Prisma Cloud by Palo Alto Networks Reviews

Currently, we use Prisma Cloud by Palo Alto Networks in my company for our clients who operate in the finance and banking teams and want data, network security, and posture management for the cloud infrastructure.

The solution has improved our organization, and I believe that it is a continuous process to protect you in any environment. Prisma Cloud gives you an overview of what gaps are in their environment, but how they are going to be solved depends upon the client, especially the security gaps. Prisma Cloud by Palo Alto Networks gives 60 to 70 percent of the overview, which the client ignores in their infrastructures. The tool provides users with a better overview of what is going on in their infrastructure.

The most valuable features of the solution are areas like compliance and asset inventories, along with runtime protection.

The tool's UI is an area with certain shortcomings where improvements are required. With the cloud protection and UI, the tool should have the option to download the data for the vulnerabilities. One should have the option to download detailed data about vulnerabilities in the host. The tool should have a guide or a knowledge base document. The tool should specifically provide a guide about the solution's UI, which can be helpful for clients.

Sometimes, it does provide an error, or I can say that when we integrate our infrastructure cloud with Prisma Cloud, we face some issues. Most of the time, the integration issues are not due to Prisma Cloud but from the client side.

The tool's support team needs to improve.

I have been using Prisma Cloud by Palo Alto Networks for two years. My company has a partnership with Palo Alto Networks.

Stability-wise, I rate the solution a seven out of ten. I rate the stability at a seven, considering the time we needed to get the data from DSPM. Most of the time, when the client requires data, it is not available. At other times, it requires a lot of time to get the data. It also requires time to import data from the cloud as per our requirements.

It is a scalable solution. Scalability-wise, I rate the solution a nine out of ten.

My company's clients are medium and enterprise-sized businesses.

The solution's technical support team doesn't reply on time. There is a gap in communication. The solution's technical support team doesn't have enough engineers to handle the cases. The support team wants us to work as per their time, so it is not according to the clients’ needs and time. I rate the technical support a six out of ten.

Neutral

I got a chance to work with CrowdStrike and SharePoint, but I never got the project since the client did not give me a chance.

The product's initial setup phase is straightforward. For the deployment phase, we just need some minimal data from the cloud to be able to integrate with Prisma Cloud. Just in case of custom issues, there are some points where we faced some issues with the deployment, but it was basically from the client side as they had multiple policies deployed on AWS and Azure Cloud, making it a little difficult for Prisma Cloud to integrate. In general, it is easy to integrate anything on the Prisma Cloud.

For the product's deployment phase, one cloud admin from the client's end and one from my company's side, one person is required. Two to three people are required to take care of the deployment.

The solution can be deployed in a matter of days.

Though the company's clients have multiple tools, they were not able to integrate all of the cloud accounts in a single SIR tool, which is why we had to use Prisma Cloud by Palo Alto Networks to monitor all of our company's clients' cloud accounts.

The solution provides security scanning for multi and hybrid cloud environments, but it does not provide the details about the product that provides the security. Most of the time, it just provides an overview of the security gaps. In real life, I didn't see any of the scenarios where it is protecting our company's infrastructure. Clients are sometimes not ready to use runtime protection for the Prisma Cloud because they don't want to take any risks in the production environment.

The comprehensiveness of Prisma Cloud for protecting the full cloud-native environment involves network protection. The most important thing is network security, and the second is IAM security, which is important for the banking team. I see that the tool has a large number of containers. Deployment and pipeline security are the main areas for the banking sector. Our clients don't use much of Prisma Cloud by Palo Alto Networks because it contains complexity, and the UI is not user-friendly. There have been multiple cases of their client complaining about the UI. From the standpoint of the client, the tool is too complex.

Speaking about the tool's help that allows users to take a preventative approach to cloud security, I would say that based on the asset inventory, we check the details about the assets and the number of assets. Secondly, we go through the alerts, which consist of IAM and the network security rules. Following the severity, like critical, high, or medium, we first resolve those issues and take steps monthly. The alerts that are generated monthly should be resolved only in that month.

After the deployment, it took three to four months to notice the value derived from using the solution, from my point of view and experience.

The discovery is good. The discovery provides details about the assets and the data, along with the data inside the infrastructure and about the infrastructure. There are some issues because if only about the data, it does not give out any issues for the user and instead gives more information about the infrastructure and some within the infrastructure.

Palo Alto DSPM did not discover much data existing outside of our company's official IT systems.

The solution provides insights into the content that has been discovered, along with some detailed information.

I cannot reveal the type of insights into the content that the solution has provided because our client would not want our company to open up about such details.

The insights into the content have affected the data security operations since following the compliance provides and helps clients regulate their security. It also prevents data breaches. The data breaches open up whatever data can be opened, and it helps clients to determine what data they need to secure and how. Speaking about data security posture, our company's clients take steps to resolve any issues because they want to save their reputation, especially in scenarios involving hacking.

It took around two to three months to see the value derived from the use of the product.

The tool provides an automated discovery of new data assets as they get onboarded. It does take one to two days on an average basis to show all the data.

In terms of whether the solution provides a prioritized list of all the data security posture issues in our company's environment, I can say that as soon as the assets are discovered, Prisma Cloud starts scanning and does all of the data security scanning. It does not take much time, and it can be done in four to five hours. If it is a large-scale infrastructure, then it can take an average of eight to ten hours.

