Prisma Cloud by Palo Alto Networks Reviews

We use the solution for three areas, CSPM, CWPP, and Cloud Security.

We use Prisma Cloud by Palo Alto Networks mostly for CSPM. CSPM helps us identify and fix misconfigurations in our cloud environment. This can help us prevent security breaches and improve our overall cloud security posture.

Prisma Cloud also provides CWPP. CWPP helps us protect our cloud workloads from malware, ransomware, and other threats. This can help us keep our data safe and secure.

Prisma's Cloud security is something we are still working on.

The solution is deployed as SaaS.

The solution provides security across multi and hybrid-cloud environments. However, we are currently only using it for the public cloud. We do not use it for any hybrid solutions, and we are not running any on-premises solutions on it.

The solution covers the full cloud-native stack with a single pane of glass. If we need a holistic view of our security posture, Prisma Cloud is a good option. It provides a single pane of glass for managing our security across all of our CNCF workloads.

Overall, Prisma Cloud by Palo Alto Networks is a very good product. I have been using it for the past four years, and I found it to be very effective in helping me to understand my cloud security posture. 

I will use the CNCF as an example. I really like the complete tool. When we first started to use the cloud, we didn't know what we were doing. Only the admins knew what they were doing wrong and what the threats were in the cloud. Cloud is a shared responsibility between us and the cloud provider. This is true for any cloud provider, such as GCP, Azure, or AWS. We don't have visibility into what admins are doing wrong or right, or how many admins keep our configuration secure. On-premises has parameters, but the cloud does not. The solution provides visibility into what is wrong in our environment, what has been done wrong, and what we can do to correct it. This is because of the configuration and the misconfiguration. From an architectural perspective, if we are doing the first step wrong, there is no point in going to the second step and making it correct. We should make our first step correct. Prisma Cloud provides visibility for us to do this.

Prisma Cloud's comprehensiveness for securing the entire cloud-native development lifecycle across build, deploy, and run is good. The solution provides a single pane of glass for everything, including core security, data security, CSP, CWPP, and EIM security. Other good options are available, but they do not offer a single pane of glass. Instead, they are individual products or modules that must be used separately. Prisma Cloud can improve IM and data security, but if we do not want to use multiple tools, Prisma Cloud is a good option because it offers a single pane of glass for all our security needs.       

Prisma Cloud provides the visibility and control we need, regardless of how complex or distributed our cloud environment becomes. We can see how many complaints and alerts we have, which gives us a sense of security. 

Prisma Cloud enabled us to integrate security into our CI/CD pipeline and add touchpoints into existing dev ops processes.

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications without having to manage and reconcile discrete security and compliance reports. For operations, the capability of CSPM works well.

Prisma Cloud provides risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases. Our developers are able to correct issues using the tools they used to code. Some of the results are false positives but the majority are not.

Prisma Cloud helps reduce some of our runtime alerts by 40 percent.

Prisma Cloud helped reduce our investigation time by up to 60 percent. 

I find the CSPM area to be a more valuable and flexible feature. We have control in our hands, and we can do anything we want with our cloud security posture management.

Prisma covers all the CNCF areas. However, they are not the best in all of them. For example, their identity controls are not the best. They have modules for identity controls, but they are not the best in the market. The same is valid for data security. AWS and Azure have better native data security than Prisma. Individual modules, other than CSPM and CWPP, could be improved.

The security automation capabilities are average. They have a semi-automated remediation policy, but many tools on the market can automatically remediate based on the resource and desired outcome we need. Therefore, I think the automation of alerts could be improved.

The visibility of the reporting data for CI/CD can be improved in our console to make the output visible to management and developers.

I have been using Prisma Cloud by Palo Alto Networks for four years.

Prisma Cloud is stable.

Prisma Cloud is a scalable platform that releases new modules every six months.

The technical support is good.

Positive

The initial setup is straightforward for an experienced person who follows the instructions. If we have all the necessary resources, the deployment can be completed in one day.

I first started with the CSPM, then the CSP medium, about a year before moving to computing. I then tried data security for native security and more outside and code security.

We used Palo Alto Networks' Professional Service, which was included in our credit and license. They provided us with assistance with the initial implementation, and we were satisfied with their services.

We have seen a return on investment from using Prisma Cloud because it has improved our compliance and security posture.

The pricing is reasonable. However, I think some modules need to be restructured, particularly those related to data security. The licensing model for data security should be compared to the native security offered by AWS and Azure.

We evaluated Wiz and CrowdStrike. We initially started with CSPM, so Prisma Cloud was more flexible. The representative of the Prisma Cloud CSPM was better and more user-friendly. It gave us more permissions, more controls, and it wasn't complex. We could still do whatever we wanted if it was not given by Prisma out of the box. Therefore, we chose Prisma Cloud.

I give Prisma Cloud by Palo Alto Networks an eight out of ten.

If you are new to the cloud and you are not sure where to start, I would recommend using Prisma Cloud. It will give you a comprehensive view of your cloud security posture and help you to identify any areas where you may be vulnerable. You can also use Prisma Cloud to test and evaluate different security controls before you deploy them in your production environment.

Our entire company uses Prisma Cloud. Anything we deploy in the cloud is protected by the solution.

Prisma Cloud does not require maintenance from our end.

If someone is new to the cloud and looking for cloud security, I think the best place to start is Prisma Cloud. Prisma Cloud offers a comprehensive set of security capabilities, including CSPM, workload security, and cloud security. We can start by using the CSPM module to assess our cloud security posture and identify any potential vulnerabilities. Once we have addressed any critical vulnerabilities, we can then move on to the other modules.

Everything is a lesson because we started with no knowledge. We did not know that there would be many risks and offenses involved in our cloud security environment. We need to know all of the risks, and we can overcome them with Prisma Cloud.

