Prisma Cloud by Palo Alto Networks Reviews

In my organization, we use Prisma Cloud to Protect the cloud environment to identify misconfigurations and send the reports to the cloud account owners. We can use Prisma Cloud based on location or based on cloud accounts. 

The policies that we are using in our organization help us to work more effectively to identify misconfigurations based on severity and the dashboard is very user-friendly to work with. 

I am very happy to use this product and find it to be highly impressive.

Prisma improved our cloud environment. It helps to identify the misconfigurations by monitoring regularly which helps to secure the organization's cloud environment. 

This product helps our organization in various ways, including identifying account-level misconfigurations. It will protect the environment in many ways. With this, we can avoid data leakage and avoid/identify public and internal cloud-level misconfigurations will be identified.

Identifying misconfigurations and vulnerabilities from the cloud account level as well as the development and operational level helps to secure everything effectively. 

Vulnerabilities can be identified before deployment - which helps our DevOps team to minimize or reduce time in an effective way. 

Identifying misconfigurations and vulnerabilities at the first stage itself will help the organization save time and money - which is highly appreciated. 

For some custom policies, we need more features. For example, at the investigation tab level, while adding columns for required fields, you can't have more than three or four custom fields. New cloud policies can be added in the next release to address severity changes for the cloned policies. It would be nice to have alerts at the dashboard level. For example, if five members are working with 50 different policies, based on the user name, policies should be assigned with alerts that can be displayed either in a graphical or listed way.

I've used the solution for three years.

I'd rate the stability 4.5 out of five. 

I am highly impressed with the product's scalability. Whenever I have issues with the solution, I will get an immediate response from the product team. They will try to close the issue as soon as possible - which is highly impressive.

I am very happy with the customer service. Whenever I have issues with the solution, I will get an immediate response from the product team and they will try to close the issue as soon as possible. This level of service is highly impressive.

Positive

This is my first solution. I did not previously use anything else. 

The product team helped us when the Initial setup happened.

We implemented through a vendor team and I'd rate the service five out of five. 

When compared to other products, Prisma Cloud is high in pricing and licensing. However, when there is high security it can be expensive. Smaller organizations can't afford Prisma Cloud.

As this is my first solution, I didn't choose any other product other than Prisma Cloud.

Financial companies want to restrict user access, which means the users need to go through a subnet to access their services. When the user connects to the internet via the Prisma Cloud VPN, they can use different types of IP addresses globally. The changing IP addresses can be pretty complex. It costs a lot for the application site to apply for access.  

We negotiated with Palo Alto to get 20 servers, and the customers will be added to those 20 subnets. On the Spectrum Access side, we only need a white list of those twenty subnets, and we won't have issues in the future. 

The solution is managed by Palo Alto. We're using Panorama, a popular management tool, for managing the connection between the physical portal, firewall, and VPN, as well as Prisma Cloud.

The user experience is better than our previous solution. It gives us visibility into all the traffic. 

The most valuable feature is the closed VPN connection, which provides better performance than traditional VPN boxes. For example,  let's say a user in New York State normally connects in the East, but if they travel to the UK, they can connect to the same portal, which automatically redirects to any VPN gateway. We can control traffic based on Active Directory groups instead of the user's IP. That means a user in New York can access his application based on his user ID and AD group access when he travels to the UK or anywhere else.

Prisma Cloud can provide decent security across cloud environments, depending on how each company sets security policies. Prisma Cloud makes adding new users and managing access more flexible.  

I like Palo Alto's automated tool for migrating user data from other systems. We previously did this manually most of the time, but now we can update twice hourly automatically. 

During deployment, we created a tunnel from the cloud to our gateway in the data center because the users need some way to connect with the resources there, but all other traffic goes directly to the Palo Alto cloud. When the traffic goes to the Internet, sometimes it will come up with different IPs, causing some financial websites to be blocked. We needed to work with Palo Alto closely to solve this problem. 

Sometimes, when you assign subnets to regions, the IP address will jump from one location to another because it will automatically change substantially. Then, we need to add those IP subnets to our firewall for existing access. The need to update those subnets potentially causes maintenance or access issues. So far, we can only provide bigger customers with six subnets, and a small company may not be able to access those services. 

I rate Palo Alto customer service 10 out of 10. 

Positive

The migration takes time because we're typically not starting from scratch. We need to migrate everything from the existing VPN. I've used Prisma Cloud for a large financial enterprise with a complex infrastructure, and we worked on that for almost two years. It's less complicated for a mid-sized company, but the migration might take six to nine months.