I have not used the solution's connectors for the SOC's DDR solution to help automate remediation since the plant where it is used did not integrate Prisma Cloud with the same tools they use, with one of the reasons being that Prisma Cloud overflows the alerts, and they did not want alerts to overflow with their production in an SIMP environment.

The solution provides visibility and control regardless of how complex or distributed the cloud environment becomes, but when it comes to getting the data from the UI shown to the upper management, things do become complex because the tool doesn't have many options to import or export data.

I cannot say that the solution has reduced all the alerts by prioritizing the ones that have the most impact on sensitive data. The alerts that were critical and high, have been resolved by the team, while also taking care of areas involving IAM and networks.

The prioritization of alerts in the tool has affected our company's operations, and from my point of view, right now, I am able to show my CIS and the upper management team what steps we have taken and how the issues that are there as per the alerts have been resolved based on the critical, medium and high severity basis. I can say that 60 percent of the issues have been resolved as per the alerts. It gives me the flexibility to provide details to the management team that we are on track to provide security to our infrastructure. It gives me the flexibility to provide data to management for some time. As the environment grows, it generates a lot of alerts, and it takes time to resolve all of them.

The solution does not require any maintenance, and one just needs to make sure that the tool is up to date.

Based on my experience, I would recommend Prisma Cloud because I have hands-on experience with the solution. The integration is easy. The tool provides visibility in the infrastructure and for the alerts about the security gaps, the tool provides precise details. Talking about the new app in the tool, I would say little improvements are required. The tool is quite informative for me, but from the client side, it does require some improvement.

If someone has a large infrastructure, I won't recommend Prisma Cloud to them. If they have medium and enterprise, then I will recommend Prisma Cloud to such people because it can handle and, as per the working out of the tool, it can change the details about the small-scale, medium-scale, and enterprise businesses, but not for the large scale enterprises.

I rate the tool an eight out of ten.

We use Palo Alto to secure our network.  We are using the PA-820 firewall and all of the Prisma Cloud modules. It helps reduce our vulnerability to hacking and any malicious attacks on the network. With that appliance, we can minimize those things and control what goes in and out 

We have reduced network calls by 80 percent. The benefit of Palo Alto is the ability to create security across multiple levels and protect against hacks and vulnerabilities. You start to see these benefits within one or two days after implementing these devices. 

We are also using a honeypot to detect a target on our site. Once we have the target, we are blacklisting those using the firewall. The solution has reduced our investigation times by about 50 to 75 percent. It minimizes the alerts, so we're seeing fewer.

I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent.

The UI could be improved.

I have been using Palo Alto for almost eight months.

Palo Alto provides good support and doesn't take long to resolve an issue. 

We previously used Cisco ASA. We decided to switch because we wanted to adopt a UTM approach in which all the logs and reports go to a single dashboard. Everything is visible in Panorama, which comes with the Palo Alto appliances. We need to purchase a separate license for Panorama, but it's there. 

There are many competitors, such as FortGate, but Palo Alto is better. FortiGate has some advantages in terms of throughput. You can get better throughput if you enable all the engines in parallel. However, I've heard about Fortinet devices being compromised, but I've never heard of that happening with Palo Alto. 

I rate Palo Alto Prisma Cloud nine out of 10. Everything is neat, clean, and easy to use. However, when you commit changes through the UI, it takes some time to load on every system. 

We are using CSPM, IM Security, and Cloud Workload Protection modules.

There are different use cases for Prisma Cloud. Our use case for the CSPM module is to assess compliance with standards such as HIPAA and GDPR, based on our current cloud CSV vendor and configuration. We need to use a CSPM tool to calculate the risk score associated with our current compliance posture.

Some of the reasons we implemented Prisma Cloud were to find the total number of assets in the compliance asset inventory and use the CSPM to assess our workload security. If we have a container environment, we can secure it using cloud workload protection. Additionally, IM Security can help us to determine if our saved credentials are exposed to the public network.

Prisma Cloud provides security for multi- and hybrid-cloud environments. This is the best use case for supporting multi-cloud vendors because, even if we have different cloud service providers, such as AWS, Azure, or GCP, we can manage and view all data in a single, consolidated screen.

All cloud service providers have limitations when it comes to cloud-native stack visibility. Prisma Cloud integrates with all CSPs, switches and correlates the data, and provides complete configuration details for alerts and incidents.

Prisma Cloud's security automation capabilities are effective, allowing us to specify our audit criteria and key configuration audit parameters to detect and automatically remediate misconfigurations. We also have playbooks to automate remediation.

It helps us take a preventative approach to cloud security. We recently received an incident alert for a resource with a security group that allows all ports, which is not a best practice. We will send a notification to the DevOps team and make a change to only allow the necessary ports. We can also automate this process to automatically remove all port access and only allow specific limited ports. Additionally, we can proactively define security keys for our servers and identify and fix vulnerabilities.

We have improved our organization in many ways. The first benefit is that we have from Prisma Cloud a complete asset inventory of all our cloud resources across all CSP vendors. This includes the number of assets and the number of VM instances currently running. This is a valuable use case, as it provides us with visibility into our entire cloud environment. The second benefit is that Prisma Cloud can help us identify misconfigured assets. This is also a valuable use case, as it helps us to ensure that our cloud resources are configured securely. The third benefit is that Prisma Cloud can help us to identify unusual access to our cloud resources. This can be helpful in identifying and responding to security threats. For example, if a user logs into a cloud instance from India and then two hours later logs into the same instance from the US, this could be a sign that the user's account has been compromised. Prisma Cloud can alert us to this type of activity so that we can investigate and take appropriate action.