We use Prisma Cloud by Palo Alto Networks for our cloud security posture management.

Prisma Cloud by Palo Alto Networks has multiple aspects that help protect the full cloud-native stack. We are not concerned with just one cloud at the enterprise level; we are focused on the multiple cloud environments we have. The solution provides us with a comprehensive dashboard and a comprehensive view of our cloud security posture. Furthermore, the solution not only covers the security posture but also informs us of our compliance with leading industry standards.

The solution does have security automation capabilities, but we do not use much of it in this case. We use automation for the alerts; if there are any misconfigurations, the alerts are automated. However, we do not mitigate any specific items using automation, as that is something we have not configured. We prefer to first look at the problem manually, and then take action against it.

There is no single comprehensive cloud security solution. We will need to use multiple tools, such as those offered by Palo Alto Networks and Check Point. Every security firm has a range of products, so if we consider all of them, we can have anti-virus, anti-malware, vulnerability assessment solutions, EDP software, and cloud security posture management. We need to evaluate each tool, and Prisma and Check Point both offer good solutions, including next-generation firewalls.

The solution provides the visibility and control we need, regardless of how complex or distributed our cloud environment becomes.

The solution can enable us to incorporate security into our CI/CD pipeline and add checkpoints to existing DevOps processes. From an automation standpoint, we enabled certain monitoring features. However, the remediation steps are still manual. This can be integrated into our DevOps pipeline, though some of the features are not being used as we prefer to keep it manual.

The solution provides us with a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

The solution reduced runtime alerts. We don't need to receive all the runtime alerts every time, as they will overwhelm us with messages. People often neglect this. Depending on the situation, generally, only very important alerts should be sent. I prefer that the solution be configured for when there is a major business impact. For minor alerts and notifications, we can still check the dashboard. Generally, we monitor the dashboards at certain times. We don't need to be alerted for everything, as this will defeat the purpose of this mechanism.

The solution significantly improved the time taken to investigate alerts by 40 percent with the alert monitoring and all its mechanisms, we receive our critical alerts quickly via email. We can even configure the remediation, although we have not done so yet. 

I appreciate the multi-cloud support that this solution provides; I can use it with AWS, Microsoft Azure, and Google Cloud. I find the ability to configure alerts and monitor misconfigurations in the cloud to be particularly useful, and we take advantage of this feature as well.

Prisma Cloud by Palo Alto Networks is an impressive solution. The solution continuously assesses our security posture, making it the ideal preventive measure. If any misconfigurations occur, I am immediately notified of any unnecessary ports that are open in my cloud. This alerting system allows me to take the necessary steps to secure it before any attack can occur, making it the best preventive measure for our cloud.

I now extensively use cloud security posture management. There needs to be a mechanism that allows me to manually configure compliance more easily. Currently, it requires programming knowledge, so if someone without hardware programming knowledge could customize certain features to their requirements, it would be very helpful.

I have been using the solution for five months.

The solution is stable because it is a SaaS offering.

Nowadays, all cloud solutions are scalable; scalability should be a given feature and does not need to be asked for.

A maximum of ten people have administrative-level access, which will be used by 50 to 60 Security Operations Center personnel. This personnel must log in with various role-based access rights. In total, we have around 70 people using the solution.

In my previous project, we had a dedicated team associated with the account, so we did not have to pay for support. This was beneficial because, most of the time, we would go to our account team instead of the technical support, and our issues would be resolved quickly.

Positive

The initial setup is seamless. We only need to integrate our API key and connect it.

The deployment took one hour.

I can see one return on investment due to continuous monitoring. Before, we had a few staff members who monitored our environment, but now the alerting and other processes happen automatically, so there is a good ROI in terms of resources. Additionally, the security posture of the environment is increased and fewer incidents occur, which improves our response time and resource efficiency. There are also indirect ROIs.

The pricing is competitive; for the most part, the security firms have similar prices. Therefore, I believe it is competitive and a good investment. The solution is good quality, so I would not hesitate to invest in Prisma Cloud by Palo Alto Networks.

I give the solution a nine out of ten.

I absolutely recommend Prisma Cloud by Palo Alto Networks at an enterprise level because the solution is an enterprise-grade product.

I work for a monetary provider and handle around five customers. We mostly use Prisma Cloud for CSPN, but we have a banking customer using CWPP. 

Apart from those two use cases, the other customers are not interested in Prisma Cloud's other functionalities because they're green and already have other solutions with partners that they say are more mature. We have not implemented them in the customers' production environment, but we have toyed around with proofs of concept.

My organization is not primarily a customer. We don't use it a lot because we're a security company that mainly provides customers with solutions using this. That said, visibility is the most significant benefit for our clients because some are so large that they're unaware of what they have. 

They don't have adequate governance over expenses, security, and the parts of the network that are communicating. Prisma Cloud gives them reports that will provide instant insight into what's there. A new feature creates a visual map of networks and communications in the discovery part. It's excellent because you can instantly visualize everything. That's one feature that all the customers appreciate.

It performs well in complicated cloud environments. You only need to add your cloud account credentials. Most of the time, Palo Alto recommends using a full admin account for a service account accessing the tool. The tool works just as well, regardless of the company size. That's one of Prisma's biggest strengths. No matter how big you are, the tool can see everything.

Prisma Cloud can scan any cloud provider. We currently use Prisma on GCP, Amazon, Azure, and Alibaba. We also have Oracle, but I haven't used it for Oracle yet. This is crucial because some customers aren't proficient in managing multiple cloud environments. They only need to go to Prisma Cloud and see what they have because the team managing security is not the same one developing the solutions. 

