Prisma Cloud by Palo Alto Networks Reviews

We use Prisma Cloud for cloud security management. We use the CSPM and compute modules.

Prisma Cloud provides security spanning multi and hybrid cloud environments, which is moderately essential to our organization.

The security automation capabilities help remediate vulnerabilities, which correlate to cost savings.

After a few months, the benefits of Prisma Cloud became apparent. We have begun integrating the Prisma Cloud alert or inventory module into the computing environment. This is a positive development as it enhances tool interoperability and consolidates a significant amount of previously inaccessible data.

Prisma Cloud can secure 60 to 70 percent of the entire Cloud-native development life cycle.

Prisma Cloud provides the visibility and control we need regardless of how complex or distributed our cloud environment becomes. This improves our compliance posture.

Prisma Cloud provides 70 percent of coverage in a single tool to protect our cloud resources and applications.

It has helped save our organization around 20 percent, protecting our cloud resources and applications.

Prisma Cloud compliance monitoring helps us improve our overall compliance posture.

Prisma Cloud's most valuable features are its ability to detect vulnerabilities as they occur and its CSPM function, which provides a complete inventory of assets.

I like the scanning features provided by Prisma Cloud, including the image scan and source scan.

Prisma Cloud needs to improve its reporting. If they report a Go vulnerability and claim that Prisma Defender hasn't released a patch, it won't help us. However, if they report that Prisma Defender has released a patch, that is beneficial. Reporting the Go vulnerability within Defender is ineffective because I cannot directly fix a Go vulnerability.

The integration with other tools can be improved. It provides all the cloud details but is not entirely linked to the compute model.

There needs to be more transparent communication when they will have downtime.

I have been using Prisma Cloud for over two years.

I would rate the stability of Prisma Cloud nine out of ten.

I would rate the scalability of Prisma Cloud five out of ten because it is dependent on vendor resources rather than its own. For example, image scanning is entirely reliant on us.

The technical team requires a lot of information for every ticket we submit, and if there is ever an out-of-the-box issue, they don't respond to us or take a long time to respond.

Neutral

I previously used AWS tools and Tenable products, but we switched to Prisma Cloud because of its real-time vulnerability identification.

Initial deployment is straightforward and takes one to two hours when all required information is available. However, if complete requirements are missing, manual deployment of all agents is necessary, which is a significantly time-consuming process.

Prisma Cloud is affordable.

I would rate Prisma Cloud eight out of ten.

We have over 100 users.

Our environment is complex. Prisma Cloud is deployed across multiple locations using many tools.

Prisma Cloud requires a lot of maintenance for upgrades and Defender.

I would recommend Prisma Cloud to others. The scanning and runtime are one step ahead of the competition.

We have a console set up in Prisma that scans all the cloud environments and collects data about platform, infrastructure, and app vulnerabilities.

We are responsible for app vulnerabilities, and 90 percent of the vulnerabilities were detected by other products before Prisma scans. Other scanners also do some of the same things. Prisma's ability to consolidate and identify the uniqueness of the vulnerability is a huge help. Based on the different scans, we can determine duplicate vulnerabilities.

Prisma provides visibility regardless of how complex or distributed my cloud environment becomes. It adds value, especially from the infrastructure and platform side. From an application perspective, there were many other challenges.

I wouldn't say we can protect everything with Prisma. It identifies the issue but doesn't resolve it. Protection is something else that we have to do in the cloud environment. 

We use Prisma to scan for vulnerabilities and place them in a centralized repository where they are assigned a severity. Based on that severity, App Runner will get time to fix it after something is already in production. 

One feature we like is the amount of data Prisma gives us. Some infrastructure and platform vulnerabilities in the cloud are hard to detect, and we were unaware of some of these. It's critical to shed light on these. For example, you create virtual machines and forget about them, but when you revisit them, some vulnerabilities may be detected. 

Prisma allows us to adopt a preventative approach. We can scan some containers before they go into cloud production. The only caveat is identifying the cloud environment in a production or non-production environment.

Prisma could improve the data quality. One challenge is that when an application is deployed on multiple virtual machines, we get an alert for each machine, but the biggest challenge is container flapping. When containers go up and down, we get 100 alerts on one day, but it reports 20 the next day. The numbers keep changing, and the app owners tell us, "You reported a hundred vulnerabilities from my app, and today, you report 20. I haven't made any changes in production, is your data correct or not?"

