out of ten.

I am using five modules of Prisma Cloud, and I have expertise in CSPM. The use cases are related to securing our host container environment and multi-cloud environment.

We were looking to resolve issues related to host and container security in the Kubernetes environment, vulnerability management, and compliance management.

One of the benefits of using Prisma Cloud is that we can easily make our cloud environment compliant. We can make it vulnerability-free, helping coders or application users bring their applications to production without vulnerabilities or malicious packages.

We have gotten good reviews from our customers, saying that they have improved their security with Prisma Cloud for their cloud environments. That includes customers in finance and in the medical field. And the reporting we get from Prisma is excellent.

It has helped us reduce runtime alerts by 70 to 80 percent.

And because it's very transparent, we can directly investigate things. It has reduced investigation time by 100 percent. We can easily go to the dashboard and check what's happening when investigating. We have to be experts with our tools to investigate and do a deep dive into an incident.

The best feature of Prisma Cloud is that the various modules have different features. With the CSPM, we have compliance management, and we also have an auto-remediation module. In CWP, we can go with runtime, where one of the great features is blocking vulnerabilities or malicious activities from the pipelines or CI. All five modules are taking a preventative approach to the security of the cloud environment, from the network to the cloud, posture management and workload protection.

In CI/CD, we have the option to add a Prisma scan, which helps us remove the vulnerabilities and malicious parts of packages used to create an application. This option enables us to scan the images before running or building them and to get a vulnerability report.

Prisma scans things and shows all the vulnerabilities and packages that are vulnerable, and which layers, by default, have vulnerabilities. So developers can easily go into the package or a particular layer and make changes to their code. It's very transparent.

Reporting from Prisma Cloud is very straightforward. We can export reports in CSV format, or we can use the APIs in Prisma to fetch reports. Reporting is very easy and customizable.

It is also compatible with multi-cloud and hybrid environments. It gives the option to onboard with five clouds: AWS, Azure, Alibaba, Oracle, and GCP. Most of the companies we deal with use parts of various services from different clouds. To provide them with solutions, we need Prisma Cloud, as it helps manage multi-cloud environments.

A lot of automation capabilities are coming out with the updates, and they are growing day by day. The basic automation covers remediation of alerts, and in live applications we can block malicious activities in the files where the vulnerabilities come across.

In terms of cloud-native application comprehensiveness, we can integrate various cloud-native applications with Prisma Cloud. We can use Defender to protect workloads or Kubernetes in any native cloud like AWS EKS.

The CSPM provides the whole asset inventory, where we can see all the services in our cloud environment and how they are working, as well as how the assets are connected to each other and which network is connected. We can see the configuration.

We face some GUI issues related to new permissions for AWS. So far, we don't have any automation to complete them through the GUI. We have to manually update the permissions. Our customers have faced some issues with that.

I have been using Prisma Cloud by Palo Alto Networks for more than four years.

The stability is a nine out of 10.

The scalability is a nine out of 10. We just need some of the automations to come around in Prisma.

With all the capabilities it has and how comprehensive it is, with CSPM, CWPP, and more, we get help from the technical team at Palo Alto. They help us to get into what Prisma Cloud is and all the capabilities it has.

Their technical support comes up with good solutions for every difficulty we face.

Positive

The initial deployment is very straightforward, with the help of the technical team and tech support. It's very easy to get into Prisma Cloud. It takes time, one to two weeks, to complete the deployment. Most of our customers are enterprise-level, although we also have small clients.

The maintenance is mostly handled by Palo Alto teams. The updates are scheduled so that we know at what time they will update and what the new features are. They are good when it comes to updates.

I'm on the technical side and not into sales, but Prisma Cloud is better than the native applications when it comes to pricing.

I suggest that my customers adopt Prisma for every module. It's the best security platform, where we can provide security for multiple clients without using the native security approach.

I highly recommend this solution.

Previously, we were primarily using Amazon Web Services in a product division. We initially deployed RedLock (Prisma Cloud) as a PoC for that product division. Because it is a large organization, we knew that there were Azure and GCP for other cloud workloads. So, we needed a multi-cloud solution. In my current role, we are primarily running GCP, but we do have some presence in Amazon Web Services as well. So, in both those use cases, the multi-cloud functionality was a big requirement.

We are on the latest version of Prisma Cloud.