Prisma offers a single pane of glass that lets you do most of what you want in one place. It's not only configurations but also knowing what you have, and your assets are doing. That's the main selling point of Prisma Cloud. It provides you with visualized reports, whether it's in the cloud, live serverless, containers, etc. 

I haven't toyed with CAB personally, but I think you can do that because you can scan images and deployments. I wouldn't say it gives you a lot of value in that regard because most of the CI/CD issues are application-level problems that Prisma Cloud or any other tool wouldn't help you with. Regarding security, you can deploy agents during the integration deployment and gain complete visibility with total memorability that you might introduce in the pipeline. Still, I think it will be a tiny part of the pipeline.

You will not see the problem if you're running an OGs application. While the developers can pinpoint the issue with the information provided, it will never relate to a piece of code and solve it. No tool can tell you exactly which part of the application is the problem, but a tool can identify which process has a vulnerability. Apart from that, many developers have issues finding the root cause of the vulnerability. When it's a library-related vulnerability, the TVD tells you to use another library or play the library. When your own code has the vulnerability, it's hard to pinpoint that.

Prisma provides a lot of information. You can see real-time alerts and forward them to JIRA or whatever tool you use with API or TVD. It also offers anomaly detection. If an administrator is logging in at weird times and doing strange functions, this tool can notify you about them. The anomaly detection is a correlation engine. You seldom get false positives. When it is a false positive, it's something you would expect. The only times I got a false positive were when the administrator forgot the password and tried logging in 50 times. At that point, they just need to contact support and change the password. 

Prisma has massively reduced our alert investigation times. It's 50 times quicker. Without this tool, we must dig up AWS logs, and the format isn't too accessible. The difference between using this tool to investigate an issue compared to a cloud-native solution is two hours versus two minutes. Digging up two logs using Ctrl-left is not the best approach, and it's the only approach cloud providers give you. 

The solution saved us because it helps us turn off idle machines. Most are machines we have turned on, and we didn't know what they do, but we didn't want to turn them off. Prisma Cloud lets you see the communication flows and the asset's actions on the communication map. If you see a device not communicating, it's easier to investigate what it's doing. Sometimes, it's a device generating reports at a particular time. You can schedule it to turn off when it's not active to save money. You also save money by spending less time solving your issues.

Doing cloud compliance without this tool would be impossible because cloud solutions are huge and highly complex. SOS compliance requires that you provide reports in under 24 hours. That's not possible without an automated tool like Prisma Cloud and the CSPN module. You would need to purchase Prisma or a competitor. It helps a lot because some customers have weird compliance requirements, and you can do it all on Prisma Cloud.

You can create custom compliance configurations according to your customer's needs and set Prisma up to provide the reports every 24 hours. In fact, you can do reports in 10-minute intervals or in real time. The client can access the dashboard and see if they're compliant. C-level executives in any company love that. 

The most valuable features are the alerts and auto-remediation because it allows us a lot of flexibility to customize and do functions the Palo Alto team never intended. We faced some challenges with certificates because we also have next-gen firewalls. We would like to equip all the traffic because there have been many cases in which the developers have made mistakes. Deploying certificates on virtual machines can be complex in a development environment, but we managed to do that with Prisma Cloud.

Prisma performs well in a fully cloud-native stack if you run several layers and Kubernetes. It's not so smooth if you migrate VMs into the cloud. Some customers try to do that with Prisma Cloud, but it's not compatible with Windows Server. However, you can deploy serverless containers without issue. You must deploy personal cloud agents into the virtual machines. The agents are called defenders. That module is excellent because you can see communications and vulnerabilities across your environment. It can also scan for malware. It tries to do many tasks at once, say the value it provides is the ability to see communications between devices.

The agent can block the traffic trying to exploit the vulnerability, but it can't fix the problem. That's on the application level. Most of the time, you give the application development team the vulnerability report, and they fix the issue, but Prisma protects you in the meantime. You can sleep well knowing that the agent is blocking the malicious traffic.

They recently added a module called Code Security that enables you to scan repositories or infrastructure as code. You can see concept errors like CSPN problems before the deployment. In tab use cases, it's excellent because you can see if there are misconfigurations in Terraform without having to deploy the instance or whatever you are deploying. That can save you money because sometimes people are deploying machines with problems that are easily fixable. It also improves security because you can fix a vulnerability before you have it with Cloud Security, but that's a rather new solution.

The IMD feature could be improved, but Palo Alto is working on that. It's a relatively new module that attempts to identify unnecessary permissions. Prisma Cloud is a platform that adds new modules whenever Palo Alto acquires a company or develops a new solution. The development team is trying to add new features. It also has Click Code Security for infrastructure security, but it doesn't add much value unless your DevOps team is really junior.

While Prisma provides a lot of visibility, it also creates a ton of work. Most customers that implement Prisma Cloud have thousands of alerts that are urgent. It creates a high workload initially. Apart from that, it solves the problems you have. Palo Alto says that 99 percent of breaches come from misconfiguration. I have seen that first hand. I think the fewest alerts a customer had was around 100 still, but they used another tool for that, so that saves a lot.

I have been working with Prisma Cloud for about 15 months.

Prisma's stability is close to 100 percent because it's just a dashboard that connects to your public cloud. It's essentially a website that never goes down, and you could also host it locally if your security requires it. Most of the customers use the Prisma Cloud platform. If it goes down for any reason, the security agents work independently of Prisma Cloud. You send logs to Prisma Cloud and update the configurations via the cloud. However, if the platform goes offline, you still have top-notch security.

As long as you purchase credits, Prisma Cloud is easy to scale.

I have never contacted Palo Alto support because our team is highly proficient in the solution and the platform is easy to use. You deploy the agents, and it just works. 