 Containers can go up and down, so it can't tell whether the container is down for good or if it was only down at the time of the scan. That's one of the biggest issues we had. The second is data deduplication because we get vulnerabilities from multiple sources through Prisma scans. A vulnerability is reported by Prisma scan and software composition analysis, SAS, DAST, or BLAST scans. You've got all these different scans reporting the same vulnerability. 

We have used Prisma Cloud for a year and a half.

Often, we don't get the data for a particular console because it's down. While we're working to fix the issue, we get the previous data and all the other stuff.

At my company, we have many resources, and I haven't had any issues with vulnerability. Prisma can scale vertically or horizontally very well.

I can't say whether Prisma has saved us money because that's not the goal. The objective of Prisma is to identify incidents inside the company. Reputation and data security are the two most important things to a financial institution. We spend money to prevent improper data usage or vulnerability exploitation. I don't know whether it can save money, but it protects our data.

I rate Prisma Cloud seven out of 10. It does do a lot of things, but the data reliability and other issues make our lives more difficult. It presents more challenges than just getting the data and porting over.

I was working with a partner of Palo Alto Networks until around two months ago. I mainly worked with Prisma Cloud in the delivery line of products for projects for clients. For example, we deployed the tool for lifecycle protection for a client in Colombia.

I worked with Cloud Security Posture Management (CSPM), cloud workload protection, and the new data security module. About two years ago, for a banking client, we inserted the cloud-native firewall into Prisma Cloud.

Prisma Cloud supports the five major CSPs or Cloud Service Providers. Specifically, in the runtime protection mode, you can protect any workload. They are changing their approach from resource-based to application-based. Prisma Cloud now has the intelligence to understand the context and the relationship between resources and groups. 

I worked with the automation model, specifically on the features of app security, to prevent any issues from being deployed via infrastructure as code into the cloud environments. The auto-remediation feature enabled the developers to remediate issues directly in their visual editor with one click. Prisma Cloud is a good tool because it covers the software lifecycle. For example, you can use Prisma Cloud from your visual editor, such as VS Code or IntelliJ from IDEA. You can use auto-remediation to prevent any issue from being deployed into the cloud. It also provides run-time protection for all workloads. Prisma Cloud has a lot of features and modules. Its licensing model allows you to have more at less cost.

The integration with the entire lifecycle is the biggest benefit. You can use the tool to automate an internal process using the Prisma API. You can use all the data information to make business and technical decisions. It takes some time to realize its benefits. When we deploy the solution for a client, we have to wait about three to six months for it to mature to be able to make useful data database decisions.

Prisma Cloud has a lot of features. It can secure the entire cloud-native development lifecycle, across build, deploy, and run. At every step or phase, you can have specific controls to avoid the deployment of anything that can cause issues.

Prisma Cloud can reduce the risk and run-time alerts if you put the correct control at the correct stage. For one client, there was about a 30% reduction, and for another one, there was about a 50% reduction. Prisma Cloud gave us a table with the high-impact vulnerabilities. By closing one of them, we could reduce about 100 alerts.

It provides some reports, but with API access, you can get all the data to build your own reports or dashboards. The default reports and dashboards are good, but if you need some customized reports or dashboards, you can do that with the API.

The most valuable feature of Prisma Cloud for our clients is CSPM, as it helps clients gain visibility into all the assets with their cloud providers.

Additionally, runtime protection is valuable for protecting runtime environments.

The RQL feature helps to do some queries in the cloud environments.

The data security model needs improvement due to integration issues with certain features and cloud providers. With Palo Alto now utilizing a tool from an Israeli startup in Prisma Cloud, the integration is slow, and some features are blocked or not supported.

In the beginning, with large-scale projects, the platform was down twice, but once the issues were identified, Palo Alto applied the correct solutions to ensure high availability and scalability.

The scalability of Prisma Cloud is good, covering both the front end and the back end. The entire solution is well scalable.

Customer service is good in general. There are three levels of support. I have interacted with levels one and two, where initial contact is made and detailed information is gathered. They can respond with technical documentation or pass on the case to the next level because it requires the development of a new feature or changing a feature due to a bug.

Positive

I have not used any alternative solutions such as Check Point, CrowdStrike, or Aqua Security. 

I worked primarily with SaaS adoption and was in charge of the deployment as part of the delivery team.

