Prisma Cloud by Palo Alto Networks Reviews

I work for a monetary provider and handle around five customers. We mostly use Prisma Cloud for CSPN, but we have a banking customer using CWPP. 

Apart from those two use cases, the other customers are not interested in Prisma Cloud's other functionalities because they're green and already have other solutions with partners that they say are more mature. We have not implemented them in the customers' production environment, but we have toyed around with proofs of concept.

My organization is not primarily a customer. We don't use it a lot because we're a security company that mainly provides customers with solutions using this. That said, visibility is the most significant benefit for our clients because some are so large that they're unaware of what they have. 

They don't have adequate governance over expenses, security, and the parts of the network that are communicating. Prisma Cloud gives them reports that will provide instant insight into what's there. A new feature creates a visual map of networks and communications in the discovery part. It's excellent because you can instantly visualize everything. That's one feature that all the customers appreciate.

It performs well in complicated cloud environments. You only need to add your cloud account credentials. Most of the time, Palo Alto recommends using a full admin account for a service account accessing the tool. The tool works just as well, regardless of the company size. That's one of Prisma's biggest strengths. No matter how big you are, the tool can see everything.

Prisma Cloud can scan any cloud provider. We currently use Prisma on GCP, Amazon, Azure, and Alibaba. We also have Oracle, but I haven't used it for Oracle yet. This is crucial because some customers aren't proficient in managing multiple cloud environments. They only need to go to Prisma Cloud and see what they have because the team managing security is not the same one developing the solutions. 

Prisma offers a single pane of glass that lets you do most of what you want in one place. It's not only configurations but also knowing what you have, and your assets are doing. That's the main selling point of Prisma Cloud. It provides you with visualized reports, whether it's in the cloud, live serverless, containers, etc. 

I haven't toyed with CAB personally, but I think you can do that because you can scan images and deployments. I wouldn't say it gives you a lot of value in that regard because most of the CI/CD issues are application-level problems that Prisma Cloud or any other tool wouldn't help you with. Regarding security, you can deploy agents during the integration deployment and gain complete visibility with total memorability that you might introduce in the pipeline. Still, I think it will be a tiny part of the pipeline.

You will not see the problem if you're running an OGs application. While the developers can pinpoint the issue with the information provided, it will never relate to a piece of code and solve it. No tool can tell you exactly which part of the application is the problem, but a tool can identify which process has a vulnerability. Apart from that, many developers have issues finding the root cause of the vulnerability. When it's a library-related vulnerability, the TVD tells you to use another library or play the library. When your own code has the vulnerability, it's hard to pinpoint that.

Prisma provides a lot of information. You can see real-time alerts and forward them to JIRA or whatever tool you use with API or TVD. It also offers anomaly detection. If an administrator is logging in at weird times and doing strange functions, this tool can notify you about them. The anomaly detection is a correlation engine. You seldom get false positives. When it is a false positive, it's something you would expect. The only times I got a false positive were when the administrator forgot the password and tried logging in 50 times. At that point, they just need to contact support and change the password. 

Prisma has massively reduced our alert investigation times. It's 50 times quicker. Without this tool, we must dig up AWS logs, and the format isn't too accessible. The difference between using this tool to investigate an issue compared to a cloud-native solution is two hours versus two minutes. Digging up two logs using Ctrl-left is not the best approach, and it's the only approach cloud providers give you. 

The solution saved us because it helps us turn off idle machines. Most are machines we have turned on, and we didn't know what they do, but we didn't want to turn them off. Prisma Cloud lets you see the communication flows and the asset's actions on the communication map. If you see a device not communicating, it's easier to investigate what it's doing. Sometimes, it's a device generating reports at a particular time. You can schedule it to turn off when it's not active to save money. You also save money by spending less time solving your issues.

Doing cloud compliance without this tool would be impossible because cloud solutions are huge and highly complex. SOS compliance requires that you provide reports in under 24 hours. That's not possible without an automated tool like Prisma Cloud and the CSPN module. You would need to purchase Prisma or a competitor. It helps a lot because some customers have weird compliance requirements, and you can do it all on Prisma Cloud.

You can create custom compliance configurations according to your customer's needs and set Prisma up to provide the reports every 24 hours. In fact, you can do reports in 10-minute intervals or in real time. The client can access the dashboard and see if they're compliant. C-level executives in any company love that. 

The most valuable features are the alerts and auto-remediation because it allows us a lot of flexibility to customize and do functions the Palo Alto team never intended. We faced some challenges with certificates because we also have next-gen firewalls. We would like to equip all the traffic because there have been many cases in which the developers have made mistakes. Deploying certificates on virtual machines can be complex in a development environment, but we managed to do that with Prisma Cloud.

Prisma performs well in a fully cloud-native stack if you run several layers and Kubernetes. It's not so smooth if you migrate VMs into the cloud. Some customers try to do that with Prisma Cloud, but it's not compatible with Windows Server. However, you can deploy serverless containers without issue. You must deploy personal cloud agents into the virtual machines. The agents are called defenders. That module is excellent because you can see communications and vulnerabilities across your environment. It can also scan for malware. It tries to do many tasks at once, say the value it provides is the ability to see communications between devices.

The agent can block the traffic trying to exploit the vulnerability, but it can't fix the problem. That's on the application level. Most of the time, you give the application development team the vulnerability report, and they fix the issue, but Prisma protects you in the meantime. You can sleep well knowing that the agent is blocking the malicious traffic.

They recently added a module called Code Security that enables you to scan repositories or infrastructure as code. You can see concept errors like CSPN problems before the deployment. In tab use cases, it's excellent because you can see if there are misconfigurations in Terraform without having to deploy the instance or whatever you are deploying. That can save you money because sometimes people are deploying machines with problems that are easily fixable. It also improves security because you can fix a vulnerability before you have it with Cloud Security, but that's a rather new solution.

