We use Prisma Cloud to check for vulnerabilities and handle integration with the Azure Cloud.

Prisma benefits the company by securing our infrastructure and monitoring the logs. We realized the benefits immediately. For example, our Windows Server went down the other day, and Prisma Cloud quickly caught it. 

It has helped us build confidence in our security and compliance. Prisma Cloud enables us to implement all these SOC 2 compliances and check the security. It provides visibility and control regardless of how complex our environment is. 

Prisma Cloud offers a single tool for checking all this information. It's saved us time and money, reducing the time we spend on these tasks by around 10 percent. It also decreased our runtime alerts by 10 percent. 

I like Prisma's identity and access management features. The AI event-driven model has helped us a lot.

The cloud integration is too complex. It should be simple to integrate Prisma Cloud with any cloud environment. Policy management could also be simpler. 

I have used Prisma Cloud for two years.

I rate Prisma Cloud 10 out of 10 for stability.

I rate Prisma Cloud nine out of 10 for scalability. 

I rate Palo Alto support seven out of 10. 

Neutral

We previously used FortiGate, FortiAnalyzer, and FortiCloud, but management decided to switch to Palo Alto. 

Deploying Prisma Cloud can be straightforward or complex, depending on the client. Previously, I worked for a managed service provider. We have multiple clients on the cloud, so it depends on the client's situation. We mostly work for large enterprises and some SMEs. It takes around a week to deploy by a team consisting of me and two or three managed service engineers. 

I rate Palo Alto Prisma Cloud eight out of 10. I would recommend it to large enterprises. 

We use the solution for cloud security, multi-cloud environments, compliance, and governance.

We have not had interruptions. It helps us to prioritize and gain resolutions faster. We can see what is happening in any particular environment. 

The visibility and control are very good. It offers good runtime protection. Risk prevention is also a valuable aspect.

Prisma Cloud provides security in multiple and hybrid cloud environments.

Prisma Cloud plays a crucial role as it is one of the key pillars in our security tech stack. It helps us secure the whole multi-cloud cloud infrastructure and protects the deployments, which are crucial to our production environment. 

The automation capabilities are there. In the general context of automation, it offers policy customization to eliminate false positive alerts and fine-tune detection. It constantly gives us more and more facilities to fine-tune the configurations over time. The automation itself also helps save time. 

The real-time protection and management of compliance (of multiple standards, such as ISO, and SOC 2, et cetera) is useful. We can custom-add policies for enhanced protection.

We began to observe benefits immediately after integration. When it comes to real-time protection or risk prevention, there were some initial drawbacks. Over time, however, when we started working on it and fine-tuning the alerts, we started seeing the results.

It provides comprehensive security from the initial phase of spinning up the instance to the termination of the instance. In that life cycle process, it is giving us visibility and control. 

Prisma Cloud provides the visibility and control we need regardless of how complex or distributed our cloud environments have become. 

This positively affected our confidence in your security and compliance. No matter how complex the environment is, the seamless integration from the top layer itself gives us immediate visibility on the number of services. The way Prisma Cloud is structured makes it so that even if the environment is complicated, the categorization will give us a clear picture of where we should focus, what it lacks, or which specific areas we should have more control. 

Prisma Cloud provides us with a single tool to protect all of our cloud resources and applications without having to manage or reconcile disparate security and compliance reports. Managing all of the infrastructure, security, compliance, and reporting can be done on the console itself. 

The fact that Prisma Cloud is the single tool for protecting all of our resources saved us money. If we were to replace Prisma Cloud; we'd need two to three other solutions. We'd need to cover replacement and management costs. It would be 30% more expensive, at least. 

Prisma Cloud hasn't reduced runtime alerts. However, it has helped us identify the true alerts. That helps save us time as we manage multiple clouds. Instead of chasing down each and every alert, we can see what matters and what doesn't. We can focus on the alerts that have the biggest impact on the most sensitive data.

We've been able to save a good amount of money using Prisma. When it comes to cloud security, it satisfies 90% to 95% of our needs and we don't need multiple solutions which would be more expensive. 

We do have many feature requests and custom policies. I don't have any specific notes for improvement; however, if they could continue to focus more on giving users the ability to create custom policies and configurations, that would be ideal. 

I've used the solution for more than three years.

We have not had any issues with stability. We've only had one or two instances where there we outages, however, it's never been down for a long period of time. 

