Cortex Cloud by Palo Alto Networks Reviews

The usual use cases for Cortex Cloud by Palo Alto Networks that I have been working with mostly are as simple as detection of misconfigurations during the deployment cycle. Whenever customers want to deploy their workloads, they use the platform to detect any sort of misconfigurations. They use it for threat detection, creating alerts and policies around that.

Cortex Cloud by Palo Alto Networks is a Cloud Security Posture Management and workload protection platform. It is used for cloud security posture management and runtime security as well, helping both the security posture management and runtime security.

The features or capabilities of Cortex Cloud by Palo Alto Networks that I have found the most valuable and useful include runtime security and runtime protection. Cortex Cloud by Palo Alto Networks offers the ability to monitor workloads in real time to detect any sort of threats and vulnerabilities. The application security part of the platform is also valuable, as there are very few tools in the market offering this capability, similar to Wiz, which was acquired by Google. The agentless scanning that Cortex Cloud by Palo Alto Networks offers is also something relatively new in the market.

Cortex Cloud by Palo Alto Networks has helped reduce manual tasks in security processes for my customers and for me. If a customer needs to create an alert and policy, the platform offers a simple RQL which is similar to SQL queries that customers can use. It is a set of auto-populated language that customers can use to build these queries depending upon what the use case is. The tool is fairly easy to adapt to, and any new customer who does not have experience writing these languages can simply utilize this and create their own queries to monitor their workloads. Any customer without an idea of how cloud functions or security functions work can still make use of it. The tool is quite user-friendly.

Cortex Cloud by Palo Alto Networks' AI and automation features in detecting and responding to high-risk threats have been quite good in my opinion. The platform has an AI Copilot integrated with it, which helps for data security protection and has certain AI capabilities to start monitoring with lesser human intervention to detect anomalies. I have not had a lot of hands-on with this feature, but it does a good job. I would rate it as a very good feature from Cortex Cloud by Palo Alto Networks, and I believe it does a fairly good job.

In my opinion, Cortex Cloud by Palo Alto Networks could be improved or enhanced in various ways. I don't have an idea about that yet because for that you actually need to use two or three different other tools to make a basic comparison. If you ask me how good the tool is, I would fairly rate it quite high. The tool is very popular, and customers can already see that it is one of the cloud leaders in the security space. The platform had a very good feature which provides documentation links about how to use a specific feature on the UI. It takes you to the proper documentation page where it suggests what to do and tells you about the steps that need to be done for a resource deployment.

My thoughts about improving the product which I believe could greatly aid vendors is that it used to be a very user-friendly tool, but now they have incorporated everything under one umbrella. It has XDR, XSOAR, and Cortex Cloud by Palo Alto Networks. Before, we used to have separate modules and separate environments for each of these capabilities or features. Right now, it is a little complex and users would take their own time to know the tool better. This is something that would have been way better, but I would say there would be different opinions on this. Talking about user-friendliness, it has decreased now.

I have been working with Cortex Cloud by Palo Alto Networks for five years.

My evaluation of how stable and reliable Cortex Cloud by Palo Alto Networks is very positive. The platform is very stable and very reliable. I definitely recommend a nine out of ten. There are only few key players in the market around the security posture management and the workload protection bit. Cortex Cloud by Palo Alto Networks is one of those. There are few other competitors, but they are not that mature in terms of the application security or the runtime security features or capabilities that this tool offers. The direct competition of this product is Wiz, which was acquired by Google. If you look at it, they are very good in terms of security posture management, but on workload protection, they are still coming up. The tool does a great job.

I evaluate how scalable Cortex Cloud by Palo Alto Networks is within a specific context. The platform is able to auto-shut certain resources that are not in use through the agentless scan feature. The platform is scalable that way. The agentless scan does not run twenty-four hours. It is basically on when I am manually triggering a scan on it. This is a good feature in that way. The platform takes snapshots.

I often communicate with the technical support of Cortex Cloud by Palo Alto Networks. There is a different TAC team that takes care of such issues. We communicate on a daily basis as it is required.

My interaction with them usually involves cases that are quite straightforward. It would be as simple as the tool not functioning the way it is expected to be. A customer would raise a ticket and then it goes to support. We would look at whether it is a break fix sort of an issue or a consulting issue. If it is a break fix, it is generally taken care of by the technical support or the TAC teams.

I have been working with Prisma Cloud, which is a Palo Alto Networks offering, in a capacity similar to Fortinet. I was working with the Cloud Security Posture Management and workload protection. I have worked on a CNAPP platform called Prisma Cloud, which is a Palo Alto Networks offering, but not on the Fortinet one. Cortex Cloud by Palo Alto Networks is what I am currently working with.

I am involved in the deployment or initial setup of Cortex Cloud by Palo Alto Networks.

The usual setup process actions I need to perform are very different depending on what kind of resource and which cloud platform it is getting deployed from. The usual steps generally involve a few Terraform commands to deploy the resources. After that, we start monitoring and auto-remediating alerts for the customers in real time. For that, we take the permission to read and write to explicitly make any auto-remediation changes for the customer. On the workload protection bit, it is proper container deployment, which is again very varied. It could be an Azure container, so based on that, the deployment steps would vary. On that part, we basically use YAML scripts to make those deployments, the defender deployments. There are times when there are upgrades that involve a little complexity. Other than that, I don't think there is any challenge in deployment.

