Try our new research platform with insights from 80,000+ expert users
Automation Engineer at a healthcare company with 10,001+ employees
Real User
Provides risk clarity, good visibility, and control
Pros and Cons
  • "Syslog CLIs are the best feature."
  • "I would like Prisma Cloud to improve its mapping feature to increase usability."

What is our primary use case?

We host a Prisma Cloud platform on AWS. My role is to host the Prisma Cloud application and provide support to the development team.

We use Prisma Cloud to monitor the health of our Kubernetes clusters and to scan images for vulnerabilities. Developers use Prisma Cloud via twistcli CLI to scan images and view vulnerabilities on the Prisma Cloud user interface.

My job is to maintain the production and staging environments, including installing the twistcli client and deploying dependencies. I also help developers troubleshoot issues with pipelines that connect to Prisma Cloud using twistcli CLI.

How has it helped my organization?

Prisma Cloud provides security for multi- and hybrid-cloud environments. It can also monitor multiple on-premises and cloud accounts. In our use case, we have around 40 AWS accounts, which we have added to the Prisma Cloud monitoring tool. We receive non-conformance alerts every month. Prisma Cloud monitors every node in AWS. If a developer opens ports globally, Prisma Cloud will detect it and send an alert to our cloud operations technical team, who will immediately alert the respective developer teams. Prisma Cloud also detects certain types of alerts related to managing data plane infrastructure. For example, if a developer deploys an application on a Kubernetes cluster on AWS and then deletes the application, but the EBS & balancer is not deleted, Prisma Cloud will automatically detect this and send a non-conformance alert to our group email ID.

Prisma Cloud's security automation capabilities provide a variety of features, including twistcli CLI, which can be used to identify vulnerabilities in Docker images. When twistcli CLI detects a vulnerability, it sends an alert to a group email address. The alert includes remediation steps that can be easily followed to fix the vulnerability.

In my experience, Prisma Cloud is the best cloud security solution, whether on-premises or in the cloud. It can monitor multiple cloud products, such as Azure and AWS. I believe it is the best tool for meeting the container requirements of cloud-native applications. It is user-friendly, and upgrades are easy to perform, with documentation available on the official site. It can be deployed on-premises or in the cloud infrastructure. I think it is a good security tool for cloud infrastructure.

We started using Prisma Cloud around version 808.48. That is one of the console versions. Recently, they added some features in the newer version, so our dev team asked us to upgrade to the latest version to get those features. As the administrator, I am not aware of all the cases that Prisma Cloud provides, but I can see that it is easy to manage and has improved all the stakeholders' experience, especially for Docker image scanning. We started with a few teams using Prisma Cloud, but now many stakeholders are using it to scan their Docker images using Prisma CLI. With their request, we recently upgraded the console to the latest version to get the latest features. When we started, we only used basic monitoring, but later we started using it for pipelines to scan Docker images. Then, we added AWS accounts and Kubernetes clusters for monitoring. We deploy twistcli depending on the cluster, and it monitors in the console.

It provides good visibility and control regardless of how complex or distributed our cloud environments become.

Prisma Cloud has enabled us to integrate our security into CI/CD pipelines.

It allows us to add touchpoints to existing DevOps processes.

It also provides us with a single tool to protect all of our resources and applications.

Prisma Cloud provides risk clarity at runtime and across our entire pipeline.

Prisma Cloud has reduced runtime alerts and reduced our alert investigation times. We can remediate alerts within 20 minutes.  

What is most valuable?

twistcli CLIs are the best feature. They provide a twistcli for scanning Docker images. We have integrated a number of pipelines so that whenever any development is built, the image is scanned for vulnerabilities. Based on the vulnerability reports, the pipelines confirm whether the image needs to be rebuilt after fixing the vulnerabilities, and then build another version if necessary.

For how long have I used the solution?

I have been using Prisma Cloud by Palo Alto Networks for almost four years.

Buyer's Guide
Prisma Cloud by Palo Alto Networks
September 2024
Learn what your peers think about Prisma Cloud by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: September 2024.
812,628 professionals have used our research since 2012.

How are customer service and support?

The technical support team is good. They always help me resolve my tickets with minimal downtime.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial deployment was straightforward because of the well-written documentation that was available. I handled the deployment for the AWS cloud environment.

What about the implementation team?

They have an excellent technical team with sound knowledge of the product.

What other advice do I have?

I would rate Prisma Cloud by Palo Alto Networks a nine out of ten for its compatibility, easy upgrades, user-friendliness, and UI.

Regarding maintenance, we have deployed the application on a Kubernetes environment. We will have one EBS value for the console pod and one persistent volume for the application data. We are taking a snapshot of the PV because we can take a backup of the PV in the Prisma Cloud console UI, but this backup is stored on the same PV where the application is running. If the application crashes completely, we will not be able to restore the backup from the UI, and Prisma Cloud has suggested that we maintain a separate cluster for disaster recovery. However, this is too expensive for us. Therefore, we are taking a snapshot of the PV. If the application crashes, we can simply deploy the console on a new cluster and restore the data from the snapshot.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Govinda Mengji - PeerSpot reviewer
Specialist Master | Manager at a consultancy with 10,001+ employees
Real User
Top 5
Integrates seamlessly with different clouds but should support on-premises implementation
Pros and Cons
  • "It has a feature for customized security policy. I implement it in banking, health insurance, and other sectors, and every organization has its own customized policies and procedures. In Prisma Cloud, you can customize policies, and based on that, you can do monitoring."
  • "One major observation is that it is not possible to implement Prisma Cloud on-premises. This is the limitation. Prisma Cloud itself is on a cloud. It is sitting on AWS and Google Cloud. It is a SaaS solution, but some of my clients have a local regulatory requirement, and they want to install it locally on their premises. That capability is not there, but government entities and ministries want to have Prisma Cloud installed locally."

What is our primary use case?

I do not personally use it in my organization. I am a consultant, and I support my clients. I understand the environment, and based on that, I suggest they implement Prisma Cloud. My job is to do a technical evaluation of the product and recommend it to my clients. I give my recommendation to the client as an advisor. I tell them about the features and capabilities of Prisma Cloud and how they can utilize it. I also do a price or cost-effectiveness comparison of different products, but in the end, my clients decide whether they want to choose the technology over the cost or vice versa.