The scalability is good. I'd rate scalability eight out of ten. 

I've contacted technical support on a regular basis. In most cases, they are pretty quick. For some, depending on the issue, it may take time. However, for us, it's not an inconvenience as we understand the physicality of the issue. 

Positive

We have tried a few solutions, however, we did not deploy them. This wasn't recently. This was a while ago. We weren't completely satisfied with the capabilities. 

The initial deployment was pretty easy. It wasn't too difficult. I found it fairly seamless. It was a hassle-free experience. 

We tried it in a test environment (non development) for three months. They we deployed it over nine months to a year in the cloud and production environments. We had three to four people deploying the solution. 

The solution does not require any maintenance after deployment. 

We did have help from the vendor. 

The licensing model is based on assets. The pricing for what we are using is pretty good. 

We're a customer and end-user.

I'd rate Prisma Cloud nine out of ten. 

From a customer point of view, even is a user has multiple products, they should test it out so that they are able to satisfy the requirements. Then, they can easily upgrade with additional add-ons and features. Instead of just creating the Prisma Cloud itself with too much complexity, start simple. 

I use Prisma Cloud for one of my clients to provide Cloud Workload Protection Platform, Cloud Security Posture Management, and Identity and User Controls services.

Prisma Cloud is the tool of choice for my client's container security and infrastructure-as-code security, including cloud security posture management.

We implemented Prisma Cloud primarily for its code-to-cloud feature. Recognizing the industry's emphasis on automated resource deployment, we developed a Terraform script to deploy resources on the Azure platform. We aim to maintain full security monitoring from the initial code to the cloud environment. By proactively identifying and addressing high-critical vulnerabilities in container images during the build process and enforcing compliance standards within Terraform scripts through policy-driven pipelines, Prisma Cloud helps us mitigate risks and ensure the security of our cloud infrastructure.

Prisma Cloud offers full integration with all major cloud platforms, making it a versatile choice for multi-cloud environments. I've successfully implemented it for both GCP and Azure, which provides consistent security coverage across both platforms. Its streamlined onboarding process for subscription or tenant-level agentless scanning and discovery is highly efficient. The platform's cloud discovery feature also offers valuable, cost-free, enhanced data for robust reporting. This, combined with informative labels, simplifies report generation at the product level, especially in organizations utilizing microservices and namespaces for application management. These capabilities make Prisma Cloud a vital asset for managing complex cloud infrastructures.

Prisma Cloud seamlessly integrates with popular DevOps tools like GitHub and Azure DevOps, which we commonly use for our clients. Automation is straightforward: incorporate a block into your workflow or pipeline to initiate scanning and other processes. Additionally, cloud account onboarding requires only adding a service as a key. This streamlined approach facilitates automated security guardrail implementation, eliminating the need for manual vulnerability remediation. Instead, scans are run directly within the pipeline, and critical vulnerabilities are flagged for immediate attention, enhancing overall security efficiency.

Shifting security left by ensuring only sanitized images are pushed to production for container use requires a dedicated team for twelve months to address all image vulnerabilities. Prisma Cloud automation significantly accelerates this process by remediating vulnerabilities automatically.

Prisma Cloud enhances visibility for our clients, enabling them to adopt a zero-trust model with monitoring at all entry and exit points. This full approach, coupled with a robust SOAR solution, effectively manages alerts from various tools and facilitates timely remediation efforts. The platform seamlessly integrates cloud security, application security, and threat detection, providing our client a unified view of their security posture.

Prisma Cloud offers comprehensive security across the entire cloud-native development lifecycle, covering all stages from code creation to cloud deployment, including the build, run, and deploy phases. Essentially, it provides security protection for every critical step within the development and production process.

Prisma Cloud offers a consolidated tool for cloud security, effectively covering CSPM, CNAP, CWPP, and ISE components. While their AppSec capabilities are still under development, I anticipate a comprehensive solution in the near future. Although Prisma Cloud is a strong standalone option, integrating a SOAR tool from another provider might be necessary for a truly end-to-end solution.

Prisma Cloud has proven effective in reducing runtime alerts by up to 20 percent, a significant benefit for our clients. While they are still verifying our adherence to proper procedures for this new solution, it's worth noting that Prisma Cloud offers a comprehensive set of policies, including those for detecting crypto mining and other threats.