My customers usually prefer deployment on cloud or on-premises. It has been a mix of both scenarios.

In my experience, I have observed a bit of improvement in the incident close rates with the adoption of Cortex Cloud by Palo Alto Networks. We use a third-party integration channel for that. I don't think the tool in itself is very capable of doing that, but we have XSOAR and other tool integrations done on the platform, so this can be accomplished. For incidents, you could have to use the monitoring tools like Qualys and Tenable. Those tools would be able to have the incidents monitored. Cortex Cloud by Palo Alto Networks is capable of doing that, and they have a different tool for it called Cortex XSOAR.

I am not fully aware of the pricing and licensing of Cortex Cloud by Palo Alto Networks. The pricing is also based on the number of defenders or the agents that are created, so it is very different based on what resources are run. The scanning resources used would depend on that. I do not have that information by heart, but I can check and get back with the details.

My impression of the detection coverage in MITRE ATT&CK evaluations is that there is a CWP which is called the workload protection, and we also call it compute. These capabilities do offer MITRE ATT&CK protection as well. It is not provided under CSPM but is provided under cloud workload protection bit where defenders or agents are deployed on top of containers or workloads or clusters and then monitoring starts for it.

The influence of the AI-powered prioritization and action plans on my customers' risk management processes is significant. The AI Copilot has actually helped customers with a lot of reporting and real-time monitoring. There is a storage-based monitoring that we used to do where only the storages were basically monitored or certain PII-based data used to be monitored, which was under an object store or maybe a block storage. This used to be very helpful for our customers.

Cortex Cloud by Palo Alto Networks has reduced the time spent on incident investigations to a degree. The investigation team and the tool work on these incidents. I have observed a change in mean time to response since implementing Cortex Cloud by Palo Alto Networks. It has been very quick. There has never been a long time, so it is very spontaneous. If you talk about the SLA, I would still say ninety-nine percent, and it is fairly very spontaneous. There is no downtime that I have seen till date, even after the deployment is done, so it is quite good.

Cortex Cloud by Palo Alto Networks does offer a cloud security ops dashboard, but it is in a very early stage right now. Customers can use or modify the dashboards based on the filters that are provided. The filters would be quite generic, such as alerts raised over time, vulnerabilities or CVs raised in twenty-four hours. Only the filters that are provided would allow customers to monitor and extract reports based on those filters, but not the custom filters that are provided yet.

The unified data setup in Cortex Cloud by Palo Alto Networks has helped to streamline security intelligence efforts for my customers. It is all linked to the machine learning that runs behind the AI Copilot and the anomaly detection that was mentioned. It is all integrated in the product and the tools. Customers make a lot of benefit out of it. I would say it is fairly done well.

Cortex Cloud by Palo Alto Networks' cloud runtime security in terms of stopping attacks in real time is impressive. The workload protection module is specifically meant for the runtime workloads. The platform offers this capability using the runtime protection in real time. It is quite a perfect and very capable tool. The entire idea behind the creation of Cortex Cloud by Palo Alto Networks runs on this basic nature, that it helps both the security posture management and runtime security. It is a fairly good tool and is only built for that.

When there are updates and upgrades of the product, there are certain challenges. Generally, when there is an upgrade for the platform, there is a self-hosted edition where everything is maintained by the customer themselves. We are not supposed to make any sort of changes with their environment. Customers would face certain challenges and different maintenance windows are rolled out, so they have to tag along with that and then make certain changes to their environment. It is completely handled by them. This is when we see some challenges and support tickets raised. On the other platform, which is the SaaS version, we only take care of all the upgrades, so there is no problem there.

I give this review an overall rating of nine out of ten.

My use case for Cortex Cloud by Palo Alto Networks is for CSPM, application security, and IAM. I use it for checking on the asset inventory, policies, and standards like GDPR, NIST, and SOC 2 compliance.

The best feature of Cortex Cloud by Palo Alto Networks is the credit view and execution view, where I can check on any vulnerability. Whether I want to check for vulnerabilities, I can easily determine which asset or onboarded endpoint is vulnerable to any vulnerability. The raw JSON format and software bill of materials are also cool features that are very helpful.

Regarding MITRE ATT&CK evaluation, Cortex Cloud by Palo Alto Networks maps any attack with the MITRE ATT&CK framework very well. Just having a glimpse at the mapping, I can get an understanding about the attack, including what techniques and tactics are involved. This is a very good feature and a great initiative from Palo Alto Networks. It is very helpful in terms of investigation. Whenever I am working on any attack investigation and response, it helps me determine the severity and plan future strategies to reduce such attacks.

Cortex Cloud by Palo Alto Networks has reduced approximately 40% of manual tasks because of the automated response and automation capabilities. This reduction in time happened in the starting phase itself, which is very positive.

Regarding incident investigation with Cortex Cloud by Palo Alto Networks, based on my experience, I could say it reduced the time by around 60 to 70%. Things are now very clear and accessible at the distance of one click. If I want to evaluate or investigate any attack, Cortex Cloud stitches all the data together. It stitches endpoint data, network data, and identity data, giving me very clear information about the attack. I can see what is happening, from where it has initiated, what assets are involved, and what users are involved. It provides a timeline view showing the causality chain, which is a very good feature. Because of this, it reduces incident investigation time by up to 60 to 70%.