The comprehensiveness in securing the entire cloud-native development lifecycle is great. We have integrated this solution with our CI/CD pipeline tools, so it scans and validates code in real-time, only allowing legitimate code to be processed further and executed.

It provides us with the visibility and control we need. At first, we may receive many alerts, but once we fine-tune them to generate genuine alerts only for legitimate traffic, our confidence in our security and compliance posture increases.

It also makes it easy to integrate our security with our existing CI/CD pipeline.

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications without having to manage and reconcile security tools.

Prisma Cloud provides clear visibility into risks at runtime and across the entire pipeline, showing issues as they are discovered. Our developers are able to correct the issues using just a few tools.

Prisma Cloud has reduced our runtime alerts by 20 percent. It reduced our alert investigation time to ten minutes. It also has saved us between 30 to 40 percent of our costs.

CSPM is the most valuable feature for any organization that runs its workloads in the cloud. CSPM can audit the current cloud configuration, identify misconfigurations, and assess risk.

If a customer is already running their workloads in the cloud and wants to secure them, Defender emails can be used to easily identify potential risks. Additionally, the CI/CD pipeline can be scanned to identify any vulnerabilities in the code that developers have written. When code is uploaded, it will be validated and only legitimate code will be applied to the production application. This means that no vulnerabilities will be present in the code.

CSPM can also be used to scan existing infrastructure for vulnerabilities.

The IM security has room for improvement. I would like more important features added.

I have been using Prisma Cloud by Palo Alto Networks for three years.

Prisma Cloud is stable.

Prisma Cloud is scalable.

The technical support is good.

Positive

The initial deployment was straightforward. All components can be deployed in one day, but the CSPM alone only takes half an hour.

Ten people were required for the deployment.

Prisma Cloud is more expensive than some other solutions, but when we consider all of its use cases, the cost averages out.

I would rate Prisma Cloud by Palo Alto Networks nine out of ten.

In terms of our location, we have different cloud service providers, such as AWS and Azure. The majority are AWS and Azure, where we have integrated Prisma Cloud. In terms of Docker and containers, we have integrated some types of labs and CI/CD parts. Therefore, we currently manage both AWS and Azure, as well as a few GCP parts, within a single console.

We have over 50 users.

Prisma Cloud requires maintenance and the OEM initially notifies us of the priority and schedule for maintenance.

We have cloud security posture management and CWPP.  We are also using Cortex, another Palo Alto product. We needed another cloud security tool to create an additional security layer on our CSPM solution. It's essential to secure our infrastructure against any zero-day attacks. 

We needed a cloud security tool to identify misconfigurations in our cloud infrastructure. We were using AWS Cloud Cover since we only had one cloud provider. We onboarded the SysTrack and were able to find the most configurations. In a short period of time, we detected the issues and got alerts.

Before we implemented Prisma Cloud, we were unable to detect misconfigurations based on the policies that we set up. Prisma has that capability. You can add custom policies, and the tool can handle the reconfiguration. 

You can also get feedback from the customer's side about custom policies that can be added on Prisma. We can see the custom policies contributed by other organizations, which has upskilled my knowledge. The primary benefit is the layer of security added to our other infrastructure. 

We started seeing the benefits immediately once the solution was fully deployed. After about a month, we could start digesting data into the tool. Then, we started enabling all the features that we secured for other organizations. After around two months, we could use the features and see the things we were unable to detect. We were able to set up remediation on the tool. Other teams like the developers and tech ops were able to get the details over Jira since it was integrated with SysTrack. 

Our development lifecycle was already prebuilt, and Prisma has absorbed it. There's nothing that Prisma doesn't cover or that isn't reported to the organization. The developers are able to see best practices for any type of resource. They secured training from the product team, and Palo Alto's developers attended it. They shared their knowledge base so we could make the right decisions about resources before making any changes to the AWS cloud.

Prisma can provide solid visibility even if your cloud infrastructure is complex. It can divide the infrastructure into different parts to give you visibility into vulnerability management, configurations, or workload protection. It doesn't matter how complex your cloud infrastructure is. Prisma can digest it and provide the right guidance.

Prisma was able to quickly integrate and onboard our account. As a fintech company, we need a cloud security tool with modules that can benefit the organization. It has a feature that gives you recurring reports for a specified period. 

The solution is handy for the team that handles the Jira tickets because it enables them to automate the tickets. We had to add them manually in the past, so Prisma has absorbed a significant chunk of their workload. It helps us to discover risks throughout the pipeline using the CWPP features. You can quickly identify a misconfiguration and resolve it. In addition to the features it adds, Prisma has helped us to solve tickets faster.

It creates an alert in under a minute. The software team receives this and notifies the owner of the resource within five minutes and resolves the issue according to the SLA. It helps us resolve zero-day cases. It would cost us a lot of money. Prisma helps us to resolve those issues promptly. 