Prisma Cloud is currently the market leader in runtime protection, enhanced by its ownership of Syslog and seamless integration. Its exceptional container security capabilities and an unmatched ability to address the MITRE ATT&CK framework distinguish it from other tools. This full suite of features positions Prisma Cloud as the optimal solution for our needs.

Prisma Cloud offers robust runtime scanning capabilities, which is beneficial for security teams. However, deploying additional security tools within existing infrastructure can be challenging due to resource consumption, potentially leading to application performance issues. Prisma Cloud's advantage lies in its minimal resource usage as it runs from ports, making it easier to convince stakeholders to implement runtime security measures and ensure ongoing application protection in production environments.

Prisma Cloud's security auditing capabilities are under development. Enterprise reporting could be improved, as the current data is insufficient for developers' needs, resulting in excessive noise. The platform currently lacks status information for deferred image vulnerabilities, such as specifying the version of an image vulnerability in reports. This functionality is being developed. Additionally, separating OS-level and application-level vulnerabilities is necessary to accommodate organizations focusing solely on cloud security. Prisma Cloud is already working on this feature.

Prisma Cloud's enterprise reporting needs significant improvement. We have already discussed this issue with them. The current reports are excessively noisy, making it impractical for developers to address the vast number of reported vulnerabilities. To streamline the process, we require a clear distinction between vulnerabilities originating from the application and those stemming from base images. While developers should address application vulnerabilities, base image issues necessitate using third-party base images and regular updates. Many organizations already have dedicated application security tools, so duplicating efforts is undesirable. A self-service portal allowing developers to onboard their own repositories would alleviate the need for admin intervention. Additionally, Prisma Cloud should provide a mechanism to defer vulnerabilities without known fixes, improving report clarity.

I have been using Prisma Cloud by Palo Alto Networks for two and a half years.

I would rate the stability of Prisma Cloud seven out of ten. It has room for improvement.

Prisma Cloud is scalable. I would rate the scalability eight out of ten.

The technical support is good.

Positive

All Prisma Cloud deployments are straightforward due to the comprehensive and improved documentation. Following the steps outlined, the tenant can be onboarded, and scanning can be initiated within approximately two days.

Prisma Cloud is cost-efficient, but the credits are on the higher end.

Prisma Cloud is the market leader in container security. While Microsoft Defender for Cloud also offers container security features, our comparison of Wiz, Defender for Cloud, and Prisma Cloud revealed that Wiz lacks enforcement capabilities, preventing us from blocking or denying actions. Additionally, Defender for Cloud's pricing model, based on virtual CPUs, becomes prohibitively expensive for container clusters, which often have thousands of them. Prisma Cloud's cost-effective, credit-based pricing and robust enforcement capabilities make it the right choice for our needs.

I would rate Prisma Cloud by Palo Alto Networks seven out of ten.

I would not consider time to remediate a capability as it's dependent on the resource owner's actions. The alert will remain unresolved until they address the misconfiguration on machines X, Y, or Z. This is not solely a tool limitation; At the same time, full auto-remediation is an organizational goal, often hindered by specific needs and customizations. Consequently, without complete auto-remediation, achieving desired service-level agreements is challenging.

Our client is a medium retail enterprise business.

We use Prisma Cloud for cloud security management. We use the CSPM and compute modules.

Prisma Cloud provides security spanning multi and hybrid cloud environments, which is moderately essential to our organization.

The security automation capabilities help remediate vulnerabilities, which correlate to cost savings.

After a few months, the benefits of Prisma Cloud became apparent. We have begun integrating the Prisma Cloud alert or inventory module into the computing environment. This is a positive development as it enhances tool interoperability and consolidates a significant amount of previously inaccessible data.

Prisma Cloud can secure 60 to 70 percent of the entire Cloud-native development life cycle.

Prisma Cloud provides the visibility and control we need regardless of how complex or distributed our cloud environment becomes. This improves our compliance posture.

Prisma Cloud provides 70 percent of coverage in a single tool to protect our cloud resources and applications.

It has helped save our organization around 20 percent, protecting our cloud resources and applications.

Prisma Cloud compliance monitoring helps us improve our overall compliance posture.

Prisma Cloud's most valuable features are its ability to detect vulnerabilities as they occur and its CSPM function, which provides a complete inventory of assets.

I like the scanning features provided by Prisma Cloud, including the image scan and source scan.