It's hard to tell if there is an ROI in the short term. It may take a long time before you realize a return because there is a substantial initial investment. You can see a significant improvement in performance, but it may not necessarily save money. However, you'll ultimately improve service.

I rate Prisma Cloud nine out of 10. We would recommend it to any large global enterprise because it improves performance and offers a better user experience. It also gives you application-level control instead of regular IP address control. The latest version has many new features. So they can use the in-app Application ID and point to MAC applications instead of regular TCP/IP ports.

We use Prisma Cloud for the banking sector to check the policies as required.

Prisma Cloud provides security scanning in multi and hybrid cloud environments. This is important because customers often ask if they need certain services, such as detection, auto-remediation, and policies. AWS has all of these features, but why would a customer use anything else? The answer is that Prisma Cloud is multi-cloud, so it can monitor multiple clouds as well as on-premise networks. This is often a key requirement for customers.

Prisma Cloud can help us take a preventative approach to cloud security. It is built for developers and provides a range of features, including RQL, multi-cloud support, and endpoint detection.

Prisma Cloud provides the visibility and control we need. It properly manages all cloud assets and provides information about assets in our cloud.

Prisma Cloud provides us with a single tool to protect all our cloud resources and applications, eliminating the need to manage and reconcile disparate security and compliance reports.

Prisma Cloud provides risk clarity at runtime and throughout the entire pipeline. It also shows issues as they are discovered during the build phases.

The developers are able to correct issues using the tools they used to code.

The alert investigation time has been reduced by half an hour.

Prisma Cloud's most important feature is its auto-remediation. This feature automatically fixes security vulnerabilities in our cloud or on-premises environment. This can help us to improve our security posture and reduce our risk of a security breach.

Prisma Cloud lags behind in terms of security automation capabilities. Specifically, the investigation feature is not fully automated and requires users to know the RQL language. This can be a barrier for new users.

Prisma Cloud is not updating the real-time information on the UI for our cloud assets. It takes approximately two to three hours for the information to be updated.

I would like Palo Alto to provide a three-month free trial for Prisma Cloud.

The stability has room for improvement.

I have been using Prisma Cloud by Palo Alto Networks for two months.

Prisma Cloud is not stable except for our AWS clients.

Prisma Cloud is scalable.

The initial setup is straightforward. The deployment can take anywhere from two days to 15 days. We deploy based on the customer's requirements. 

We implement the solution for our clients.

Prisma Cloud is more expensive than Check Point CloudGuard.

I give Prisma Cloud by Palo Alto Networks an eight out of ten.

Based on an organization's basic requirements for auditing and detection, I would recommend Prisma Cloud.

The best thing I have learned about Prisma Cloud is that it is a single platform, like SIEM. This is beneficial for network engineers because it reduces the complexity of finding the cause of an issue. With Prisma Cloud, everything can be found in one place.

It is pretty easy to onboard accounts with Prisma Cloud. We use Prisma Cloud Compute and Prisma Cloud policy management. The latter is our primary solution and we use Compute to manage our container security, including threats and vulnerabilities. But we primarily focus on managing the policies for our entire cloud configs, internal threats, and network patterns.

For our market requirements, we do need several other services to be maintained for the perfect security posture. For example, one of the primary resources that we are using in our cloud is EC2 instances. That does need some primary security features, like security groups with proper closures, and proper networking with our firewalls. To make sure all of these premade configs are working, Prisma Cloud helps us to identify whenever any deployments meet up with our cloud. It is helpful with our singular architecture.

Prisma Cloud is very helpful with a full native stack. We don't want to leverage any of the resources directly. Instead, Prisma provides us with the services to automate and increase security posture without any internal agents to run it. Other products have internal agents to run with our cloud to help with the security posture of that cloud, but Prisma does not do that. It has a very simple mechanism to onboard the accounts with their console, where we can use the IAM to scan all of the accounts and identify threats and config mismatches.

The solution has also been helpful when it comes to our investigation times because we have fully automated it with our ticketing system. We use ServiceNow and whenever there are any alerts from Prisma Cloud, we have it configured so that they go directly to ServiceNow. That means the user can identify their incident and can resolve it based on the priority of service level agreements. When they do remediate an issue, Prisma Cloud will resolve the alert within Prisma Cloud and ServiceNow will close it on behalf of the user.

Prisma Cloud saves a lot of manual effort that we had to do within our cloud organization.

