We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cloud misconfigurations are occuring. It also has a very sophisticated GUI and is very easy to use.
Prisma Cloud is a powerful tool with many valuable features. Some of these include:
Policy guidance: Prisma Cloud comes prepackaged with very accurate policies. These policies provide good guidance as to why the policy was created, as well as information on how to remediate anything that violates the policy.
Cloud network monitoring and scanning: Prisma Cloud scans the overall architecture of our AWS network to identify open ports and other vulnerabilities, and then it highlights them for us. It scans our containers in real time even as they are being created. Prisma Cloud scans the container repository where the images are built, and notifies us if it sees vulnerabilities, or if we should update code before deployment. The system is also constantly scanning for vulnerabilities in the containers that we already have running in production.
Alerts: Prisma also has a very advanced alerting system. When it sends us an alert notifying us that there is a problem, it gives us a detailed explanation in the alert, explaining what needs to be done in order to remediate the problem. Prisma Cloud has excellent AI. It always suggests a way to actually resolve and apply the correct settings, in line with a given standard. There's almost no thinking necessary for the user. It's always on-point and it's as if it offers up the specific criteria and runbooks to resolve vulnerabilities. This feature really helps reduce alert investigation times and prevents a lot of security issues.
Built in reports: Prisma Cloud has excellent reporting capabilities. It allows you to automate how frequently you want reports to be generated. The reports indicate if there has been any improvement or reduction in vulnerabilities over a certain time period. You can also get a snapshot of specific times in history. It can be over a 24-hour period, a number of days, or a month, to determine what the network looked like at a certain point in time and generate reports from that. In addition to that, Prisma Cloud also can display a snapshot of your defined priorities for threat mitigation, such as identity access management, key rotation, or secrets management. Prisma Cloud can also create a report for you with explanations on how to remediate any vulnerabilities it detects.
Integration for event handling: Another useful feature is Prisma Cloud’s dynamic events. You can generate dynamic events and have them sent to Slack or JIRA. IT can then look at what that specific event was and also receive information on how to remediate it.
Flexible pricing: The price is fair. We receive discounts at the end of the year based on the value that it brings.
One improvement I would like to see would be the ability to customize the interface. This might not bother all users, since there is an API that can be used to create more independent systems.
Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Cloud-Native Application Protection Platforms (CNAPP). Updated: March 2024.
CNAPPs are solutions that are designed to empower users to ensure that their cloud-based applications are secured at every stage of their development and production processes.
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cloud misconfigurations are occuring. It also has a very sophisticated GUI and is very easy to use.
Prisma Cloud is a powerful tool with many valuable features. Some of these include:
Policy guidance: Prisma Cloud comes prepackaged with very accurate policies. These policies provide good guidance as to why the policy was created, as well as information on how to remediate anything that violates the policy.
Cloud network monitoring and scanning: Prisma Cloud scans the overall architecture of our AWS network to identify open ports and other vulnerabilities, and then it highlights them for us. It scans our containers in real time even as they are being created. Prisma Cloud scans the container repository where the images are built, and notifies us if it sees vulnerabilities, or if we should update code before deployment. The system is also constantly scanning for vulnerabilities in the containers that we already have running in production.
Alerts: Prisma also has a very advanced alerting system. When it sends us an alert notifying us that there is a problem, it gives us a detailed explanation in the alert, explaining what needs to be done in order to remediate the problem. Prisma Cloud has excellent AI. It always suggests a way to actually resolve and apply the correct settings, in line with a given standard. There's almost no thinking necessary for the user. It's always on-point and it's as if it offers up the specific criteria and runbooks to resolve vulnerabilities. This feature really helps reduce alert investigation times and prevents a lot of security issues.
Built in reports: Prisma Cloud has excellent reporting capabilities. It allows you to automate how frequently you want reports to be generated. The reports indicate if there has been any improvement or reduction in vulnerabilities over a certain time period. You can also get a snapshot of specific times in history. It can be over a 24-hour period, a number of days, or a month, to determine what the network looked like at a certain point in time and generate reports from that. In addition to that, Prisma Cloud also can display a snapshot of your defined priorities for threat mitigation, such as identity access management, key rotation, or secrets management. Prisma Cloud can also create a report for you with explanations on how to remediate any vulnerabilities it detects.
Integration for event handling: Another useful feature is Prisma Cloud’s dynamic events. You can generate dynamic events and have them sent to Slack or JIRA. IT can then look at what that specific event was and also receive information on how to remediate it.
Flexible pricing: The price is fair. We receive discounts at the end of the year based on the value that it brings.
One improvement I would like to see would be the ability to customize the interface. This might not bother all users, since there is an API that can be used to create more independent systems.