The initial setup is straightforward and does not require extensive deployment efforts, except for configuring the solution and deploying agents if necessary.

The maintenance is done directly by Palo Alto. Palo Alto is in charge of deploying new releases and updating the main components. Everything is informed to the client through the status page maintained by Palo Alto.

The pricing for Prisma Cloud is high. Providing a pay-as-you-go model or pricing options tailored for medium and small enterprises could help attract more clients.

In my last job, we compared Prisma Cloud to other tools, and it was ahead of the competition.

For new users, it is important to understand the specific objectives and needs to ensure a successful implementation of the solution. They should also focus on using the data to make data-driven decisions.

I would rate Prisma Cloud a ten out of ten.

We use the solution for cloud security, multi-cloud environments, compliance, and governance.

We have not had interruptions. It helps us to prioritize and gain resolutions faster. We can see what is happening in any particular environment. 

The visibility and control are very good. It offers good runtime protection. Risk prevention is also a valuable aspect.

Prisma Cloud provides security in multiple and hybrid cloud environments.

Prisma Cloud plays a crucial role as it is one of the key pillars in our security tech stack. It helps us secure the whole multi-cloud cloud infrastructure and protects the deployments, which are crucial to our production environment. 

The automation capabilities are there. In the general context of automation, it offers policy customization to eliminate false positive alerts and fine-tune detection. It constantly gives us more and more facilities to fine-tune the configurations over time. The automation itself also helps save time. 

The real-time protection and management of compliance (of multiple standards, such as ISO, and SOC 2, et cetera) is useful. We can custom-add policies for enhanced protection.

We began to observe benefits immediately after integration. When it comes to real-time protection or risk prevention, there were some initial drawbacks. Over time, however, when we started working on it and fine-tuning the alerts, we started seeing the results.

It provides comprehensive security from the initial phase of spinning up the instance to the termination of the instance. In that life cycle process, it is giving us visibility and control. 

Prisma Cloud provides the visibility and control we need regardless of how complex or distributed our cloud environments have become. 

This positively affected our confidence in your security and compliance. No matter how complex the environment is, the seamless integration from the top layer itself gives us immediate visibility on the number of services. The way Prisma Cloud is structured makes it so that even if the environment is complicated, the categorization will give us a clear picture of where we should focus, what it lacks, or which specific areas we should have more control. 

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications without having to manage or reconcile disparate security and compliance reports. Managing all of the infrastructure, security, compliance, and reporting can be done on the console itself. 

The fact that Prisma Cloud is the single tool for protecting all of our resources saved us money. If we were to replace Prisma Cloud; we'd need two to three other solutions. We'd need to cover replacement and management costs. It would be 30% more expensive, at least. 

Prisma Cloud hasn't reduced runtime alerts. However, it has helped us identify the true alerts. That helps save us time as we manage multiple clouds. Instead of chasing down each and every alert, we can see what matters and what doesn't. We can focus on the alerts that have the biggest impact on the most sensitive data.

We've been able to save a good amount of money using Prisma. When it comes to cloud security, it satisfies 90% to 95% of our needs and we don't need multiple solutions which would be more expensive. 

We do have many feature requests and custom policies. I don't have any specific notes for improvement; however, if they could continue to focus more on giving users the ability to create custom policies and configurations, that would be ideal. 

I've used the solution for more than three years.

We have not had any issues with stability. We've only had one or two instances where there we outages, however, it's never been down for a long period of time. 

The scalability is good. I'd rate scalability eight out of ten. 

I've contacted technical support on a regular basis. In most cases, they are pretty quick. For some, depending on the issue, it may take time. However, for us, it's not an inconvenience as we understand the physicality of the issue. 

Positive

We have tried a few solutions, however, we did not deploy them. This wasn't recently. This was a while ago. We weren't completely satisfied with the capabilities. 

The initial deployment was pretty easy. It wasn't too difficult. I found it fairly seamless. It was a hassle-free experience. 

We tried it in a test environment (non development) for three months. They we deployed it over nine months to a year in the cloud and production environments. We had three to four people deploying the solution. 

The solution does not require any maintenance after deployment. 

We did have help from the vendor. 

The licensing model is based on assets. The pricing for what we are using is pretty good. 

We're a customer and end-user.

I'd rate Prisma Cloud nine out of ten. 

From a customer point of view, even is a user has multiple products, they should test it out so that they are able to satisfy the requirements. Then, they can easily upgrade with additional add-ons and features. Instead of just creating the Prisma Cloud itself with too much complexity, start simple. 