There have been multiple use cases of Prisma Cloud. The use cases vary based on a client's requirements. It is not necessary to implement all the features and capabilities of Prisma Cloud, but generally, it is for continuous compliance monitoring. The Cloud Security Posture Management (CSPM) feature identifies vulnerabilities within your IT organization or ITOps environment. The main part is to ensure compliance with industry standards such as GDPR and CIS Benchmarks.  

How has it helped my organization?

Vulnerability scanning has been a major problem for clients. Nowadays, clients do not have just one cloud. They are not using just AWS or Azure. They have multiple clouds. For example, the primary site is on Oracle, the disaster recovery site is sitting on AWS, and some of their applications are on Azure, so there are three hybrid cloud environments. We try to identify the best solution that can seamlessly integrate with all three cloud providers. Our clients want a centralized Cloud Security Posture Management solution for monitoring vulnerabilities and threats. This is one of the major use cases for which we recommend the Prisma Cloud CSPM solution to our clients.

Prisma Cloud can seamlessly integrate with all clouds. When you go into a cloud, there are multiple landscapes. Some are Windows machines, and some are Linux machines. There are different APIs, different databases, and different types of environments with microservices, Kubernetes, etc. Prisma Cloud has the capability to integrate with all these. That is the beauty. This seamless integration is very critical in every product.

There are multiple CSPM products in the market. The key feature of Prisma Cloud is seamless integration. They have thousands of in-built APIs. You do not need to do much customization. It can seamlessly integrate with multiple clouds. It can integrate seamlessly with Azure, AWS, Oracle, Alibaba Cloud, etc. This is the main feature and the key selling point of Prisma Cloud. For example, today, the client is using only Azure Cloud, but tomorrow, the requirement might come for AWS or Oracle Cloud. It does not mean that they are going to buy a new product for CSPM. That is the beauty of Prisma Cloud, and this is where Prisma Cloud scores. It integrates seamlessly. It does not mean that other products cannot integrate. They can integrate, but they might not seamlessly integrate, or they might integrate only with AWS and Azure but not with Oracle or Alibaba Cloud. All of my client base is in the GCC region. I have clients in UAE, Saudi Arabia, Qatar, Kuwait, and Oman. Oman has Google Cloud. Saudi Arabia has Alibaba Cloud and Oracle Cloud. UAE has AWS Cloud and Azure Cloud. In Saudi Arabia, there are even private clouds. Prisma Cloud can even integrate with your private cloud. You can integrate your on-premise cloud.

Prisma Cloud can protect the full cloud-native stack. It is great, and it can solve your needs from a security point of view. The whole purpose of Prisma Cloud is to scan vulnerabilities.

Prisma Cloud's security automation capabilities are good. For example, you can define a policy for virtual machines. The policy hits an API and scans all your virtual machines. It can identify a virtual machine that is not supposed to have access to the Internet, but its ports are open. If you have set the rules, it can also remove the access of the port or the VM to access the Internet. This capability is definitely there, but it is based on the defined rules and policies and how you do the configuration.

Prisma Cloud provides good visibility. The dashboard or UI is user-friendly. You get a holistic view of your entire infrastructure. 

Prisma Cloud integrates security into our CI/CD pipeline at the resource,  component, and infrastructure levels, but at the application level, it is limited. For application-level security, you need to do something else. You need to have an additional capability or additional security solution.

It provides a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

It provides risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases. It discovers issues at the scanning level. It also has the capability to rescan. For example, if you have discovered an issue or vulnerability, after resolving it, you can rescan the same resource to identify whether it has been mitigated or not.

Prisma Cloud has reduced runtime alerts by 60% to 70%. It has also reduced alert investigation time by 60% to 70%. With these time savings, you also save money. By preventing any vulnerabilities or threats, you also save your organization's reputation.

What is most valuable?

It has a feature for customized security policy. I implement it in banking, health insurance, and other sectors, and every organization has its own customized policies and procedures. In Prisma Cloud, you can customize policies, and based on that, you can do monitoring. 

It has multiple capabilities, such as threat detection and remediation. You can even orchestrate. For example, you can set a rule that a specific set of users need to have XYZ access. If any user is identified as having an additional level of privilege, which he or she is not supposed to have, Prisma Cloud can scan and identify it. If you have set the policy, it can also do mitigation. It can remove the access accordingly.

What needs improvement?

One major observation is that it is not possible to implement Prisma Cloud on-premises. This is the limitation. Prisma Cloud itself is on a cloud. It is sitting on AWS and Google Cloud. It is a SaaS solution, but some of my clients have a local regulatory requirement, and they want to install it locally on their premises. That capability is not there, but government entities and ministries want to have Prisma Cloud installed locally.

What do I think about the stability of the solution?

It is stable. It is a leading product.

What do I think about the scalability of the solution?

It is a SaaS-based application, so we need not to worry about scalability. It is their responsibility. They have to ensure its scalability and high availability.

How are customer service and support?

From what I know, their support is good enough. They meet the SLAs. They have been good so far. That could be because they are new in the GCC market, and someone from Europe or the UK might have different feedback. 

Which solution did I use previously and why did I switch?

I did not use any similar solution previously.

How was the initial setup?

We provide consultancy. We do the implementation but with the support of the vendor. It is not just about buying the product. It is about how you design and configure it. We ensure that the implementation is done as per the defined design.

The key point for a successful product implementation is how you configure it and what is your use case. Every client has different requirements and different use cases. It depends on how you drive it. You need to define the use cases, the policies, and the procedures, and you need to ensure they are aligned with your business objective. You may have the best product in the world, but if you do not know how to configure it based on your use cases and your environment, it will not work for you. You will have vulnerabilities in your environment even after you have invested millions.

What about the implementation team?

The vendor takes care of the implementation, and we validate and guide them with the implementation.

In terms of maintenance, it is not a set-it-and-forget-it solution. It is based on your IT environment. Generally, small organizations do not use a CSPM solution. It is used by mid to large organizations. In such organizations, there are multiple changes in the IT resources. The environment is agile. Every day you add something or change something, and you need to ensure that it is integrated with Prisma Cloud. It is an ongoing operational activity.

Which other solutions did I evaluate?

We evaluated multiple products. Zscaler was one of them.

What other advice do I have?

My clients are quite happy with this solution. Some of my clients are also based in the UK and Europe. So far, it has been good. It met their expectations. Their use cases are met, and they are able to monitor all their infrastructure. It has been good so far, and it worked for all the generic or standard use cases. That does not mean that it is going to solve all the use cases for all customers. If you want to go for a CSPM solution, you need to do a technical evaluation.