It's straightforward to deploy the solution because it's cloud-based, so you just set up an account, username, and password. If you think about it, the Prisma Cloud tool does not do much, but what it does is valuable. It does something simple on a scale that human beings could not do. 

Based on my own experience, I would I rate Prisma Cloud a ten out of ten. However, I haven't compared it with other solutions, so maybe other solutions have more features that Prisma is lacking. My advice is to implement Prisma if it has the features you want but also shop around because I'm sure other solutions are just as good as this one.

We use Prisma Cloud by Palo Alto Networks to scan the Kubernetes cluster.

We use Prisma Cloud's threat detection module.

We implemented Prisma Cloud by Palo Alto Networks to help us address vulnerabilities within our Kubernetes cluster.

Prisma Cloud provides security in multi- and hybrid-cloud environments. It is a security console that is essential to our organization. We have implemented Prisma Cloud on the Kubernetes cluster for threat detection and vulnerability monitoring.

Prisma Cloud's security automation capabilities are good. Once integrated with our Kubernetes cluster, it automatically detects vulnerabilities and provides reports in the dashboard, which we can use to generate CSV formats to help our development team detect vulnerabilities.

Before implementing Prisma Cloud, we had difficulty preventing threats. After implementation, the vulnerabilities were resolved, and we now receive immediate notifications to help us prevent threats.

Prisma Cloud protects both our Azure and AWS cloud environments.

The most valuable features are vulnerability monitoring, serverless access, container runtime features, and Defender.

Prisma Cloud supports generating CSV files, but I would also like it to generate PDF files for reporting. 

I have been using Prisma Cloud by Palo Alto Networks for two years.

Prisma Cloud has a stability rating of 99.99 percent.

The solution has very good performance 

The technical support is dedicated and they respond quickly.

Positive

We previously used Lacework, but we faced some licensing issues in our parent company, so we switched to Prisma Cloud.

The initial setup is straightforward and was completed by my manager and me.

Initially, we implemented it along with the vendor team, they guided us excellently.

Prisma Cloud's pricing is good.

We evaluated other solutions' costs and features.

I would rate Prisma Cloud a ten out of ten.

Twenty-four people monitor Prisma Cloud alerts each day in our organization, and any issues are sent to developers to be addressed.

Maintenance is required to upgrade the dashboard.

We had Azure, AWS, and a little bit of GCP, so we gave Prisma read access to all those accounts, subscriptions, etc., and monitored the alerts to mitigate risks based on what popped up in the dashboard.

While it's not our only tool, Prisma is managing about 80 percent. We still occasionally go into cloud-native tools to ensure certain compliance standards are being met. Sometimes, urgent issues need to be fixed that haven't been reported in Prisma because the native tools will catch them first. As a third-party solution, Prisma might take a little longer to build a report directory.

We had around 30 to 40 users who were a mix of cloud and DevOps engineers. There were also members of the security team who made decisions about what kind of security policies we had to follow. We used it extensively within the public cloud across all our Azure, AWS, and GCP subscriptions and projects. There was interest in using it on-premises with our vSphere environment as well. I don't know if that ever happened.

Prisma enabled us to get up-to-speed on enforcing TLS 1.2. It helped us look at different types of resources, like storage accounts and app services. I'm thinking particularly of Azure because that was my focus. I found all the resources from the Prisma list and remedied those issues so that they were displayed as resolved in Prisma.

It gave us visibility into and control over complex cloud environments, which helped us feel better about our security and secure the environment with the clinical data. Our security team was pleased when we showed them clean Prisma reports. It boosted their confidence and their comfort level that we were being compliant.

Prisma made it much easier to ensure that all of the security pieces are handled. It simplified our security issue resolution. It cut down our investigation time by giving us one place to look. It cleaned up our operations considerably because finding what resources needed to be resolved, mitigated, or updated was easier. It probably saved us several hours every week. It also saved us some money, but I couldn't quantify the savings because other environments also used it.

It helped us develop a preventative approach to security. Nine out of ten times, we could find issues that needed to be fixed ahead of time. We had a monthly meeting where we would review the high-severity alerts on the dashboard and assign people to remedy them. Once we got through the high severity alerts, we looked at mediums and low severity alerts. Prisma enabled us to identify resources we needed to fix, which was quite handy.

We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features. 

Prisma's multi-cloud capabilities were essential. We wouldn't have used it without them. We would have just used the native cloud vendors' security solutions. Its protection of our full cloud-native stack is pretty comprehensive. I would rate it at least an eight out of ten. It stacks up well compared to the security alerts and notifications we got from solutions like Defender.

It sometimes took Prisma a little while to build queries, so new services or features wouldn't appear. It wouldn't get flagged in Prisma for a bit. It would be helpful if they sped up how quickly they got their default notifications, queries, and alerts.

The access controls for our bank roles were not granular enough. We needed specific people to do particular actions, and we often had to give some people way too much access for them to be able to do what they needed in Prisma. They couldn't do their jobs if they didn't have that level of access, so other people had to do that part for them. It would help to have more granular role-based access controls.

We used the solution for about three years at my previous company. 

Prisma seemed highly stable, but I wasn't managing the solution. I was more of a user.

Prisma seemed to scale pretty well. It covered several large environments and didn't seem to struggle when loading information for us. I think it did well.

I rate Palo Alto support a six out of ten. The support was adequate, but I can't say it was great. If we had an issue with a feature or a query, it could take them a little while to get back, especially if it was a feature improvement or a new alert. They were very slow to add new warnings and features.

Neutral

The company never had a public cloud solution before Prisma, but they had something for on-prem. I don't know what it was. They also used cloud-native solutions like Defender for Cloud and the native tool for AWS.

We switched to Prisma because we wanted a single pane of glass that would allow the security team to see security issues across all of the public cloud vendors that we used, so they wouldn't have to jump to each individual cloud vendor's tool.