As per my experience with Cortex Cloud by Palo Alto Networks, the UI could be simpler. There are few features which are very hidden, such as those in software bill of materials and compliance policies. Palo Alto Networks could make the UI a bit easier to navigate. Apart from this, all other things are good. Detection and response features are good, and the visibility, especially in the CI/CD pipeline, is also very good. Infrastructure as Code visibility is good. I don't think there is much scope of improvement regarding detection and response. However, they can improve operational efficiency and the UI. I feel that some features which are hidden could be shown on the home page or front page, which would make a significant difference.

I have been using Cortex Cloud by Palo Alto Networks for around three years. Previously, it was called Prisma Cloud, and Palo Alto Networks rebranded it as Cortex Cloud.

I experienced some delays when it was Prisma Cloud. There were only two to three instances where I experienced buffer issues. However, now in Cortex Cloud, I have not seen any lag or buffer. The product is very stable. All the features load very well and very quickly. I have a good experience with Cortex Cloud, and there is no reason to point out anything in that domain.

Onboarding endpoints and assets on Cortex Cloud by Palo Alto Networks is very easy. Because of this, I can scale it up easily. If there is a small organization that has only 100 endpoints or assets to onboard, it is very convenient for them. Also, if that organization has 10,000 endpoints or assets, it is really very convenient to onboard all the assets onto Cortex Cloud. On scalability, I could rate it as nine because I can start with small enterprises or small businesses and scale up to big enterprises with 20,000 to 50,000 assets as well.

I would rate the Palo Alto Networks technical support as a good nine. The vendor support is very good, and they are very prompt. If I fire any question or query, or if I have any difficulty with the product, they manage to provide me with a solution in just two to three hours. If I make it a high priority, they have resolved one query within 20 minutes. The support is very prompt.

Positive

I have already used Wiz. As per my understanding, Cortex Cloud by Palo Alto Networks is now providing good competition to Wiz. Previously, when it was Prisma Cloud, it was not up to the mark compared to Wiz. However, once Palo Alto Networks transformed it into Cortex Cloud, it started giving good competition to Wiz. I think Cortex Cloud has especially taken the lead in CSPM because I have worked on Wiz and they were very good in CSPM. However, Cortex Cloud has taken the lead as per my experience because all the workflows and features are very convenient to use.

Previously with Cortex Cloud by Palo Alto Networks, I deployed this product for one of my customers. After three to four months, we had a call and they said that previously they had around four hours of MTTR, and now it has reduced to just 15 to 20 minutes. This is a drastic change in MTTR. Cortex Cloud by Palo Alto Networks actually improves the SOC efficiency.

I have a good team of approximately 25 to 28 people who are very technically proficient and experienced with Cortex Cloud by Palo Alto Networks.

I conduct sessions on Cortex Cloud by Palo Alto Networks and Cortex platform and products. I always recommend customers who are not subscribed to Cortex Cloud to try it once. I always tell them that if they try it once, they are going to buy the subscription because the product is very good.

I did not use the AI and automation features of Cortex Cloud by Palo Alto Networks at the forefront initially. What I use it for is to ask questions and get answers. I conduct my research on upcoming threats and vulnerabilities and straight away ask the AI whether I am vulnerable to a specific CVE or whether a particular threat is valid for my environment. From last quarter itself, I started exploring the AI feature. My experience is that it is very, very good because I don't need to dig deep into the asset inventory to look for vulnerabilities. I just need to ask the AI by giving the CVE number and asking whether I am vulnerable to it, and it will show me what assets are involved that have this vulnerability.

I have not worked on runtime security with Cortex Cloud by Palo Alto Networks. In most cases, I work on CSPM, which is Cloud Security Posture Management, and application security. However, my team works on runtime security as well. Last year, they started this module and integrated it into Cortex Cloud. As I talked with my team, they shared their experience that it reduces the MTTR for attacks, which is actually the Mean Time To Detect. This is because Palo Alto Networks has around 10,000 plus detectors. Because of these capabilities, it detects runtime attacks very quickly and reduces the MTTD.

We are a consulting and ISP working with Cortex Cloud by Palo Alto Networks. I have developed the T-Systems International product based on Cortex Cloud by Palo Alto Networks. We are offering cloud security services such as managed services. We are using Cortex Cloud by Palo Alto Networks as our base to promote sales and to collect data to conduct cloud security assessments.

Cortex Cloud by Palo Alto Networks has helped reduce manual tasks in my security processes by at least 30%. We can have better cloud security operations because we can avoid manual tasks.

Cortex Cloud by Palo Alto Networks has reduced the time spent on incident investigations because it provides all the information I needed. I managed to reduce the time spent because it was fast and had all of the forensics information, including the attack path, the attack surface management, the vectors, the timestamp, and the artifacts.

The most valuable features or capabilities of Cortex Cloud by Palo Alto Networks that I have found so far are CSPM, KEM, KSPM, AISPM, and ASPM. All of the features related to DevSecOps, including GitHub, GitLab, Jenkins, and the pipelines integrated into Cortex Cloud by Palo Alto Networks, are valuable. I appreciate the proper gateways to manage vulnerabilities.

