Technical Program Manager at a computer software company with 10,001+ employees
Real User
At any single point of time, we can see our entire cloud posture across our environment
Pros and Cons
  • "It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state."
  • "Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures."

What is our primary use case?

We are using the solution to manage vulnerabilities in containers. We use it to detect vulnerabilities and remediate vulnerabilities found in containers running in the public cloud, like AWS.

We are using the latest version.

How has it helped my organization?

It helps us in detecting our vulnerabilities and protecting our security posture. It also provides automated remedies. We don't see this as a preventative measure, but it helps us in timely detection and remediation of our problems. This means we will not be exploited and made vulnerable to bad actors.

Prisma Cloud provides the visibility and control that we need, regardless of how complex or distributed our cloud environments become, which is very nice. We have an extremely distributed system. Prisma Cloud provides good visibility across the distribution of our system. This definitely adds to our confidence. At any single point of time, we can see our entire cloud posture across our environment, which definitely helps and gives us more confidence to use this product.

It has definitely worked. It has improved the overall collaboration between SecOps and DevOps. Now, instead of asking people to do something, it is a default offering in the CI/CD. There is less manual intervention and more seamless integration. It is why we don't have many dependencies across many teams, which is definitely a better state. 

What is most valuable?

We have only used two of its features: vulnerability scanning and compliance. We found that the vulnerability scanning has been the most useful feature so far. It has good detection capabilities that we have been able to integrate with our CI/CD pipeline.

The solution provides the following in a single pane of glass: Cloud Workload Protection and Cloud Network Security. These are very important features because they represent some of the basic security requirements that we have to harden our infrastructure. These are non-negotiable requirements. They form some of the basic building blocks for our entire security infrastructure, which is why they are required.

What needs improvement?

Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures.

Prisma Cloud has enabled us to integrate security into our CI/CD pipeline and add touchpoints into existing DevOps processes. It is not 100 percent seamless since we still need to do some manual interventions. Because the way that we have designed our CI/CD for Prisma Cloud, the integration was neither smooth nor was it 100 percent seamless.

Buyer's Guide
Prisma Cloud by Palo Alto Networks
November 2022
Learn what your peers think about Prisma Cloud by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
657,397 professionals have used our research since 2012.

For how long have I used the solution?

I have been using it for a year.

What do I think about the stability of the solution?

We had some initial hiccups. Wherein, if the number of defenders increased beyond a point, we started seeing some scalable alerts and concerns. Over time they fixed it, and it is better now.

What do I think about the scalability of the solution?

It is scalable only to a particular number. Up to 10,000 defenders connecting to the console for small- to medium-sized companies is the perfect fit.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments. This is very important because we want our solutions to scale with us. We should be able to operate in all public clouds.

We have plans to increase usage. We will be using it extensively.

How are customer service and support?

The service was okay. It was an average experience. I would rate them as seven out of 10.

They respond to our needs on time. Technically, they are sound. 

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We didn't use another solution previously.

We wanted a non-SaaS, in-house solution.

How was the initial setup?

The initial setup was a bit challenging, but that is typical with any big company. It took some discussions and collaborations to get them at par to onboard us.

The deployment took three to four months.

We followed our standard CI/CD process. Defenders were deployed into the cloud through our public cloud deployment channels using CI/CD. In order to accommodate their containers, we had to make some changes

What was our ROI?

Our management is happy, so I think that they are happy with what they are paying for it.

Prisma Cloud provides risk clarity across the entire pipeline, showing issues as they are resolved. It has expedited our operations, which are definitely better. We have been able to detect things faster and remedy them faster. 

Investigation time has definitely shortened because we now know things immediately. It has generally increased the detection and alerting time.

Which other solutions did I evaluate?

We also evaluated Aqua Security.

What other advice do I have?

Focus on operationalizing the service. Don't just keep focusing on features, but also how you will deploy the solution and how it will be part of your entire CI/CD pipeline, then how will you manage all the features and the long-term running of this service. This is where you should start your focus. You can only use the features if you are doing a seamless integration, so focus your requirements on running, maintaining, and continuous use of it.

The comprehensiveness of the solution is good for securing the entire cloud-native development lifecycle, across build, deploy, and run. There is room for improvement, but it is better than other solutions. It is somewhere between seven to eight out of 10, in terms of its comprehensiveness. It doesn't affect our operations that much because we have some long-term goals and we are hoping that this solution will also deliver in that time. For the long term future, we made some changes to our design to accommodate these things.

I would rate the solution as eight out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security Architect at a tech vendor with 10,001+ employees
Real User
Before implementing the solution, we didn't have any visibility into workspaces like Kubernetes and the underlying network of containers
Pros and Cons
  • "I found the network queue sets useful. I also liked the Workload Protection Module, the vulnerability findings, and how the rule sets handle the vulnerabilities based on severity."
  • "The deployment and onboarding are plug-and-play, but somewhat hard to handle in terms of integration with external operations tools. The product design isn't up to the current standard. I would recommend having higher standards in terms of integration with other tools, especially operationalized tools."