Prisma Cloud policy management is more valuable than Prisma Cloud Compute. While we use Compute often, we are not leveraging container security as much. We have limited resources for the containers in our cloud environment. Sooner or later, we will launch multiple container features in our cloud, but right now, we don't have much scope so we haven't had a chance to explore the Compute side much.

The solution supports multi- and hybrid-cloud environments. It has multiple cloud strategies like GCP and Azure. It has policy fixes for those cloud environments. We leverage it for AWS and it's important that we can use it for that singular platform.

Prisma Cloud also has log retention periods for the alerts and policies that are triggered, for each account. For example, my account has a specific policy that is high severity. If I need to further investigate, I can do that investigation in the upcoming 30 days. After 30 days, the logs of the triggered alert are not retained by Prisma Cloud on the Palo Alto network.

It also provides us with a single tool to manage our entire cloud architecture. In fact, we are using a multi-account strategy with our AWS organization. We use Prisma as a single source of truth to identify high- or medium-severity threats inside our organization.

Another feature is the automation. It has certain types of policies that can identify network-based threats, such as unusual port or protocol activities. It has tremendous machine-learning capabilities to identify patterns.

When it comes to automation and machine learning, it still needs some more work because sometimes they can give false positives.

In addition, since cloud services are coming up with new features and solutions, Prisma should also keep up with the same level of security. For example, at the previous AWS Summit, numerous services were introduced. Our businesses wanted to develop some of the services with the features in our cloud, but Prisma hasn't come up with any new APIs. Prisma needs to keep up with quick changes as soon as any cloud platform comes up with a new invention.

And one of the main backlogs in their development is in the area of integration. For example, we have ServiceNow in place for ticket management, and Prisma Cloud is supposed to send closure emails for incidents. But from time to time, it fails to do so. We have several other mismatches between Prisma Cloud and ServiceNow. So we have had to focus on incident management.

Integrations with third-party vendors, such as ServiceNow, Slack, and other ticketing tools that Prisma supports have full automation, but there are still some bugs to fix. We see failures from time to time. When our team fixes vulnerabilities or threats, they still see the incidents in place, which makes them liable to pay for SLA failures. Those kinds of things can be avoided if we have fully fledged event management integration with those tools.

They also need to increase their log retention periods to allow further investigation. Sometimes it takes time to check with asset owners and do deep investigations. Because we have numerous accounts, it can take time for asset owners to investigate each and every alert. The log retention period is one of the cons. 

I have been using Prisma Cloud by Palo Alto Networks for more than a year. I started in my role as a cloud security engineer about two and a half years ago, and Prisma Cloud is one of the CSPM solutions that we use.

I use Prisma Cloud every day. It is one of the primary tools I need to monitor and manage the security of our cloud environment. I use it very extensively and my team members use it for identifying threats and managing them with the asset owners.

In terms of performance, they have cloud releases of security features during the first week of every month. Whenever they release new policies, all of a sudden it starts to throw multiple alerts within our console. It is a bit annoying for the DevOps team, but from a security perspective, it is a useful process. But a pre-announcement or pre-testing of the alerts would be a better way for them to do this, instead of creating 50 or 100-plus alerts for our DevOps. We are suggesting better pre-testing of new policies.

It is pretty scalable. When we deploy new AWS accounts within our organization, it applies the same security posture policies to those accounts as well. We can see the security postures it recommends whenever we onboard any new accounts with our organization. The scalability is very good with the management it provides for any accounts we onboard.

Palo Alto Networks is one of the fastest-growing security products in our organization.

From time to time we experience delays in support for critical scenarios. They do have engineering teams at the backend that work with the policies. I understand that. But I'm expecting a more responsive service on their side because sometimes it can even take a week to get a response back from the engineering team.

When we go through the toll-free number to submit a case, they suggest that they are working on it, but sometimes they don't give solutions for such cases for some time.

Positive

We used AWS native security, which is Security Hub. They have their own benchmarks which we leveraged. But we wanted to see more variables with the policies to have a stricter and more secure cloud environment so we moved to Prisma Cloud.

We have been customers of Palo Alto Networks for a very long time because they have several security products, including firewalls that we use in our organization.

The deployment was very straightforward. We were able to onboard IAM policies from our AWS master account to our console with a few clicks. We were able to see that Prisma had started to onboard and ingest for alerts and asset variations within our inventory.

We have a security architect and Palo Alto has a security architect. We deployed it together with the support of a Palo Alto engineer.