It is difficult to measure how Cortex Cloud by Palo Alto Networks can be improved. I have some colleagues from Palo Alto because they are acquiring strategic companies such as Chronosphere for observability and agent-based AI security. Palo Alto has bought CyberArk, a major company for identity management. Perhaps connecting CyberArk and creating features to manage cloud identities with CyberArk could be beneficial.

I have been working with Cortex Cloud by Palo Alto Networks for over two or three years.

In Brazil, I do not have any customers running Cortex Cloud by Palo Alto Networks. However, I was developing the product for T-Systems International, so I am using it to develop the product as a POC and POV.

I do not have experience with the AI features related to Cortex Cloud by Palo Alto Networks because when I was developing the product and before Cortex Cloud by Palo Alto Networks, Prisma Cloud was rebranded as Cortex Cloud by Palo Alto Networks, and the AI module was not available to me.

Cortex Cloud by Palo Alto Networks is not the cheapest solution in the market, but I know that is the best solution for SOC and Cloud  once have all tools to connect cloud issues with SOC procedures, because we are partners with T-Systems. Speaking with my Palo Alto colleagues, they told me that they are prioritizing acquiring new customers using the MDR, XDR approach, and XSIAM. I am confident that this approach will ease Cortex Cloud by Palo Alto Networks adoption.

Before Cortex Cloud by Palo Alto Networks, I worked with different solutions for the same use cases. I used Check Point CloudGuard, Falcon Cloud Security, the hyperscaler solutions such as Azure Defender, and AWS products such as GuardDuty and Security Hub. I also worked with Prowler, the open-source and cloud versions.

I usually participate in the initial setup and deployment of Cortex Cloud by Palo Alto Networks for the POC and POV.

I want to clarify that I have done the setup for Prisma Cloud. I have not done it for Cortex Cloud by Palo Alto Networks yet. I am working on it, but I need my customers' needs and approval to do the POC and POV. I am confident that the process is the same as just connecting the cloud accounts or the organizations. The process was a nice and straightforward implementation without any surprises.

I do not have this number to inform, but I am confident that we have some improvements in mean time to response since implementing the solution.

The pricing and licensing of Cortex Cloud by Palo Alto Networks was problematic in 2024. However, last year, once Palo Alto rebranded Prisma Cloud to Cortex Cloud by Palo Alto Networks, they now have a smart licensing model. We have just two or three licenses and some add-ons. In the beginning, we had to calculate different approaches to calculate assets, which was difficult. Today, it is smart and easy to calculate the licenses.

I still work with these products because we are a managed service provider. For example, one of my customers is running Azure Defender for Cloud. I have to convince them to conduct a POC and POV, and to convince the team in Brazil to get colleagues from Germany to adopt a different solution. Until the customer adopts Cortex Cloud by Palo Alto Networks, I have to work with what the customer already has.

The capabilities of Cortex Cloud by Palo Alto Networks are valuable because it is the best product in the market. I have been working with cloud security over the last several years, and there are only two or three products that are mature enough to promote security from the beginning without proper access to assets such as VMs or containers, through to the end of the maturity level, including runtime protection. There are just three products in the market that are able to do this: Cortex Cloud by Palo Alto Networks, previously known as Prisma Cloud; Falcon Cloud Security from CrowdStrike; and Cloud One from Trend Micro. Cortex Cloud by Palo Alto Networks is easy to adopt.

I usually use Cortex Cloud by Palo Alto Networks tools, such as attack surface management and the observability that is included with the platform. The effectiveness of Cortex Cloud by Palo Alto Networks' behavioral threat protection and anomaly detection features is the best solution that I know, because Palo Alto has the knowledge for detection and to respond with Cortex XSOAR. In fact, inside Cortex Cloud by Palo Alto Networks, they already have orchestration playbooks able to protect cloud environments. I am confident with the protection that Cortex Cloud by Palo Alto Networks already has.

The automation features of Cortex Cloud by Palo Alto Networks are excellent because the reports have all of the procedures required to conduct automation. We can develop playbooks inside the platform, which is easy and effective.

My impression of Cortex Cloud by Palo Alto Networks' cloud runtime security in terms of stopping attacks in real time is that it is impressive. I created some policies to prevent malware and crypto miners, and it worked very well.

The influence of the AI-powered prioritization and action plans on my risk management process with Cortex Cloud by Palo Alto Networks is significant because attacks are faster today than they were before. I know that Palo Alto has a large data lake to provide faster detection response. They are using machine learning and AI models to accelerate detection. For me, this is essential.

I have noticed that Cortex Cloud by Palo Alto Networks' Cloud Security Ops dashboard has a better ability to monitor and manage cloud security posture than Prisma Cloud did. Because it is quite similar to the XSIAM dashboard and I can see all of the sources, it is easier to see all data sources and navigate. I am confident that there are some improvements in the usage of the dashboard.

Even though the product is still not the cheapest one, it is worth the money that you have to pay for it. Customers will have additional benefits by adopting the Palo Alto ecosystem products such as XSIAM, XSOAR, XDR, and firewalls. My overall rating for this review is 9.