It is very important that Prisma Cloud provides security spanning multi-cloud environments, where you have Amazon, Azure, and GCP multiple cloud environments. Being able to centralize all those assets, have visibility, and set some policies and rules within one dashboard when you have multiple cloud accounts is a big advantage.

The comprehensiveness of Prisma Cloud for securing the entire cloud-native development lifecycle was shown when Palo Alto bought Twistlock and integrated in some of the container security pieces, particularly for containers, Docker, and Kubernetes, and building in the Prismic Cloud Compute tab. Having that functionality from Twistlock more focused on Docker and containers filled in some of the space where the original Prisma RedLock piece was a little more focused on just the API, e.g., passive scanning. The integration of Twistlock into Prisma Cloud Compute definitely expanded this functionality into the container and Docker space, which is a big growth area in the cloud as well.

Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them. 

Educates and trains cloud operators on how to better design their different cloud and infrastructure deployments. Prisma Cloud has very good remediation steps built in. So, if you do find an issue, they will give you steps on, "Here is how you go into the Console and make this change to close out this issue, preventing this in the future." So, it is a strong tool for the prevention and protection of the cloud, in general.

We have gone in and done some tuning to remove alerts that were false positives. That reduced some of the alerts. Then, as our team has gone in and fixed issues, we have seen from the metrics and tracking of Prisma Cloud that alerts have been reduced.

The compliance tabs were helpful just to have visibility into the assets as well as the asset management tabs. In the cloud, everything is very dynamic and ephemeral. So, being able to see dynamic asset inventory for what we have in cloud environments was a huge plus. Just to have that visibility in a dashboard instead of having to dump things into a spreadsheet, e.g., you are trying to do asset inventory and spreadsheets, then five minutes later it changes cause the cloud is dynamic. So, the asset inventory and compliance tabs are strong. 

When the cloud team makes a change that may introduce some risk, then we get alerts.

We pretty heavily used the Resource Query Language (RQL) and the investigate tab to find what instances and cloud resources are externally facing and might be higher risk, looking for particular patterns in the resources. 

Prisma Cloud provides the following in a single pane of glass within a dashboard: Cloud Security Posture Management, Cloud Workload Protection, Cloud Network Security, and Cloud Infrastructure Entitlement Management. It is particularly challenging, especially in a multi-cloud environment, where you would have to log into your Google Cloud, then look for your infrastructure and alerting within Google. In addition, you have to switch over to Amazon and log into an AWS Console to do some work with Amazon. Having that central visibility across multiple cloud environments is definitely important when you have different sources and different dashboards for the cloud, which will still be separate, but you still have some centralization within that dashboard.

The solution’s security automation capabilities are definitely good. We use some of the automation within the alerting, where if Prisma Cloud detected a change and there was a certain threshold, e.g., if it was above a medium or a high risk issue, then we would send off an alert that would go to our infrastructure team/Slack channel, creating a Jira ticket. The automation with Slack and Jira have been very good feature points. 

The Prisma Cloud tool identifies for the security team the resource in the cloud that is the offender, such as, the context, the resource in the cloud, what is the cloud account, and the cloud environment that the resource is in. Then, there is always very good context on remediation, e.g., how do we go in and fix that issue? Do we either go through automation or log into the Cloud Console to do some remediation? The alerts include the context that is needed as well as the risk ranking and severity, whether it is a high, medium, or low issue.

The Prisma Cloud Console always has good remediation steps, whether it is going into the Console, updating a Cloud Formation, or Terraform scripts. The remediation guidance is always very helpful from Prisma Cloud.

Some of the usability within the Compute functionality needs improvement. I think when Palo Alto added on the Twistlock functionality, they added a Compute tab on the left side of the navigation. Some of the navigation is just a little dense. There is a lot of navigation where there is a tab and dropdowns. So, just improving some of the navigation where there is just a very dense amount of buttons and drop-down menus, that is probably the only thing, which comes from having a lot of features. Because there are a lot of buttons, just navigating around the platform can be a little challenging for new users.

They could improve a little bit of the navigation, where I have to kind of look through a lot of the different menus and dropdowns. Part of this just comes from it having so many awesome features. However, the navigation can sometimes be a little bit like, "I can't remember where the tab was," so I have to click and search around. This is not a big negative point, but it is definitely an area for improvement.

I started using this solution when it was still called RedLock. Before Palo Alto bought RedLock, I used RedLock for about a year and then for another year or two once Palo Alto bought them, rebranding them as Prisma Cloud. So, I have been using it for about three or four years.