Prisma Cloud needs to improve its reporting. If they report a Go vulnerability and claim that Prisma Defender hasn't released a patch, it won't help us. However, if they report that Prisma Defender has released a patch, that is beneficial. Reporting the Go vulnerability within Defender is ineffective because I cannot directly fix a Go vulnerability.

The integration with other tools can be improved. It provides all the cloud details but is not entirely linked to the compute model.

There needs to be more transparent communication when they will have downtime.

I have been using Prisma Cloud for over two years.

I would rate the stability of Prisma Cloud nine out of ten.

I would rate the scalability of Prisma Cloud five out of ten because it is dependent on vendor resources rather than its own. For example, image scanning is entirely reliant on us.

The technical team requires a lot of information for every ticket we submit, and if there is ever an out-of-the-box issue, they don't respond to us or take a long time to respond.

Neutral

I previously used AWS tools and Tenable products, but we switched to Prisma Cloud because of its real-time vulnerability identification.

Initial deployment is straightforward and takes one to two hours when all required information is available. However, if complete requirements are missing, manual deployment of all agents is necessary, which is a significantly time-consuming process.

Prisma Cloud is affordable.

I would rate Prisma Cloud eight out of ten.

We have over 100 users.

Our environment is complex. Prisma Cloud is deployed across multiple locations using many tools.

Prisma Cloud requires a lot of maintenance for upgrades and Defender.

I would recommend Prisma Cloud to others. The scanning and runtime are one step ahead of the competition.

I primarily use the solution to uncover misconfiguration and for cloud code security. We can find gaps that hackers might access in order to steal data. It can trigger alerts and show you everything.

It's been helpful for managing multiple accounts. If we had to handle hundreds of accounts manually, it would take a lot of time. 

We've been able to mitigate issues and fix them before they become bigger problems. If the system detects any critical misconfiguration, we'll receive alerts. 

The risk control is very good. They have scanning that runs often and we can see the latest configurations and get alerts.

The solution offers very good configuration capabilities. It can show you how to resolve and remediate issues, and you can pull reports that will show you everything you need to know.

It provides security across multi- or hybrid-cloud environments. It can work with AWS, Azure, Google, Oracle, et cetera.

We have many projects within our organization, and we need protection from people trying to steal our information. We can see gaps from every corner of the cloud. Having a solution like this is important to our organization so that we have the capability to see and monitor everything from everywhere, which would be hard to do manually. 

We can take a preventative approach to cloud security. If anything is open to the public, we can find it and see it. That said, we are using other solutions also. Still, this product will alert you and engage you if there are any areas where information weaknesses filter up. It will guide you and show you how to fix the issues with configurations.

We might have witnessed some cost savings. If anything gets stolen, it would cost our company monetarily; however, that hasn't happened.

It does help us save time since we don't have to check every console ourselves manually. 

We've noted the benefits of the solution across the last five years.

The remediation data is already available in its logs. You don't have to Google fixes. It's already there on the platform.

We're using containers and Docker. Instead of using open-source, we can use our own code and cloud. We'll be able to know if there is a misconfiguration. For example, if there is an AWS-level misconfiguration, Prisma will help us discover this. 

We use a variety of tools, and we can use Prisma to handle various types of misconfiguration. It covers our entire cloud-native development life cycle.

It provides us with the visibility and control we need regardless of how complex or distributed our cloud environment becomes. It's very helpful. It mitigates 98% to 99% of mitigation issues. It's helped us maintain confidence in our compliance and security reporting. I'm able to see configuration changes. If something changes, I know.

It helps us reduce runtime alerts. You can log in and check each and every account via the portal quite easily. If I see an alert, I can quickly fix issues. Or I can go through each alert and find out which are important or not. It reduces the time we take to handle these tasks by 75%. We can focus on the alerts that have the most impact. It prioritizes alerts to critical, high, and low. 

The console is good and user-friendly. We can see the logs very easily. People without experience can also easily adopt the solution.

We only use the solution for misconfigurations. There may be other features that are lacking, however, we don't use the full scope of the product.

Technical support could use some improvement. 

I've been working with the solution for the last seven years.

The stability is very good. There is no issue. 

We only have two security people using the solution currently. We have it across multiple clouds and regions. 

We haven't had any issues scaling the solution. 

We've only used support if we've had issues around false positives. In those cases, we create a ticket.

Neutral

I also work with CrowdStrike. Both offer a lot of features. We've recently switched to CrowdStrike. 