I use Cortex Cloud by Palo Alto Networks to secure cloud infrastructure during cloud transformation. For example, when a company is moving to a cloud or private or public cloud application to be consumed by end users, you need to secure this infrastructure and the software.

The most beneficial aspect of Cortex Cloud by Palo Alto Networks and Palo Alto in general is that there is a single platform for all cloud providers for securitization. Additionally, it's the same platform for on-premises, private cloud, and public cloud. This simplifies the management of shared responsibility among different people and entities, allowing you to use one single tool instead of having dozens of different tools to orchestrate and integrate.

Cortex Cloud by Palo Alto Networks helps with the ability to monitor and manage cloud security posture.

From the commercial perspective, we have some limitations because Palo Alto has a minimum number of users of endpoints set at 200, which is quite high for the Italian market. Additionally, there is not a clear MSP model compared to other vendors such as CrowdStrike. These are significant limitations, especially today when managed services are becoming increasingly important for end users.

Palo Alto decided to limit some functionalities because they want to stress more on Cortex XSIAM. I do not agree with this strategy because Cortex XSIAM is a completely different market compared to Cortex XDR. This is the main issue of Cortex—the commercial model Palo Alto is implementing. The product is very good; the problem is the commercial model.

There are probably some areas for improvement because Palo Alto is growing too much. Today the challenge is to have skilled people, which I believe is the same issue everywhere. I do not agree with this decision.

I have been involved in the domain with firewalls and vulnerability management products for four and a half years.

It is more expensive when it is beyond 200 licenses; the price is more or less the same. I do not see any issues in terms of pricing.

Installation is easy.

Regarding return on investment, I cannot easily estimate the ROI in terms of investment because the issue is that if you do not install this kind of solution, how can you estimate it? When we have an issue and we use Cortex Cloud by Palo Alto Networks during the mitigation and reaction period, the situation was solved. However, I cannot easily estimate the ROI beyond that.

From the features perspective, anomaly detection and behavioral threat protection features are all present in the product, and they work very well. MITRE confirms this because Palo Alto achieves 100% detection and reaction without any modification of the software or patching.

AI is one of the main engines inside the system. AI is very present in all Palo Alto solutions, so there is nothing new from this point of view. Palo Alto was probably the first to invest significantly in AI when others did not even understand what AI meant.

Palo Alto always mentions MITRE, which provides 100% detection and reaction with the default configuration from the software factory. I believe any other discussion is trivial.

You have a cloud instance, and then you have to install the endpoint agents in your infrastructure where needed.

Cortex Cloud by Palo Alto Networks is in a cloud managed by Palo Alto. I remember that it is probably on Google Cloud.

Whether it is easy to answer depends on how you configure it. From what my colleagues tell me, in general it works well.

Automations due to AI mean that sometimes you do not need to do anything, and in other cases you have evidence of an issue and then you need to analyze. The requirement is very variable.

These tools help a lot because in general in cloud there are many parameters to consider, and having something that provides you prioritization is very helpful. This is especially true when you have dozens of thousands of issues to manage because you are using open-source software and do not know where to start.

The solution itself is very good. Considering the limitations due to licensing and other factors, if we talk about Cortex Cloud by Palo Alto Networks specifically, it is a different product because the licensing has improved significantly. Cortex Cloud by Palo Alto Networks has the possibility to integrate other solutions by Palo Alto and firewalls. This makes it a framework, whereas Wiz, for example, is standalone software doing only that one thing. If you need to integrate other pillars of the customer, it becomes difficult; you cannot do it with this solution. If I consider Cortex XDR, the rating would probably be lower because the commercial licensing for Cortex XDR is still too weak. My overall review rating for this solution is nine out of ten.

We are working with Cortex Cloud by Palo Alto Networks for our use case. There are lots of projects being developed here in Portugal, and I think this is a market tendency. We are also working with Cortex Cloud by Palo Alto Networks, which is one of our current focuses. Cortex Cloud is Prisma, Prisma Cloud.

The main use case for Cortex Cloud by Palo Alto Networks is our clients. Our clients are asking for a platform of Cloud Native Application Protection Platform, which is CNAPP. They want to protect modern applications in multi-cloud environments and hybrid from the phase of development until production.

I have been working with Cortex Cloud by Palo Alto Networks for two years.

Based on my experience with Cortex Cloud by Palo Alto Networks, the protection in real-time for workloads, containers, VMs, and serverless functions is one of the main issues. It covers Mitre, and I think it's one of the main topics or selling topics because other vendors don't cover 99% of the Mitre attack.

Regarding the effectiveness of Cortex behavioral threat protection and anomaly detection features, other vendors are not as reliable as Palo Alto.

The AI and automation features in detecting and responding to high-risk threats are impressive. They are still developing AI and automation. It's one of the best tools regarding AI technology. You can stop attacks in the cloud and detect and respond with your SOC by integrating to prevent issues with the applications. The AI models are all available. Cortex Cloud by Palo Alto Networks has a feature that unifies security in one platform in real-time. It makes the analysis and optimization of permissions of identities with less privilege. It makes an analysis of the vulnerabilities in applications and APIs with prioritization based on real risk. They find, prioritize, and manage vulnerabilities in all the cloud environments. You can get responses to incidents easily, which improves the investigation and response to security issues.