I like Prisma's ability to integrate with other tools. We can integrate it with Jira so that when Prisma triggers an alert, it opens a ticket in Jira. That was a big selling point for the product. There's a feature called the guest custom template that allows you to trigger alerts in Jira based on the template. That can also be added as a feature on Jira.  

Prisma can work with multiple cloud types and hybrid environments. We use AWS, but Prisma also offers hybrid or multi-cloud features. You can onboard AWS, Azure, GCP, or any other cloud provider. You can do more with Prisma than basic cloud scanning. It can detect and handle misconfiguration on the local network or the cloud. 

The solution can control access and automate some tasks. For example, if any automation needs to be built on any of the API calls, we can have a consolidated page for any processes that need to use the API. You can use the APA. Once you establish console access, you can build automation and integrate it with Prisma.

The CSPM module has so many features for developing a preventative approach that you don't need to look to any others, but the IAC security module lets you store infrastructure as code securely. You can scan an IAC template from a tool like Terraform and compare it with the CSPM modules. 

I have one example of a threat that Prisma proactively prevented. In 2021, Prisma discovered and resolved a Log4J vulnerability shortly after it was introduced. 

It would be nice if Prisma Cloud merged its modules for CSPM and infrastructure as code. It would simplify the pricing and make it easier for customers to evaluate the solution because there are different modules, and you need to add it to your subscription separately. 

Overall, Prisma is continuously improving. They do feature requests by allowing the users to vote on things. If a recommendation receives enough votes, they will add it to the solution. 

We have used Prisma Cloud for two-and-a-half years

Prisma Cloud is stable. I've never experienced any downtime aside from the scheduled maintenance window. 

Prisma Cloud is scalable. You can add a hundred master accounts more than on the SysTrack Lab.

I rate Palo Alto support nine out of 10. Their product team has been helpful. I just had a conversation with them. They answer all my questions even if it's after hours. When you send them a message, you get a response in a minute or two. 

Positive

We had previously used PingSafe. I feel like switching to Prisma was the right decision. PingSafe lacked multiple features that Prisma has. After we did our PoC with Prisma, we found that these features added value to our cloud infrastructure security. Once we switched, we noticed an improvement at the management level. We also reduced the number of data tickets that we needed to manually create.

In the first phase, we did a PoC, and the initial deployment took around a month. We worked with Palo Alto's customer success and technical teams. We worked closely with them in the first year, but after that, our deployment was highly mature, so we didn't need to bug them so much. All of the implementation steps were provided by email. Two members of our team were involved. 

Prisma is a cloud-based solution, so it requires no maintenance on our side once it's deployed. Maintenance is handled during a scheduled window, and they send us advance notification the day before.  

Prisma costs a little more than our previous solution, but it has more features. Our previous solution lacked the features we expect from a CSPM tool.

We didn't look at anything else once we learned about this product and did a PoC. And once we evaluated Prisma, we discussed it internally with our team and made the decision to book it. 

I rate Prisma Cloud nine out of 10. If you're considering Prisma, I suggest starting with a PoC. Consider all the features and go for the ones that are suitable for your organization and add value. You could adopt the solution blindly, but there are some additional costs for the add-ons. 

We use it for mobile access, and we probably will also adopt a direct connection to our small branch offices across Europe.

Prisma Cloud has improved the response time and the availability of our applications on-premises and on the cloud for our users in many different countries in Western Europe, Eastern Europe, and the United States.

We use it for our mobile users. Prisma Cloud is a very strong and robust platform that improves endpoint security. The COVID-19 pandemic made us realize that we should be able to permit more or less 50% of our employees to work confidently and securely from home.

Prisma Cloud provides security across multi-cloud and hybrid-cloud environments. We already have developed a direct connection between the Prisma Cloud platform and the Azure Cloud solution. We also have integration with the AWS cloud where most of our servers are now located. It was absolutely a strategic choice for us.

We have decided to adopt almost all the security features that Prisma Cloud offers, such as DNS security, threat prevention, vulnerability analysis, anti-phishing, email, and so on. We did not use Prisma Cloud for security automation capabilities. We have a very specific application for the OTC environment, and we prefer to maintain this environment completely separate from the other world of traditional information technology applications.

Prisma Cloud helps with cloud security, but we are also managing security at many different levels. We have endpoint protection, firewalls, SIEM, and log collectors. We also have dedicated probes that work silently to discover any anomalies, such as zero-day threats, that could be there. We have a Palo Alto firewall, and this cloud solution also has some predefined level of security managed by the cloud provider.

Prisma Cloud provides the visibility and control we need, regardless of how complex or distributed our cloud environments become. We can very quickly and easily analyze the clusters, the connections, and so on. We have very good control over the data flow and any possible security problems. It increases our confidence in our security and compliance postures.

About 50% of our people work from a private network, not inside the company. The protection of the endpoints is more difficult than the protection inside the office. Prisma Cloud can elevate the level of security for people who are working from home or are traveling to another country and so on.

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports. Prisma Cloud is used by remote users that are working from home, and that is it. It makes our operations easier.

I have daily evidence of any possible new threats that could appear. I get to know how often a threat was blocked and from which client these threats were blocked. We can then very quickly contact the user if there is a compromised endpoint.

Prisma Cloud sends the email and data to the administrative IT staff in case a very severe threat appears. So far, we have not received any alerts related to severe threats.