I was involved in the POC several years ago. It was like a lab test. After we tested that for several months, we rolled out the official one. At that point, I was just helping them test as they tried out the product. I didn't actually install the software.

The setup seemed pretty straightforward. There were clear instructions on how we just needed to create service principles with specific permissions and then grant Prisma the credentials for the service. I think they only had about five people maintaining the Prisma environment, and each was responsible for bits and pieces of it.

I believe the company saw a return using Prisma.

I know that the guys who handled the pricing said Prisma was costly, but I don't know how that compares to other products.

I know the team evaluated other options, but I wasn't involved.

I rate Prisma Cloud an eight out of ten. Having one place to go for all of your security alerts and notifications makes it easier to solve issues than going to each vendor's security tool.

We are a system integrator. My organization has a cloud practice, and we focus on cloud security. Predominantly, Prisma Cloud is used to identify misconfigurations in the cloud.

We have been using Prisma Cloud for two specific customers on Azure Cloud. It is quite a new organization, and we currently have two customers, but in my previous organization, we had about eight customers.

We predominantly focus only on the cloud. We don't work with hybrid models. MultiCloud is there, but we haven't worked on MultiCloud as of now. This specific region is more into Azure Cloud. Azure has a data center over here. Therefore, the adoption of AWS or Google is not high in this region. For data compliance, customers want to stick to a cloud vendor that has a data center in this region.

My 18 years of experience is purely in serving the US and Europe markets. I am quite new to the UAE and the gulf region, and I found that this region is not very mature when it comes to cloud security. The majority of the CISOs are not aware of cloud security controls that need to be implemented, and they only speak about traditional security such as EDR, endpoint security, DLP, etc. So, there is a big potential for cloud security, specifically at the containers and serverless layer.

When we evaluated solutions, we carried out PoC not only for two customers but also for the other six accounts, and they were pretty shocked to know that there were a lot of misconfigurations in the cloud. This region lacks cloud security skills, and there are not many cloud security experts or solution architects to design proper architecture. When we carried out the PoC, they became aware of the misconfigurations and security gaps. It helped them to identify the potential risks they have in the cloud. Generally, with security, it is not easy to measure the outcome or gain from a solution because it purely depends on the breach and the data loss, but so far, we have helped two organizations in fully implementing the solution, and the other four are still in the PoC process.

We purely focus on the container and serverless security, and we predominantly work with Cloud Posture Management (CPM). We opted for Prisma Cloud because we found Prisma Cloud to be better in terms of the overall posture and integration. There are other products in the market, but they don't have a complete and broad portfolio range when it comes to containers or serverless functions. Prisma Cloud has good integrations. You can integrate vulnerability management for the overall risk score. When it comes to commercials, costing-wise also, it is far more reasonable for the customers.

It is good for helping us to take a preventative approach to cloud security. It identifies all the controls and gives an overall picture. For example, it tells us the portion that has misconfiguration. So, we can fix that portion. It is a very good preventative tool. Certain customers predominantly use it for one-time assessments, which I don't recommend. It should be an ongoing assessment to have a good incident response as soon as an alert comes in. Normally, people just ask for a weekly report or monthly report to identify their security posture. Instead of that, they should have a real-time incident response solution to act as a preventative tool. As soon as an alert is generated, there must be someone to immediately work on it, and having such a tool really helps.

It provides the visibility and control we need. In my previous organization, we had quite a complex environment with about 30 Kubernetes clusters. As compared to other tools, it provided better insights, but I haven't evaluated it for much more complex architectures. When it comes to serverless architectures, our work has been minimal. Therefore, I cannot confirm or guarantee whether Prisma Cloud will satisfy a highly complex environment.

It gives the overall picture of compliance when it comes to the cloud security portion. We also have a couple of custom dashboards wherein we integrate the security risk score from other tools. Before implementing this solution for the customers, there was no proper mechanism for the cloud. They only had the vulnerability management reports, the SIEM score, or the application VAPT reports, but they did not have any visibility to anything on the cloud in terms of overall compliance and container security. It definitely gave visibility to the CISOs. A lot of people are still concerned about whether the cloud is secure, whether they need to migrate to it, and whether they have proper security controls for containers and serverless security. It gives better exposure to them. We do have proper tools with CISO-enabled dashboards using which they'll be able to see the score. 

It has reduced runtime alerts by 60% to 70%. 

It has reduced the alert investigation time. False positives are reduced. So, we are able to focus on what has been highlighted. At certain times, we need to accept certain changes, and it also gives us the flexibility to mark something as safe. Based on the change control, we can disable the alert so that the alert is not repeated until the change is completed. We have the functionality to do it.

The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap.

We identified two things that we felt would be great to have, but they are under NDA. So, I can't disclose them. Other than those two things, we identified a generic bug in the secret key management service on AWS that needs to be fixed. We reported it to them, and we want them to fix it.

It is very good with predominant cloud vendors, such as AWS, Azure, and GCP, but I am not sure about its efficiency when it comes to other cloud vendors. They should expand its coverage to other cloud vendors such as Alibaba Cloud and Oracle Cloud, which are quite common in this region. I am not sure if they have a full-fledged Oracle Cloud controls evaluation. If they can improve it in terms of the MultiCloud aspect for the organization, it will be helpful, especially in this region.

I have been working with this solution for almost three years. In my previous organization, I worked with it for two years, and it has been about eight months since I joined my current organization. Here also, we have opted for Prisma Cloud.

Its stability is good. We didn’t have any issues with it.

In my earlier organization, we used it for a bigger client with about 3,000 VMs in AWS and about 30 to 40 clusters. We did not have any challenge with its scalability. As we started putting things, it was working well. 