If you are looking into implementing a CSPM solution, I would advise first understanding your existing cloud landscape or your on-premise landscape. Understand your local regulatory requirements and local laws. After that, define the use cases. Define what exactly you are looking for and then go to market and evaluate different products. You can check whether there is an integration with AWS, Oracle, Alibaba, or any other cloud. If your regulatory requirements are that you cannot host your solution outside your country or you need to have it on-premises in your data center, not someone else's data center, you have to choose accordingly. You cannot go for Prisma Cloud. If you do not have any such regulatory requirements, you can go with Prisma Cloud or any other solution. 

You should also understand your future landscape in terms of:

  • Over the next five or ten years, how do you want to grow? 
  • What is your current IT strategy? 
  • How are you evolving? 
  • What would be your technology? 
  • Would there be any major digital transformation? 
  • How seamlessly can it integrate? 

You need to consider multiple parameters. It is also about money. It should also meet your financial budget.

Overall, I would rate Prisma Cloud a seven out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Prisma Cloud by Palo Alto Networks
September 2024
Learn what your peers think about Prisma Cloud by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: September 2024.
812,628 professionals have used our research since 2012.
Arun Balaji G - PeerSpot reviewer
Senior Associate Consultant at Infosys
MSP
Enables us to automate and increase security without agents, but integrations with third-party vendors need work
Pros and Cons
  • "It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization."
  • "One of the main backlogs in their development is in the area of integration. For example, we have ServiceNow in place for ticket management and Prisma Cloud is supposed to send closure emails for incidents. But from time to time, it fails to do so. We have several other mismatches between Prisma Cloud and ServiceNow."

What is our primary use case?

It is pretty easy to onboard accounts with Prisma Cloud. We use Prisma Cloud Compute and Prisma Cloud policy management. The latter is our primary solution and we use Compute to manage our container security, including threats and vulnerabilities. But we primarily focus on managing the policies for our entire cloud configs, internal threats, and network patterns.

How has it helped my organization?

For our market requirements, we do need several other services to be maintained for the perfect security posture. For example, one of the primary resources that we are using in our cloud is EC2 instances. That does need some primary security features, like security groups with proper closures, and proper networking with our firewalls. To make sure all of these premade configs are working, Prisma Cloud helps us to identify whenever any deployments meet up with our cloud. It is helpful with our singular architecture.

Prisma Cloud is very helpful with a full native stack. We don't want to leverage any of the resources directly. Instead, Prisma provides us with the services to automate and increase security posture without any internal agents to run it. Other products have internal agents to run with our cloud to help with the security posture of that cloud, but Prisma does not do that. It has a very simple mechanism to onboard the accounts with their console, where we can use the IAM to scan all of the accounts and identify threats and config mismatches.

The solution has also been helpful when it comes to our investigation times because we have fully automated it with our ticketing system. We use ServiceNow and whenever there are any alerts from Prisma Cloud, we have it configured so that they go directly to ServiceNow. That means the user can identify their incident and can resolve it based on the priority of service level agreements. When they do remediate an issue, Prisma Cloud will resolve the alert within Prisma Cloud and ServiceNow will close it on behalf of the user.

Prisma Cloud saves a lot of manual effort that we had to do within our cloud organization.

What is most valuable?

Prisma Cloud policy management is more valuable than Prisma Cloud Compute. While we use Compute often, we are not leveraging container security as much. We have limited resources for the containers in our cloud environment. Sooner or later, we will launch multiple container features in our cloud, but right now, we don't have much scope so we haven't had a chance to explore the Compute side much.

The solution supports multi- and hybrid-cloud environments. It has multiple cloud strategies like GCP and Azure. It has policy fixes for those cloud environments. We leverage it for AWS and it's important that we can use it for that singular platform.

Prisma Cloud also has log retention periods for the alerts and policies that are triggered, for each account. For example, my account has a specific policy that is high severity. If I need to further investigate, I can do that investigation in the upcoming 30 days. After 30 days, the logs of the triggered alert are not retained by Prisma Cloud on the Palo Alto network.

It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization.

Another feature is the automation. It has certain types of policies that can identify network-based threats, such as unusual port or protocol activities. It has tremendous machine-learning capabilities to identify patterns.

What needs improvement?

When it comes to automation and machine learning, it still needs some more work because sometimes they can give false positives.

In addition, since cloud services are coming up with new features and solutions, Prisma should also keep up with the same level of security. For example, at the previous AWS Summit, numerous services were introduced. Our businesses wanted to develop some of the services with the features in our cloud, but Prisma hasn't come up with any new APIs. Prisma needs to keep up with quick changes as soon as any cloud platform comes up with a new invention.

And one of the main backlogs in their development is in the area of integration. For example, we have ServiceNow in place for ticket management, and Prisma Cloud is supposed to send closure emails for incidents. But from time to time, it fails to do so. We have several other mismatches between Prisma Cloud and ServiceNow. So we have had to focus on incident management.

Integrations with third-party vendors, such as ServiceNow, Slack, and other ticketing tools that Prisma supports have full automation, but there are still some bugs to fix. We see failures from time to time. When our team fixes vulnerabilities or threats, they still see the incidents in place, which makes them liable to pay for SLA failures. Those kinds of things can be avoided if we have fully fledged event management integration with those tools.

They also need to increase their log retention periods to allow further investigation. Sometimes it takes time to check with asset owners and do deep investigations. Because we have numerous accounts, it can take time for asset owners to investigate each and every alert. The log retention period is one of the cons. 

For how long have I used the solution?

I have been using Prisma Cloud by Palo Alto Networks for more than a year. I started in my role as a cloud security engineer about two and a half years ago, and Prisma Cloud is one of the CSPM solutions that we use.

I use Prisma Cloud every day. It is one of the primary tools I need to monitor and manage the security of our cloud environment. I use it very extensively and my team members use it for identifying threats and managing them with the asset owners.

What do I think about the stability of the solution?

In terms of performance, they have cloud releases of security features during the first week of every month. Whenever they release new policies, all of a sudden it starts to throw multiple alerts within our console. It is a bit annoying for the DevOps team, but from a security perspective, it is a useful process. But a pre-announcement or pre-testing of the alerts would be a better way for them to do this, instead of creating 50 or 100-plus alerts for our DevOps. We are suggesting better pre-testing of new policies.

What do I think about the scalability of the solution?

It is pretty scalable. When we deploy new AWS accounts within our organization, it applies the same security posture policies to those accounts as well. We can see the security postures it recommends whenever we onboard any new accounts with our organization. The scalability is very good with the management it provides for any accounts we onboard.