Cortex Cloud by Palo Alto Networks and Cloud Runtime Security in terms of stopping attacks in real-time is useful and helpful.

Regarding improvement points in incident close rates with the adoption of Cortex Cloud by Palo Alto Networks, the cloud security teams we work with receive training from us. It's about the adoption of the tool. For some users, it's a bit complex to start working with the new tool. The interface makes it easier for them to watch their architecture, how to protect, and how to monitor it in an automated way. This is automated monitoring. You can obtain compliance reports for auditing, both external and internal audits, which is important in terms of compliance.

We are also reducing mean time to response, MTTR, with automation and AI. AI-powered prioritization also improves action plans.

Cortex Cloud by Palo Alto Networks is creating some confusion in terms of names because this is recent. They changed the names of the products and are now clarifying their offer.

The family of the products is not easy to follow because it's very recent. Regarding the generative AI security tool, I know for sure it's Agentic.

Based on my experience with Palo Alto, I can suggest what Cortex Cloud by Palo Alto Networks could make better or what additional functions could be added. This is the best tool in the market. It's not the time to tell what they could do better because it's a recent tool. The market is now adopting it. Our experience doesn't show that they need to do more.

I have been working with Cortex Cloud by Palo Alto Networks for two years.

The initial setup for Cortex Cloud by Palo Alto Networks isn't complex as you're talking about the professional services of the integration.

The integration process typically takes around 20 days to implement, depending on the environment. It's sufficient, but it depends on the number of clouds they need integration with. Usually, the integration is not complex.

I'm currently moving to Palo Alto in CyberSafe. I'm totally with Cortex Cloud by Palo Alto Networks solution. I'm working with technology of Palo Alto, and the company is making a change in terms of investment in this positioning. We have developed a good partnership with Palo Alto at the moment. We are one of the three main partners here in Portugal. We have changed our strategy accordingly.

At the moment, the feedback we have is that Cortex Cloud by Palo Alto Networks covers the needs of our clients. We have no issues related to this service because although it's a service being developed, I think this is version two of Cortex Cloud by Palo Alto Networks.

Cortex Cloud by Palo Alto Networks has a really high price. This product is for very mature companies. We are talking about insurance companies and banking companies who need compliance. This is for a mature market, not for small or medium enterprises. The pricing for a bank or big companies is acceptable, and I understand that.

It's the platformization that Palo Alto and others are doing, consolidating everything into one platform. You have several solutions and they are centralizing it. That's why Cortex, Prisma was the initial name of this solution, and it's now Cortex.

We are exclusively selling Cortex Cloud by Palo Alto Networks. I'm both a reseller and integrator.

I would give Cortex Cloud by Palo Alto Networks a nine out of ten. I have never seen anything like it for cloud protection from any vendor. My final rating for Cortex Cloud by Palo Alto Networks is nine.

This work is usually in a specific industry like telco companies, mainly telco companies.

I evaluate the effectiveness of Cortex Cloud by Palo Alto Networks' behavioral threat protection and anomaly detection features positively. I believe that our customer has benefited from these capabilities, and they feel comfortable with the solution. They have not provided any special comments about it.

I am aware of Cortex Cloud by Palo Alto Networks' AI and automation features, but we are not using the AI features yet. I suppose they are beneficial.

I am aware of Cortex Cloud by Palo Alto Networks' runtime security for stopping attacks in real time, and I believe that it has good coverage.

Positive

We are partners of Palo Alto Networks and sell the solution.

From switching from IBM to Palo Alto Networks, I am not certain if I noticed a change in mean time to response, such as MTTR, since implementing Palo Alto Networks. It is easier, but I cannot specify by how much.

Overall, I rate Cortex Cloud by Palo Alto Networks as an eight out of ten. I think that it could improve on price, as I know that the Google solution has the best price, and this is one of the conditions. My overall rating for this product is eight.

Cortex Cloud by Palo Alto Networks serves as our antivirus solution. I work in the cybersecurity team in the company, so we use Cortex Cloud by Palo Alto Networks to ensure that if there are any viruses or issues on a computer, the system will scan for it automatically. We also use Cortex Cloud by Palo Alto Networks to view all of the machines on the network, making sure that they're healthy.

I don't think there's anything unique about how my team uses Cortex Cloud by Palo Alto Networks; we enjoy using it and we're going to continue to use it.

I think visibility is one of the best features of Cortex Cloud by Palo Alto Networks, and it does a really good job of keeping laptops, computers, and servers secure.

The visibility that I appreciate in Cortex Cloud by Palo Alto Networks comes from the dashboards, allowing us to see what we are able to see. We have a lot of machines that we manage and maintain, so the dashboards are definitely helpful. I think the dashboards are very helpful and easy to read.

The alerts in Cortex Cloud by Palo Alto Networks are effective, and I enjoy using the product.

Cortex Cloud by Palo Alto Networks has impacted our organization positively by keeping our machines secure and our team using the dashboard to find issues quickly.

Cortex Cloud by Palo Alto Networks has reduced the time spent on incident investigations, and if I had to estimate, I would say it has cut our investigation time in half.

The Cloud Security Ops dashboard in Cortex Cloud by Palo Alto Networks allows us to see things in real time, and it significantly impacts our ability to see issues at a rapid speed.