When we started using Prima Cloud a year ago, we had 7,000-plus alerts. We went through many of the policies that resulted in numerous false positives and we went through the RQL (Resource Query Language) queries that were not applicable to our environment and that created false positives from their side. We reported them with the details via their case submission. They checked on them and they modified some of the alerts as a result of our request. They are progressing with their changes. We have reduced to 500-plus alerts in the past eight months and we are in good shape in terms of security posture.

Overall, I would rate Prisma Cloud at seven out of 10. It has the scalability and easy onboarding where we can onboard an organization with a few clicks and the integration part will take care of the rest. I appreciate that. But the log retention and integration with third-party solutions need improvement.

We use Prisma Cloud primarily for clients with a multi-cloud environment who require all these posture checks to be done uniformly from a single pane of glass to ensure they are in compliance. They have regulatory policies that require integration with the SIEM to generate alerts and reports. That's the primary use case for a CSPM solution. For cloud workload protection, we need vulnerability management, runtime defense, as well as image, container,  and registry scanning.

In terms of modules, we started with Redlock, the cloud security posture management component, and followed with Twistlock for cloud workload protection. Lately, I've been using Aporeto for identity-based micro-segmentation and BridgeCrew for cloud security.

Identity-based micro-segmentation allows you to create microparameters across workloads on the cloud and on-premises. You can enforce a pure wireless model through whitelisting flows in various workloads. Cloud security is primarily for core security, including SaaS and PaaS tools for scanning container images and core infrastructure. We have Terraforms, which we need to scan if we forget to remove any passwords or if there is some consideration drift between what you've configured in the IaC and what has materialized into the cloud infrastructure. 

I don't think we have had more than four or five admins for any project. We provide read-only access to the monitoring guys and custom authentication authorization privileges to a couple of users. The number of authorized users varies from plan to plan. Lots of people don't need to have access to the solution. 

Prisma Cloud helped us with compliance. Most of my deployments have been greenfield, so I don't have a benchmark to compare how the security posture has improved. I've always used this from day zero of the configuration. However, I can say that the compliance checks for PCI, DSS, HIPAA, etc., made my life simpler. I don't need to look at each of these standards and compare the rules I have in place.

It also enabled us to adopt a preventative approach to security. It gives us an option to monitor and remediate, so I don't think there is any challenge. If we see something going wrong, the solution offers a way to implement preventative controls. 

You can incorporate Prisma into DevSecOps and put it into any of the pipelines, like Jenkins and Azure DevOps. I don't think there are any challenges. You have all the ready-made plugins on these CI/CD tools, so you don't need to do or write a custom script plugin or anything. It's already available. It takes care of your end-to-end security from build to deployment and runs.

The cloud workload protection module Twistlock has ready-made plugins. Still, I don't think there was a plunging for identity-based micro-segmentation sites in the past, so we had to build a pipeline manually, I think they released a plugin for IBMS, but I never worked on it.

Prisma provides a single pane of glass for all our cloud resources to control all these different functionalities from various menus. It also helps us assess risk at runtime and throughout the whole pipeline. I have never compared Prisma with other tools, like Qualys or Tenable, so I cannot say which gives better results regarding runtime. However, I get a lot of actionable insights and suggestions from the tool about the next steps to follow.

The solution provides excellent security coverage of multi-cloud and hybrid environments. Without it, I would need to create a manual playbook for each cloud. There is a lot to maintain for each cloud, and you can't monitor from a single pane of glass. That's an administrative nightmare because you can't pull compatible reports. If I identify some compliance issues on AWS, I don't have a similar set of parameters to compare those for Google Cloud or Microsoft Azure. I definitely need this for a multi-cloud environment. 

I can get a relatively good amount of end-to-end security within the cloud. All these pieces fit together to address all my cloud needs. Of course, I don't think any vendors target security within the microservices, analytics, or data warehouse. I'm unsure because I haven't done it, but I don't think anything is missing.

It gives developers the tools they need to correct issues so they do not have to write their own scripts. Sometimes, I need an administrator to work with these developers, so it's not fully automated. Maybe I didn't find the best way to do it. Perhaps I need to find a linter or something, but there were many instances where I needed to involve someone to work with the developer. I don't think we are doing everything from the developer's end. 

Prisma also substantially reduced alert investigation times because we previously did everything by hand. We used to scan it manually, so it depended on the periodicity of scans. Earlier, we used to run scans for a couple of customers about every 15 days, and then we did the remediation. Now, all these scans run every minute or 15 minutes, so it's faster.  