Prisma Cloud has reduced a lot of our alert investigation time. We have perfect visibility of every single connection from our colleagues who are working from home, a hotel, or any other place. We have activated a mechanism by which the VPN connection is mandatory as soon as the end users switch their computers on. If I have a severe alert, I could investigate the related bad behavior and node in 10 to 15 minutes.

We found it to be easy and flexible. We could easily configure it for our needs, and we could spread the Prisma Cloud platform to 16 countries without encountering any kind of problem.

It can be too expensive for small companies.

In terms of features, I wouldn't add anything specific. They did a major improvement in the field of reporting. It can automatically produce statistics on usage and so on. This aspect was not very well developed at the beginning of the project, but now, there is a very big improvement in this specific field. Reporting is better than the previous versions, so at the moment, for our needs, the solution is good enough. We might need something in the future, but at the moment, we are not asking Palo Alto for any new developments.

We have been using this solution for half a year. We started the project at the beginning of this year, and at the moment, we have about 2,100 people who use this solution.

It is very stable. The platform is quite robust and available. From the time the project was released to other countries, we received one or two tickets for a sporadic problem for some users.

We have 4,000 licenses. We have Prisma Cloud in 16 different countries with a total of about 2,100 people. We do not have a large presence in the Extreme East or Middle East, but we have people connecting from Europe and also from Russia. It works perfectly.

Its usage will increase when there is a new acquisition or there is a new office somewhere in the world. 

The customer support is good and professional. I would rate them a ten out of ten.

Positive

We did not use any similar solution before. We adopted the same VPN technology based on the on-premise firewall that we already had, but there was a very big consumption of bandwidth. It was sometimes a little bit difficult to manage a high number of remote users, and this problem was completely solved by Prisma Cloud.

I was involved in its deployment. It took us about nine months to implement it.

In terms of the implementation strategy, we started with deciding about the site of our company that should be directly connected to Prisma Cloud. We produced an inventory of the applications and identified whether they are located on-premise, on Azure cloud, or on AWS cloud. We then started to configure the server and endpoints inside Prisma Cloud. We established the service connection between the site and Prisma Cloud, and we started to develop the solution for the end users. We selected a subset of users. We selected about 100 people from different departments in different countries to be sure that the solution was working properly in every country and every application environment.

We received very professional and qualified support from both Palo Alto technicians and a platinum partner that normally assists us in developing Palo Alto technologies.

We had two people from Palo Alto for implementation. We had one senior engineer and one junior engineer from Palo Alto. We had two engineers from our partner. We did not have a lot of staff.

In terms of maintenance, Prisma Cloud is subject to periodic updates, and we follow what is required by Palo Alto. For maintenance, we have a colleague of mine and one person from our partner.

It was a good investment because now we can manage so many remote users without any problems.

The platform is not famous for being cheap. It is quite expensive, but we know that we have the protection, so there is enough value for what we pay for. It is worth the money.

It takes more or less nine months to realize its benefits.

This solution is good for a company with at least 400 people that must be connected remotely. For smaller companies, it can be too expensive.

There are no costs in addition to standard licensing. We pay based on the number of users. We have 4,000 user licenses, and we use more or less 60% of our licenses.

We evaluated solutions from Cato Networks and Palo Alto. Because we have quite a large installation of Palo Alto's firewall and in-depth knowledge of this technology, we decided to adopt Prisma Cloud.

I am very satisfied with Prisma Cloud, and we do not have any plans to change to anything else. I am confident that we will retain this solution for a long time.

Overall, I would rate Prisma Cloud a ten out of ten. We have received very positive feedback regarding this solution. I would recommend it to others.

We are a Palo Alto Alliance partner and our clients are Fortune 500 companies. We utilize a multi-cloud network architecture, with the primary constraint being the inability to manage everything through a single interface. By implementing uniform guardrails, we address the issue of inconsistent security policies when using native cloud security controls. This is one of the key considerations. Additionally, we employ micro-segmentation using cloud network security modules of Prisma Cloud to minimize the attack surface for various workloads.

The primary use case that was lacking was a single pane of glass. Additionally, prior to implementing Prisma Cloud, we used to manually perform these tasks using AWS CloudFormation Templates or Azure Resource Manager Templates. However, Prisma Cloud helped us address this issue by providing a unified administration interface. One of the problems we faced was the inability to view vulnerabilities across different cloud workloads and compare risks across different platforms. These were the challenges we encountered before deploying Prisma Cloud. While we didn't completely solve all of them after implementing Prisma Cloud, we did make significant progress in that regard.

Prisma Cloud offers security scanning for various cloud environments. In some client environments, there is only a single cloud, so the fact that Prisma Cloud can scan multiple clouds doesn't make a significant difference. These clients have a limited presence in the cloud, with few workloads or resources deployed. Consequently, it doesn't provide substantial value in such cases. However, for large companies, manufacturing companies, or companies with significant IT intellectual property in the cloud, with multiple tenants and a widespread cloud presence across different regions and replication, deploying a solution like Prisma Cloud becomes necessary.

Prisma Cloud enables us to adopt a proactive approach to cloud security. It goes beyond providing visibility and monitoring capabilities by offering a wide range of auto-remediation features. It provides numerous security controls and the ability to enforce commonly configured guardrails, primarily in monitoring mode. It is a comprehensive product that caters not only to detection but also prevention.

