Visibility is a key feature. Integration with other technologies across the board, whether they are Palo Alto technologies, Windows technologies, or cloud technologies, is probably the biggest thing.
Network and Security Engineer at a security firm with 11-50 employees
Real User
Top 5
Apr 3, 2024
Prisma Access provides comprehensive security. It provides URL filtering, application control, SSL, DLP, etc. It provides complete security for the cloud environment.
Principal Consultant at a computer software company with 1,001-5,000 employees
Consultant
Top 10
Feb 2, 2024
Integrating with a CI/CD pipeline and incorporating a vulnerability assessment process are highly effective features, especially when combined with runtime protection.
The licensing if organisation go ahead with Enterprise License they are able to use both functionality that is TWISTLOCK and Redlock with not only provided reports with respect to cloud workload and Policy but also Vulnerability on the OS
Integration with CI/CD pipeline and CF template which allows to identify security risk at much earlier stage before workload or instance is deployedÂ
Learn what your peers think about Prisma Cloud by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
Software Security Analyst at a energy/utilities company with 10,001+ employees
Real User
Mar 15, 2021
The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security.
Technical Superintendent at Indian Institute Of Technology, Patna
Real User
Top 5
Sep 25, 2023
I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent.
Senior Network Consultant at a tech services company with 10,001+ employees
Real User
Aug 9, 2023
The most valuable feature is the closed VPN connection, which provides better performance than traditional VPN boxes. For example, let's say a user in New York State normally connects in the East, but if they travel to the UK, they can connect to the same portal, which automatically redirects to any VPN gateway. We can control traffic based on Active Directory groups instead of the user's IP. That means a user in New York can access his application based on his user ID and AD group access when he travels to the UK or anywhere else.
Technical Architect at a tech services company with 1,001-5,000 employees
Real User
Top 20
Jul 14, 2023
It is a good solution. Each team should utilize it. Every good organization is now moving towards or trying to be provider agnostic, so if you are using multiple providers, you should at least give Prisma Cloud a try.
Senior Engineer at a tech services company with 11-50 employees
Real User
Jan 16, 2023
The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid.
Senior Security Engineer at a manufacturing company with 501-1,000 employees
Real User
Jan 16, 2023
Configuration monitoring and alerting is the most valuable feature; it happens at the cloud's speed, allowing our development team to respond quickly. If a configuration goes against our security best practices, we're alerted promptly and can act to resolve the issue. As cloud security staff, we're not staring at the cloud all the time, and we want to let the developers do their jobs so that our company is protected and work is proceeding within our security controls.
Cloud Security Consultant at a retailer with 10,001+ employees
Real User
Jan 10, 2023
The first aspect that is important is the fact that Prisma Cloud is cloud-agnostic. It's actually available for the five top cloud providers: AWS, GCP, Azure, Oracle, and Alibaba Cloud.
The second aspect is the fact that we can write our own rules to try to detect misconfigurations in those environments.
Cloud Security Engineer at a financial services firm with 501-1,000 employees
MSP
Nov 30, 2022
The most valuable feature is the option to add custom queries using the RQL language that they supply so that we can customize the compliance frameworks to what we need to look for.
Senior Customer Technical Engineer at a computer software company with 51-200 employees
Vendor
Sep 6, 2022
The most valuable features are the alerts and auto-remediation because it allows us a lot of flexibility to customize and do things the Palo Alto team never intended. We faced some challenges with certificates because we also have next-gen firewalls. We would like to equip all the traffic because there have been many cases in which the developers have done things by mistake. Deploying certificates on virtual machines can be complex in a development environment, but we managed to do that with Prisma Cloud.
Cloud DevOps Engineer at a tech services company with 51-200 employees
Real User
Aug 18, 2022
We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features.
Cloud Presales & Solution Architect at a tech services company with 51-200 employees
MSP
Jul 31, 2022
The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap.
Technical Program Manager at a computer software company with 10,001+ employees
Real User
Feb 28, 2022
It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state.
Senior Principal Consultant Cloud/DevOps/ML/Kubernetes at Opticca
Real User
Dec 29, 2021
Prisma Cloud also provides the visibility and control you need, regardless of how complex or distributed your cloud environments become. It helps to simplify that complexity. Now we know what the best practices are, and if something is missing we know.
Lead- Information Security Analyst at archan.fiem.it@gmail.com
Real User
Sep 27, 2021
Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them.
Security Architect at a educational organization with 201-500 employees
Real User
Sep 3, 2021
The application visibility is amazing. For example, sometimes we don't know what a particular custom port is for and what is running on it. The visibility enables us to identify applications, what the protocol is, and what service is behind it. Within Azure, it is doing a great job of providing visibility. We know exactly what is passing through our network. If there is an issue of any sort we are able to quickly detect it and fix the problem.
Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.
Director, Cloud Engineering at a pharma/biotech company with 10,001+ employees
Real User
Dec 15, 2020
The ability to monitor the artifact repository is one of the most valuable features because we have a disparate set of development processes, but everything tends to land in a common set of artifact repositories. The solution gives us a single point where we can apply security control for monitoring. That's really helpful.