Palo Alto Networks is one of the fastest-growing security products in our organization.

How are customer service and support?

From time to time we experience delays in support for critical scenarios. They do have engineering teams at the backend that work with the policies. I understand that. But I'm expecting a more responsive service on their side because sometimes it can even take a week to get a response back from the engineering team.

When we go through the toll-free number to submit a case, they suggest that they are working on it, but sometimes they don't give solutions for such cases for some time.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We used AWS native security, which is Security Hub. They have their own benchmarks which we leveraged. But we wanted to see more variables with the policies to have a stricter and more secure cloud environment so we moved to Prisma Cloud.

We have been customers of Palo Alto Networks for a very long time because they have several security products, including firewalls that we use in our organization.

How was the initial setup?

The deployment was very straightforward. We were able to onboard IAM policies from our AWS master account to our console with a few clicks. We were able to see that Prisma had started to onboard and ingest for alerts and asset variations within our inventory.

What about the implementation team?

We have a security architect and Palo Alto has a security architect. We deployed it together with the support of a Palo Alto engineer.

What other advice do I have?

When we started using Prima Cloud a year ago, we had 7,000-plus alerts. We went through many of the policies that resulted in numerous false positives and we went through the RQL (Resource Query Language) queries that were not applicable to our environment and that created false positives from their side. We reported them with the details via their case submission. They checked on them and they modified some of the alerts as a result of our request. They are progressing with their changes. We have reduced to 500-plus alerts in the past eight months and we are in good shape in terms of security posture.

Overall, I would rate Prisma Cloud at seven out of 10. It has the scalability and easy onboarding where we can onboard an organization with a few clicks and the integration part will take care of the rest. I appreciate that. But the log retention and integration with third-party solutions need improvement.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Architect at a tech vendor with 10,001+ employees
Real User
Simplifies compliance, streamlines report delivery, and improves visibility
Pros and Cons
  • "Prisma Cloud stands out as a user-friendly and powerful CSPM solution thanks to its comprehensive capabilities, built-in features, and flexible tagging system."
  • "Some module customization might be needed and certain features like adding custom labels are currently unavailable unless we have administrator access."

What is our primary use case?

We currently leverage Prisma Cloud's Cloud Security Posture Management and Cloud Workload Protection Platform modules and plan to migrate to their full Cloud Native Application Protection Platform solution for a more holistic security approach.

Our security system uses three major CSPMs, ingesting logs and integrating them with a central CSPM page for visibility. We also incorporate identity and document management systems. Prisma Cloud's detection tool based on its policies provides initial alerts, with our SOC team focusing on the most relevant ones. We leverage a modified threat framework combining NTSF and MITRE to monitor key policy areas like malware, unauthorized access, phishing, data loss, and system failures. Within Prisma, we categorize policies based on our organization's priorities, using custom tags to identify them and create dashboards. Webhooks then send these alerts to our SIEM platform for further analysis.

How has it helped my organization?

Prisma Cloud offers security spanning across multi-cloud and hybrid cloud deployments, supporting industry leaders like Google Cloud Platform, Microsoft Azure, Amazon Web Services, Alibaba Cloud, and Oracle Cloud.

Prisma Cloud simplifies compliance with regulations, a crucial security aspect for large organizations, by providing full visibility into our cloud environments. This eliminates the time-consuming need to manually check configurations within each cloud service provider. With Prisma Cloud's single pane of glass view, everything can be done in one place, saving us an average of 15-20 percent of the time compared to the previous method of having a dedicated person manage each CSP individually.

Automation streamlines report delivery and notification generation. It can also integrate with various third-party services like Slack, Jira, Microsoft Teams, and Microsoft Sentinel, allowing for further automated notifications and actions within those platforms.

Our cloud visibility was limited before Prisma Cloud. Now, we have a good level of insight, not perfect, but significantly improved. We can monitor new deployments, configurations, and overall activity. This is crucial because most organizations, like ours, are increasingly cloud-based. Stricter regulations require compliance, and Prisma Cloud simplifies this. They offer pre-built compliance standards so we can easily generate reports, ensuring we meet our obligations.

While Prisma Cloud delivered as promised, realizing its full benefits in our large organization took several months. Due to the size and complexity of our internal communication and collaboration structures, it naturally took time for everyone to fully understand and adopt the platform's capabilities.

Prisma Cloud offers timely runtime alerts when properly configured. These alerts integrate well with our SIEM and are easy to understand. However, the majority stem from the CSPM module, as CWPP typically necessitates manual investigation for actionable insights. Prisma Cloud has reduced the runtime alerts by 20 percent.

Our initial Prisma Cloud deployment has already delivered a 5 percent cost saving, and we expect these savings to grow as we expand its use across our cloud environment.

What is most valuable?

Our primary focus right now is compliance. This means having clear visibility into our organization's security posture. Additionally, agentless scanning with Prisma Cloud is important for us. While we're also interested in the Cloud Workload Protection Platform, it's important to consider that our environment includes both containers and virtual machines. Overall, the most valuable features for us in Prisma Cloud are those that provide visibility, ensure compliance with regulations, and help us align our on-premises servers and cloud environments with mandated security standards.

Prisma Cloud stands out as a user-friendly and powerful CSPM solution thanks to its comprehensive capabilities, built-in features, and flexible tagging system. It simplifies cloud security by automatically connecting to numerous cloud service providers and pulling relevant information for our use, minimizing the need for manual configuration and troubleshooting.

What needs improvement?

Prisma Cloud's preventative approach to cloud security can be complex, especially for features like automated certificates. These require specific access permissions for Prisma Cloud, introducing dependencies and additional configuration steps.

While Prisma Cloud offers agent-based deployment for comprehensive visibility and control, agent dependencies and user resistance can create hurdles. Improved agentless scanning capabilities from Prisma Cloud would be ideal, but currently, agents remain necessary for optimal visibility.

Prisma Cloud is a powerful security platform, but like any similar tool, it won't eliminate the need for occasional manual interaction with our CSPs. While Prisma Cloud can handle many tasks, some actions might still require us to log directly into our CSP account.

The CSP logs could be improved by providing more visibility into the specific logs Prisma is feeding. Since CSP has multiple versions and Prisma might be receiving different logs than expected, it would be helpful to have a clearer indication of the log types or more detailed logs themselves. This would allow us to verify if we're receiving everything or missing something. While Prisma Cloud offers log searching, it requires queries to navigate the vast amount of data. Ideally, Prisma could integrate a simpler way to view the logs it's collecting without extensive searching.