Prisma Cloud has helped reduce the number of people required to support or manage these cloud platforms, especially in terms of security. So now, instead of needing three different individuals to manage three different clouds, it may be possible to use just one resource to handle all three clouds, particularly focusing on security. This approach facilitates resource reduction, which is especially beneficial for clients operating within tight budgets. Additionally, there's the advantage of having a single pane of glass, where we can access various informative graphs, charts, and reports. These resources assist in explaining technical matters to non-technical leadership, making it easier to articulate concepts and insights to executives and other non-technical individuals. Personally, this has been helpful for me and our organization. The benefits for clients vary depending on the size of the environment. Personally, when we started using Prisma Cloud as an offering, it took two and a half to three months, which was the rough estimate. However, back then, not all the modules that are available today existed. So those numbers might have changed if all the modules were available at that time.

Prisma Cloud offers the visibility and control we require, regardless of the complexity or distribution of our cloud environments. Since it is built on top of these existing clouds and utilizes many of the services provided by large-scale cloud platforms, there is typically no issue with visibility. Regardless of the complexity of the environment, we always achieve visibility. The way we store and analyze the data, as well as how we visualize information, depends on the operator of the tool. Prisma Cloud is a reliable tool that never fails.

Prisma Cloud enables us to integrate security into our CI/CD pipeline. We primarily use it for the container. We have integrated image scanning and registry scanning into our CI/CD pipelines, specifically Azure DevOps. The DevSecOps team is responsible for managing this process.

Prisma offers us a unified tool that safeguards all our cloud resources and applications, eliminating the need to handle and reconcile separate security and compliance reports, with the exception of billing costs and management. From a security perspective, we haven't encountered any other reports for the majority of our clients. While a few clients may have additional requirements, Prisma Cloud efficiently handles all of those as well.

Prisma has reduced runtime alerts.

Prisma has reduced the time required for alert investigation. We now have a comprehensive understanding of the entire lifecycle of where things went wrong or which part of the runtime or execution for a specific process went wrong, particularly in terms of security.

Prisma Cloud has saved us money by reducing resources. 

Cloud security posture management is the preferred feature among other vendors.

There is room for improvement on the logging and monitoring front because it's still not as holistic as I would want it to be. Especially in the sense that we have different modules within Prisma Cloud, but then the visibility that we get from the output of each of these modules cannot be stitched together. Perhaps we could deploy something like a SIEM or SOAR platform to get this telemetry. As of now, we are lacking that part. So now I'm sure that was not the primary intent for that. It would really make a difference if Palo Alto Networks improves this.

The identity-based micro-segmentation in our cloud-native services requires a significant improvement. It fails to address many of the problems that its predecessor used to solve. Previously, there was identity-based micro-segmentation, but it was phased out, reaching its end-of-life and end-of-support. Now, we have cloud network security, which lacks a crucial feature that IBM used to offer. This is something we strongly desire, as we have had multiple discussions with Palo Alto regarding this matter. I am uncertain if there is a roadmap for implementing this feature, but the cloud network security module requires a substantial upgrade.

I have never encountered any challenges regarding any modules. Occasionally, they do undergo planned maintenance outages, but those are well-communicated in advance. Therefore, I don't consider them to be challenging. Prisma Cloud is reliable, and I would rate its stability at nine out of ten.

I would rate the scalability of Prisma Cloud as an eight out of ten. The only concern lies not with Prisma itself, but rather with the existing client environment. Many clients have flawed infrastructures, making it challenging to achieve the level of optimization required to fully realize the benefits of Prisma Cloud. However, this issue cannot be attributed to Prisma.

We extensively contacted technical support because we used to experience numerous issues. However, our main purpose is to inquire about additional capabilities and make minor tweaks. The tech support provided by Palo Alto is excellent, without a doubt. This could be one of the reasons why Prisma Cloud is relatively expensive. 

We are an advanced partner, rather than an end user, which grants us easier access to technical support compared to clients. However, based on feedback from our clients, their technical support is exceptional.

Positive

The initial setup is straightforward. In the beginning, we used professional services for a couple of clients but now we do it all in-house. 

The implementation is completed in-house.

From a security standpoint, we have significantly enhanced our client's security posture by implementing Prisma Cloud. However, we still need to assess the return on investment. While we have achieved notable resource reduction, it remains uncertain whether it has yielded a better long-term ROI.

Prisma Cloud is remarkably expensive. Not everyone can afford it, without a doubt. Although we don't directly sell the product, we occasionally engage in reselling certain components, and it requires significant effort to make sales. There's no denying that it's expensive.

I evaluated Snyk, which is a competitively priced product. However, I personally am not very familiar with how it works or the benefits gained by the different clients I've worked with, as I haven't had much experience with it. I conducted a couple of use cases and found it to be quite similar to Prisma Cloud in terms of features, although the interface has a different look and feel. I have been informed that Snyk is considerably cheaper compared to Prisma Cloud.

I would rate Prisma Cloud by Palo Alto Networks a seven out of ten, primarily due to the need for improvement in identity-based micro-segmentation and cloud network security. I appreciate the potential it offers for deployment, but the new module has yet to reach a point where we can effectively reduce risks.

All the cloud environments existed before Prisma Cloud came in. I don't believe we can build many things using Prisma Cloud, except for implementing guardrails. For instance, we can secure these workloads, but it will take time for them to be fully developed. The scanners, such as the infrastructure as code scanners that Prisma Cloud can certainly check, are capable of performing static and code analysis, among other tasks. However, I don't think Prisma Cloud is designed specifically for that purpose.