We are mainly using Prisma Cloud for Cloud Security Posture Management (CSPM) and for following the compliance standards as per the industry. Another use case is to get the runtime workload protection.

We are using the WAAS, CWP, application security, and CSPM modules. We are not using the DSPM module because it is not available for the India tenant.

All the features provided by Prisma Cloud are quite helpful for the BFSI sector and other sectors. It protects our overall infrastructure and detects any attacks or threats in real-time scenarios. It can also block any suspicious processes or things from the Internet, so it is quite helpful for the organization.

We are working for an organization with a multi-cloud environment. We have deployed Prisma Cloud in their infrastructure with AWS, Azure, and GCP. We are able to monitor all the tools and all the assets as per the compliance standards. We have deployed Defender on all the environments. We have integrated Defender with an embedded kind of application. We have been able to work with the client as per their specific requirements.

Compliance monitoring is very important for the banking sector. With Prisma Cloud, we can see the compliance status. It shows us how we are following the rules of a particular industry. It helps organizations match the industry level and ensure that their data is secure and they are following the guidelines of their particular industry.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments. It is very important to create a secure infrastructure. Prisma Cloud has the ability to protect a multi-cloud environment with AWS, GCP, Azure, Oracle as well as Alibaba Cloud. It plays a very crucial role in the security of an organization.

For security automation capabilities, we have some integrations. We have initialized application security before deploying the infrastructure over different environments, such as prod and pre-prod environments. Every open point should be closed. If we are creating our infrastructure through any automation code, there should be no cloud security posture management alert. We have also integrated Prisma Defender at the same time with the app-embedded format to protect our workload.

Prisma Cloud has features to detect anomalies, attack paths, and escalation privileges as well. It detects the root cause and lets us know the things in our infrastructure that can lead to the attack. We remediate them and secure our infrastructure.

Prisma Cloud saves a lot of time. It provides a consolidated dashboard for our infrastructure. We have multiple accounts, and on a single page, we can see the types of issues and the resources impacted. From there, we can directly go to the cloud, and we can take action on that. It saves time. We can close an alert in minimal time. It saves about 60% of the time which also has financial benefits. There are more than 50% cost savings.

We are more aware of things. If something suspicious is happening, we can track it and take action on that. Also, if any critical issue or vulnerability is reported that can impact our infrastructure, we can take recommended action from there. It helps us to detect the root cause. If there is any data leakage or server compromises, we can get the details and investigate things in detail. We get the API call as well. We get to know which endpoints are not set or how we can secure them. We can secure the endpoints. It helps us to reduce any attacks. We are using a lot of things from Prisma Cloud.

We could realize its benefits within one week of its implementation. Before we started with the actual implementation, we had done a PoC. It took us one week to observe and understand the flow and how it can help our organization.

Prisma Cloud covers all the stages such as build, deployment, runtime, etc. It has the capability to detect, protect, and escalate at all of these stages. At the build stage, we can initiate scanning for application security. It has the capability to scan the images at runtime. It also has features to block things in real-time scenarios. It has all the features. We have already adopted all the features of Prisma Cloud.

We trust Prisma Cloud and follow all the recommended actions. If there is any module that we have not yet adopted, we do a PoC and adopt that as well. As security engineers, we have to secure our infrastructure and assets in real time. Most of the competitors are providing CSPM, but only Prisma Cloud has the features to detect and block things in real-time scenarios. That is why we believe in Prisma Cloud.

Prisma Cloud provides a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

Prisma Cloud provides near to real-time alerts for our cloud infrastructure. At run time, when our Defender is running, it instantly gives the impacted process in a particular environment. So far, we have reduced more than 40% runtime alerts.

We have pre-production, production, prod, and UAT accounts. We can take action on the basis of severity and close any vulnerabilities.

The CWP module, runtime protection, and WAAS API are valuable.

For Prisma Cloud, I have already raised some requests, which are in progress. I am hoping they will be implemented soon. One of the requests is that Prisma Defender for the ECS solution is only supported for Linux. It does not support Windows.

For a runtime incident, it only has the option to archive. After validating the incident, the team members should have the option to add some comments and then archive. We should be able to add comments saying, "It is a false positive." or "This is the action we have taken." We have requested a few more improvements. The Palo Alto team is working on them.