Some module customization might be needed and certain features like adding custom labels are currently unavailable unless we have administrator access. This limitation can be frustrating and I would like to have this functionality included in Prisma Cloud.

For how long have I used the solution?

I have been using Prisma Cloud for two years.

What do I think about the stability of the solution?

I would rate the stability of Prisma Cloud seven out of ten. Occasionally when we have an issue it can take some time to resolve.

What do I think about the scalability of the solution?

I would rate the scalability of Prisma Cloud nine out of ten.

How are customer service and support?

We have a dedicated account manager who provides support whenever needed. While they're always responsive, responses may occasionally take some time.

How would you rate customer service and support?

Positive

How was the initial setup?

Despite being a cloud-based solution designed for easy deployment, Prisma Cloud's initial setup took a few months due to our team's workload on other projects. Fortunately, only two people were required for the actual deployment process, which itself is straightforward as long as the necessary network connectivity is established beforehand.

What's my experience with pricing, setup cost, and licensing?

Prisma Cloud's licensing system functions as expected with a solid licensing infrastructure.

Which other solutions did I evaluate?

In our evaluation of Wiz and Aqua Cloud Security Platform, we investigated their capabilities to address detection rule limitations in Prisma Cloud CSPM. We were hoping to find alternative solutions offering broader rejection capabilities. However, both Wiz and Aqua require agents for in-depth details, similar to Prisma Cloud. While neither excelled in overall detection capabilities, Wiz impressed us with its integration of external alerts. Unlike Prisma Cloud, Wiz allows for easy visibility and filtering of alerts from AWS Guard Duty, a significant advantage.

What other advice do I have?

I would rate Prisma Cloud by Palo Alto Networks eight out of ten.

Prisma Cloud offers built-in security automation for tasks like remediating misconfigurations. For instance, it can automatically adjust a non-compliant AWS configuration, but only if you grant the necessary permissions. While this is useful, a SOAR solution like XSOAR can provide a fuller approach to security automation.

Over 50 people in multiple departments within our organization USE.

Prisma Cloud required minor maintenance for platform updates and policy changes that need to be reviewed.

While many Cloud Security Posture Management tools offer similar features, consider your budget before choosing Prisma Cloud. Some CSPMs bundle all functionalities into one package, forcing you to pay for everything even if you don't need it. Prisma Cloud, on the other hand, allows you to purchase only the modules relevant to your organization's needs. Additionally, Palo Alto is a well-established vendor in the market.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
Consultant at a manufacturing company with 10,001+ employees
Consultant
Top 20
Provides the visibility and control we need, regardless of how complex or distributed our cloud environment becomes
Pros and Cons
  • "The initial setup is seamless."
  • "There needs to be a mechanism that allows me to manually configure compliance more easily."

What is our primary use case?

We use Prisma Cloud by Palo Alto Networks for our cloud security posture management.

How has it helped my organization?

Prisma Cloud by Palo Alto Networks has multiple aspects that help protect the full cloud-native stack. We are not concerned with just one cloud at the enterprise level; we are focused on the multiple cloud environments we have. The solution provides us with a comprehensive dashboard and a comprehensive view of our cloud security posture. Furthermore, the solution not only covers the security posture but also informs us of our compliance with leading industry standards.

The solution does have security automation capabilities, but we do not use much of it in this case. We use automation for the alerts; if there are any misconfigurations, the alerts are automated. However, we do not mitigate any specific items using automation, as that is something we have not configured. We prefer to first look at the problem manually, and then take action against it.

There is no single comprehensive cloud security solution. We will need to use multiple tools, such as those offered by Palo Alto Networks and Check Point. Every security firm has a range of products, so if we consider all of them, we can have anti-virus, anti-malware, vulnerability assessment solutions, EDP software, and cloud security posture management. We need to evaluate each tool, and Prisma and Check Point both offer good solutions, including next-generation firewalls.

The solution provides the visibility and control we need, regardless of how complex or distributed our cloud environment becomes.

The solution can enable us to incorporate security into our CI/CD pipeline and add checkpoints to existing DevOps processes. From an automation standpoint, we enabled certain monitoring features. However, the remediation steps are still manual. This can be integrated into our DevOps pipeline, though some of the features are not being used as we prefer to keep it manual.

The solution provides us with a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

The solution reduced runtime alerts. We don't need to receive all the runtime alerts every time, as they will overwhelm us with messages. People often neglect this. Depending on the situation, generally, only very important alerts should be sent. I prefer that the solution be configured for when there is a major business impact. For minor alerts and notifications, we can still check the dashboard. Generally, we monitor the dashboards at certain times. We don't need to be alerted for everything, as this will defeat the purpose of this mechanism.

The solution significantly improved the time taken to investigate alerts by 40 percent with the alert monitoring and all its mechanisms, we receive our critical alerts quickly via email. We can even configure the remediation, although we have not done so yet. 

What is most valuable?

I appreciate the multi-cloud support that this solution provides; I can use it with AWS, Microsoft Azure, and Google Cloud. I find the ability to configure alerts and monitor misconfigurations in the cloud to be particularly useful, and we take advantage of this feature as well.

Prisma Cloud by Palo Alto Networks is an impressive solution. The solution continuously assesses our security posture, making it the ideal preventive measure. If any misconfigurations occur, I am immediately notified of any unnecessary ports that are open in my cloud. This alerting system allows me to take the necessary steps to secure it before any attack can occur, making it the best preventive measure for our cloud.

What needs improvement?

I now extensively use cloud security posture management. There needs to be a mechanism that allows me to manually configure compliance more easily. Currently, it requires programming knowledge, so if someone without hardware programming knowledge could customize certain features to their requirements, it would be very helpful.

For how long have I used the solution?

I have been using the solution for five months.

What do I think about the stability of the solution?

The solution is stable because it is a SaaS offering.

What do I think about the scalability of the solution?

Nowadays, all cloud solutions are scalable; scalability should be a given feature and does not need to be asked for.

A maximum of ten people have administrative-level access, which will be used by 50 to 60 Security Operations Center personnel. This personnel must log in with various role-based access rights. In total, we have around 70 people using the solution.

How are customer service and support?

In my previous project, we had a dedicated team associated with the account, so we did not have to pay for support. This was beneficial because, most of the time, we would go to our account team instead of the technical support, and our issues would be resolved quickly.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is seamless. We only need to integrate our API key and connect it.