It is very stable and solid. We haven't really had any issues with the dashboard. The availability is there. The ability to log in and get near real-time data on our cloud environment is very good. Overall, the stability and accessibility has been good.

We use it pretty much daily, several days a week. We are licensed for 200 workloads in Prisma Cloud.

We are definitely still working on maturing some of our operations. We have a pretty small infrastructure team; just two engineers who are focused on infrastructure. We are trying to automate as much as we can, and Prisma Cloud supports most of that. There are still some cases where you have to log into the Console and do some clicking around. However, for the most part, we are trying to automate as much as we can to scale those operations with a very small infrastructure and security team.

Their customer and technical support is very good. They helped us on scoping, getting an estimate for how many workloads and resources that we had. Their support team helped us through some issues on the configuration in the API on the Defender side. We had a couple questions that came up and the customer success and support engineers were very responsive and helpful. 

The sales team was really good. We leveraged some of our relationships, working extensively with some of the leadership at Palo Alto in Unit 42 on their threat team. The sales team gave us a pretty good deal right before the end of the year, last year. So, we were able to get a good discount, so we were able to get the purchase done. Overall, it was a good experience.

This was a new implementation for our company.

Deploying the baseline for Prisma Cloud, its API configuration, was straightforward. To set up the API roles and hook in the API connectivity, we were able to do that within a couple of hours. The Prisma Cloud piece at the API level was very quick. The Defender agents were a bit more complicated because we had to deploy the Compute Defender agents into our containers, Docker, and Kubernetes. That was a little more complex, because we were deploying, not just connecting an API. We were deploying agents within our environment. So, the API side was very simple and fast. The Defender side was a bit more complicated.

We are still working on expanding and deploying some more Defender agents. The API piece was deployed within about a week, which was very fast. On the Defender side, with the infrastructure team's input, it took us several weeks to get the Defender agents deployed.

When we deployed Prisma Cloud, we established some baselines for security and our infrastructure team for what was running in the cloud. They were using some automation and scripting. They thought everything was okay with the script: We just run a script and it deploys this server and infrastructure in the cloud. What we found was that there were some misconfigurations. They had a default script that was opening up some ports that were not needed. So, we worked with the infrastructure team, went back, and said, "Okay, these ports were uncovered with our Prisma Cloud scanning. Is there a business use? Is there any valid reason for these ports to be open?" The team said, "No we don't really need these ports." It was just a default that we need to deploy in Google or AWS. It was just a default that was added in. So, we worked with them to go back and change some of their defaults, then change some of their scripts. Now, in future cases, when they deploy the Terraform script, it would make sure that those ports are automatically closed.

We purchased directly from Palo Alto. We didn't use a system integrator. We purchased directly from them and went through their support team. I have a good relationship with the sales and customer success team at Palo Alto just from past relationships. So, we did a direct purchase.

We will eventually see return on investment just out of the automation and the ability to scale the platform up.

We have reduced alert investigation times by approximately a couple hours a week.

The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard. 

We did look at a couple other vendors who do similar cloud workload protections. Based on the relationships that we have with Palo Alto, we knew that Palo Alto was kind of the leader in this space. We had hands-on experience with the tool and Palo Alto was also a customer of ours. So, we had some strong relationships and Palo Alto was the leader. 

We did some demos with different tools that were not as comprehensive. We had some tools that we looked at which just focused more on the container side and some that focused more on the cloud API layer. Since Prisma Cloud has unified some of these different pieces into one platform, we ultimately decided that Prisma Cloud was going to be the best solution for us.

It is a good tool. Work with your stakeholders and cloud teams to implement Prisma Cloud within as many environments as you can to get that rich amount of data, then come up with a strong strategy for integrations and alerting. Prisma Cloud has a lot of integrations out-of-the-box, like ServiceNow, Jira, and Slack. Understand what your business teams need as well as what your engineering and developers need. Try to work on the integrations that allow for the maximum amount of integration and automation within a cloud environment. So, work with your business teams to come up with a plan for how to implement it in your cloud, then how to best integrate the tooling and alerting.

While Prisma Cloud does have the ability to do auto-remediation, which is a part of their automation, we didn't turn any of that on now because those features have a tendency to sometimes break things. For example, it will automatically shut down a security group or server that can sometimes have an impact into availability. So, we don't use any of the auto-remediation features, but we do have automation setup with Jira and Slack to create tickets and events for our ticketing and infrastructure teams/Slack channels.