Prisma offers risk clarity from a core security perspective, but it does not cover the entire pipeline. To cover the entire pipeline, we would need to utilize a SaaS or DaaS tool. Prisma Cloud cannot serve as a substitute for those tools.

I used to primarily work with cloud-native services. So, I would leverage cognitive services across all three clouds. That was my main focus initially. However, now I have started using other tools such as Snyk and various reports. Additionally, I have also recently started using CSPM. I'm not entirely familiar with all of them yet, but I have been working on them since the beginning.

No maintenance is required from our end.

We use the solution for three areas, CSPM, CWPP, and Cloud Security.

We use Prisma Cloud by Palo Alto Networks mostly for CSPM. CSPM helps us identify and fix misconfigurations in our cloud environment. This can help us prevent security breaches and improve our overall cloud security posture.

Prisma Cloud also provides CWPP. CWPP helps us protect our cloud workloads from malware, ransomware, and other threats. This can help us keep our data safe and secure.

Prisma's Cloud security is something we are still working on.

The solution is deployed as SaaS.

The solution provides security across multi and hybrid-cloud environments. However, we are currently only using it for the public cloud. We do not use it for any hybrid solutions, and we are not running any on-premises solutions on it.

The solution covers the full cloud-native stack with a single pane of glass. If we need a holistic view of our security posture, Prisma Cloud is a good option. It provides a single pane of glass for managing our security across all of our CNCF workloads.

Overall, Prisma Cloud by Palo Alto Networks is a very good product. I have been using it for the past four years, and I found it to be very effective in helping me to understand my cloud security posture. 

I will use the CNCF as an example. I really like the complete tool. When we first started to use the cloud, we didn't know what we were doing. Only the admins knew what they were doing wrong and what the threats were in the cloud. Cloud is a shared responsibility between us and the cloud provider. This is true for any cloud provider, such as GCP, Azure, or AWS. We don't have visibility into what admins are doing wrong or right, or how many admins keep our configuration secure. On-premises has parameters, but the cloud does not. The solution provides visibility into what is wrong in our environment, what has been done wrong, and what we can do to correct it. This is because of the configuration and the misconfiguration. From an architectural perspective, if we are doing the first step wrong, there is no point in going to the second step and making it correct. We should make our first step correct. Prisma Cloud provides visibility for us to do this.

Prisma Cloud's comprehensiveness for securing the entire cloud-native development lifecycle across build, deploy, and run is good. The solution provides a single pane of glass for everything, including core security, data security, CSP, CWPP, and EIM security. Other good options are available, but they do not offer a single pane of glass. Instead, they are individual products or modules that must be used separately. Prisma Cloud can improve IM and data security, but if we do not want to use multiple tools, Prisma Cloud is a good option because it offers a single pane of glass for all our security needs.       

Prisma Cloud provides the visibility and control we need, regardless of how complex or distributed our cloud environment becomes. We can see how many complaints and alerts we have, which gives us a sense of security. 

Prisma Cloud enabled us to integrate security into our CI/CD pipeline and add touchpoints into existing dev ops processes.

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications without having to manage and reconcile discrete security and compliance reports. For operations, the capability of CSPM works well.

Prisma Cloud provides risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases. Our developers are able to correct issues using the tools they used to code. Some of the results are false positives but the majority are not.

Prisma Cloud helps reduce some of our runtime alerts by 40 percent.

Prisma Cloud helped reduce our investigation time by up to 60 percent. 

I find the CSPM area to be a more valuable and flexible feature. We have control in our hands, and we can do anything we want with our cloud security posture management.

Prisma covers all the CNCF areas. However, they are not the best in all of them. For example, their identity controls are not the best. They have modules for identity controls, but they are not the best in the market. The same is valid for data security. AWS and Azure have better native data security than Prisma. Individual modules, other than CSPM and CWPP, could be improved.

The security automation capabilities are average. They have a semi-automated remediation policy, but many tools on the market can automatically remediate based on the resource and desired outcome we need. Therefore, I think the automation of alerts could be improved.

The visibility of the reporting data for CI/CD can be improved in our console to make the output visible to management and developers.

I have been using Prisma Cloud by Palo Alto Networks for four years.

Prisma Cloud is stable.

Prisma Cloud is a scalable platform that releases new modules every six months.

The technical support is good.

Positive

The initial setup is straightforward for an experienced person who follows the instructions. If we have all the necessary resources, the deployment can be completed in one day.

I first started with the CSPM, then the CSP medium, about a year before moving to computing. I then tried data security for native security and more outside and code security.

We used Palo Alto Networks' Professional Service, which was included in our credit and license. They provided us with assistance with the initial implementation, and we were satisfied with their services.

We have seen a return on investment from using Prisma Cloud because it has improved our compliance and security posture.

The pricing is reasonable. However, I think some modules need to be restructured, particularly those related to data security. The licensing model for data security should be compared to the native security offered by AWS and Azure.

We evaluated Wiz and CrowdStrike. We initially started with CSPM, so Prisma Cloud was more flexible. The representative of the Prisma Cloud CSPM was better and more user-friendly. It gave us more permissions, more controls, and it wasn't complex. We could still do whatever we wanted if it was not given by Prisma out of the box. Therefore, we chose Prisma Cloud.