The IMD feature could be improved, but Palo Alto is working on that. It's a relatively new module that attempts to identify unnecessary permissions. Prisma Cloud is a platform that adds new modules whenever Palo Alto acquires a company or develops a new solution. The development team is trying to add new features. It also has Click Code Security for infrastructure security, but it doesn't add much value unless your DevOps team is really junior.

While Prisma provides a lot of visibility, it also creates a ton of work. Most customers that implement Prisma Cloud have thousands of alerts that are urgent. It creates a high workload initially. Apart from that, it solves the problems you have. Palo Alto says that 99 percent of breaches come from misconfiguration. I have seen that first hand. I think the fewest alerts a customer had was around 100 still, but they used another tool for that, so that saves a lot.

I have been working with Prisma Cloud for about 15 months.

Prisma's stability is close to 100 percent because it's just a dashboard that connects to your public cloud. It's essentially a website that never goes down, and you could also host it locally if your security requires it. Most of the customers use the Prisma Cloud platform. If it goes down for any reason, the security agents work independently of Prisma Cloud. You send logs to Prisma Cloud and update the configurations via the cloud. However, if the platform goes offline, you still have top-notch security.

As long as you purchase credits, Prisma Cloud is easy to scale.

I have never contacted Palo Alto support because our team is highly proficient in the solution and the platform is easy to use. You deploy the agents, and it just works. 

It's straightforward to deploy the solution because it's cloud-based, so you just set up an account, username, and password. If you think about it, the Prisma Cloud tool does not do much, but what it does is valuable. It does something simple on a scale that human beings could not do. 

Based on my own experience, I would I rate Prisma Cloud a ten out of ten. However, I haven't compared it with other solutions, so maybe other solutions have more features that Prisma is lacking. My advice is to implement Prisma if it has the features you want but also shop around because I'm sure other solutions are just as good as this one.

I do not personally use it in my organization. I am a consultant, and I support my clients. I understand the environment, and based on that, I suggest they implement Prisma Cloud. My job is to do a technical evaluation of the product and recommend it to my clients. I give my recommendation to the client as an advisor. I tell them about the features and capabilities of Prisma Cloud and how they can utilize it. I also do a price or cost-effectiveness comparison of different products, but in the end, my clients decide whether they want to choose the technology over the cost or vice versa.

There have been multiple use cases of Prisma Cloud. The use cases vary based on a client's requirements. It is not necessary to implement all the features and capabilities of Prisma Cloud, but generally, it is for continuous compliance monitoring. The Cloud Security Posture Management (CSPM) feature identifies vulnerabilities within your IT organization or ITOps environment. The main part is to ensure compliance with industry standards such as GDPR and CIS Benchmarks.  

Vulnerability scanning has been a major problem for clients. Nowadays, clients do not have just one cloud. They are not using just AWS or Azure. They have multiple clouds. For example, the primary site is on Oracle, the disaster recovery site is sitting on AWS, and some of their applications are on Azure, so there are three hybrid cloud environments. We try to identify the best solution that can seamlessly integrate with all three cloud providers. Our clients want a centralized Cloud Security Posture Management solution for monitoring vulnerabilities and threats. This is one of the major use cases for which we recommend the Prisma Cloud CSPM solution to our clients.

Prisma Cloud can seamlessly integrate with all clouds. When you go into a cloud, there are multiple landscapes. Some are Windows machines, and some are Linux machines. There are different APIs, different databases, and different types of environments with microservices, Kubernetes, etc. Prisma Cloud has the capability to integrate with all these. That is the beauty. This seamless integration is very critical in every product.

There are multiple CSPM products in the market. The key feature of Prisma Cloud is seamless integration. They have thousands of in-built APIs. You do not need to do much customization. It can seamlessly integrate with multiple clouds. It can integrate seamlessly with Azure, AWS, Oracle, Alibaba Cloud, etc. This is the main feature and the key selling point of Prisma Cloud. For example, today, the client is using only Azure Cloud, but tomorrow, the requirement might come for AWS or Oracle Cloud. It does not mean that they are going to buy a new product for CSPM. That is the beauty of Prisma Cloud, and this is where Prisma Cloud scores. It integrates seamlessly. It does not mean that other products cannot integrate. They can integrate, but they might not seamlessly integrate, or they might integrate only with AWS and Azure but not with Oracle or Alibaba Cloud. All of my client base is in the GCC region. I have clients in UAE, Saudi Arabia, Qatar, Kuwait, and Oman. Oman has Google Cloud. Saudi Arabia has Alibaba Cloud and Oracle Cloud. UAE has AWS Cloud and Azure Cloud. In Saudi Arabia, there are even private clouds. Prisma Cloud can even integrate with your private cloud. You can integrate your on-premise cloud.

Prisma Cloud can protect the full cloud-native stack. It is great, and it can solve your needs from a security point of view. The whole purpose of Prisma Cloud is to scan vulnerabilities.

Prisma Cloud's security automation capabilities are good. For example, you can define a policy for virtual machines. The policy hits an API and scans all your virtual machines. It can identify a virtual machine that is not supposed to have access to the Internet, but its ports are open. If you have set the rules, it can also remove the access of the port or the VM to access the Internet. This capability is definitely there, but it is based on the defined rules and policies and how you do the configuration.

Prisma Cloud provides good visibility. The dashboard or UI is user-friendly. You get a holistic view of your entire infrastructure. 

Prisma Cloud integrates security into our CI/CD pipeline at the resource,  component, and infrastructure levels, but at the application level, it is limited. For application-level security, you need to do something else. You need to have an additional capability or additional security solution.