In this organization, we only have two small customers. There is not much workload. We haven't had any issues. It works fine.

In my earlier organization, I worked directly with Prisma Cloud support. Their support was good. My engagement was minimal, but the initial support from them was quite good. When I had some RFCs and RFIs coming in, their turnaround times were quite less. We had a very good rapport with them. We had a specific account manager who handled any RFCs and PoCs. Their support was good, and we didn't have any challenges. 

In this organization, we have been working with a channel partner, and there have been a few challenges because they are also occupied with other proposals and tasks. The same partner also works with other competitor organizations. Overall, I would rate their support an eight out of ten.

Positive

In my previous organization, we were using the Skyhigh networks. Earlier, it was Sky network, and later on, McAfee acquired it and made it a CASB and cloud posture management product. We had a couple of challenges with it. So, we evaluated a lot of products and shortlisted Palo Alto Prisma Cloud. 

It is straightforward. They provide two options. You can configure it manually or just grant access. It can then easily sync up. They also provide the cloud formation templates to spin up in minutes. So, it is straightforward and very simple.

It is hard to measure cost savings at this time because it is quite a new investment for the organization. Cost savings will be there in terms of security and reducing the development time and error fixing time, but it will take some time to measure that.

Its price is reasonable as compared to other products. The main challenge is explaining the licensing model to customers. It isn't a problem related to Palo Alto. Commonly, people don't understand cloud licensing or security licensing. When they have fixed virtual machines, they know what they are going to be charged, but when it comes to cloud automation, it is hard for them to get clarity in case of high workloads or when they have enabled auto-scaling, etc. It would be helpful if Palo Alto can educate people on their licensing programs.

We evaluated multiple products after I came into this organization. We evaluated various CSPM and container security products, such as Aqua Security and Rapid7.

Nowadays, every vendor has come up with a cloud posture management tool. So, we carried out a couple of PoCs in specific customer accounts that had an almost similar type of infrastructure, and based on the outcome, we found Prisma Cloud to be better in terms of identification of miscontrols and security. The cost also played a major role. As compared to other products, it was reasonable. So, the feature set for fulfilling customer requirements and the cost were the two factors that played a major part.

The third factor was the flexibility to work with the vendor. In terms of partnership and support, we felt that being a Palo Alto product, Prisma Cloud would be better. Palo Alto has better service over here, and their channel partners are quite flexible to work with on initial customer demonstration and other things. We felt much more comfortable with Prisma Cloud in all these three aspects.

When it comes to its security automation capabilities, currently, not every customer prefers to automate. We have been trying to implement automation, and when the right access was given, we did a certain amount of automation to immediately block the firewall rules or revoke access when any privileged access has been given. We have been doing a little bit of automation, and it has been good. We are able to achieve our goals. Out of two customers in this company and eight customers in my previous company, only three customers preferred to do automation to a certain extent. The rest of them wanted the alerts to be sent to the incident response team of their SOC. They wanted their team to act upon them. They only allowed us to automate high severity ones or highly critical ones. For example, they only allowed us to automate things like immediately blocking access to specific ports or IPs, but we haven't tried the automation to a full extent.

It enables you to integrate security into your CI/CD pipeline and add touchpoints into existing DevOps processes. We implemented it for just one use case. Before that, we were using Qualys Container Security in the CI/CD pipeline. After switching to Prisma Cloud, I did not have an opportunity to evaluate it completely because I moved to another organization. In my previous organization, we had expertise in DevOps. We had a dedicated DevOps team with almost six years of experience in automating the entire deployment of servers infrastructure, as well as applications. It was pretty easy for them to implement or integrate any security tool into the CI/CD pipeline. In my current organization, we don't have an expert team, and we struggle a bit in implementing things because there are multiple CI/CD deployments from Jenkins to Amazon's native one and Git. So, we take support from Palo Alto to get things deployed during the PoCs. In my previous organization, it was also easier for us to implement because the training provided from the Palo Alto side was quite good, and we had a lot of training materials in the partner portal. We utilized them. We got in touch with the technical team, and we implemented things quite faster, but here, there is a bit of lag because we don't have expertise in DevOps for implementations or integrations.

It can provide risk clarity at runtime and across the entire pipeline, showing issues as they are discovered during the build phases. Shifting your security to the left cuts down the entire life cycle of application deployment, and it does help to fix the security issues at the beginning of the development life cycle itself. We have not seen a large amount of time being cut down. That's because, typically, teams deploy the code, and then initiate a security scan. By integrating these things into the early development cycle, the time can be cut down to three weeks from about one and half months.

I would rate this solution a seven out of ten.

I have onboarded AWS environment accounts for some clients and some online hosted repositories on third-party platforms.

We currently have four modules. We have Application Security, Runtime Security, and Cloud Security. The latest one is Data Security, but I have only been using the other three modules.

I have mostly onboarded accounts. I have not used its other features much. I am aware of the environment dashboard that we get after 24 to 48 hours of scanning. The suggestions that they give are in a curated manner. We can see what steps we can take to minimize risk or remove critical or high-level vulnerabilities. This categorization based on severities helps us to prioritize which risks need to be remediated first.

It helps us to prioritize. We can see what is the scenario at the network level, identity level, or Internet exposure level. On the basis of these categories and on the basis of severity, we get the whole cloud security posture of the environment and also the suggestions.

It has helped save some time. The customer environment can be very vast, and the use cases can vary. A startup environment or beginner-level cloud environment is easy to check manually, but for users who have been using cloud environments for three or four years, manual checks are not efficient. Prisma Cloud saves time and costs. We are able to give a much more informative review of the cloud environment.