I have been using Prisma Cloud for more than one and a half years.

It is a stable solution. We can trust it and rely on it. I would rate it a ten out of ten for stability.

I would rate it a nine out of ten for scalability.

In our organization, more than 60 users are using this solution. We have some team members working on AWS. We have some team members working on networking and we have some team members working on creating the infrastructure.

We are using the enterprise version, and we are getting the required support. If we find something suspicious, we can raise a ticket with the support team. They are working on priority, and they are following their timeline as well. They are working properly based on the severity and agreed timeline. There is no recommendation for any kind of change.

They are quite helpful, and they are aware of the things. If something is beyond their understanding, they reach out to their internal engineering team, and they are able to help us. They are very nice.

Positive

I have used multiple security vendors. Every vendor has its specific use case. Every tool has some kind of limitation. Overall, we found Prisma Cloud to be better. It has features like template scanning, runtime scanning, and runtime blocking. Endpoint blocking is also there in Prisma Cloud. 

Other products do not have all the features. Some products have only the CSPM feature. Some products have only vulnerabilities and scanning features. Some products only have API endpoint discovery features. Prisma Cloud has all the features integrated or consolidated into one platform. As a single platform, we are getting all the things. Prisma Cloud gives a consolidated report in a single platform. This is why we chose it.

Its deployment is very straightforward. The time taken for its deployment can vary depending on whether it is a migration or a new deployment. Overall, it takes a maximum of one week.

It is fairly priced. However, its price can be better so that small banks or small organizations can afford it and adopt it to secure their environment and data.

I would recommend Prisma Cloud if you are looking for security, real-time protection, and real-time API discovery. If a client needs such a solution, we recommend implementing Prisma Cloud.

Overall, I would rate Prisma Cloud a nine out of ten.

My main experience with Prisma Cloud is with AWS. We have a huge AWS environment, and we are trying to manage its security with Prisma Cloud. 

We have about 7,000 assets of different customers. We are managing the security posture. Prisma Cloud is the product that we have to manage the security posture for different companies. They are e-commerce companies that do online shopping, payment companies, banks, and even online bakeries and cloth stores. Prisma Cloud is a very good product. We have never seen a breach. I have never come across a situation where Prisma Cloud caused data leakage.

We mainly use AWS, but we also have some of our workloads in Azure. Prisma Cloud is a multi-cloud solution. So far, I have not seen any other solution capable of doing all the jobs that we do in Prisma Cloud.

With respect to the AWS cloud, we can achieve whatever we want in terms of automation most of the time. I have not come across a scenario where I am not able to automate any security-related feature for AWS with Prisma Cloud.

Prisma Cloud helps to take a preventative approach to cloud security. It is about 97% there. It is very good for cloud security posture management. It is also good in terms of prevention.

Prisma Cloud was deployed before I joined the company, but within six months, I was able to see the ability of Prisma Cloud. Compared to the old solution that I was using in my previous company, it has more capabilities and more features. It has less than 1% false positives. It is a very nice product.

As it was already implemented when I joined, I only tried to use all of its features or enhance the features wherever I could. I have never come across a breach situation, but if there is a breach, it will provide immediate remediation or at least give us the information. If you have configured it properly, it alerts you that this breach is happening, and this could be a possible cause and a possible solution. In my experience so far, it has been quite comprehensive.

Palo Alto DSPM is one of the best features because we have customers across different domains. For data classification, it is a very nice product. It also has some customization capabilities where you can define your categories and categorize the data according to that. It is one of the top-rated solutions.

Palo Alto DSPM can help discover data that exists outside of your official IT systems, but I do not have experience with that. Based on the documentation and what people discuss on different forums, it is capable.

Palo Alto DSPM provides automated discovery of new data assets as they onboard. When we onboard a new customer or their new AWS environment, it helps a lot in discovering. This automated process is very nice. We are able to discover them as soon as possible. It is quite easy to discover and classify. We are more comfortable now.

Palo Alto DSPM provides us with a prioritized list of all the data security posture issues in our environment. We can categorize and prioritize what needs to be done. We can see what kind of alerts should be prioritized and what data we can prioritize to monitor. 

Prisma Cloud has good insights. You can have graphs and very good statistics. To present the statistics, it has very good reports. The representation within the reports is very nice. It takes you to the core of the things. You can get the statistics at a very granular level.

Prisma Cloud is one of the best products. We renew annually because it seems that we cannot survive without it.