It provides a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

It provides risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases. It discovers issues at the scanning level. It also has the capability to rescan. For example, if you have discovered an issue or vulnerability, after resolving it, you can rescan the same resource to identify whether it has been mitigated or not.

Prisma Cloud has reduced runtime alerts by 60% to 70%. It has also reduced alert investigation time by 60% to 70%. With these time savings, you also save money. By preventing any vulnerabilities or threats, you also save your organization's reputation.

It has a feature for customized security policy. I implement it in banking, health insurance, and other sectors, and every organization has its own customized policies and procedures. In Prisma Cloud, you can customize policies, and based on that, you can do monitoring. 

It has multiple capabilities, such as threat detection and remediation. You can even orchestrate. For example, you can set a rule that a specific set of users need to have XYZ access. If any user is identified as having an additional level of privilege, which he or she is not supposed to have, Prisma Cloud can scan and identify it. If you have set the policy, it can also do mitigation. It can remove the access accordingly.

One major observation is that it is not possible to implement Prisma Cloud on-premises. This is the limitation. Prisma Cloud itself is on a cloud. It is sitting on AWS and Google Cloud. It is a SaaS solution, but some of my clients have a local regulatory requirement, and they want to install it locally on their premises. That capability is not there, but government entities and ministries want to have Prisma Cloud installed locally.

It is stable. It is a leading product.

It is a SaaS-based application, so we need not to worry about scalability. It is their responsibility. They have to ensure its scalability and high availability.

From what I know, their support is good enough. They meet the SLAs. They have been good so far. That could be because they are new in the GCC market, and someone from Europe or the UK might have different feedback. 

I did not use any similar solution previously.

We provide consultancy. We do the implementation but with the support of the vendor. It is not just about buying the product. It is about how you design and configure it. We ensure that the implementation is done as per the defined design.

The key point for a successful product implementation is how you configure it and what is your use case. Every client has different requirements and different use cases. It depends on how you drive it. You need to define the use cases, the policies, and the procedures, and you need to ensure they are aligned with your business objective. You may have the best product in the world, but if you do not know how to configure it based on your use cases and your environment, it will not work for you. You will have vulnerabilities in your environment even after you have invested millions.

The vendor takes care of the implementation, and we validate and guide them with the implementation.

In terms of maintenance, it is not a set-it-and-forget-it solution. It is based on your IT environment. Generally, small organizations do not use a CSPM solution. It is used by mid to large organizations. In such organizations, there are multiple changes in the IT resources. The environment is agile. Every day you add something or change something, and you need to ensure that it is integrated with Prisma Cloud. It is an ongoing operational activity.

We evaluated multiple products. Zscaler was one of them.

My clients are quite happy with this solution. Some of my clients are also based in the UK and Europe. So far, it has been good. It met their expectations. Their use cases are met, and they are able to monitor all their infrastructure. It has been good so far, and it worked for all the generic or standard use cases. That does not mean that it is going to solve all the use cases for all customers. If you want to go for a CSPM solution, you need to do a technical evaluation.

If you are looking into implementing a CSPM solution, I would advise first understanding your existing cloud landscape or your on-premise landscape. Understand your local regulatory requirements and local laws. After that, define the use cases. Define what exactly you are looking for and then go to market and evaluate different products. You can check whether there is an integration with AWS, Oracle, Alibaba, or any other cloud. If your regulatory requirements are that you cannot host your solution outside your country or you need to have it on-premises in your data center, not someone else's data center, you have to choose accordingly. You cannot go for Prisma Cloud. If you do not have any such regulatory requirements, you can go with Prisma Cloud or any other solution. 

You should also understand your future landscape in terms of:

• Over the next five or ten years, how do you want to grow? 
• What is your current IT strategy? 
• How are you evolving? 
• What would be your technology? 
• Would there be any major digital transformation? 
• How seamlessly can it integrate? 

You need to consider multiple parameters. It is also about money. It should also meet your financial budget.

Overall, I would rate Prisma Cloud a seven out of ten.

We are running multiple VMs on GCP and use Prisma Cloud to monitor the CICD pipeline for any issues. If there are issues, we raise tickets in Jira. 

Prisma Cloud keeps our servers secure in most cases. We get the most value from the alerts when we have security issues. The runtime protection is also a good thing. We're also exploring the possibility of automating the CICD pipeline. 

We realized the benefits immediately after we integrated or connected our account.  We used to get a lot of false positives, but we took steps to fix that. In most cases, we get help with that. It doesn't take much time to identify the problem.

Prisma covers the full development cycle and helps us a lot. We use it in the development phase and get a good value from it. We catch issues before the production stage.

Prisma Cloud's real-time detection and monitoring of our entire system is the most useful. We also value Prisma's runtime protection and security alerts.

We like Prisma's preventative approach to cloud security. It alerts us about security issues before they become a problem. If our cloud system has outages, our clients may switch to another competing platform. With the preventative approach, we can ensure our servers are always up. 

The UX part of Prisma's user interface could be simplified and the metrics tool should be highlighted more.

I have used Prisma Cloud for three months.

Prisma Cloud is stable. We haven't had any downtime, crashes or lag. 

Prisma Cloud is highly scalable. 

It was easy to deploy and integrate Prisma Cloud. We connected to our account and chose the platforms and environments we have. When we first deployed Prisma Cloud, we didn't know much about it, so it took 30 minutes to an hour. Deployment was a one-person job. It doesn't require any maintenance on our end because it's a cloud platform, so we just receive alerts. 

I rate Prisma Cloud 10 out of 10. The first thing a new user should do is check the documentation and the official YouTube videos. You can always contact their technical support if you have any issues. I don't think they will require technical support because the videos are useful and the documentation is also good. You can also easily integrate and see the reports on the UI. 