The initial deployment is very easy. You can add it, for example, to your AWS account. You just need to configure it in Prisma Cloud. You may have to create a policy and allow access. After that, you'll be able to see the console. 

We had two people managing the setup process. The time it takes to deploy depends on how many accounts there are. If you only have one account, it's very easy and only takes one to two days. If you have 100+ accounts, you will need a few weeks. 

There is no maintenance needed from our end. 

We didn't use any consultants during the implementation. 

I don't manage the licensing aspect of the solution. 

We are not using application-level security here. At the application level, we're using other tools. We're also using other XDR and EDR tools. We're only using this product for misconfiguration.

I'd advise other users to try the solution. It's a product that offers many features. It's a good idea to go and look at the market and see which solution is the best. It depends on your environment and what you might need. 

I'd rate the solution eight out of ten.

Currently, we use Prisma Cloud by Palo Alto Networks in my company for our clients who operate in the finance and banking teams and want data, network security, and posture management for the cloud infrastructure.

The solution has improved our organization, and I believe that it is a continuous process to protect you in any environment. Prisma Cloud gives you an overview of what gaps are in their environment, but how they are going to be solved depends upon the client, especially the security gaps. Prisma Cloud by Palo Alto Networks gives 60 to 70 percent of the overview, which the client ignores in their infrastructures. The tool provides users with a better overview of what is going on in their infrastructure.

The most valuable features of the solution are areas like compliance and asset inventories, along with runtime protection.

The tool's UI is an area with certain shortcomings where improvements are required. With the cloud protection and UI, the tool should have the option to download the data for the vulnerabilities. One should have the option to download detailed data about vulnerabilities in the host. The tool should have a guide or a knowledge base document. The tool should specifically provide a guide about the solution's UI, which can be helpful for clients.

Sometimes, it does provide an error, or I can say that when we integrate our infrastructure cloud with Prisma Cloud, we face some issues. Most of the time, the integration issues are not due to Prisma Cloud but from the client side.

The tool's support team needs to improve.

I have been using Prisma Cloud by Palo Alto Networks for two years. My company has a partnership with Palo Alto Networks.

Stability-wise, I rate the solution a seven out of ten. I rate the stability at a seven, considering the time we needed to get the data from DSPM. Most of the time, when the client requires data, it is not available. At other times, it requires a lot of time to get the data. It also requires time to import data from the cloud as per our requirements.

It is a scalable solution. Scalability-wise, I rate the solution a nine out of ten.

My company's clients are medium and enterprise-sized businesses.

The solution's technical support team doesn't reply on time. There is a gap in communication. The solution's technical support team doesn't have enough engineers to handle the cases. The support team wants us to work as per their time, so it is not according to the clients’ needs and time. I rate the technical support a six out of ten.

Neutral

I got a chance to work with CrowdStrike and SharePoint, but I never got the project since the client did not give me a chance.

The product's initial setup phase is straightforward. For the deployment phase, we just need some minimal data from the cloud to be able to integrate with Prisma Cloud. Just in case of custom issues, there are some points where we faced some issues with the deployment, but it was basically from the client side as they had multiple policies deployed on AWS and Azure Cloud, making it a little difficult for Prisma Cloud to integrate. In general, it is easy to integrate anything on the Prisma Cloud.

For the product's deployment phase, one cloud admin from the client's end and one from my company's side, one person is required. Two to three people are required to take care of the deployment.

The solution can be deployed in a matter of days.

Though the company's clients have multiple tools, they were not able to integrate all of the cloud accounts in a single SIR tool, which is why we had to use Prisma Cloud by Palo Alto Networks to monitor all of our company's clients' cloud accounts.

The solution provides security scanning for multi and hybrid cloud environments, but it does not provide the details about the product that provides the security. Most of the time, it just provides an overview of the security gaps. In real life, I didn't see any of the scenarios where it is protecting our company's infrastructure. Clients are sometimes not ready to use runtime protection for the Prisma Cloud because they don't want to take any risks in the production environment.

The comprehensiveness of Prisma Cloud for protecting the full cloud-native environment involves network protection. The most important thing is network security, and the second is IAM security, which is important for the banking team. I see that the tool has a large number of containers. Deployment and pipeline security are the main areas for the banking sector. Our clients don't use much of Prisma Cloud by Palo Alto Networks because it contains complexity, and the UI is not user-friendly. There have been multiple cases of their client complaining about the UI. From the standpoint of the client, the tool is too complex.