We have integrated Prisma Cloud with our SOC operations. It is a Cloud Security Posture solution that can be integrated with multiple SOC standards or SOC solutions or products.

Prisma Cloud provides the visibility and control we need, regardless of how complex or distributed our cloud environments become. Otherwise, we would not continue with the solution. Our chief security officer and others find it to be one of the best solutions.

It is not very easy to deploy, but once you learn it and deploy it properly, it provides a very granular level view of your entire security environment. You can do a lot of customization. You can monitor. You can remediate. You can automate a lot of processes.

Prisma Cloud has reduced a lot of our manual work and a lot of our time from having to go into different environments and looking into them. We do not have to use different products for different purposes. That is why Palo Alto Prisma Cloud is one of the best solutions. We can have everything within one solution. It has helped us with cloud security posture management. We mostly work with AWS. We have time savings, and we have productivity improvements. We have moved towards a rapid remediation or an automation of remediation. We have moved towards more effective alerts related to any kind of vulnerability. That has helped a lot. We can report them to our management and our teams, and we can also communicate the same to our customers. That is where Prisma Cloud has an edge.

Prisma Cloud has saved us money. Previously, we were using multiple products. We were using one product to check the encryption and multiple products to maintain a security posture and capture vulnerabilities or issues with our CI/CD pipelines. The company was using four or five products. We are now able to get all those functionalities in Prisma Cloud, so the license cost of the products we were using previously is gone. Prisma Cloud initially seemed expensive to us, but when we started utilizing it, we were able to save the cost of other products that were giving us just a slice of the pizza but not the entire pizza. Prisma Cloud has helped us reduce costs, and there is also efficiency. The cost management team knows exactly how much we have saved, but as per the 2023 report, we have had about 37% savings from not having to spend on multiple products. We were able to achieve the same things with Prisma Cloud.

Through Prisma Cloud, we can write Lambda functions, configure policies to check the security posture, and get reports. We can do a lot more. That is my main expertise, and that is one of the advantages of Prisma Cloud. For example, we have almost 7,000 AWS assets. If I want to check how many of my S3s have encryption, I can write a Lambda function in Prisma Cloud and get that report. Things like this are helpful in understanding where we lack security and where we can improve it.

Prisma Cloud is very comprehensive, but there should be better support for the customization of the reports. If Palo Alto can have more customized reports available or give an option to the users to customize the reports, that would be great.

As Palo Alto is developing Prisma Cloud, they can provide more graphical visibility. That would help organizations like ours where we have to generate multiple reports and share them not only with the technical people but also with the management of customers. The reports should be as per the requirement of non-technical people.

I have been using Palo Alto Prisma Cloud for almost four years.

We are renewing its license because we are getting a lot out of it.

It supports multi-cloud environments. It is already scalable. It has very good features such as discovery.

We are a multinational company spread across the globe. I am in the UAE. Some people are connecting from the US, and some are connecting from the UK. All of them are working within their domain. The cost optimization team is within the US. In the technical team, eight members are from the UAE. A couple of them are from India and the US as well. Our customer base is mostly in the US, UK, and some of the European regions. We have very few from the UAE.

Their support is very good. If we have anything to discuss or want to learn something that has been added, we engage the support.

I would rate them a nine out of ten because whenever there are issues, they are able to resolve them within the timelines and SLAs.

Positive

Prisma Cloud was already deployed when I got into this company.

In my previous company, we were using a Cloud Security Posture Management solution from a smaller US company. I do not know if they are still using that or not. I do not remember the name, but we were getting a lot of false positives and things like that. We even gave this feedback to them.

I was not involved in its deployment. It was already deployed when I got here.

It does not require any maintenance from our side.

Prisma Cloud is no doubt one of the best solutions in the market. Among cloud security or cloud-based posture solutions, Prisma Cloud is one of the best.

We are getting what we want, so I would rate Prisma Cloud a nine out of ten.

We use the GlobalProtect module within Prisma Cloud to ensure the security of our mobile users.

Prisma Cloud provides security spanning for multi and hybrid cloud environments.

It includes automation capabilities that we can deploy if the environment is suitable.

Prisma Cloud has enabled us to migrate from multiple vendors, creating a more user-friendly experience for everyone.

Prisma Cloud enhances the security of our cloud-native development lifecycle from start to finish.