Prisma Cloud is a cloud-native application protection platform. That is what we showcase to our potential customers. It has helped us to gain the confidence that we can proactively monitor a cloud environment or a repository. One of my recent use cases was related to the repository. The establishment of trust is there, and the extent of cloud security services has also rapidly increased for our organization. This offering has been a great pillar for our organization.

It not only provides the risks and misconfigurations; it also includes compliance, so the industry-level standards are also monitored.

I started onboarding environments only two or three months ago. After the first scan, I could see the cloud security posture on the dashboard. In some cases, I could see misconfigurations and some package-level vulnerabilities. They were all categorized on the basis of severity. I discovered all these things. Out of them, some issues were commonly found. We are able to resolve them in the easiest manner. Considering the number of issues that it discovered, it would have taken us months to monitor all the events manually. The customer environment keeps changing and the requirements also change, so the cloud security posture also changes. Prisma Cloud scans on a regular basis and saves a lot of time.

The visibility level that it provides is the best. It is not restricted or limited to a few attacks or vulnerabilities. Every day, any type of attack can happen. There can be an attack of any severity. We are able to see all the possible incidents and all the possible issues in the environment. It has made us proactive, so our confidence has also improved.

The dashboard gets updated on a real-time basis. The first time, it takes 24 to 48 hours. After that, the latest scan is always available. It is consolidated. We get a detailed and comprehensive view from Prisma Cloud. It is easily accessible from the command center.

Prisma Cloud has saved us time. It helps us to fulfill our commitments. Without Prisma Cloud, it would take us double time to deliver to our customers what they want.

I believe it covers the containers and host-level security. It does provide information about how many hosts are in the environment and how many containers are deployed on Prisma Cloud. It tells us if any of the containers or hosts are affected and by which vulnerability. A comprehensive view of all that is available. We can see package-level vulnerabilities for PHP packages, Python packages, etc.

Visibility and control are the most utilized features. A dashboard is available to us where we can view different categories. We can see any IAM-related risks, any discovered vulnerabilities, any incidents, or any network-level issues. So, visibility and control are the most utilized parts. We can also view possible remediation or suggestions for each of the issues.

I recently onboarded some of the repositories, and for that, the issues were categorized into four types. The view was not very easy to understand. The Application Security dashboard was not as user-friendly as the Cloud Security dashboard. The Application Security dashboard can be improved in terms of UI. The categories provided should be helpful for the ones who are using it for the first time.

Other than this, I do not have any areas for improvement. I am a new user. I entered the domain of cloud security only six months ago. Before that, I was in a different domain. As of now, I see Prisma Cloud as an excellent tool.

I have been using Prisma Cloud in my current job role for the last six months.

It is stable. I have not had any issues.

I have not faced any limitations.

I have not interacted with their support.

I have not worked with any similar solution previously.

It was already installed when I joined. I only had to ask for some admin access, which was configured by the internal team in the organization, and my account was easily onboarded. 

The client account onboarding was also seamless. So far, we have onboarded five to ten accounts. Regarding the number of users, we provide limited access because it is a matter of cloud security. Overall, there are five to ten users, which also includes customers with view-only access.

It was already here when I joined.

I would absolutely recommend Prisma Cloud for cloud security posture management. It is great for onboarding cloud accounts. It is also good for onboarding repositories to improve application security.

I would rate Prisma Cloud a ten out of ten.

We use it for visibility, compliance, and governance. It is the official CSPM solution for our bank.

The only module we are using is the compliance module.

In Prisma Cloud, we were able to create frameworks using the RQL language, frameworks that are modeled after our Archer security baselines. Archer is the tool that we used to track all exceptions and security baselines. With Prisma Cloud we have been able to create custom baselines, based on the Archer framework that we have, and not just go off of CIS or NIST frameworks. 

We have also been able to generate reports for teams using the automated scripting tools that Prisma Cloud provides. On a weekly basis, we share those reports with the teams that are impacted. They go back and remediate their findings as needed, or we fine-tune the Prisma Cloud compliance language as needed if there is any ambiguity in there. 

Over the course of a few weeks, the teams remediate these issues and our compliance percentage goes up. Our compliance percentage for production environments was 95 percent. We then made some new acquisitions and they were at 40 or 50 percent, which was very bad. When we brought them under our company's umbrella, we gave them these reports, and they improved their compliance percentage. That has been helping us hugely.

Also, it does a good job of providing a view of our overall posture. Our confidence in our security and compliance posture was what I would describe as a "head in the sand" type of situation before. People would say, "Ah, we should be okay." But once we started digging into stuff and started putting our Archer baselines into the Prisma Cloud queries, that's when we realized that things looked poorer than we had imagined or assumed. This has been a wake-up call for our organization, and everybody has taken notice that we really have a hard job ahead of us.

In addition, with this solution we are seeing a single pane of glass to protect all of our cloud resources and appliances. We are seeing multiple occurrences with multiple platforms under one roof. That has really helped to simplify things.

Prisma Cloud does have some good investigation built into it. When an alert is generated, it does a good job at correlation, not the greatest in the world, but it gives you a good starting point. So it has helped us work on those alerts or investigate them more easily. It reduces our investigation time by 40 to 50 percent because it does all the initial investigation and puts all the findings together. You don't have to manually log into a lot of different accounts or tools to find out that information.

Financially, the only way I can think of that the solution has improved things is in our compliance structure. We spend less time after audits by putting in the effort beforehand. Recently, we have had a lot of good wins where audits have not been able to find a lot of issues. In the past, they used to find 15 or 16 findings, and now, they're able to find only one or two. When you have fewer audit findings, you have fewer man-hours dedicated to dealing with them. We are able to move those man-hours into our actual work rather than just audit work. We have been able to achieve some productivity there. I would estimate it has saved us 5 to 10 percent, in terms of money.