Prisma's identity-based micro-segmentation is better than all its competitors. I've already evaluated Guardicore and Illumio, but Prisma stands out for the ease of configuring rules and how seamlessly it works with your cloud workloads and container environments. I used it for Kubernetes as well as K3s. I prefer Prisma's identity-based micro-segmentation. I can't think of any competitors doing this as well as Prisma Cloud.

We integrated this solution as a part of DevSecOps, so we have a dedicated pipeline for cloud workload protection. That works brilliantly. You don't need to log in to the control unless you want to do some management or full reports. I can bake in all these functionalities within the pipeline, and I can do the same for IBMS. 

As part of application security or whatever my developers are working on, I can have them bake all the configurations they need to do, like listening and patching remediation. I think it's relatively automatic, but I would consider it to be more of a DevSecOps functionality.

Prisma is the result of multiple Palo Alto acquisitions, like CWPP, Twistlock, and Aporeto. Though they are part of a single pane of glass, there is no correlation between the solutions. I don't see vulnerability scans done for tools that have been micro-segmented. 

A better correlation between the multiple products Prisma Cloud contains would be crucial. It would reduce the time spent looking at reports and enable you to get all the actionable insights across products. I think that Palo Alto is working on it, but they need to work faster because it doesn't make sense to have all these products in a single pane of glass without any correlation between them. 

At some point, things get a bit unwieldy when working with complex environments, but I don't think that challenge is unique to Prisma Cloud. It's an issue for any solution deployed in massive and complex environments. Let's say you have an enterprise with 30,000 workloads in the cloud, so it's unwieldy to have it configured for a single instance of Prisma Cloud. In that case, it would be better to segregate it across multiple tenants.

In the future, I'd like to see Palo Alto create a single consolidated agent software for workload production and identity-based micro-segmentation. Currently, I need to install two agents for the same platform to get two different functionalities. The second is maybe ease of licensing. That would also be helpful.

I have been using Prisma Cloud for nearly three and a half years.

I never faced any challenges because of internal hardware issues or the agent. Because I've always worked on the cloud-managed version, we have never faced any problems with the functionality. We did have a couple of hangups with the user and administrator onboarding and privileges, but I don't think that affects the functionality of the overall product.

The product itself is scalable, but it can become unwieldy from the administrative side of things. I can push Prisma Cloud out for 10,000 workloads, but the reporting and management would be a bit difficult. I prefer to have it segmented across multiple tenants, but it's somewhat complicated. 

I rate Palo Alto support a nine out of ten. My company is a CPSP partner with premium support, so I can't speak to the typical support experience. Even if we don't raise a ticket, we have an internal account manager to take care of all this. 

Positive

Redlock was the original company doing CSPM, so I got into Prisma Cloud because they acquired Redlock. I previously used  Qualys and Tenable for vulnerability management. I thought putting the CSPM and cloud workload protection pieces of Prisma Cloud under one roof would simplify my life.

Also, all these are cloud-managed and take care of the end-to-end requirements for cloud workloads. Qualys and Tenable have all these vulnerability management capabilities, but they might lack some native remediation capabilities. It's not that the other products are falling short, but I need that consolidated single pane of glass for cloud security. 

Setting up Prisma Cloud is straightforward. You get an activation email and deploy a couple of scripts. I work for a consulting firm that is a CPSP partner. All I needed to do is email Palo Alto with a bill of material describing our environment and the components, and then we get the activation email. After that, I followed the self-service enrollment steps, and it's running. Depending on your environment, you need to install all these applications. It's a seamless onboarding experience.

The total deployment time varies depending on the client because some of them have restrictions. One mid-sized company with around 700 workloads took less than three weeks. However, we needed to do a step-by-step approach for some, moving from the on-premises environment to the cloud and from dev to production. Those deployments took a couple of months.

Usually, the deployment requires no more than two or three people, but it depends on the approach. One should be enough if it's a batch approach. I've been doing this alone for a lot of my clients. In some situations, if you may need some help troubleshooting an app that isn't working, or the client may need someone with specialized expertise. It also depends on the client's size. At most, you'll need a half-dozen.

It's a costly solution, so we spend a lot on the licenses. At the same time, we can perform compliance checks, external audits, etc., faster because we have all the right pieces in place. That definitely helped, but I've never calculated the total cost of ownership or return on investment.

Prisma Cloud Enterprise is a costly solution. You need a license for all the components. At the same time, you have everything under one roof, so I think it's still justified. 