Speaking about the tool's help that allows users to take a preventative approach to cloud security, I would say that based on the asset inventory, we check the details about the assets and the number of assets. Secondly, we go through the alerts, which consist of IAM and the network security rules. Following the severity, like critical, high, or medium, we first resolve those issues and take steps monthly. The alerts that are generated monthly should be resolved only in that month.

After the deployment, it took three to four months to notice the value derived from using the solution, from my point of view and experience.

The discovery is good. The discovery provides details about the assets and the data, along with the data inside the infrastructure and about the infrastructure. There are some issues because if only about the data, it does not give out any issues for the user and instead gives more information about the infrastructure and some within the infrastructure.

Palo Alto DSPM did not discover much data existing outside of our company's official IT systems.

The solution provides insights into the content that has been discovered, along with some detailed information.

I cannot reveal the type of insights into the content that the solution has provided because our client would not want our company to open up about such details.

The insights into the content have affected the data security operations since following the compliance provides and helps clients regulate their security. It also prevents data breaches. The data breaches open up whatever data can be opened, and it helps clients to determine what data they need to secure and how. Speaking about data security posture, our company's clients take steps to resolve any issues because they want to save their reputation, especially in scenarios involving hacking.

It took around two to three months to see the value derived from the use of the product.

The tool provides an automated discovery of new data assets as they get onboarded. It does take one to two days on an average basis to show all the data.

In terms of whether the solution provides a prioritized list of all the data security posture issues in our company's environment, I can say that as soon as the assets are discovered, Prisma Cloud starts scanning and does all of the data security scanning. It does not take much time, and it can be done in four to five hours. If it is a large-scale infrastructure, then it can take an average of eight to ten hours.

I have not used the solution's connectors for the SOC's DDR solution to help automate remediation since the plant where it is used did not integrate Prisma Cloud with the same tools they use, with one of the reasons being that Prisma Cloud overflows the alerts, and they did not want alerts to overflow with their production in an SIMP environment.

The solution provides visibility and control regardless of how complex or distributed the cloud environment becomes, but when it comes to getting the data from the UI shown to the upper management, things do become complex because the tool doesn't have many options to import or export data.

I cannot say that the solution has reduced all the alerts by prioritizing the ones that have the most impact on sensitive data. The alerts that were critical and high, have been resolved by the team, while also taking care of areas involving IAM and networks.

The prioritization of alerts in the tool has affected our company's operations, and from my point of view, right now, I am able to show my CIS and the upper management team what steps we have taken and how the issues that are there as per the alerts have been resolved based on the critical, medium and high severity basis. I can say that 60 percent of the issues have been resolved as per the alerts. It gives me the flexibility to provide details to the management team that we are on track to provide security to our infrastructure. It gives me the flexibility to provide data to management for some time. As the environment grows, it generates a lot of alerts, and it takes time to resolve all of them.

The solution does not require any maintenance, and one just needs to make sure that the tool is up to date.

Based on my experience, I would recommend Prisma Cloud because I have hands-on experience with the solution. The integration is easy. The tool provides visibility in the infrastructure and for the alerts about the security gaps, the tool provides precise details. Talking about the new app in the tool, I would say little improvements are required. The tool is quite informative for me, but from the client side, it does require some improvement.

If someone has a large infrastructure, I won't recommend Prisma Cloud to them. If they have medium and enterprise, then I will recommend Prisma Cloud to such people because it can handle and, as per the working out of the tool, it can change the details about the small-scale, medium-scale, and enterprise businesses, but not for the large scale enterprises.

I rate the tool an eight out of ten.

We currently leverage Prisma Cloud's Cloud Security Posture Management and Cloud Workload Protection Platform modules and plan to migrate to their full Cloud Native Application Protection Platform solution for a more holistic security approach.

Our security system uses three major CSPMs, ingesting logs and integrating them with a central CSPM page for visibility. We also incorporate identity and document management systems. Prisma Cloud's detection tool based on its policies provides initial alerts, with our SOC team focusing on the most relevant ones. We leverage a modified threat framework combining NTSF and MITRE to monitor key policy areas like malware, unauthorized access, phishing, data loss, and system failures. Within Prisma, we categorize policies based on our organization's priorities, using custom tags to identify them and create dashboards. Webhooks then send these alerts to our SIEM platform for further analysis.