The deployment took one hour.

What was our ROI?

I can see one return on investment due to continuous monitoring. Before, we had a few staff members who monitored our environment, but now the alerting and other processes happen automatically, so there is a good ROI in terms of resources. Additionally, the security posture of the environment is increased and fewer incidents occur, which improves our response time and resource efficiency. There are also indirect ROIs.

What's my experience with pricing, setup cost, and licensing?

The pricing is competitive; for the most part, the security firms have similar prices. Therefore, I believe it is competitive and a good investment. The solution is good quality, so I would not hesitate to invest in Prisma Cloud by Palo Alto Networks.

What other advice do I have?

I give the solution a nine out of ten.

I absolutely recommend Prisma Cloud by Palo Alto Networks at an enterprise level because the solution is an enterprise-grade product.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Krishnakumar M - PeerSpot reviewer
Enterprise Architect | Cloud & Security at a tech services company with 1-10 employees
Real User
Drastically reduces vulnerabilities and provides a single pane of glass
Pros and Cons
  • "It is user-friendly. It has a good look and feel and reporting structure. It provides a single pane of glass. These are the things that I like."
  • "There should be some kind of automation, AI incorporation, and bot system. All these would add value."

What is our primary use case?

I am in a services company. My company is also a partner of Palo Alto, so all the Palo Alto products have been tested, researched, and deployed at least three to four times by every engineer in my team.

It is being used for posture management. We have many users coming from many locations. All of them are having the same experience and all are secured. We used to use CASB which is a solution for authentication. This solution is in line with CASB. It helps to ensure that data protection is fine and all the data is coming properly. We can see whether there are any leakages or vulnerabilities. We can check all these aspects of security with this solution. All this is configurable. It is a web-based solution.

Our company is a vendor. If customers want, they can purchase solutions via us. We then take care of the physical box as well as the configuration. We manage the physical as well as the logical. In the case of Palo Alto, it is all logical. We can even code for a customer if the customer wants to upgrade their existing cloud setup, migrate to a cloud setup, or bring in a new setup. It is our bread and butter. We are one of the leading sellers of Palo Alto solutions.

How has it helped my organization?

Prisma Cloud helps reduce vulnerabilities. The number of vulnerabilities is less. If you have 1,200 vulnerabilities, after implementing Prisma Cloud, the number is drastically reduced to 500. That is one of the key advantages of using Prisma Cloud. You can see its benefits within a month.

Prisma Cloud helps to identify all the vulnerabilities in modern scenarios. For traditional scenarios, we have enough products, but a solution like Prisma Cloud helps to identify vulnerabilities in containerized environments and modern traffic scenarios. It helps with run-time security and east-west traffic.

Prisma Cloud helps secure the entire cloud-native development lifecycle, across build, deploy, and run. I would rate it an eight out of ten for this.

As an enterprise architect, I seek three capabilities from a solution. It should be preventative. It should be corrective, and it should be detective. Prisma Cloud is good in these aspects. I would rate it an eight out of ten for these capabilities.

Palo Alto DSPM's discovery and data classification processes are comprehensive. I would rate it an eight out of ten for comprehensiveness. For data security, we have a DLP solution. We have a separate solution. We never use Palo Alto for that.

Palo Alto DSPM provides us with insights into the content it has discovered. It also provides automated discovery of new data assets as they onboard and a prioritized list of all the data security posture issues in our environment.

The security provided by Prisma Cloud is important for our customers, especially for our banking and finance customers. We are a service company. We never use any of these products. I am a security architect. I am the one responsible for assessing and finding the right product and then deploying the product with the help of my engineering team.

Prisma Cloud definitely reduces complexity. We can see the issues or vulnerabilities that have been there for a while. We get good clarity on why they have been there and how to resolve them. Palo Alto is very good at this, and they make complex work quick and easy.

Prisma Cloud drastically reduces the number of vulnerabilities in the organization. There can be 60% to 70% reduction. It also depends on the industry again. For the web-based industry, where the company is providing solutions through the internet, such as share market or banking companies, it is very helpful. Production companies rarely use online solutions. 

With the reduction in vulnerabilities, the security cost automatically reduces. There is an indirect impact on an organization's cost.

What is most valuable?

It is user-friendly. It has a good look and feel and reporting structure. It provides a single pane of glass. These are the things that I like.

What needs improvement?

There should be some kind of automation, AI incorporation, and bot system. All these would add value. For example, AI should be able to detect all related viruses based on one virus. That will be a great invention. 

For how long have I used the solution?

I have been using this solution for about five years.

What do I think about the stability of the solution?

It is stable. I would rate it an eight out of ten for stability.

What do I think about the scalability of the solution?

It is scalable. I would rate it an eight out of ten for scalability.

How are customer service and support?

Their support is very good. I would rate them a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have worked with Trend Micro Deep Security, Singularity, and Lacework. There is a new vendor called Orca Security. They are phenomenal. They can even beat Palo Alto.

Prisma Cloud is better in terms of cost, GUI, and look and feel. There is a single pane of glass and very good reporting.

How was the initial setup?

Its deployment is straightforward for me. It is deployed across multiple geographies and departments. We mainly work with enterprises.

We have some stringent processes for getting the system to a perfect stage and ensuring that it is running properly. It takes at least a month. We do all sorts of testing, and then based on our test outcome, we configure everything in the right way. After that, we consider the data shown in the report as official.

Which other solutions did I evaluate?

Prisma Cloud is one of the top solutions in the market. When customers ask for alternatives, I recommend Trend Micro Deep Security, Singularity, Lacework, and Orca to them. I provide them with a detailed comparison, and then customers make the decision. I help customers with architecture design, decision-making, vulnerability assessment, and penetration testing. I also help them compare vulnerabilities before and after implementing a solution.

What other advice do I have?

There were some cases where we struggled with some customer requests such as related to zero trust. We were struggling to configure that. They thought that this product also supported zero trust. We then had to tell them to buy the Prisma Cloud CNAAP solution. In many cases, we also moved them from DSPM to CNAAP.

As a security professional, I would not suggest automated remediation. That is because we need to see that automatic remediation does not impact anything else. We have a team. We register all the vulnerabilities and threats, and then at the backend, we do the testing to ensure that remediation or automated remediation will not create any other problems. As soon as we get that assurance, only then we do the fix. This is a requirement from the customer side, especially from the banking and finance organizations. Because everything is crucial, we do not configure automatic resolution for any of the issues.