We definitely want to continue to explore and build-in some of the Shift Left principles, getting the tool into our dev cycles earlier. We do have some plans to expand more on the dev side. I am hiring an AppSec engineer who will be focused more on the development and AppSec side. That is something that is in our roadmap. It has just been something that we have been trying to work on and get into our backlog of a lot of projects.

I would rate this solution as a nine out of 10.

We have deployed Prisma Cloud for one of our client premises. And we are managing it internally. Although we do have support and other stuff for this solution, it has two kinds of modes. One is the detect and protect mode, and one is only for the monitoring purpose. There's different licensing. If you need protection from Prisma Cloud, then you will purchase a firewall kind of module with that. Otherwise, by default, it comes in monitoring mode.

It's deployed on all VMs and workloads. With the Prisma Cloud, you can have it on a cloud server or you can deploy it as a stand-alone. That said, the container should be persistent. Otherwise, if you restart the container, you will lose your configuration and everything.

We were doing a deployment for a telecom client, and they have two different application pipelines. One was based in India with the Oracle team. They were developing their own application, so we have also incurred it to the Prisma Cloud in their CI/CD pipeline.

The second use case was to monitor the OpenShift environment. The solution was basically bare metal. Then on top of that, there was OpenStack. It's an on-prem cloud service. We have deployed the Prisma Cloud solution, so it was on top of an open stack.

If there is a large infrastructure involved, you need to run continuous vulnerability assessments. You also need comprehensive reports and complete inventory details. Doing everything manually would cost a lot of human resources. And it can take a long time. This helps automate and control vulnerability scanning that's continuous. It also helps with compliance. If I have to scan something monthly or quarterly, I can do it, and it will run. What Prisma Cloud actually does is that it keeps on doing this activity for you without any required request from the operator side. Its agents are deployed on the infrastructure, on all the components, on all the applications, on all the operating system images, VMs, or the old private cloud environment or your work on nodes. If you spread your agents all over your infrastructure, it'll keep scanning and reporting, and you can see everything from your dashboard. 

We have integrated OpenStack, OpenShift, RH, et cetera. You don't need to integrate every individual part; you only need to integrate the worker node. And once you deploy it on the worker node, all the parts running on that worker node.

Prisma gives you full-fledged posture management. You get detailed insights into all your modules, how they are communicating, and on which ports they are communicating. If there is any unknown port or unknown address, et cetera,  Prisma Cloud can show you the configuration, and the ports. That way, as an architect or product manager, you know through your documentation which application should be communicating on which ports. If there is any deviation from that documentation, Prisma Cloud can see that, and you can get the details for that. 

With respect to virtual protection, it tells you which image, VM, physical server, worker node, or port has what kind of vulnerability. It gives you everything in real time. 

Monitoring mode is great if a company wants to know every single vulnerability and loophole in its infrastructure. It gives you a complete inventory list of VMs and devices within your infrastructure from the dashboard. You can add new policies or elements easily. You just integrate it within Prisma Cloud. That way your inventory automatically gets updated. 

Real-time continuous vulnerability assessment and reporting are key features. It's critical to most large-scale enterprises.

Prisma Cloud provides security scanning for multi and hybrid cloud environments. Sometimes, if we, for example, have some infrastructure on a public cloud, like AWS, then you need to monitor them continuously and you will require the inspector module of AWS. The inspector module is initially free of charge. And after two weeks, they'll start charging you. However, you can just put the credentials or access keys for AWS within the Prisma Cloud and assign the agent to that. It will start monitoring your cloud infrastructure as well with less overhead.

Prisma Cloud provides the needed visibility and control regardless of how complex and distributed the cloud environments become. What you do is you need to open the communication matrix. That communication matrix is the baseline or the product for the Prisma agent or CLIs, to communicate with the Prisma Cloud and share its findings directly. Whatever the agent finds on its local host, it will respond and share it with the Prisma Cloud. 

Prisma Cloud has two types of interfaces. One is towards the Internet to the main Palo Alto cloud environment. The second interface is towards the infrastructure or architecture. Most of the time, the operators focus on the corporate side since their responsibilities are related to that scope. The other side should be automatically updated, similar to how Microsoft. They simply tell you updates have been downloaded and installed, and you need to restart your system. The update processes are transparent. There is nothing manual to worry about.
There are a lot of compliance rules that you can configure. If the product manager knows that there's a new compliance rule, they ensure that the new compliance rule is compatible with their product. Compliance is not an issue, however, rules should be configured. It's just like any other compliance activity. 