Prisma Cloud offers security spanning across multi-cloud and hybrid cloud deployments, supporting industry leaders like Google Cloud Platform, Microsoft Azure, Amazon Web Services, Alibaba Cloud, and Oracle Cloud.

Prisma Cloud simplifies compliance with regulations, a crucial security aspect for large organizations, by providing full visibility into our cloud environments. This eliminates the time-consuming need to manually check configurations within each cloud service provider. With Prisma Cloud's single pane of glass view, everything can be done in one place, saving us an average of 15-20 percent of the time compared to the previous method of having a dedicated person manage each CSP individually.

Automation streamlines report delivery and notification generation. It can also integrate with various third-party services like Slack, Jira, Microsoft Teams, and Microsoft Sentinel, allowing for further automated notifications and actions within those platforms.

Our cloud visibility was limited before Prisma Cloud. Now, we have a good level of insight, not perfect, but significantly improved. We can monitor new deployments, configurations, and overall activity. This is crucial because most organizations, like ours, are increasingly cloud-based. Stricter regulations require compliance, and Prisma Cloud simplifies this. They offer pre-built compliance standards so we can easily generate reports, ensuring we meet our obligations.

While Prisma Cloud delivered as promised, realizing its full benefits in our large organization took several months. Due to the size and complexity of our internal communication and collaboration structures, it naturally took time for everyone to fully understand and adopt the platform's capabilities.

Prisma Cloud offers timely runtime alerts when properly configured. These alerts integrate well with our SIEM and are easy to understand. However, the majority stem from the CSPM module, as CWPP typically necessitates manual investigation for actionable insights. Prisma Cloud has reduced the runtime alerts by 20 percent.

Our initial Prisma Cloud deployment has already delivered a 5 percent cost saving, and we expect these savings to grow as we expand its use across our cloud environment.

Our primary focus right now is compliance. This means having clear visibility into our organization's security posture. Additionally, agentless scanning with Prisma Cloud is important for us. While we're also interested in the Cloud Workload Protection Platform, it's important to consider that our environment includes both containers and virtual machines. Overall, the most valuable features for us in Prisma Cloud are those that provide visibility, ensure compliance with regulations, and help us align our on-premises servers and cloud environments with mandated security standards.

Prisma Cloud stands out as a user-friendly and powerful CSPM solution thanks to its comprehensive capabilities, built-in features, and flexible tagging system. It simplifies cloud security by automatically connecting to numerous cloud service providers and pulling relevant information for our use, minimizing the need for manual configuration and troubleshooting.

Prisma Cloud's preventative approach to cloud security can be complex, especially for features like automated certificates. These require specific access permissions for Prisma Cloud, introducing dependencies and additional configuration steps.

While Prisma Cloud offers agent-based deployment for comprehensive visibility and control, agent dependencies and user resistance can create hurdles. Improved agentless scanning capabilities from Prisma Cloud would be ideal, but currently, agents remain necessary for optimal visibility.

Prisma Cloud is a powerful security platform, but like any similar tool, it won't eliminate the need for occasional manual interaction with our CSPs. While Prisma Cloud can handle many tasks, some actions might still require us to log directly into our CSP account.

The CSP logs could be improved by providing more visibility into the specific logs Prisma is feeding. Since CSP has multiple versions and Prisma might be receiving different logs than expected, it would be helpful to have a clearer indication of the log types or more detailed logs themselves. This would allow us to verify if we're receiving everything or missing something. While Prisma Cloud offers log searching, it requires queries to navigate the vast amount of data. Ideally, Prisma could integrate a simpler way to view the logs it's collecting without extensive searching.

Some module customization might be needed and certain features like adding custom labels are currently unavailable unless we have administrator access. This limitation can be frustrating and I would like to have this functionality included in Prisma Cloud.

I have been using Prisma Cloud for two years.

I would rate the stability of Prisma Cloud seven out of ten. Occasionally when we have an issue it can take some time to resolve.

I would rate the scalability of Prisma Cloud nine out of ten.

We have a dedicated account manager who provides support whenever needed. While they're always responsive, responses may occasionally take some time.

Positive

Despite being a cloud-based solution designed for easy deployment, Prisma Cloud's initial setup took a few months due to our team's workload on other projects. Fortunately, only two people were required for the actual deployment process, which itself is straightforward as long as the necessary network connectivity is established beforehand.

Prisma Cloud's licensing system functions as expected with a solid licensing infrastructure.