In terms of use cases, we had a single client. This client belonged to the insurance sector here in India, specifically a large insurance chain. We discovered that they had migrated to a cloud environment and had some security controls in place. However, they lacked expertise in understanding the threats associated with the cloud. From a resource and organizational perspective, they didn't possess the necessary skill set to implement a comprehensive governance framework. This client operates within the insurance industry, regulated by the Insurance Regulatory and Development Authority in India, which has revised some pipelines for the current financial year. The IRDA also serves as a regulatory authority for Indian banks. As a result, the client needed to strengthen their controls, particularly those with higher significance.
Their objective was to implement a few security controls to successfully pass an upcoming audit. We recommended that they integrate Prisma into their infrastructure. This would allow them to generate reports promptly whenever required and help fine-tune existing policies or guide the infrastructure development team in implementing new ones. Prisma would scan the entire infrastructure and provide the best recommendations. It was a challenging use case in terms of implementation, as only a few clients were familiar with Prisma's capabilities. Prisma is a cloud service that enables the hosting of applications and infrastructure.

We wanted to address vulnerabilities that we identified from a logging and monitoring perspective, which is why we implemented Prisma Cloud.

If we discuss a multi-cloud environment or a multi-fleet architecture or implement it as a fleet architecture, Prisma Cloud offers comprehensive functionality. It enables us to obtain complete reports or scanning reports from the tool on an enterprise scale. However, this process takes time. Although it is completed within seconds, if we have a larger infrastructure with multiple running instances, the tool will require more time. Nevertheless, the resulting report will be accurate and provide a comprehensive perspective.

In terms of a multi-cloud environment, our observations indicate that if we implement and configure Prisma Cloud with Azure and AWS, the tool performs well. On the other hand, when performing checks on AWS and GCP, the tool exhibits better performance on AWS. It does not meet the same standards on the GCP side, but it remains accurate. Azure is compatible with AWS and shows promising results. Additionally, we are currently conducting tests on the Azure environment.

Regarding the entire infrastructure, whether it follows an SAP model, PaaS model, or a previous model based on infrastructure, our testing has yielded positive results, particularly when using the SaaS model. AWS achieves 100 percent accuracy. From larger clients to smaller ones, even within internal GCP corridors where Prisma is connected, they are effectively protected.

Prisma's security automation capabilities are straightforward. We need to ensure that we have a clear understanding of our intended automation actions before proceeding. I was engaged with a company in the oil and gas sector that utilizes AWS infrastructure. They adopted Prisma Cloud and we implemented some automation. During testing, the alerts were satisfactory. However, in subsequent attempts, vulnerabilities were detected after the automation was executed. I wouldn't describe it as difficult, but rather as tricky.

Prisma Cloud assists us in adopting a proactive approach to cloud security. It provides us with a comprehensive view of areas that require fine-tuning. This perspective encompasses not only governance and threats but also the overall security landscape.

Prisma Cloud helped us reduce manual effort by up to eighty percent. It fine-tuned policies and implemented security controls for the cloud, including threat and vulnerability management. We no longer need to manually review these aspects. However, we still receive recommendations for mitigation. Prisma Cloud suggests actions to take from a governance and security perspective. For example, if we have an open port that is not in use, it advises disabling it. Previously, I or my team would spend around ten to twelve hours a day fine-tuning Azure or AWS services by accessing different dashboards. Now, with Prisma Cloud, we can accomplish all of this through a single console. We simply log on to the Prisma Cloud console and configure the services. Prisma Cloud integrates all the services and provides us with recommendations for remediation. As a result, our effort has been reduced by eighty percent since implementing Prisma. We were able to see all the benefits within a year and a half.

Prisma Cloud provides the 100 percent visibility and control we need regardless of how complex or distributed our cloud environments become. By utilizing Prisma Cloud, we have significantly reduced our manual effort to nearly eighty posts. Having everything consolidated on a single console greatly enhances the efficiency and productivity of our team. Moreover, from both a practical and financial perspective, it is undoubtedly a more advantageous approach.

Prisma Cloud offers risk clarity in real-time throughout our CI/CD pipeline infrastructure.

Prisma Cloud has reduced runtime alerts. I have only seen two alerts.

Prisma Cloud has reduced alert investigation times.

Prisma Cloud has saved our larger clients around $100,000 per month.

Prisma needs to regularly update itself because there are regulatory compliance requirements that have already been published, yet they have not been integrated into Prisma. This poses a challenge as we have to manually address these issues in our use cases.

We have discovered that Prisma is not functioning properly with GCP. I am unsure if this is due to the security policies being implemented by Google. There are restrictions in place, but from a GCP perspective, the security scanning is quite limited.

The deployment is a tricky task as it requires thorough configuration checks. There was a scenario where we discovered that the deployment had already been completed. However, during integration, we encountered a configuration issue. As a result, the logs from the cloud area were transformed into incidents, resembling an actual security breach. This caused concern among my team, and we were under the impression that an attack had occurred.

Palo Alto offers a different product, and they have introduced Prisma Cloud for a specific purpose, particularly for individuals who are new to the technology. The idea is, for example, to provide a single platform for accessing various Over-the-Top platforms for watching web series or movies. Instead of purchasing multiple OTT platforms, the concept is to offer one comprehensive platform. By paying for a single platform, users can obtain a subscription for services like Netflix or Amazon Prime, without having to spend thousands of dollars individually. Prisma Cloud follows a similar approach, which is perfectly acceptable. Consider the scenario where a client, using Microsoft or Azure environment, desires to use a third-party tool instead of investing in Microsoft Defender. In this case, Prisma Cloud comes into play. However, at some point, they may realize the need for Microsoft Defender as well, which would cost them a significant amount of fifty thousand dollars. To avoid such expenses, the idea of offering a complete package to the client arises. 