The most valuable feature is the option to add custom queries using the RQL language that they supply so that we can customize the compliance frameworks to what we need to look for.

The comprehensive view that it offers, the compliance percentage based on a framework for a particular account or a particular environment, is extremely useful. We can give those reports to the individual application teams so that they can remediate the findings. It also helps that we can give them read-only access, so we don't even get involved. They log in on their own and can pull a report, based on our instructions, and then do the remediation themselves. It helps us not be the middleman and not waste our time just generating reports for the application teams.

Also, Prisma Cloud provides security for multi and hybrid-cloud environments. We started off using it for our AWS environments, but now Azure and GCP are starting to come into play. We haven't started using those yet, we have just started initial discussions with them, but it has already been decided that Prisma Cloud would be the CSPM even for our Azure and GCP environments.

One definite area for improvement is the auto-remediation or the CWP area. 

The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options. The cloud is adding more and more complexity in terms of number of services or the number of options for each service, especially when it comes to security options like encryption at rest and encryption in transit. And there is the issue of the interlinking of these services. One cloud service uses another cloud service, like CloudFront in front of a load balancer. These interactions are creating numerous new combinations and the RQL language really needs enhancement to handle those queries. 

We ourselves have put in a lot of enhancement requests to Palo Alto, looking at these corner cases, so they can look into those and improve them.

I have been using Prisma Cloud by Palo Alto Networks for about two years.

Prisma Cloud is a little slow, but it is fairly stable.

It is a scalable solution. No matter how many accounts you add, it still can scale. Even the reports that we set up run pretty quickly. They have done a good job of making their platform scalable.

We have been acquiring companies quite a bit recently so we will be using Prisma Cloud heavily. This is our only company-approved CSPM tool. Even though we have some of the native tools in use, like Security Hub from AWS, or Azure Security Center, now called Defender for Cloud in Azure, the official CSPM is Prisma Cloud. It is the center of attraction for us so it is being used by everybody. In the future, we will be adding more accounts as needed until a decision is made on Wiz. We still have a good amount of time left in our Prisma Cloud contract, so we are not looking to switch to Wiz anytime soon.

Technical support is excellent. We have a dedicated account manager from Prisma Cloud who has an office hours session every Monday, and he also attends our standup calls. If Prisma Cloud has any new improvements or any updates that we might be interested in, he brings them up on those calls. We also have a weekly knowledge-sharing session where Prisma Cloud's personnel come in and make a 30-minute presentation and address the enhancement requests that we put in. They'll tell us what updates have happened, what improvements have happened, et cetera.

Positive

The initial setup was straightforward. It was done by one of our team leads, who is a cloud security fellow. He used to be a senior cyber security engineer. It took him three months of full-time work to set up those compliance frameworks, the custom RQL queries based on our Archer baseline, and then, import all the accounts. The importing of the accounts is pretty straightforward. They provide an API or you can even import manually. That's not at all a problem.

We have 10 to 15 users in the solution. Four or five of us are from cloud security proper, and we have administrative rights. Our cloud operations team, seven or eight people, looks at the alerts and investigates and resolves them. They engage us if they need any assistance because they're not very cloud aware yet. And we have a few pilot users who are from the application teams, and they have a read-only role. They generate a report for themselves. Many people still want spoon-feeding and say, "Can you generate a report for us or give us a screenshot of this and that?" We do that occasionally, but we are trying to move away from that process.

For maintenance, there are only two of us, and one of us is doing it full-time, more or less. The other one is more of a standby. We are documenting the procedures. We do weekly maintenance in Prisma Cloud, where we make sure the users are onboarded, there are no stale users, and take care of the general upkeep of the tool. The idea is that, in the future, we'll probably get a junior engineer for that role, while the senior engineer can perform enhancements or more advanced configurations.

When it comes to protecting the full cloud-native stack, Prisma Cloud is fairly okay. Compared to other tools out there, I don't think it is an extremely good product, but it's a reasonably okay product to work with. I've used Wiz in the past, and Wiz does a better job on full native-cloud security.

For example, there is the auto-remediation feature in Wiz, which Prisma Cloud eventually caught up to. Wiz also has agentless scanning that Prisma Cloud is, again, catching up to. There is also Terraform code scanning for CI/CD pipelines that Wiz came up with, ISC code scanning, et cetera. Those are some of the excellent features of Wiz.

Wiz also offers granular compliance frameworks in the sense that you could write your own compliance queries and make them part of a framework. Prisma Cloud's RQL is not that flexible. We are still running into some issues in some corner cases where there are no RQL queries available.

Prisma Cloud's security automation capabilities are very basic. Prisma Cloud is primarily a CSPM, not a CWPP. Even Wiz does not offer that many automation capabilities; they were coming out just at the end of the last year. But compared to other products that I have worked with, which are purely CWPP, Prisma Cloud would not even come close.

I would rate Prisma Cloud at about six out of 10 for helping to take a preventative approach to cloud security. It gets the job done. Our company has invested money in it, so we can't move away from it for another two or three years. But we are already piloting Wiz to see if we like it. Once the contract with Prisma Cloud is up, we will probably jump to Wiz. That's the idea within the company.

If I were to rate Prisma Cloud from one to 10, I would maybe rate it at six, while Wiz would be a nine.

We have started using some of the modules for securing the entire cloud-native development cycle across build, deploy, and run, but we have not really operationalized them. They're in the initial phases. It's not the maturity of Prisma Cloud that's in question, it's about the maturity of our company as a whole. Our company was not really tuned to CI/CD, secure DevOps, and the like, so we are slowly starting to integrate that. We haven't seen the results yet, but I would say it's very promising on that front at this time.

My advice would be to compare other products and understand what you want to do before you purchase or implement it.