Prisma Cloud enabled our customers to integrate security into their CI/CD pipeline. Our client was developing a large-scale application for billing purposes. And Oracle India was involved in that, and there was a DevOps pipeline. We have integrated the Prisma routes to the CLI within their pipeline; it was being handled through Prisma Cloud automatically within different DevOps gateways. It's seamless. Once you integrate it, then it's part of the pipeline, and it's being done automatically just like any other pipeline gate.

Having a single tool to monitor cloud sources has had a positive impact on our customers. Tasks that were headaches have become easier. It's easier to assess vulnerabilities and compliance thanks to automation. 

Prisma Cloud provides risk clarity at runtime and across the entire pipeline showing issues as they are discovered in the build phases. The vulnerability will stay on the dashboard until you fix it as well. It will keep showing you the issue until it is resolved. Vulnerabilities that are identified are documented and stored in the vulnerability management system.

Prisma Cloud has reduced alert investigation times thanks to the comprehensive dashboard. You can directly search for any host you are targeting or go through the entire list and check everything. 

It's helped customers save money in that it's helped them catch vulnerabilities thanks to 24/7 scanning. That helps you fix the issue earlier. If a vulnerability gets through and the company is breached, they can lose their reputation. The same is true if their service goes down - especially in a banking scenario. It can lead to a big financial loss. Having proper security controls and monitors in place mitigates this. 

They have very rich documentation, and everything is very clear with respect to integration and configuration.

It provides a lot of compliance rules. It provides us with around 160 different rules. That way, you can define everything during scanning and the system will keep checking for compliance, which is automated.

One single drawback is that updates are not directly based on push notifications. There is a lot of software that gets updated automatically. Since this is a security product, this product should be automatically updated. Right now, it must be manually updated. I should be able to focus on vulnerabilities and security, not updating.

Delays can be very costly. Even with a minute delay in updating, if an attack is successful, when you have this corrupted million-dollar product, it's useless to you then. That's why updates should be automatically done. 

It doesn't patch your products; it only provides insights into vulnerabilities. It's merely a value-added service for your overall security posture. 

They are missing some compatibility details in their documentation. If I am choosing a product, the first thing I look at before recommending it to my organization, is the documentation, including how it is organized, if their documentation is informative, what information they are providing, et cetera. Prisma Cloud has one issue within its documentation, and that is that it does not provide exact details of every single plugin. I was very concerned about which version of Prisma Cloud was compatible with which version of the solutions we had in our CI/CD pipeline. They need to be more clear. 

The solution is stable and is capable of covering large enterprises. I've never faced issues once I've deployed it. However, if you will be holding the data for the long run, you need to think about storage. That's it.

It's scalable. You can scale horizontally or vertically. 

Their support is not very good.

Negative

I've deployed it from scratch in a containerized environment. I am running a persistent container for Prisma Cloud.

The setup is very straightforward, thanks to their documentation. It's rich and comprehensive. They just don't provide version compatibility.

We deployed the solution in a day.

There is no other complexity in the implementation. It can be anywhere in the VM or any other component of your infrastructure. The agent should be able to ping its Prisma Cloud server. Once that is done, there is no other complexity. You just deploy the agent. The agent will keep updating automatically via the Prisma Cloud, and it will start finding new vulnerabilities. That's it. There are no such complex issues with the Prisma cloud deployment.

The implementation strategy was that we knew for which kind of infrastructure we were going to deploy it. 

There isn't much maintenance needed. The only thing is that sometimes you integrate Prisma Cloud with something that is not supported by Prisma Cloud or documentation does not explain it. In that case, you need to engage their support team. Their support is not very good. 

The solution is very expensive. They must have decided internally not to go after SMEs or startups. They are targeting multi-million or trillion-dollar organizations. Those are the companies that can afford their products. 

We're an MSP; we provide this product to customers. We provide security as a service.

We wouldn't recommend the solution for SMEs or startups. This is for larger corporate enterprises like large banks, fintechs, or telcos. It's good for larger infrastructures that might have legacy controls or devices.

Prisma is not the only solution in the market; there are others as well. It offers good core functionality, and it covers your whole cloud environment. It's a fully-fledged package that can help provide insights into security threats in any kind of development environment, from production to staging.  

I'd rate the solution seven out of ten.

If you are interested in Prisma Cloud, look at your business cases first. If you have a massive, large-scale infrastructure, they should not go into new products blindly.