This complete package enables the client to use a single tool for scanning, obtaining reports and even automating the fine-tuning process. Consequently, the client can invest fifty thousand dollars to obtain the complete package, rather than searching for and purchasing three separate products, which would cost a significant amount of dollars. The complete package offers the same functionalities at half the price. From a product perspective, it is crucial to integrate certain services that assist clients in deciding to invest in Prisma Cloud. In the Indian market, where we have observed our clients, there is a lack of awareness regarding Prisma Cloud and its functionality. Clients are primarily concerned with whether Prisma Cloud can simply scan their products and provide recommendations. They question whether they can perform these tasks manually or use cloud-native services. This perspective influences the clients' decision-making process.

I have been using Prisma Cloud by Palo Alto Networks for two years.

The stability of Prisma Cloud depends on how the infrastructure has been configured specifically for that tool, taking into account the load and architecture of our infrastructure. The tool responds well in small-scale infrastructures, functioning perfectly without any issues. However, in larger environments, I have not encountered any crashing or lagging problems but the time it takes to scan the infrastructure varies depending on its size. 

Prisma Cloud is 100 percent scalable.

I contacted technical support during deployment because we encountered some challenges. The support was excellent, and the conversation went well. It was crucial to address the issues promptly because the entire infrastructure was at stake due to its complexities. We were uncertain about the potential impact of deploying a new tool in the infrastructure. Unfortunately, we faced some issues at one point, but they were resolved within the designated timeframe.

Neutral

As an organization, we possess certain tools, some of which have been developed in-house. However, it is important to note that no tool can be entirely relied upon, as perfection is unattainable. Some abnormalities have arisen and subsequently been addressed. Our main focus in the previous year was on utilizing cloud-native tools. We are now using Prisma Cloud and also looking at Citrix.

The initial setup took some time. It was not straightforward. For a few of the clients we have implemented, it will be straightforward. However, in our organization, it conflicts because we have certain lines of business and restrictions, so it took a bit longer. The deployment took around one month and required 15 people.

In general, Prisma Cloud is much cheaper than cloud-native services.

We are having conversations with Citrix to evaluate their solution.

I rate Prisma Cloud by Palo Alto Networks a nine out of ten.

We are the aligned partner for Prisma. We recommend the same tool to our clients, and the entire team is actively involved in training on the Prisma Cloud. In my interactions with various clients and stakeholders, I have noticed that some of them are not familiar with Prisma. However, they prioritize security and want to secure their cloud infrastructure. While some clients may not have the capability to use cloud-native tools, based on my observations, most of them are gradually transitioning to the cloud infrastructure and showing interest in the Prisma Cloud.

From a cloud security standpoint, and specifically as an organization, we are not bound by any specific domain. Our focus lies in securing the infrastructure from the client's perspective. For instance, consider a client who is new to the cloud and has migrated their infrastructure. If we do not have any governance measures in place for this scenario, our recommendation would be to opt for the comprehensive package offered by Prisma Cloud. This ensures that in the future or upcoming days, the client won't need to explore numerous other modules. However, it is worth noting that some clients may prefer to use separate modules. In general, we tailor our governance, security, and threat detection solutions to meet the specific requirements of each client. Internally, we provide a complete package.

In the current scenario, where my team is performing the migration for Prisma Cloud or the deployment area, we haven't yet tested the tool. We are planning to proceed with that testing. However, based on our discussions with the Prisma partner, they will integrate some functionalities because, in the DevOps environment, we haven't achieved the expected results. I wouldn't claim it's a hundred percent comprehensive, but based on our discussions and experiences so far, it's still a work in progress. We have conducted two tests, but the results haven't met our expectations.

From a DevOps standpoint, the CI/CD pipeline is still undergoing testing. I'm unsure about the time it will take, but initially, we are testing what we have learned from a CI/CD standpoint and a DevOps standpoint. We are currently investigating the best course of action and how we can integrate effectively. In some of our engagements, clients are requesting the integration of Prisma Cloud to optimize their DevOps area when deploying. However, currently, from a KPM perspective, this task is still manual. From a development standpoint, it will require time. It won't be accomplished in a single day or month, but rather, it will take time. This is because the configuration is still in progress. Moreover, from a security perspective, there are certain areas where we are uncertain. For instance, when considering GCP, it presents a gray area where we have been unable to identify any solutions from Prisma's standpoint. However, we need to determine how to effectively integrate the GCP infrastructure within the field.

Prisma Cloud can scan and monitor, depending on how it is configured. It can also trigger alerts, but it cannot stop an attack.

Prisma Cloud is maintained by Palo Alto.

Prisma Cloud will undoubtedly assist organizations in comprehending their infrastructure and identifying areas of uncertainty. The solution will streamline and minimize manual efforts. Users can obtain the comprehensive report with a single click, eliminating the need to access various services to retrieve logs. I highly recommend Prisma Cloud as it is cost-effective, and user-friendly, although its configuration can be a bit challenging.

We use it for visibility, compliance, and governance. It is the official CSPM solution for our bank.

The only module we are using is the compliance module.

In Prisma Cloud, we were able to create frameworks using the RQL language, frameworks that are modeled after our Archer security baselines. Archer is the tool that we used to track all exceptions and security baselines. With Prisma Cloud we have been able to create custom baselines, based on the Archer framework that we have, and not just go off of CIS or NIST frameworks. 

We have also been able to generate reports for teams using the automated scripting tools that Prisma Cloud provides. On a weekly basis, we share those reports with the teams that are impacted. They go back and remediate their findings as needed, or we fine-tune the Prisma Cloud compliance language as needed if there is any ambiguity in there. 