I give Prisma Cloud by Palo Alto Networks an eight out of ten.

If you are new to the cloud and you are not sure where to start, I would recommend using Prisma Cloud. It will give you a comprehensive view of your cloud security posture and help you to identify any areas where you may be vulnerable. You can also use Prisma Cloud to test and evaluate different security controls before you deploy them in your production environment.

Our entire company uses Prisma Cloud. Anything we deploy in the cloud is protected by the solution.

Prisma Cloud does not require maintenance from our end.

If someone is new to the cloud and looking for cloud security, I think the best place to start is Prisma Cloud. Prisma Cloud offers a comprehensive set of security capabilities, including CSPM, workload security, and cloud security. We can start by using the CSPM module to assess our cloud security posture and identify any potential vulnerabilities. Once we have addressed any critical vulnerabilities, we can then move on to the other modules.

Everything is a lesson because we started with no knowledge. We did not know that there would be many risks and offenses involved in our cloud security environment. We need to know all of the risks, and we can overcome them with Prisma Cloud.

We use Prisma Cloud by Palo Alto Networks for our cloud security posture management.

Prisma Cloud by Palo Alto Networks has multiple aspects that help protect the full cloud-native stack. We are not concerned with just one cloud at the enterprise level; we are focused on the multiple cloud environments we have. The solution provides us with a comprehensive dashboard and a comprehensive view of our cloud security posture. Furthermore, the solution not only covers the security posture but also informs us of our compliance with leading industry standards.

The solution does have security automation capabilities, but we do not use much of it in this case. We use automation for the alerts; if there are any misconfigurations, the alerts are automated. However, we do not mitigate any specific items using automation, as that is something we have not configured. We prefer to first look at the problem manually, and then take action against it.

There is no single comprehensive cloud security solution. We will need to use multiple tools, such as those offered by Palo Alto Networks and Check Point. Every security firm has a range of products, so if we consider all of them, we can have anti-virus, anti-malware, vulnerability assessment solutions, EDP software, and cloud security posture management. We need to evaluate each tool, and Prisma and Check Point both offer good solutions, including next-generation firewalls.

The solution provides the visibility and control we need, regardless of how complex or distributed our cloud environment becomes.

The solution can enable us to incorporate security into our CI/CD pipeline and add checkpoints to existing DevOps processes. From an automation standpoint, we enabled certain monitoring features. However, the remediation steps are still manual. This can be integrated into our DevOps pipeline, though some of the features are not being used as we prefer to keep it manual.

The solution provides us with a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

The solution reduced runtime alerts. We don't need to receive all the runtime alerts every time, as they will overwhelm us with messages. People often neglect this. Depending on the situation, generally, only very important alerts should be sent. I prefer that the solution be configured for when there is a major business impact. For minor alerts and notifications, we can still check the dashboard. Generally, we monitor the dashboards at certain times. We don't need to be alerted for everything, as this will defeat the purpose of this mechanism.

The solution significantly improved the time taken to investigate alerts by 40 percent with the alert monitoring and all its mechanisms, we receive our critical alerts quickly via email. We can even configure the remediation, although we have not done so yet. 

I appreciate the multi-cloud support that this solution provides; I can use it with AWS, Microsoft Azure, and Google Cloud. I find the ability to configure alerts and monitor misconfigurations in the cloud to be particularly useful, and we take advantage of this feature as well.

Prisma Cloud by Palo Alto Networks is an impressive solution. The solution continuously assesses our security posture, making it the ideal preventive measure. If any misconfigurations occur, I am immediately notified of any unnecessary ports that are open in my cloud. This alerting system allows me to take the necessary steps to secure it before any attack can occur, making it the best preventive measure for our cloud.

I now extensively use cloud security posture management. There needs to be a mechanism that allows me to manually configure compliance more easily. Currently, it requires programming knowledge, so if someone without hardware programming knowledge could customize certain features to their requirements, it would be very helpful.

I have been using the solution for five months.

The solution is stable because it is a SaaS offering.

Nowadays, all cloud solutions are scalable; scalability should be a given feature and does not need to be asked for.

A maximum of ten people have administrative-level access, which will be used by 50 to 60 Security Operations Center personnel. This personnel must log in with various role-based access rights. In total, we have around 70 people using the solution.

In my previous project, we had a dedicated team associated with the account, so we did not have to pay for support. This was beneficial because, most of the time, we would go to our account team instead of the technical support, and our issues would be resolved quickly.

Positive

The initial setup is seamless. We only need to integrate our API key and connect it.

The deployment took one hour.

I can see one return on investment due to continuous monitoring. Before, we had a few staff members who monitored our environment, but now the alerting and other processes happen automatically, so there is a good ROI in terms of resources. Additionally, the security posture of the environment is increased and fewer incidents occur, which improves our response time and resource efficiency. There are also indirect ROIs.

The pricing is competitive; for the most part, the security firms have similar prices. Therefore, I believe it is competitive and a good investment. The solution is good quality, so I would not hesitate to invest in Prisma Cloud by Palo Alto Networks.

I give the solution a nine out of ten.

I absolutely recommend Prisma Cloud by Palo Alto Networks at an enterprise level because the solution is an enterprise-grade product.