What is our primary use case?

Prisma protects our workloads and provides network security for our containers. Our infrastructure is mostly Azure-based and entirely on the cloud. We use the Prisma Compute and Prisma Network Security modules.

We have multiple security tools like Prisma, but not the same use cases. Prisma has its own unit use cases like image scanning, repository scanning, or container scanning. We have other tools as well, but they have different use cases.

We have about 15 users. Some are DevOps, infrastructure, and security engineers. There are also a few SOC analysts. I believe we'll expand usage in the coming years if everything goes well with other customers.

How has it helped my organization?

Before implementing Prisma Cloud, we didn't have any visibility into workspaces like Kubernetes and the underlying network of containers. Now, we have a better understanding of the resources interacting with Kubernetes and can identify vulnerabilities across the organization. In the past, we had limited information to take action on those resources, but now we can better understand the risks.

The solution has had a significant impact on our organization, especially our governance team. Once we get reports on non-compliant resources, we must take action before going live. We need to implement a risk-based approach to handle those non-compliant resources. Prisma offers a better understanding of whether the resources comply with regulations.

Prisma reduced runtime alerts by about 500 or something. We still get those because we're in the operational stage, but it's only a few. It has cut our average alert investigation times by about two days. Prisma probably saves us eight to ten hours total each week. 

What is most valuable?

I found the network queue sets useful. I also liked the Workload Protection Module, the vulnerability findings, and how the rule sets handle the vulnerabilities based on severity.

Prisma was easy to adopt in our CI/CD pipeline, but we only use it to scan the images for the last push in the CI. On the CD side, we use it for the assessment, like the pull and push. 

What needs improvement?

Prisma's notifications aren't up to industry standards. Also, Prisma is a bit harder to integrate than other tools. The deployment and onboarding are plug-and-play, but somewhat hard to handle in terms of integration with external operations tools. The product design isn't up to the current standard. I would recommend having higher standards in terms of integration with other tools, especially operationalized tools.

The product could better integrate business logs and runtime notifications from Enforcer and Network Security Module. I would recommend better visibility and integration for any violations.

For how long have I used the solution?

I have been using Prisma for a year.

What do I think about the stability of the solution?

Prisma is stable.

What do I think about the scalability of the solution?

We haven't used Prisma at scale. It hasn't grown since we deployed. We have four clusters but haven't added anything. We still keep the four clusters. We didn't add anything. In the coming months, we'll replicate this with other customers once we see that the solution is stable. 

How are customer service and support?

Prisma's support was helpful. I rate them nine out of ten. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We've never had another solution for this specific use case. This is the first. 

How was the initial setup?

Some modules are straightforward to deploy, but others are a bit complex. End-to-end deployment of the modules and the whole network took approximately four months.

What about the implementation team?

The Prisma team helped us in this deployment. The team helped us learn while implementing it. 

What was our ROI?

We've seen a return by reducing risks from cyberattacks and compliance issues. 

What's my experience with pricing, setup cost, and licensing?

I recommend knowing the number of licenses you need for your operations and your expected workloads before signing a license agreement. There are no hidden costs as far as I know.

Which other solutions did I evaluate?

We looked at some solutions to improve security posture and risk management. Prisma was the product that had the capabilities we need in our price range.

What other advice do I have?

I rate Prisma Cloud seven out of ten. Before you implement Prisma or any other solution, you need to ensure you have all the tools you need in place and know if it will fit into your current environment.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
Buyer's Guide
Prisma Cloud by Palo Alto Networks
November 2022
Learn what your peers think about Prisma Cloud by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
657,397 professionals have used our research since 2012.
Darshil Sanghvi - PeerSpot reviewer
Consultant at a tech services company with 501-1,000 employees
Reseller
Top 5Leaderboard
Easy to set up and very user friendly with great reporting capabilities
Pros and Cons
  • "Technical support is quite helpful."
  • "The licensing is a bit confusing."

What is our primary use case?

When we did a POC, we realized that this product was able to give us insights into how consumers or services are activated. We could tell if, in certain cases, there was any kind of manual issues such as a misconfiguration. The solution is used to help us to reconfigure items and figure out what reconfiguration needs to be done, et cetera. Our target was to enhance the security portion of our AWS cloud.

What is most valuable?

The security features are quite good. 

The monitoring part is excellent. It is able to completely monitor our users in order to see what the users are doing at what time and if the users are currently logged in from India, and after five minutes of seeing a user if they are then trying to log in from Singapore, for example. Of course, this would not be possible, and so we would know something was wrong. It can pick up questionable behavior that may have been missed.

The reporting is great.

It's very user-friendly. You can easily make customized dashboards as well. 

We can easily restrict the users if we need to. We can even restrict them from accessing certain applications or services.

If anything tries to come in from a malicious IP, it will block it.

The initial setup is easy. 

We've found the solution to be stable and reliable. 

The solution does offer pretty good integration options.

Technical support is quite helpful.

What needs improvement?