Over the course of a few weeks, the teams remediate these issues and our compliance percentage goes up. Our compliance percentage for production environments was 95 percent. We then made some new acquisitions and they were at 40 or 50 percent, which was very bad. When we brought them under our company's umbrella, we gave them these reports, and they improved their compliance percentage. That has been helping us hugely.

Also, it does a good job of providing a view of our overall posture. Our confidence in our security and compliance posture was what I would describe as a "head in the sand" type of situation before. People would say, "Ah, we should be okay." But once we started digging into stuff and started putting our Archer baselines into the Prisma Cloud queries, that's when we realized that things looked poorer than we had imagined or assumed. This has been a wake-up call for our organization, and everybody has taken notice that we really have a hard job ahead of us.

In addition, with this solution we are seeing a single pane of glass to protect all of our cloud resources and appliances. We are seeing multiple occurrences with multiple platforms under one roof. That has really helped to simplify things.

Prisma Cloud does have some good investigation built into it. When an alert is generated, it does a good job at correlation, not the greatest in the world, but it gives you a good starting point. So it has helped us work on those alerts or investigate them more easily. It reduces our investigation time by 40 to 50 percent because it does all the initial investigation and puts all the findings together. You don't have to manually log into a lot of different accounts or tools to find out that information.

Financially, the only way I can think of that the solution has improved things is in our compliance structure. We spend less time after audits by putting in the effort beforehand. Recently, we have had a lot of good wins where audits have not been able to find a lot of issues. In the past, they used to find 15 or 16 findings, and now, they're able to find only one or two. When you have fewer audit findings, you have fewer man-hours dedicated to dealing with them. We are able to move those man-hours into our actual work rather than just audit work. We have been able to achieve some productivity there. I would estimate it has saved us 5 to 10 percent, in terms of money.

The most valuable feature is the option to add custom queries using the RQL language that they supply so that we can customize the compliance frameworks to what we need to look for.

The comprehensive view that it offers, the compliance percentage based on a framework for a particular account or a particular environment, is extremely useful. We can give those reports to the individual application teams so that they can remediate the findings. It also helps that we can give them read-only access, so we don't even get involved. They log in on their own and can pull a report, based on our instructions, and then do the remediation themselves. It helps us not be the middleman and not waste our time just generating reports for the application teams.

Also, Prisma Cloud provides security for multi and hybrid-cloud environments. We started off using it for our AWS environments, but now Azure and GCP are starting to come into play. We haven't started using those yet, we have just started initial discussions with them, but it has already been decided that Prisma Cloud would be the CSPM even for our Azure and GCP environments.

One definite area for improvement is the auto-remediation or the CWP area. 

The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options. The cloud is adding more and more complexity in terms of number of services or the number of options for each service, especially when it comes to security options like encryption at rest and encryption in transit. And there is the issue of the interlinking of these services. One cloud service uses another cloud service, like CloudFront in front of a load balancer. These interactions are creating numerous new combinations and the RQL language really needs enhancement to handle those queries. 

We ourselves have put in a lot of enhancement requests to Palo Alto, looking at these corner cases, so they can look into those and improve them.

I have been using Prisma Cloud by Palo Alto Networks for about two years.

Prisma Cloud is a little slow, but it is fairly stable.

It is a scalable solution. No matter how many accounts you add, it still can scale. Even the reports that we set up run pretty quickly. They have done a good job of making their platform scalable.

We have been acquiring companies quite a bit recently so we will be using Prisma Cloud heavily. This is our only company-approved CSPM tool. Even though we have some of the native tools in use, like Security Hub from AWS, or Azure Security Center, now called Defender for Cloud in Azure, the official CSPM is Prisma Cloud. It is the center of attraction for us so it is being used by everybody. In the future, we will be adding more accounts as needed until a decision is made on Wiz. We still have a good amount of time left in our Prisma Cloud contract, so we are not looking to switch to Wiz anytime soon.

Technical support is excellent. We have a dedicated account manager from Prisma Cloud who has an office hours session every Monday, and he also attends our standup calls. If Prisma Cloud has any new improvements or any updates that we might be interested in, he brings them up on those calls. We also have a weekly knowledge-sharing session where Prisma Cloud's personnel come in and make a 30-minute presentation and address the enhancement requests that we put in. They'll tell us what updates have happened, what improvements have happened, et cetera.

Positive

The initial setup was straightforward. It was done by one of our team leads, who is a cloud security fellow. He used to be a senior cyber security engineer. It took him three months of full-time work to set up those compliance frameworks, the custom RQL queries based on our Archer baseline, and then, import all the accounts. The importing of the accounts is pretty straightforward. They provide an API or you can even import manually. That's not at all a problem.

We have 10 to 15 users in the solution. Four or five of us are from cloud security proper, and we have administrative rights. Our cloud operations team, seven or eight people, looks at the alerts and investigates and resolves them. They engage us if they need any assistance because they're not very cloud aware yet. And we have a few pilot users who are from the application teams, and they have a read-only role. They generate a report for themselves. Many people still want spoon-feeding and say, "Can you generate a report for us or give us a screenshot of this and that?" We do that occasionally, but we are trying to move away from that process.

For maintenance, there are only two of us, and one of us is doing it full-time, more or less. The other one is more of a standby. We are documenting the procedures. We do weekly maintenance in Prisma Cloud, where we make sure the users are onboarded, there are no stale users, and take care of the general upkeep of the tool. The idea is that, in the future, we'll probably get a junior engineer for that role, while the senior engineer can perform enhancements or more advanced configurations.

When it comes to protecting the full cloud-native stack, Prisma Cloud is fairly okay. Compared to other tools out there, I don't think it is an extremely good product, but it's a reasonably okay product to work with. I've used Wiz in the past, and Wiz does a better job on full native-cloud security.