One of the advantages of Prisma Cloud's GlobalProtect module is that it provides a centralized tool for monitoring applications, user connections, and latency. Additionally, it allows us to track the percentage of availability.

Prisma Cloud saves the equivalent time of one full-time employee.

The most valuable aspect of Prisma Cloud compared to other VPNs is its security and performance.

In the GlobalProtect module, we can easily guide users experiencing connection issues through the notification column. Within that column, we can submit and escalate notifications on host entries for troubleshooting purposes. Additionally, we can troubleshoot by collecting direct logs during user data connections. On the security front, we have a wide range of SaaS-based items at our disposal. Using Prisma Cloud, we can send internet-based reminders about the option to create a VPN tunnel internally.

Palo Alto needs to add more support staff to improve their response time.

I have been using Prisma Cloud by Palo Alto Networks for two years.

I would rate the stability of Prisma Cloud ten out of ten.

I would rate the scalability of Prisma Cloud ten out of ten.

The support response time is slow, with resolutions sometimes taking up to two days.

Neutral

The initial deployment is straightforward. I have experience with two deployments. In my previous job, the deployment took six months to complete. Currently, we have 15 tenants to deploy and have successfully deployed ten within the first seven months.

The price for Prisma Cloud is reasonable.

I would rate Prisma Cloud by Palo Alto Networks eight out of ten. However, the delay in support time negatively impacts my overall assessment.

We have 90,000 accounts and have already migrated 50,000 users over to GlobalProtect.

Palo Alto does the maintenance.

I recommend Prisma Cloud to others, as long as the solution meets their requirements for cost, support, and number of locations.

I have mostly used the CSPM and CWP side of things. 

For one of our clients, we used the self-hosted version that we had deployed on IBM Cloud and the SaaS version hosted by Prisma itself. For the CWP side, we used it for securing applications of our clients, doing the runtime checks, and servicing the runtime events and plug-in vulnerabilities.

For the CSPM side, the use case was more heavily for compliance on the cloud. We had Google and AWS environments.

Its main benefit was that it made it easier to monitor our clients. It just made everything more efficient. There was efficiency.

Prisma Cloud provides security spanning multi-cloud environments. I have not worked with a hybrid cloud environment.

I never did anything with the automated features other than being able to click and have it do the relearn process when it comes to the runtime events. If I see that an application is creating a bunch of false positive runtime events, I can put it in an automatic relearn state. It will relearn what that application does so it is not firing off a bunch of false positives. That is the only automation I have used other than the Helm option provided at the time of deployment. It does some automation when it comes to deployment. That is about it. I am not sure about the savings money-wise, but I know that every time we deploy by Helm, it saves us time. It is hard to judge the time savings because I never deployed it in a manual way.

Prisma Cloud is pretty good for helping us take a preventative approach to cloud security. We can have lock-in controls where a developer cannot deploy vulnerabilities that are critical. We can prevent them from doing it that way. It is excellent in that regard. I also like the preventive controls on the runtime side. If you see a runtime event, you could put options in place to prevent that specific command from running, or you can shut down the console, container pod, etc. It is hard to measure the time savings. However, it can take us an hour if we have to reach out to the proper team to get a pod shut down. It would also depend on how responsive they are. Having something in place to automatically shut something down does save a lot of time.

When we first started deploying it, our team was new. We had done some training, but it did take us a little while to fully grasp all the benefits of Prisma Cloud itself. It could have taken a couple of weeks to a month before we really got a good grasp of everything. I would not say that this is the case with everyone. None of us in the team had done the cloud before, so it took us longer to understand and realize the benefits compared to others.

Prisma Cloud is pretty comprehensive. On the CSPM side of things, the SaaS-hosted version seems to have a lot more capability than the self-hosted version. The SaaS-hosted version is more comprehensive than the self-hosted version.

The visibility and control that Prisma Cloud provides affect confidence in the security and compliance postures. A great thing about it is that we can set up whatever specific compliance needs the clients have. It has a lot of features already built into it. It is a simple toggle action to enable the compliance that they need to follow. It lays out what is failing. It gives you all the information that you need to work with clients to get everything compliant. It also offers some options if you want to make custom policies and things like that. If the compliance policies that clients follow are not available nationally, they can have their own compliance policies. They can put those in. It is great.

Prisma Cloud provides a single tool to protect all of the cloud resources and applications, and then there are other tools that you can download from the console, such as the twistcli tool. It is all in there, but there are different tools that you can use as well.