At the moment, I don't have anything to comment on regarding how Cortex Cloud by Palo Alto Networks can be improved; I enjoy the product and I think it works better than other products I've used in the past.

I cannot think of any improvements for Cortex Cloud by Palo Alto Networks; I enjoy the product a lot and gave it a nine on a scale of one to ten.

I have been using Cortex Cloud by Palo Alto Networks for three years.

Cortex Cloud by Palo Alto Networks is stable.

Cortex Cloud by Palo Alto Networks does a good job with scalability.

Customer support for Cortex Cloud by Palo Alto Networks has been fine.

Before Cortex Cloud by Palo Alto Networks, we were using Symantec, but we didn't really care for its functionality, which is why we made the switch.

I have seen a return on investment with Cortex Cloud by Palo Alto Networks, primarily through time saved.

Cortex Cloud by Palo Alto Networks is deployed in a hybrid manner in our organization, with some systems on-premises and some in the cloud.

We use AWS for the cloud portion of our deployment of Cortex Cloud by Palo Alto Networks.

I cannot speak on pricing, setup cost, and licensing because that's a different department.

I'm not aware of how Cortex Cloud by Palo Alto Networks was purchased, so I cannot comment on the purchase through the AWS Marketplace.

I have seen the AI feature in Cortex Cloud by Palo Alto Networks; our company doesn't allow outside AI, but for automation, I think it does well and responds effectively.

I'm not sure if the unified data setup in Cortex Cloud by Palo Alto Networks has helped to streamline our security intelligence efforts; I cannot definitively say either way.

I would evaluate Cortex Cloud by Palo Alto Networks' effectiveness regarding behavioral threat protection and anomaly detection features as satisfactory.

I would recommend Cortex Cloud by Palo Alto Networks to others looking into using it. I gave Cortex Cloud by Palo Alto Networks a rating of nine out of ten.

Cortex Cloud by Palo Alto Networks serves as our primary tool for understanding our assets and performing API integration between our multi-cloud infrastructure, specifically AWS and Azure, to gain a comprehensive understanding of our entire digital estate on the cloud.

The secondary aspect involves identifying security gaps and traffic flows, allowing us to triage different types of traffic to check if they are clean or potentially malicious. This process involves analyzing behavior and patterns, mapping with MITRE ATT&CK tactics and techniques for a holistic view of our cloud estate.

I find that detection coverage in Cortex Cloud by Palo Alto Networks covers everything effectively, from reconnaissance activities such as port scans to initial access and command and control stages. It maps individual detections under MITRE ATT&CK tactics and techniques, helping us understand the current phase of an attack lifecycle and pinpointing the assets involved, thus indicating where we should focus to resolve issues.

The features in Cortex Cloud by Palo Alto Networks such as behavioral threat protection and anomaly detection present numerous patterns. Although many times it can be pure noise that is not worth looking into, I prefer receiving all that noise rather than missing critical alerts, particularly for enterprises with lean teams. This approach can sometimes become excessive and lead to alert fatigue, which is a common challenge in SOC environments.

In terms of detecting and responding to high-risk threats, the AI in Cortex Cloud by Palo Alto Networks focuses on behavioral analytics and anomaly detection, creating its own baseline over time and adapting accordingly. Automation is present through several pipelines integrated with our CI and CD processes, enabling seamless operations while still allowing for human intervention to address runtime errors.

The cloud runtime security within Cortex Cloud by Palo Alto Networks works brilliantly, functioning similarly to an EDR solution and responding in real-time with minimal mean time to detect and respond, especially when configuring blocking mode. It performs runtime detections right from the build process and replaces many traditional infrastructure tools that were previously needed.

I have absolutely seen improvements in our incident close rates, with mean time to detect and respond reduced significantly, sometimes by at least forty to fifty percent. The tool automates much of the manual triage we previously performed, which accelerates our incident management processes.

Regarding areas for improvement, the tool performs its functions well, but frequent name changes across Palo Alto Networks products can be frustrating for technical teams who must continually adapt. Furthermore, the solution is quite premium in cost compared to alternatives such as Wiz, and I miss the identity-based micro-segmentation feature that was previously available.

I would rate Cortex Cloud by Palo Alto Networks a seven out of ten; the pricing is high, making ROI challenging to justify, especially during transitions between solutions. The absence of identity-based micro-segmentation is disappointing, and there is room for improvement in behavioral analytics and anomaly detection.

I have been using Cortex Cloud by Palo Alto Networks for close to one and a half years, since it came about last year at this time.

The technical support from Palo Alto Networks is flawless, particularly for cloud products, with fast response times and knowledgeable staff who understand the intricacies of the system, aiding in efficient troubleshooting.

Positive

We had not had any processes in place before adopting Cortex Cloud by Palo Alto Networks. Rather than reducing manual tasks, it has increased work due to the additional capabilities brought into our security estate. We restructured roles to monitor cloud security but did not cut down overall headcount yet, as we are still streamlining these processes.

The deployment experience with Cortex Cloud by Palo Alto Networks is straightforward, requiring API integrations with cloud vendors guided by detailed installation documents. Although onboarding is quick, streamlining for a complex environment with many workloads can take longer.

I compare Cortex Cloud by Palo Alto Networks primarily with Wiz and CrowdStrike, as both offer similar services. Wiz stands out as a great competitor and is notably cheaper, while other traditional NDR vendors are now venturing into CDR as well.