Cloud Security Manager at a manufacturing company with 10,001+ employees
Real User
Dec 10, 2020
The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers.
Security Architect at a computer software company with 11-50 employees
Real User
Nov 19, 2020
One of the main reasons we like Prisma Cloud so much is that they also provide an API. You can't expect to give someone an account on Prisma Cloud, or on any tool for that matter, and say, "Go find your things and fix them." It doesn't work like that... We pull down the information from the API that Prisma Cloud provides, which is multi-cloud, multi-account—hundreds and hundreds of different types of alerts graded by severity—and then we can clearly identify that these alerts belong to these people, and they're the people who must remediate them.
Cloud Security Specialist at a financial services firm with 501-1,000 employees
Real User
Nov 3, 2020
You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.
Sr. Information Security Manager at a healthcare company with 1,001-5,000 employees
Real User
Oct 26, 2020
It scans our containers in real time. Also, as they're built, it's looking into the container repository where the images are built, telling us ahead of time, "You have vulnerabilities here, and you should update this code before you deploy." And once it's deployed, it's scanning for vulnerabilities that are in production as the container is running.
Sr. Security Operations Manager at a healthcare company with 5,001-10,000 employees
Real User
Oct 26, 2020
The policies that come prepackaged in the tool have been very valuable to us. They're accurate and they provide good guidance as to why the policy was created, as well as how to remediate anything that violates the policy.
I was looking for a vulnerability scanner and I was looking for one place in which I could find everything. This tool not only does vulnerability scanning, but it also gives me an asset management tool.
Senior Manager at a computer software company with 501-1,000 employees
Real User
Apr 8, 2020
One of the most valuable features is the compliance of RedLock, which we are using for any issues with security. It flags them and that's the primary objective of that feature.
Senior Manager at a computer software company with 501-1,000 employees
Real User
Apr 8, 2020
One of the most valuable features is the compliance of RedLock, which we are using for any issues with security. It flags them and that's the primary objective of that feature.
DevOps Solutions Lead at a tech services company with 501-1,000 employees
Consultant
Dec 15, 2019
The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them.
DevOps Solutions Lead at a tech services company with 501-1,000 employees
Consultant
Dec 15, 2019
The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them.
It has helped us understand the dynamic topology of our containers, and manage security through the application of policies that our pipelines apply straight from Git.
It has helped us understand the dynamic topology of our containers, and manage security through the application of policies that our pipelines apply straight from Git.
Cloud Architect, Oracle ACE, Oracle DBA at Pythian
MSP
Top 20
Jan 14, 2019
The dynamic workload identity creation, attestation, and assignment is the best feature. In addition, the application dependency map across heterogeneous environments for compliance is a striking feature.
Prisma Cloud by Palo Alto Networks provides comprehensive cloud-native security solutions. It covers dynamic workload identity, automated forensics, and multi-cloud protection, ensuring robust security across diverse cloud platforms.
Prisma Cloud delivers advanced capabilities for managing cloud security across AWS, Azure, and GCP platforms. It offers dynamic workload identity creation, real-time monitoring, and seamless integration into CI/CD pipelines. With automation, centralized...
Visibility is a key feature. Integration with other technologies across the board, whether they are Palo Alto technologies, Windows technologies, or cloud technologies, is probably the biggest thing.
Prisma Access provides comprehensive security. It provides URL filtering, application control, SSL, DLP, etc. It provides complete security for the cloud environment.
Integrating with a CI/CD pipeline and incorporating a vulnerability assessment process are highly effective features, especially when combined with runtime protection.
It provides insights into potential vulnerabilities in our code, helping us identify and rectify issues before they can be exploited.
My favorite feature is the CWPP module. We can define various kinds of rules for vulnerabilities, incidents, or suspicious activities.
The licensing if organisation go ahead with Enterprise License they are able to use both functionality that is TWISTLOCK and Redlock with not only provided reports with respect to cloud workload and Policy but also Vulnerability on the OS
Integration with CI/CD pipeline and CF template which allows to identify security risk at much earlier stage before workload or instance is deployedÂ
UEBA module and lots more
The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security.
The two most valuable features are container security and the capability to discover workloads.
Prisma Cloud provides the needed visibility and control regardless of how complex and distributed the cloud environments become.
What I like most about Prisma Cloud is its zero-day signatures, maximum security, minimal downtime, cloud visibility, control, and ease of deployment.
We are provided with a single tool to protect all of our cloud resources and applications without having to manage and reconcile compliance reports.
The most valuable features of Prisma Cloud are its cloud security posture management and cloud workload protection capabilities.
I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent.
The most valuable features are vulnerability monitoring, serverless access, container runtime features, and Defender.
The most valuable feature is the closed VPN connection, which provides better performance than traditional VPN boxes. For example, let's say a user in New York State normally connects in the East, but if they travel to the UK, they can connect to the same portal, which automatically redirects to any VPN gateway. We can control traffic based on Active Directory groups instead of the user's IP. That means a user in New York can access his application based on his user ID and AD group access when he travels to the UK or anywhere else.