Prisma Cloud saves a lot of time and probably a lot of money too. That is because you can log in to one specific tool. The CSPM SaaS side of it even has more, so being able to log in on that one tool helps. You do not have to worry about different tools to take care of different security aspects. Everything built into one saves a lot of time.

We were able to reduce runtime alerts as we worked with our clients to get to that security posture maturity. There were some clients that were getting probably 25 or more different alerts a day, and we were able to bring that down by more than half. We were on the way to getting even fewer alerts than that. It was quite a bit of a reduction. It is a slow process of getting the runtime alerts knocked down depending on how big the environment is, but it definitely helps.

When it comes to the vulnerability side of things, it has built-in top ten features or top ten vulnerabilities. We can look at them and say that these vulnerabilities are being ranked by Prisma Cloud as our top ten. These are the ones that we should be focusing on. We can work with our clients to help them determine which things should be knocked out first and so on.

Runtime protection and the ability to set up policies and controls are valuable.

The thing that I like the most is that when it comes to runtime events, whenever we see an event, we are able to look through the logs. It is pretty easy to look back through everything that took place. I also like the Radar screen for seeing how everything is connected.

While you can find everything, sometimes, it is a bit difficult. I have always had a little bit of an issue or struggle using the Resource Query Language that we can use to look through and find different things. I wish it was a little bit easier. It might be just my failings in that regard, but it can be a little bit difficult to find everything. You can find everything, but it is difficult sometimes.

If there is a way for auto Defender upgrades, that would be great. They started to implement it, but I do not know if they have done it yet. Having auto Defender upgrades so that we do not have to upgrade Defender manually would be helpful. If there is a way to push the upgrades from the console, that would be one way to improve it. I had created a couple of other requests for improvements, but I do not remember them at this point in time. I know that was one of them.

I started using it back in 2020 although I did a little bit of training a little bit before that around the end of 2019. It was originally Twistlock. I am not sure if Palo Alto had bought it out when I first started training with it.

I would rate it an eight out of ten for stability. Sometimes, on the SaaS version, the console would not load. It was a glitch on their end that they had to fix. We had issues with the GUI at a couple of points. We had issues whenever we were downloading the vulnerability report. It did not include all the information. Once they got some bugs worked out, it was pretty stable, but there were some issues.

It is very scalable. I would rate it a ten out of ten for scalability.

We had a couple of Fortune 500 clients. I do not know if we had anything that was small. A lot of them were big organizations, but some of the environments were small.

We had a client that had the SaaS version that had hundreds of different endpoints, if not more. Most of our clients were on the self-hosted version. Some of them only had four or eight different endpoints or hosts. One of them had about 50 different hosts, give or take. It was a wide array depending on the client we were working with.

When we started, there were three of us working with Prisma Cloud. There were about six of us by the time I left.

They are pretty good, but sometimes, it does take them a little bit longer to move from level 1 support to a higher-up level when it is a technical issue that they have not dealt with before. Overall, it is pretty good.

Positive

We also used a product called Aqua Security. We were using Aqua Security back when we were using the self-hosted version of Prisma and not the SaaS version of Prisma. We had not worked on the SaaS version yet, so I do not know if it is a completely fair comparison, but I did feel that at that point in time, Aqua Security had more features and a better layout. I do not know how that compares today. It has been a little over a year since I last touched Aqua Security, so I am not sure what updates and changes they have made.

We had a deployment team handling the initial deployments. We worked on the upgrades after the initial deployment, which were pretty straightforward, but I am not sure about the initial deployment. It seems to be pretty straightforward, but I have never done an initial deployment.

In terms of maintenance, it is just doing the upgrades. That is really about it. It seems that they push out a patch pretty close to every month. You can upgrade to the minor versions at the very least or security patches.

I would recommend Prisma Cloud to others. It does take a good bit of work to learn it and fully understand the complexity of it and all the features. There are still features in there that I do not even know about or have not even touched, but it is great for protecting the environment. It is easy to get into and understand some of it, but it requires a lot of learning to understand the whole complexity of it.

Its learning curve depends on what you need to do with it. I had taken a week-long class with it, and then there were other training sessions. It could take weeks, if not months, if you want to try to do all the different training they offer.

With my limited use of other platforms, I would rate Prisma Cloud a ten out of ten. This is the one that I have used the most. It is the best of the ones that I have used.