There are five pillars of Prisma Cloud, including CWPP for workloads and security posture in the basic configuration. We have also been working with application APIs. These are the areas in which I'm working.

Most of our customers are using multi-cloud or hybrid cloud environments, and the problem they were facing was that they didn't have a one-stop shop for managing all the clouds. For example, Azure has something like that capability, but there are some problems and gaps. Every cloud provider says, "This is our territory, and we can only secure our territory." But the whole idea of Prisma Cloud is that it can take any cloud, whether public or private, bring the accounts on board, and after that, everything is managed by Prisma Cloud.

Another problem with Azure is that it has very overwhelming alerts, making it hard to manage them in native Azure. With Prisma Cloud, we have different rules and it is easier and more manageable. It is not overwhelming. We can look at its different modules. If we're talking about identity management, we can go to that module and see the identity. That makes things quite manageable with Prisma Cloud.

When it comes to investigation time, Prisma Cloud has something like 18,000 or 19,000 predefined policies and has remediations as well, so we know what to do or what not to do. It helps reduce investigation time because all those policies are already there. They are the "top" policies, and it provides remediations alongside.

Most of the customers we are tackling have different tools and solutions, like Qualys, Nessus, and vulnerability management assessment solutions. There are plugins for them, and we can integrate Prisma Cloud with them. We can enrich our telemetry with their data and use the predefined correlation rules in Prisma Cloud. That means we have that work done in seconds.

We also like the firewalls.

It also perfectly provides security across multi- and hybrid cloud environments. We use it with multi-cloud environments, and there are five cloud providers supported, including Amazon Web Services, Oracle, GCP, Azure, and Alibaba. Most of the big companies out there are using multi-cloud or hybrid environments, and they share dependencies on different types of cloud.

The basic idea of Prisma Cloud, and what I like the most, is that it is a managed cloud and everything is easy to do. So we can integrate different cloud-native services. We can use solutions like Defender for Cloud, Azure, and Amazon Inspector and enhance our telemetry using these data lakes. Prisma Cloud is the best for integrating with these cloud-native solutions.

The automation is good so far. If we look at the Kubernetes runtime environment, there is good automation for that.

Prisma Cloud is all about a preventative approach, and we can use it for compliance as well.

We can also integrate it into a CI/CD pipeline, and it can scan different images and containers, such as Kubernetes. Also, when we are loading an account, there are some agents that scan as well. There is Lambda for automation, and, in the first phase—the staging environment—we can have our work done. Pipelining is a continuous process, and the scanning takes place in the previous stage only. It runs in a sandbox environment and gives us all the remediations.

Sometimes, credentials are hardcoded. We can use the code security module and correlate with the predefined rules provided by Prisma Cloud. We get alerts, and based on these alerts, we can harden the policies for that code.

And the dashboard provided by Prisma Cloud has capabilities through which we can make alerts visible based on their severity level. We can create a separate dashboard for rules related to medium or high severity. That way, without wasting our time, we get to the medium- and high-level alerts and tackle the things that need attention the most.

The automation capabilities are growing each day, but the problem is that the updates are not that frequent. There are some services on Amazon that have come out with updates, and Azure is also getting up to date. But Prisma takes some time to follow. There's a time gap that Prisma inherits from these clouds. I understand why it takes some time, but that time should be reduced.

I have been using Prisma Cloud by Palo Alto Networks for two years.

The stability is a 10 out of 10.

The scalability is also a 10 out of 10.

We have a team of 25 to 30 people. Our company is based in India, but we have offices in Malaysia, Singapore, and Bangladesh, and we have clients in India and outside of India. Most of them are enterprise-level.

Their technical support comes up with great solutions. Every time we call we definitely get a solution.

Positive

It is onboarding in the cloud. There are a lot of documents, but it is quite easy. I'm into training as well, and it is quite easy for me to train my interns on how to onboard accounts to Prisma Cloud. If we are only onboarding one account, it happens in minutes.

In terms of price, we have to see the value we are getting for the particular penny we are paying. In that context, Prisma Cloud is a value-back cloud-managed solution; cloud-native solutions are quite expensive. That's why a lot of our clients are shifting from cloud-native to Prisma Cloud: because of its effectiveness and because it is budget-friendly as well.

I love Prisma Cloud. It's a one-stop shop for managing cloud security. And it is very easy to use. The dashboard and all the UI are very easy.