It is a good solution. Each team should utilize it. Every good organization is now moving towards or trying to be provider agnostic, so if you are using multiple providers, you should at least give Prisma Cloud a try.
Cloud security posture management is the preferred feature among other vendors.
Due to the maturity of most companies, security posture management is the most valuable feature.
I find the CSPM area to be a more valuable and flexible feature.
Prisma Cloud's inventory reporting is pretty good.
The most valuable feature is its cloud security posture management.
CSPM is very useful because it gives us good policies and violation alerts.
CSPM is the most valuable feature.
This solution helped us by allowing us to schedule and fix things. This is not an easy thing if you're managing 1,000 plus resources.
The initial setup is seamless.
The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid.
Configuration monitoring and alerting is the most valuable feature; it happens at the cloud's speed, allowing our development team to respond quickly. If a configuration goes against our security best practices, we're alerted promptly and can act to resolve the issue. As cloud security staff, we're not staring at the cloud all the time, and we want to let the developers do their jobs so that our company is protected and work is proceeding within our security controls.
The first aspect that is important is the fact that Prisma Cloud is cloud-agnostic. It's actually available for the five top cloud providers: AWS, GCP, Azure, Oracle, and Alibaba Cloud.
The second aspect is the fact that we can write our own rules to try to detect misconfigurations in those environments.
The most valuable feature is the option to add custom queries using the RQL language that they supply so that we can customize the compliance frameworks to what we need to look for.
The CSPM and CWPP functionalities are pretty good.
The most valuable features are the alerts and auto-remediation because it allows us a lot of flexibility to customize and do things the Palo Alto team never intended. We faced some challenges with certificates because we also have next-gen firewalls. We would like to equip all the traffic because there have been many cases in which the developers have done things by mistake. Deploying certificates on virtual machines can be complex in a development environment, but we managed to do that with Prisma Cloud.
We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features.
The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap.
It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state.
Prisma Cloud also provides the visibility and control you need, regardless of how complex or distributed your cloud environments become. It helps to simplify that complexity. Now we know what the best practices are, and if something is missing we know.
The most valuable feature is the continuous cloud compliance monitoring and alerting.
Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them.
The application visibility is amazing. For example, sometimes we don't know what a particular custom port is for and what is running on it. The visibility enables us to identify applications, what the protocol is, and what service is behind it. Within Azure, it is doing a great job of providing visibility. We know exactly what is passing through our network. If there is an issue of any sort we are able to quickly detect it and fix the problem.
Technical support is quite helpful.
Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.
The ability to monitor the artifact repository is one of the most valuable features because we have a disparate set of development processes, but everything tends to land in a common set of artifact repositories. The solution gives us a single point where we can apply security control for monitoring. That's really helpful.
The Twistlock vulnerability scanning tool is its most valuable feature. It provides us insight into security vulnerabilities, running inside both on-premise and public cloud-based container platforms. It is filling a gap that we have with traditional vulnerability scanning tools, where we don't have the ability to scan inside containers.
One of the main reasons we like Prisma Cloud so much is that they also provide an API. You can't expect to give someone an account on Prisma Cloud, or on any tool for that matter, and say, "Go find your things and fix them." It doesn't work like that... We pull down the information from the API that Prisma Cloud provides, which is multi-cloud, multi-account—hundreds and hundreds of different types of alerts graded by severity—and then we can clearly identify that these alerts belong to these people, and they're the people who must remediate them.
You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.
It scans our containers in real time. Also, as they're built, it's looking into the container repository where the images are built, telling us ahead of time, "You have vulnerabilities here, and you should update this code before you deploy." And once it's deployed, it's scanning for vulnerabilities that are in production as the container is running.
The policies that come prepackaged in the tool have been very valuable to us. They're accurate and they provide good guidance as to why the policy was created, as well as how to remediate anything that violates the policy.
I was looking for a vulnerability scanner and I was looking for one place in which I could find everything. This tool not only does vulnerability scanning, but it also gives me an asset management tool.
One of the most valuable features is the compliance of RedLock, which we are using for any issues with security. It flags them and that's the primary objective of that feature.
One of the most valuable features is the compliance of RedLock, which we are using for any issues with security. It flags them and that's the primary objective of that feature.
I would say Twistlock is a fairly sophisticated tool.
I would say Twistlock is a fairly sophisticated tool.
The product is quite good for providing multi-clouds or cross-cloud security from a single-pane -of-glass.
The product is quite good for providing multi-clouds or cross-cloud security from a single-pane -of-glass.
The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them.
The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them.
The most valuable feature is that the rule set is managed and that it can be run on a regularly scheduled basis.
The most valuable feature is that the rule set is managed and that it can be run on a regularly scheduled basis.
It has helped us understand the dynamic topology of our containers, and manage security through the application of policies that our pipelines apply straight from Git.
It has helped us understand the dynamic topology of our containers, and manage security through the application of policies that our pipelines apply straight from Git.
The dynamic workload identity creation, attestation, and assignment is the best feature. In addition, the application dependency map across heterogeneous environments for compliance is a striking feature.