Overall, I would rate Prisma Cloud an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
Pinki Jaiswal - PeerSpot reviewer
IT engineer at a tech vendor with 10,001+ employees
Real User
Top 10
Has seamless integration into CI/CD pipelines, and effective risk management, providing a unified and user-friendly solution for securing diverse cloud environments
Pros and Cons
  • "It provides insights into potential vulnerabilities in our code, helping us identify and rectify issues before they can be exploited."
  • "While the code security feature has undergone recent enhancements, there is room for improvement in terms of its cost module."

What is our primary use case?

We use it to manage multiple AWS accounts within our platform. Our primary focus is on ensuring compliance across all accounts, aligning with specific standards such as GDPR. We conduct regular certifications of AWS accounts to assess the compliance of services and promptly address any non-compliance issues. In cases where services are found to be non-compliant, we notify the responsible teams and work collaboratively to remediate the identified alerts. In addition to code security, we also use Prisma Cloud to protect our workloads, including serverless functions and containers. This comprehensive approach ensures a robust security posture for our cloud infrastructure and applications.

It serves as a comprehensive solution for both proactive vulnerability management and reactive runtime threat detection.

We manage this tool through a designated management account, handling all configurations within a limited account. At times, we find it necessary to customize scripts, such as when we encounter challenges with integrating Splunk. In this instance, the events are not being formatted as desired. To address this, we aim to create a script and Lambda functions to ensure the events are in the preferred format. It enhances our ability to respond effectively, allowing us to prioritize and focus on resolving any real or potential issues impacting system performance.

How has it helped my organization?

It offers security scanning capabilities for multi and hybrid-cloud environments. Currently, we support two clients, each with multiple sub-clients. Within these clients, we manage two DNS instances—one in the US region and the other in the UK region.

The comprehensiveness of the security features in Prisma Cloud is highly commendable. Occasionally, like any product, we encounter issues, and during such instances, we receive prompt and quality support from AWS. The collaborative nature of addressing and resolving issues enhances the overall convenience and effectiveness of using Prisma Cloud for our cloud production environment.

To proactively address cloud security, this tool has been instrumental. We've designed it as an offering for our sales department, enhancing our ability to cater to customer needs. Currently, our focus is primarily on container security, encompassing AWS, GCP, and Azure. This tool effectively identifies and manages vulnerabilities and compliance issues related to containers.

It offers the visibility and control we require, adapting seamlessly to the complexity and distribution of our cloud environment. With the Access Controller system, we can define multiple roles, granting specific access to workload environments, vulnerabilities, and compliance information. Leveraging these features, we efficiently manage access across our teams. This includes utilizing group connections to organize and simplify access, reducing the complexity associated with console and account access in our cloud environment.

It provided a strong confidence in the overall security and compliance posture of our workload.

It has empowered us to seamlessly integrate security into our CI/CD pipeline and align it with existing DevOps processes. Within our Jenkins pipeline, we leverage Checkmarx integration to conduct scans on our code repositories and jobs running through the pipeline. The introduction of numerous features with Prisma Cloud has significantly enhanced our security measures. While we haven't fully explored these features in the US region, as they are still in progress, we look forward to utilizing them once they go live in our pipeline.

It provides clear insights into runtime risks throughout the entire pipeline, presenting issues as they are uncovered during the build phase. This dual functionality includes both fixing and addressing runtime concerns. Within our categorized runtime alerts, we receive numerous notifications, acknowledging that some may be false positives. However, this abundance of alerts serves as a proactive measure to identify and investigate any suspicious activities occurring at runtime. We analyze each alert to determine its relevance and, if necessary, proceed with incident response actions. It ensures that legitimate issues are addressed promptly, while also minimizing the risk of overlooking potential threats.

To minimize runtime alerts, we have the flexibility to create custom rules, allowing us to bypass specific alerts that we are confident are expected and should not appear in our console. This customization is crucial for maintaining a streamlined team environment and ensuring our business operations are not unnecessarily disrupted.

It has significantly reduced the time spent on alert investigations, thanks to its built-in investigate feature. It allows us to efficiently query only the relevant alerts, enabling us to filter based on our release criteria. This streamlined approach has resulted in a notable reduction of about twenty to thirty percent in investigation times.

What is most valuable?

I find the code security feature in Prisma Cloud particularly valuable. It provides insights into potential vulnerabilities in our code, helping us identify and rectify issues before they can be exploited. Additionally, the emphasis on container security is notable, making it a key focal point within Prisma Cloud.

The security automation capabilities of the solution are quite effective. With numerous automated features, such as investigation acquisition, we can utilize queries to analyze our environment and review past activities. The overall automated functionality is impressive—we no longer need to create templates from scratch, as they are already available. It streamlines our processes, making it a notable and beneficial aspect of the product, particularly when a substantial portion of tasks are automated.

The solution's comprehensiveness in securing cloud-native development throughout the entire lifecycle—from build and deploy to run—is noteworthy. Specifically, we leverage the core security features, integrating them with Checkbox, a tool mandated by Prisma Cloud. The integration facilitates Software Composition Analysis scans and checks for license violations.

The standout feature of this tool is its ability to consolidate all the features we typically access from various sources, including AWS. While AWS and other services may require the use of multiple tools, Prisma Cloud excels by offering a comprehensive solution within a single dashboard. This unified approach addresses all our requirements, making it the most advantageous aspect of this tool.

What needs improvement?

While the code security feature has undergone recent enhancements, there is room for improvement in terms of its cost module. Presently, the pricing structure poses a challenge in convincing our customers to adopt this tool, especially since code security is a critical area of interest for many.

At times, we find certain features missing. In these instances, we engage with our support team, requesting them to submit feature requests on our behalf. Our clients have expressed a need for scanning application vulnerabilities on Windows servers, a feature currently available only for Linux.

For how long have I used the solution?

We have been working with it for two years.

What do I think about the stability of the solution?

It provides excellent stability capabilities. I would rate it nine out of ten.

What do I think about the scalability of the solution?

Scalability is a strong aspect; we have never experienced issues with it. It consistently remains highly available. Our clients are large enterprises.

How are customer service and support?

Support is not just good; it's excellent. I find their assistance highly commendable, and I would rate it nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously relied on RapidFile and another tool for vulnerability detection, including analyzing subscription behavior. However, since adopting Prisma Cloud, with its advanced intelligence and machine learning capabilities, we've experienced a significant improvement. It not only efficiently detects vulnerabilities but also provides deep insights into our environment. This proactive understanding of our environment, including its nature, vulnerabilities, and potential threats, has proven to be a valuable aspect of using Prisma Cloud.