For example, there is the auto-remediation feature in Wiz, which Prisma Cloud eventually caught up to. Wiz also has agentless scanning that Prisma Cloud is, again, catching up to. There is also Terraform code scanning for CI/CD pipelines that Wiz came up with, ISC code scanning, et cetera. Those are some of the excellent features of Wiz.

Wiz also offers granular compliance frameworks in the sense that you could write your own compliance queries and make them part of a framework. Prisma Cloud's RQL is not that flexible. We are still running into some issues in some corner cases where there are no RQL queries available.

Prisma Cloud's security automation capabilities are very basic. Prisma Cloud is primarily a CSPM, not a CWPP. Even Wiz does not offer that many automation capabilities; they were coming out just at the end of the last year. But compared to other products that I have worked with, which are purely CWPP, Prisma Cloud would not even come close.

I would rate Prisma Cloud at about six out of 10 for helping to take a preventative approach to cloud security. It gets the job done. Our company has invested money in it, so we can't move away from it for another two or three years. But we are already piloting Wiz to see if we like it. Once the contract with Prisma Cloud is up, we will probably jump to Wiz. That's the idea within the company.

If I were to rate Prisma Cloud from one to 10, I would maybe rate it at six, while Wiz would be a nine.

We have started using some of the modules for securing the entire cloud-native development cycle across build, deploy, and run, but we have not really operationalized them. They're in the initial phases. It's not the maturity of Prisma Cloud that's in question, it's about the maturity of our company as a whole. Our company was not really tuned to CI/CD, secure DevOps, and the like, so we are slowly starting to integrate that. We haven't seen the results yet, but I would say it's very promising on that front at this time.

My advice would be to compare other products and understand what you want to do before you purchase or implement it.

We use this solution to detect misconfigurations in the cloud. It's a multi-cloud solution, so if you're running a multi-cloud environment like Azure, AWS, and GCP, you only need to deploy a single solution. It assists with improving the security posture of an organization.

I use CSPM and CWPP. The previous organization I worked for used both, but the company I work for now only uses CSPM. I've also worked with code security.

We recently acquired this solution, so it has slowly started gaining momentum in my organization.

This solution provides us with a single tool to protect all of our cloud resources and applications without having to manage and reconcile different security and compliance reports. It's a single solution for everything in a multi-cloud environment.

It enhances operations, but it's a pretty measurable tool. It provides comprehensive visibility.

It provides risk clarity at runtime across the entire pipeline and shows issues as they are discovered during the build phases. 

The modules in CSPM and CWPP are visibility, compliance governance, threat detection, data security, host security, container security, serverless security, web application, and API security. This is an additional cost, so I don't think any organization uses all of the modules.

I previously worked for a health organization that was using this solution. They were able to get certified in HITRUST using this product.

Our developers are able to correct issues using the tools they use to code.

The CSPM and CWPP functionalities are pretty good. It depends on what kind of data you have in your cloud, your workload, and some other factors. If you're doing a lot of containers, you need CWPP models. If you just do regular cloud contributions, then you can use CSPM.

It provides security spanning multi and hybrid-cloud environments. My current organization's goal is to migrate to the cloud eventually. If that's your organization's goal, you need to have some kind of security mechanism or protection in place to make sure that the resources you're building in the cloud are built for the best security practices and are free of misconfiguration vulnerabilities. 

When we deploy containers in any cloud, the runtime protection is really good. If a container is running any kind of application, it can detect a cryptomining attack. The solution also provides File Integrity Monitoring testing.

It has various models and provides comprehensive visibility. It shows us how our assets are performing in any of our clouds. It gives us a holistic view of our native cloud environment, and we can also fine-tune the policies for our architecture.

The modules help us take a preventative approach to cloud security. Flow Logs provide a real-time assessment of our network.

It recently integrated with another company called Checkov. It checks all the misconfigurations that a developer could make during the build phase. This means that whenever we're building any kind of application or deploying any application, it will detect it right away. We can integrate it into our CI/CD pipeline or with any other Jenkins plugins. I tested those use cases as well. The solution has improved since they integrated the product with Checkov.

It provides good visibility. In terms of controls, it depends on how you want to do it. Sometimes, you need to be specific in terms of controls. With runtime detection, it's going to be more powerful. We're confident that our assets are secure.

The solution is capable of integrating security into our CI/CD pipeline and adding touch points into existing DevOps processes. We don't have the option to leverage it, but I have tested it in my previous organization.

This solution is more AWS and Azure-centric. It needs to be more specific on the GCP side, which they are working on.

I have been using this solution for about two and a half years.

The solution is reliable.

The solution is scalable.

Technical support is very helpful. I would rate them a nine out of ten. We have a weekly cadence.

Positive

The setup was very easy and straightforward. We haven't set up the automation perspective. We're still testing it, so we haven't leveraged it yet.

The setup didn't take very long, but it will be different for every organization. If your cloud architect team is willing to deploy with you, it shouldn't take more than a week. It also depends on how large the organization is and how many subscriptions are in the cloud environment.

We don't need to maintain anything on the console side.

We used an integrator from Palo Alto. They were very good and offered great support.

The solution is pretty expensive. It all depends on the organization's goals and needs.

The cost depends on the pricing model. Compared to other solutions, the cost isn't that bad.

I compared the solution to other security products like Fortinet, Lacework, and Security Command Center.

I would rate this solution as eight out of ten. 

Those who want to use this solution, need to understand the concept behind this product and get to know their own environment first. The solution will give you holistic visibility of your assets, which will show you what needs to be fixed. Security comes with an expense, so it depends on what you want to leverage and where.

I'm still testing the automation capabilities because my organization is specific to one cloud. They were more aggressive on Azure and AWS Prisma Cloud, but now they are considering GCP customers as well.