I rate Prisma Cloud an eight out of ten. I deduct a couple of points because I would still like to see all the products in the platform correlated. They should also do away with the need to install multiple agents for various functionalities or burn it all down into a single agent that takes care of it.

My advice is to start early if you are moving from on-premises to a hybrid or cloud environment. Implement Prisma Cloud as soon as possible, especially for greenfield deployments. This isn't a problem with Prisma Access, but it's usually a challenge. You need time to customize your rules and tailor them to your setup. 

The second recommendation I have is for Prisma Cloud Compute, the cloud workload protection piece. It's available in self-managed and cloud versions. You should opt for the cloud-managed version because you can get two single-cloud platforms. 

We use Prisma Cloud to check for vulnerabilities and handle integration with the Azure Cloud.

Prisma benefits the company by securing our infrastructure and monitoring the logs. We realized the benefits immediately. For example, our Windows Server went down the other day, and Prisma Cloud quickly caught it. 

It has helped us build confidence in our security and compliance. Prisma Cloud enables us to implement all these SOC 2 compliances and check the security. It provides visibility and control regardless of how complex our environment is. 

Prisma Cloud offers a single tool for checking all this information. It's saved us time and money, reducing the time we spend on these tasks by around 10 percent. It also decreased our runtime alerts by 10 percent. 

I like Prisma's identity and access management features. The AI event-driven model has helped us a lot.

The cloud integration is too complex. It should be simple to integrate Prisma Cloud with any cloud environment. Policy management could also be simpler. 

I have used Prisma Cloud for two years.

I rate Prisma Cloud 10 out of 10 for stability.

I rate Prisma Cloud nine out of 10 for scalability. 

I rate Palo Alto support seven out of 10. 

Neutral

We previously used FortiGate, FortiAnalyzer, and FortiCloud, but management decided to switch to Palo Alto. 

Deploying Prisma Cloud can be straightforward or complex, depending on the client. Previously, I worked for a managed service provider. We have multiple clients on the cloud, so it depends on the client's situation. We mostly work for large enterprises and some SMEs. It takes around a week to deploy by a team consisting of me and two or three managed service engineers. 

I rate Palo Alto Prisma Cloud eight out of 10. I would recommend it to large enterprises. 

I was managing Prisma Cloud for a client. They were scanning container images for vulnerabilities and remediation.

Prisma Cloud is a terrific resource for preventing security concerns, from breaches to malware. They provide a compliance index, which is an excellent feature. Prisma Cloud provides visibility into and control over complex cloud environments. It could provide more awareness about the need to implement different types of benchmarks. Prisma helped our governance evolve. It enabled us to build more policies and determine where we needed exceptions.

We could use Prisma to integrate security into our client's CI/CD pipeline and add touchpoints to existing DevOps processes. However, the touchpoints weren't as seamless as we would've liked. It was a little tricky because they were moving to two different types of cloud accounts. They had to decide whether to use Prisma Cloud or another tool for those new cloud accounts. It's a difficult question because they were doing a lot of cleanup for PTS and moving to the more recent version of AKS. It depends on the strategy.

The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid.

Prisma Cloud provides security across multi-cloud and hybrid environments. My client was migrating to Azure, but it's great for anyone with a hybrid environment. Prisma offers visibility to developers and high-level leadership because the dashboard is excellent and the alerts are comprehensive. You can understand it even if you don't know all the technical terms. For example, when I wanted them to use another feature that would've been beneficial, I could demonstrate it to them visually so they could understand. 

The automation is a mixed bag. Sometimes you'll run into issues while mitigating various vulnerabilities, and it's still a manual process. You can automate with an API, but it depends on the corporate policies for containers. You have the option. However, it's still a struggle, but that's not necessarily due to Prisma Cloud. You have many workloads in the pipeline, and things are constantly being repaved. The containers are up and down, and the environment changes continuously, so many things are hard to automate. It's possible if you put the work into it.

Prisma can comprehensively protect a cloud-native development environment. You must also consider cloud security posture management. That's where infrastructure-as-code comes into play. You must ensure that you're utilizing the alert feature in the dashboard for the analytics. If you're not, then you need to integrate something else. The client wasn't using CSPM, but it was on the roadmap. They didn't because they're moving to an Azure environment. 

Prisma is good about compliance, and their support is excellent, but they struggle with automation and integration. They need to stay on top of the newest types of connectors. How can you connect other applications and other tools in order for this to work cohesively? That's a challenge.