We previously used Qualys, a tool known for its diverse features. While Qualys encompassed various functionalities, including container security, I noticed a discrepancy in the vulnerabilities detected by Prisma compared to Qualys. Although Prisma exhibited robust features, there were instances where certain vulnerabilities highlighted by Qualys were not identified by Prisma.

How was the initial setup?

The initial setup was a straightforward process. The team was efficient, accommodating our requests and providing a trial without any cost. The entire process, from requesting the trial to obtaining our tenant, was completed smoothly within a month.

What about the implementation team?

We have a team of around six people in charge of the deployment process. Maintenance is essential. Occasionally, we observe issues with the UI, usually scheduled during weekends. Notifications are provided about the main areas affected, and the tool is temporarily unavailable during this period. Following the maintenance, the tool resumes normal operation.

What's my experience with pricing, setup cost, and licensing?

I find the pricing to be expensive. I would rate it eight out of ten.

What other advice do I have?

I highly recommend this solution, and I suggest anyone interested in it to explore a trial first. Once they see the benefits, they can proceed with full implementation. It enables you to consolidate everything under one control, making it a definite recommendation from my side. Overall, I would rate it nine out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
Kevin Sorenson - PeerSpot reviewer
Cloud DevOps Engineer at a tech services company with 51-200 employees
Real User
We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled
Pros and Cons
  • "We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features."
  • "The access controls for our bank roles were not granular enough. We needed specific people to do particular actions, and we often had to give some people way too much access for them to be able to do what they needed in Prisma. They couldn't do their jobs if they didn't have that level of access, so other people had to do that part for them. It would help to have more granular role-based access controls."

What is our primary use case?

We had Azure, AWS, and a little bit of GCP, so we gave Prisma read access to all those accounts, subscriptions, etc., and monitored the alerts to mitigate risks based on what popped up in the dashboard.

While it's not our only tool, Prisma is managing about 80 percent. We still occasionally go into cloud-native tools to ensure certain compliance standards are being met. Sometimes, urgent issues need to be fixed that haven't been reported in Prisma because the native tools will catch them first. As a third-party solution, Prisma might take a little longer to build a report directory.

We had around 30 to 40 users who were a mix of cloud and DevOps engineers. There were also members of the security team who made decisions about what kind of security policies we had to follow. We used it extensively within the public cloud across all our Azure, AWS, and GCP subscriptions and projects. There was interest in using it on-premises with our vSphere environment as well. I don't know if that ever happened.

How has it helped my organization?

Prisma enabled us to get up-to-speed on enforcing TLS 1.2. It helped us look at different types of resources, like storage accounts and app services. I'm thinking particularly of Azure because that was my focus. I found all the resources from the Prisma list and remedied those issues so that they were displayed as resolved in Prisma.

It gave us visibility into and control over complex cloud environments, which helped us feel better about our security and secure the environment with the clinical data. Our security team was pleased when we showed them clean Prisma reports. It boosted their confidence and their comfort level that we were being compliant.

Prisma made it much easier to ensure that all of the security pieces are handled. It simplified our security issue resolution. It cut down our investigation time by giving us one place to look. It cleaned up our operations considerably because finding what resources needed to be resolved, mitigated, or updated was easier. It probably saved us several hours every week. It also saved us some money, but I couldn't quantify the savings because other environments also used it.

It helped us develop a preventative approach to security. Nine out of ten times, we could find issues that needed to be fixed ahead of time. We had a monthly meeting where we would review the high-severity alerts on the dashboard and assign people to remedy them. Once we got through the high severity alerts, we looked at mediums and low severity alerts. Prisma enabled us to identify resources we needed to fix, which was quite handy.

What is most valuable?

We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features. 

Prisma's multi-cloud capabilities were essential. We wouldn't have used it without them. We would have just used the native cloud vendors' security solutions. Its protection of our full cloud-native stack is pretty comprehensive. I would rate it at least an eight out of ten. It stacks up well compared to the security alerts and notifications we got from solutions like Defender.

What needs improvement?

It sometimes took Prisma a little while to build queries, so new services or features wouldn't appear. It wouldn't get flagged in Prisma for a bit. It would be helpful if they sped up how quickly they got their default notifications, queries, and alerts.

The access controls for our bank roles were not granular enough. We needed specific people to do particular actions, and we often had to give some people way too much access for them to be able to do what they needed in Prisma. They couldn't do their jobs if they didn't have that level of access, so other people had to do that part for them. It would help to have more granular role-based access controls.

For how long have I used the solution?

We used the solution for about three years at my previous company. 

What do I think about the stability of the solution?

Prisma seemed highly stable, but I wasn't managing the solution. I was more of a user.

What do I think about the scalability of the solution?

Prisma seemed to scale pretty well. It covered several large environments and didn't seem to struggle when loading information for us. I think it did well.

How are customer service and support?

I rate Palo Alto support a six out of ten. The support was adequate, but I can't say it was great. If we had an issue with a feature or a query, it could take them a little while to get back, especially if it was a feature improvement or a new alert. They were very slow to add new warnings and features.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

The company never had a public cloud solution before Prisma, but they had something for on-prem. I don't know what it was. They also used cloud-native solutions like Defender for Cloud and the native tool for AWS.

We switched to Prisma because we wanted a single pane of glass that would allow the security team to see security issues across all of the public cloud vendors that we used, so they wouldn't have to jump to each individual cloud vendor's tool.

How was the initial setup?

I was involved in the POC several years ago. It was like a lab test. After we tested that for several months, we rolled out the official one. At that point, I was just helping them test as they tried out the product. I didn't actually install the software.

The setup seemed pretty straightforward. There were clear instructions on how we just needed to create service principles with specific permissions and then grant Prisma the credentials for the service. I think they only had about five people maintaining the Prisma environment, and each was responsible for bits and pieces of it.

What was our ROI?

I believe the company saw a return using Prisma.

What's my experience with pricing, setup cost, and licensing?

I know that the guys who handled the pricing said Prisma was costly, but I don't know how that compares to other products.

Which other solutions did I evaluate?

I know the team evaluated other options, but I wasn't involved.

What other advice do I have?

I rate Prisma Cloud an eight out of ten. Having one place to go for all of your security alerts and notifications makes it easier to solve issues than going to each vendor's security tool.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Prisma Cloud by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.
Updated: September 2024
Buyer's Guide
Download our free Prisma Cloud by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.