We're still in POC mode for continuous security that comes under runtime protection. I can't 100% guarantee that it reduces runtime alerts.

We wanted to use Prisma Cloud as a CSPM. The company needed a single pane of glass to monitor our AWS and Azure environments and see where we were in terms of configuration drift, vulnerabilities, etc. 

We're pretty AWS-heavy, so we wanted to see where we stood among all our AWS accounts. We wanted to keep an eye on all that, have a one-stop job, and maybe even offload some of our work. The company wanted to integrate with our Splunk instance to pair our SIEM logs with the CSPM. Most of it was for compliance tracking and vulnerability.

We tested everything out. We were building our own standards, but we also needed to adhere to IRS Publication 1075. They had that natively in their tool, but we could custom-build it.

I thought Prisma was great. It was robust and had many capabilities. We saw most of what we were looking for. The benefit was pretty easy and pretty quick. Prisma is a top-notch product. If they could make it agentless in the Windows stuff we needed and monitor the private cloud, we would have gone with Prisma. Prisma works perfectly with the cloud tools we have. 

I like Prisma's multi-cloud capabilities. It supports the big four cloud providers: AWS, Azure, GCP, and Alibaba. That was critical. We have mixed environments, so it's important to monitor all of that. We don't have much going on in Azure, but we will. We are predominantly AWS.

Prisma was extremely comprehensive. It's easy to drill down to gather more information and keep going. It seemed like you could drill down forever to see what the vulnerability was linked to. 

They had a MITRE ATT&CK attack map that told me here's the vulnerability, issue, or threat. In several instances, it would provide remediation options. If you had it linked up and fully integrated with AWS, it could handle the remediation for you. Otherwise, it would lay out the whole steps and provide the AWS CLI commands to resolve those issues, which was cool. We loved it. 

Runecast gave us more visibility into VMware's private cloud. We have more environments there, but Prisma's lack of visibility into the private cloud was a downside—there weren't many. 

We tested Prisma Cloud out for about a month and a half to compare it to Runecast to see which works better for us.

Prisma's price is pretty high, but it's a good product, and you get what you paid for, especially if you're working in a containerized environment.

We looked at Runecast and Prisma. We did not go with Prisma because Runecast could deploy agentless to our VMware private cloud, and we were impressed with this capability. Prisma looked polished, but Runecast could monitor the private cloud, which was a big thing for us. 

Vulnerability control is one of the things we're working on right now. It'd be great if we could find a product that can help with it. One issue we're having is that the latest data model we use to build out our products is domainless. We can't use Nessus, which is all on a domain, for vulnerability management on our private cloud.

We've tested out agents through the Defender for Endpoint and other things, but they don't handle the load that we have. This was going to help detect vulnerabilities in that environment. Unfortunately, Prisma wasn't able to work in the private Cloud. They were more focused on containerization and Kubernetes, so we ended up going with Runecast.

I rate Palo Alto Prisma nine out of 10. I recommend it. It's polished and a great product. Unfortunately, it didn't fit our use case, but I think their use case is pretty normal for most.

We use Prisma Cloud by Palo Alto Networks for architecture and design.

We found Prisma Cloud by Palo Alto Networks very important in solving architecture and design problems within the company, and it improved our company because it showed us different ways of doing things and gave us a better understanding of an architectural entity.

Prisma Cloud by Palo Alto Networks has helped our company progress.

From the time of deployment, it took a few months for our company to realize the benefits of the solution.

Prisma Cloud by Palo Alto Networks is a valuable solution. It is useful as it provides some security on multi and hybrid cloud environments, which is very important to my company.

Prisma Cloud by Palo Alto Networks is also a comprehensive solution that helps protect the full cloud-native stack and helps us secure the entire cloud-native development, which is another reason it is useful for the company.

The solution also has good security automation capabilities and is useful for helping my company take a preventive approach to cloud security.

It provides the visibility and control we need, and it helps a lot in giving us confidence in our security and compliance postures.

Prisma Cloud by Palo Alto Networks also enabled the company to integrate security into our (CI/CD) pipeline.

We also found how seamless Prisma Cloud by Palo Alto Networks touchpoints are to our DevOps processes, and we find them very helpful.

The solution even serves as a single tool to protect my company's cloud resources. It does not affect our operations.

Prisma Cloud by Palo Alto Networks provides risk clarity at the runtime and across the entire pipeline. It shows us the issues, and the developers can correct them without affecting our operations.

The solution also helped in reducing runtime alerts very quickly. It also reduced our alert investigation time because it's all automated.

We had some teething issues with Prisma Cloud by Palo Alto Networks, but overall, it did what we expected. It has some areas for improvement, but I cannot remember exactly off the top of my head.

I've worked with Prisma Cloud by Palo Alto Networks for four years.

I found Prisma Cloud by Palo Alto Networks stable. I'm impressed by its stability. I cannot recall any downtime with the solution. I rate it as eight out of ten, stability-wise.

I found Prisma Cloud by Palo Alto Networks scalable, and it's an eight out of ten for me, scalability-wise.

The technical support for Prisma Cloud by Palo Alto Networks was very good. I would rate its technical support eight out of ten.

Positive

Prisma Cloud by Palo Alto Networks is what my company has. It's the solution my company wants to use.

I was involved in the deployment of Prisma Cloud by Palo Alto Networks, and I found its initial setup straightforward. It took a few months to deploy the solution.

Our team deployed the solution.

Prisma Cloud by Palo Alto Networks has helped the company save some money. Cost-wise, it's okay.

I advise others who may want to implement Prisma Cloud by Palo Alto Networks to check it in a test environment first to ensure it does what they expect.

My rating for Prisma Cloud by Palo Alto Networks, overall, is eight out of ten.