I've been managing that solution for a year.

Prisma Cloud is solid. 

Prisma Cloud is highly scalable. 

I rate Palo Alto's support an eight out of ten. 

Positive

I don't think Prisma saved this organization any money, but it could have. They didn't know how to optimize Prisma Cloud. I was trying to help them do that, but they had other high-level projects that got in the way. They needed to consider their budgets and which Prisma features they wanted to use.

If they were to build out those use cases and map out anything involving governance and compliance, they would find that this tool could save them lots of money. If Prisma Cloud is optimized, it's an excellent tool that isn't as costly as some think. You need to invest time and effort to determine the number of cloud accounts you're connecting and how many containers you expect to stand up.

Once you're more aware of how to optimize Prisma, you can determine how many credits you need. It's all based on credits, which will be expensive if you purchase too many credits. This client bought more credits than they needed. I told them it was unnecessary because somebody in the DevOps team decided they were going to push everything to the dev environment needlessly. They crossed a threshold that didn't need to happen and panicked. A strategy to optimize costs will save you money.

I rate Prisma Cloud a nine out of ten. Before implementing Prisma, research the different features and look at your current tools to identify the gaps. What is not meeting your compliance needs? What policies do you have, and how can Prisma align with the strategy?

I work for a monetary provider and handle around five customers. We mostly use Prisma Cloud for CSPN, but we have a banking customer using CWPP. 

Apart from those two use cases, the other customers are not interested in Prisma Cloud's other functionalities because they're green and already have other solutions with partners that they say are more mature. We have not implemented them in the customers' production environment, but we have toyed around with proofs of concept.

My organization is not primarily a customer. We don't use it a lot because we're a security company that mainly provides customers with solutions using this. That said, visibility is the most significant benefit for our clients because some are so large that they're unaware of what they have. 

They don't have adequate governance over expenses, security, and the parts of the network that are communicating. Prisma Cloud gives them reports that will provide instant insight into what's there. A new feature creates a visual map of networks and communications in the discovery part. It's excellent because you can instantly visualize everything. That's one feature that all the customers appreciate.

It performs well in complicated cloud environments. You only need to add your cloud account credentials. Most of the time, Palo Alto recommends using a full admin account for a service account accessing the tool. The tool works just as well, regardless of the company size. That's one of Prisma's biggest strengths. No matter how big you are, the tool can see everything.

Prisma Cloud can scan any cloud provider. We currently use Prisma on GCP, Amazon, Azure, and Alibaba. We also have Oracle, but I haven't used it for Oracle yet. This is crucial because some customers aren't proficient in managing multiple cloud environments. They only need to go to Prisma Cloud and see what they have because the team managing security is not the same one developing the solutions. 

Prisma offers a single pane of glass that lets you do most of what you want in one place. It's not only configurations but also knowing what you have, and your assets are doing. That's the main selling point of Prisma Cloud. It provides you with visualized reports, whether it's in the cloud, live serverless, containers, etc. 

I haven't toyed with CAB personally, but I think you can do that because you can scan images and deployments. I wouldn't say it gives you a lot of value in that regard because most of the CI/CD issues are application-level problems that Prisma Cloud or any other tool wouldn't help you with. Regarding security, you can deploy agents during the integration deployment and gain complete visibility with total memorability that you might introduce in the pipeline. Still, I think it will be a tiny part of the pipeline.

You will not see the problem if you're running an OGs application. While the developers can pinpoint the issue with the information provided, it will never relate to a piece of code and solve it. No tool can tell you exactly which part of the application is the problem, but a tool can identify which process has a vulnerability. Apart from that, many developers have issues finding the root cause of the vulnerability. When it's a library-related vulnerability, the TVD tells you to use another library or play the library. When your own code has the vulnerability, it's hard to pinpoint that.

Prisma provides a lot of information. You can see real-time alerts and forward them to JIRA or whatever tool you use with API or TVD. It also offers anomaly detection. If an administrator is logging in at weird times and doing strange functions, this tool can notify you about them. The anomaly detection is a correlation engine. You seldom get false positives. When it is a false positive, it's something you would expect. The only times I got a false positive were when the administrator forgot the password and tried logging in 50 times. At that point, they just need to contact support and change the password. 

Prisma has massively reduced our alert investigation times. It's 50 times quicker. Without this tool, we must dig up AWS logs, and the format isn't too accessible. The difference between using this tool to investigate an issue compared to a cloud-native solution is two hours versus two minutes. Digging up two logs using Ctrl-left is not the best approach, and it's the only approach cloud providers give you. 