The remediation part could be better. It should be able to automatically remediate on the basis of its artificial intelligence. If there are alerts, it should directly act and surround the malicious threat with a container or something. Instead of waiting on approval, it should immediately act. There should be no need for manual input when there is a threat on hand.

The ability to scale is limited as it is a SAS product. 

The licensing is a bit confusing.

For how long have I used the solution?

We've used the solution for a while. Previously, it was RedLock Solutions and we were using it since it was known as RedLock. That's around let's say two years now. Then, Palo Alto bought it, and we now use it under the new name.

What do I think about the stability of the solution?

The stability and reliability are excellent. There are no bugs or glitches. It does not crash or freeze. it's great.

What do I think about the scalability of the solution?

The scalability isn't infinite. It's limited.

That said, we haven't really tested it as we haven't added any users or anything into the solution yet.

How are customer service and technical support?

We have found the technical support to be helpful and responsive. Originally, when we needed assistance with integrating it into our AWS cloud, we contact them and they helped us immediately. It was a very positive experience. We were very satisfied. 

How was the initial setup?

The initial setup is very easy. It's not overly complex. A company should be able to handle it without any issues. 

What's my experience with pricing, setup cost, and licensing?

We pay a licensing fee on a yearly basis.

It is not costly. However, the way it is priced is based on the number of incentives. The problem is, what is the number of incentives? We don't know. They seem to do it by the number of workloads, however, we're unclear as to what defines a workload. They need to improve on the licensing front. They need to be more clear about the whole thing.

Which other solutions did I evaluate?

I've never evaluated any other services.

What other advice do I have?

We are Palo Alto partners.

I'd advise that companies that get big and have a lot of servers or critical applications in their cloud invest in this solution.

I would rate the solution at a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Advisor Information Systems Architect at a computer software company with 10,001+ employees
Real User
Gives you at-a-glance compliance security, but microsegmentation still needs improvement
Pros and Cons
  • "Prisma Cloud's monitoring features such as the compute compliance dashboard and the vulnerability dashboard, where we can get a clear visualization of their docker, have also been valuable. We can get layer-by-layer information that helps us see exactly where it's noncompliant. They update the dashboards quite frequently."
  • "They charge seven workloads for monitoring one compute, and that is quite expensive. This makes it difficult to move fully with the compute part because of the workload."

What is our primary use case?

Our primary use case is to certify blueprints. We are helping both on the CSPM and the CWPP parts of it. We monitor the compute infrastructure and certify the project.

CACS for CSPM, we certify against the NIST 800-53 compliance standard.

What is most valuable?

For the compliance part, we have found the pie graph, where we can see all of the compliance standards in one go, to be a valuable feature.

Prisma Cloud's monitoring features such as the compute compliance dashboard and the vulnerability dashboard, where we can get a clear visualization of their docker, have also been valuable. We can get layer-by-layer information that helps us see exactly where it's noncompliant. They update the dashboards quite frequently.

Their data security feature is quite good as well.

Their training modules are good, and my team is okay with them.

What needs improvement?

Microsegmentation still needs improvement.

For data security, they have only specific regions like the US, and they need to move to Asia as well.

The most important thing has to do with the computing, licensing, and costing. They charge seven workloads for monitoring one compute, and that is quite expensive. This makes it difficult to move fully with the compute part because of the workload.

Their training modules need to have more live examples. We need to refer to the YouTube channel or follow Palo Alto to get the reference. If they can refer to the YouTube channel in their training and indicate that it can be referred to for further information, it would be good.

On their portal, they do not have which services are available in each region. While searching, it's very hard to find in which location a service is enabled. So, it would be great to have a list of services for each region.

For how long have I used the solution?

I've been using Prisma Cloud for eight months. It is a SaaS solution.

What do I think about the stability of the solution?

It's stable as of now; it has not been down in the last eight months.

What do I think about the scalability of the solution?

It is scalable as of now. We have 20 VMs.

How are customer service and technical support?

Technical support is good. From what I've observed though, different regions seem to have different SMEs, subject matter experts, and different people have different knowledge. So, there is definitely a gap between the different SMEs.

Which solution did I use previously and why did I switch?

We were using AWS products.

We switched because of twist lock for compute security. The Prisma Cloud dashboard is powerful, and it gives you at-a-glance compliance security against many standards. We can also write our own custom policies if we want to build our own standard. So, there are lots of benefits with Prisma Cloud.

How was the initial setup?

It's a SaaS, so the initial setup is pretty straight forward. We are still onboarding, and most of the customers are in the dev environment as of now and not production. So, it was quite smooth. They have their contributions filed on the portal, the cloud formation templates.

What's my experience with pricing, setup cost, and licensing?

The licensing cost is a bit high on the compute side. We get a corporate discount, which helps reduce overall cost. In some cases, you may need to have two licenses to onboard a project, which would make it expensive.

What other advice do I have?

If your specialization involves blueprint certification against a compliance standard, then you can go with Prisma Cloud. It is very powerful for data loss prevention, and I would rate it at seven on a scale from one to ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free Prisma Cloud by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2022
Buyer's Guide
Download our free Prisma Cloud by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.