Cortex Cloud by Palo Alto Networks integrates effectively with standard vendors, supporting all major cloud providers and allowing for ingestion of third-party threat intel. Although we do not utilize this feature as we rely on Palo Alto's Unit 42 for our threat intelligence needs, the integration capabilities with tools such as ServiceNow and email solutions are quite seamless.

The time spent on incident investigations has drastically reduced after adopting Cortex Cloud by Palo Alto Networks, as we moved from no solutions to an all-encompassing one. The tool has significantly decreased resolution times, although some complex incidents still require lengthy investigations due to their nature.

The Cloud Security Ops dashboard of Cortex Cloud by Palo Alto Networks provides an excellent overview of our security posture, enabling us to track trends and prioritize incident handling. It facilitates quick assessments of vulnerabilities, though manual judgment remains essential.

I am unsure about the impact of the unified data setup in Cortex Cloud by Palo Alto Networks on my security intelligence efforts, as I do not recall activating it in our environment.

I would rate Cortex Cloud by Palo Alto Networks a seven out of ten overall.

I usually recommend Cortex Cloud by Palo Alto Networks to enterprise customers and government customers, as these companies vary based on the service provider they choose, which is offering services to particular markets, including BFSI, manufacturing, healthcare, and energy sectors, apart from telecom, which already has some solutions implemented.

The most valuable features I have found in Cortex Cloud by Palo Alto Networks are those that we provided to customers in a stock environment, as we have done some POCs and tried to check how it can help different organizations, and this same solution has been positioned for multiple customers.

I would describe the experience with Cortex Cloud by Palo Alto Networks' detection coverage in MITRE ATT&CK evaluations as quite comprehensive based on the couple of POCs we have conducted, and I do not find any challenges with the solution, especially when a customer has a mixed environment of cloud and on-prem, as it can quickly check on the configuration side.

I do not have much information about Cortex Cloud by Palo Alto Networks' cloud runtime security in terms of stopping attacks in real time, but it is essential to consider data at rest, in motion, and in use, and to address vulnerabilities through a complete data lifecycle perspective, ensuring data flows securely and applications communicate safely.

In my opinion, Cortex Cloud by Palo Alto Networks can be improved by addressing forensic information collection and storage, although I cannot suggest specific things right now, based on what customers might need.

I would like to see additional features for Cortex Cloud by Palo Alto Networks in the future, focusing on forensic capabilities and complete CNAPP solutions addressing Kubernetes and container-related challenges, as I see room for improvement in these areas compared to competitors such as Wiz.

Overall, I have been working with Palo Alto products for approximately five to six years.

I rate the technical support by Palo Alto as good, especially on the technical front, and I would fairly rate it as a nine out of ten.

Positive

I have been working with Cortex Cloud by Palo Alto Networks for a short time since I shifted from my previous company, where we were selling this solution to customers, and we have just applied for this partnership with Palo Alto as of now.

The initial setup and configuration of Cortex Cloud by Palo Alto Networks are easy to find out, especially relating to your CI/CD pipeline, but gaps exist as environments are virtualized and containerized, and many are shifting applications to microservices architecture, with customers needing to understand security requirements for their environments.

I evaluate the effectiveness of Cortex Cloud by Palo Alto Networks' behavioral threat protection and anomaly detection features as good, but we need to ensure there are no false positives and that we require fewer resources to manage, with Palo Alto providing valuable information that can address issues proactively.

I assess Cortex Cloud by Palo Alto Networks' AI and automation features in detecting and responding to high-risk threats by stating that we must align everything with the business, including critical aspects, risk analysis for any company, and various compliance standards, so that focus can be placed on risks from a governance perspective.

The integration of Cortex Cloud by Palo Alto Networks with other products and compatibility with other systems includes the potential to use its solutions while also integrating with others, which could holistically improve the offering and check what is doable.

I rate this review an eight out of ten overall.

The solution helps me to understand misconfigurations in AWS or Azure cloud environments. It detects misconfigurations, suggests remedial actions, and helps identify vulnerabilities across cloud platforms. It provides action recommendations for CVEs against particular vulnerabilities.

The tool offers features powered by AI/ML, which allow me to anticipate potential issues and reduce the need for additional efforts. AI/ML aids in anticipating remediation for misconfigurations and vulnerabilities, and automatic remediation can be easily configured.

Some aspects of the GUI can be confusing and make it difficult for me to find certain options or navigate where needed.

I have been using Cortex Cloud by Palo Alto Networks for about one year.

I have not faced any latency or service-related issues. It provides results in real-time analysis without any glitches.

Palo Alto Networks offers good support globally. If local Indian support cannot resolve an issue, global tech support aligns promptly within the agreed SLA.

Positive

The solution provides a good ROI, especially for regular customers, offering discounts for three-year licenses and value in add-on features at reduced rates or free of charge.

The solution is costly, with high-end capabilities suitable for enterprises. It is less affordable for startups or small-scale vendors.

I evaluated Palo Alto, SentinelOne, and other security solutions.

Overall, Cortex Cloud by Palo Alto Networks is a technically strong product, and I rate it ten out of ten. I recommend it due to its strengths in security management.