The solution saved us because it helps us turn off idle machines. Most are machines we have turned on, and we didn't know what they do, but we didn't want to turn them off. Prisma Cloud lets you see the communication flows and the asset's actions on the communication map. If you see a device not communicating, it's easier to investigate what it's doing. Sometimes, it's a device generating reports at a particular time. You can schedule it to turn off when it's not active to save money. You also save money by spending less time solving your issues.

Doing cloud compliance without this tool would be impossible because cloud solutions are huge and highly complex. SOS compliance requires that you provide reports in under 24 hours. That's not possible without an automated tool like Prisma Cloud and the CSPN module. You would need to purchase Prisma or a competitor. It helps a lot because some customers have weird compliance requirements, and you can do it all on Prisma Cloud.

You can create custom compliance configurations according to your customer's needs and set Prisma up to provide the reports every 24 hours. In fact, you can do reports in 10-minute intervals or in real time. The client can access the dashboard and see if they're compliant. C-level executives in any company love that. 

The most valuable features are the alerts and auto-remediation because it allows us a lot of flexibility to customize and do functions the Palo Alto team never intended. We faced some challenges with certificates because we also have next-gen firewalls. We would like to equip all the traffic because there have been many cases in which the developers have made mistakes. Deploying certificates on virtual machines can be complex in a development environment, but we managed to do that with Prisma Cloud.

Prisma performs well in a fully cloud-native stack if you run several layers and Kubernetes. It's not so smooth if you migrate VMs into the cloud. Some customers try to do that with Prisma Cloud, but it's not compatible with Windows Server. However, you can deploy serverless containers without issue. You must deploy personal cloud agents into the virtual machines. The agents are called defenders. That module is excellent because you can see communications and vulnerabilities across your environment. It can also scan for malware. It tries to do many tasks at once, say the value it provides is the ability to see communications between devices.

The agent can block the traffic trying to exploit the vulnerability, but it can't fix the problem. That's on the application level. Most of the time, you give the application development team the vulnerability report, and they fix the issue, but Prisma protects you in the meantime. You can sleep well knowing that the agent is blocking the malicious traffic.

They recently added a module called Code Security that enables you to scan repositories or infrastructure as code. You can see concept errors like CSPN problems before the deployment. In tab use cases, it's excellent because you can see if there are misconfigurations in Terraform without having to deploy the instance or whatever you are deploying. That can save you money because sometimes people are deploying machines with problems that are easily fixable. It also improves security because you can fix a vulnerability before you have it with Cloud Security, but that's a rather new solution.

The IMD feature could be improved, but Palo Alto is working on that. It's a relatively new module that attempts to identify unnecessary permissions. Prisma Cloud is a platform that adds new modules whenever Palo Alto acquires a company or develops a new solution. The development team is trying to add new features. It also has Click Code Security for infrastructure security, but it doesn't add much value unless your DevOps team is really junior.

While Prisma provides a lot of visibility, it also creates a ton of work. Most customers that implement Prisma Cloud have thousands of alerts that are urgent. It creates a high workload initially. Apart from that, it solves the problems you have. Palo Alto says that 99 percent of breaches come from misconfiguration. I have seen that first hand. I think the fewest alerts a customer had was around 100 still, but they used another tool for that, so that saves a lot.

I have been working with Prisma Cloud for about 15 months.

Prisma's stability is close to 100 percent because it's just a dashboard that connects to your public cloud. It's essentially a website that never goes down, and you could also host it locally if your security requires it. Most of the customers use the Prisma Cloud platform. If it goes down for any reason, the security agents work independently of Prisma Cloud. You send logs to Prisma Cloud and update the configurations via the cloud. However, if the platform goes offline, you still have top-notch security.

As long as you purchase credits, Prisma Cloud is easy to scale.

I have never contacted Palo Alto support because our team is highly proficient in the solution and the platform is easy to use. You deploy the agents, and it just works. 

It's straightforward to deploy the solution because it's cloud-based, so you just set up an account, username, and password. If you think about it, the Prisma Cloud tool does not do much, but what it does is valuable. It does something simple on a scale that human beings could not do. 

Based on my own experience, I would I rate Prisma Cloud a ten out of ten. However, I haven't compared it with other solutions, so maybe other solutions have more features that Prisma is lacking. My advice is to implement Prisma if it has the features you want but also shop around because I'm sure other solutions are just as good as this one.