In our evaluation of Wiz and Aqua Cloud Security Platform, we investigated their capabilities to address detection rule limitations in Prisma Cloud CSPM. We were hoping to find alternative solutions offering broader rejection capabilities. However, both Wiz and Aqua require agents for in-depth details, similar to Prisma Cloud. While neither excelled in overall detection capabilities, Wiz impressed us with its integration of external alerts. Unlike Prisma Cloud, Wiz allows for easy visibility and filtering of alerts from AWS Guard Duty, a significant advantage.

I would rate Prisma Cloud by Palo Alto Networks eight out of ten.

Prisma Cloud offers built-in security automation for tasks like remediating misconfigurations. For instance, it can automatically adjust a non-compliant AWS configuration, but only if you grant the necessary permissions. While this is useful, a SOAR solution like XSOAR can provide a fuller approach to security automation.

Over 50 people in multiple departments within our organization USE.

Prisma Cloud required minor maintenance for platform updates and policy changes that need to be reviewed.

While many Cloud Security Posture Management tools offer similar features, consider your budget before choosing Prisma Cloud. Some CSPMs bundle all functionalities into one package, forcing you to pay for everything even if you don't need it. Prisma Cloud, on the other hand, allows you to purchase only the modules relevant to your organization's needs. Additionally, Palo Alto is a well-established vendor in the market.

We wanted to use Prisma Cloud as a CSPM. The company needed a single pane of glass to monitor our AWS and Azure environments and see where we were in terms of configuration drift, vulnerabilities, etc. 

We're pretty AWS-heavy, so we wanted to see where we stood among all our AWS accounts. We wanted to keep an eye on all that, have a one-stop job, and maybe even offload some of our work. The company wanted to integrate with our Splunk instance to pair our SIEM logs with the CSPM. Most of it was for compliance tracking and vulnerability.

We tested everything out. We were building our own standards, but we also needed to adhere to IRS Publication 1075. They had that natively in their tool, but we could custom-build it.

I thought Prisma was great. It was robust and had many capabilities. We saw most of what we were looking for. The benefit was pretty easy and pretty quick. Prisma is a top-notch product. If they could make it agentless in the Windows stuff we needed and monitor the private cloud, we would have gone with Prisma. Prisma works perfectly with the cloud tools we have. 

I like Prisma's multi-cloud capabilities. It supports the big four cloud providers: AWS, Azure, GCP, and Alibaba. That was critical. We have mixed environments, so it's important to monitor all of that. We don't have much going on in Azure, but we will. We are predominantly AWS.

Prisma was extremely comprehensive. It's easy to drill down to gather more information and keep going. It seemed like you could drill down forever to see what the vulnerability was linked to. 

They had a MITRE ATT&CK attack map that told me here's the vulnerability, issue, or threat. In several instances, it would provide remediation options. If you had it linked up and fully integrated with AWS, it could handle the remediation for you. Otherwise, it would lay out the whole steps and provide the AWS CLI commands to resolve those issues, which was cool. We loved it. 

Runecast gave us more visibility into VMware's private cloud. We have more environments there, but Prisma's lack of visibility into the private cloud was a downside—there weren't many. 

We tested Prisma Cloud out for about a month and a half to compare it to Runecast to see which works better for us.

Prisma's price is pretty high, but it's a good product, and you get what you paid for, especially if you're working in a containerized environment.

We looked at Runecast and Prisma. We did not go with Prisma because Runecast could deploy agentless to our VMware private cloud, and we were impressed with this capability. Prisma looked polished, but Runecast could monitor the private cloud, which was a big thing for us. 

Vulnerability control is one of the things we're working on right now. It'd be great if we could find a product that can help with it. One issue we're having is that the latest data model we use to build out our products is domainless. We can't use Nessus, which is all on a domain, for vulnerability management on our private cloud.

We've tested out agents through the Defender for Endpoint and other things, but they don't handle the load that we have. This was going to help detect vulnerabilities in that environment. Unfortunately, Prisma wasn't able to work in the private Cloud. They were more focused on containerization and Kubernetes, so we ended up going with Runecast.

I rate Palo Alto Prisma nine out of 10. I recommend it. It's polished and a great product. Unfortunately, it didn't fit our use case, but I think their use case is pretty normal for most.

My main experience with Prisma Cloud is with AWS. We have a huge AWS environment, and we are trying to manage its security with Prisma Cloud. 

We have about 7,000 assets of different customers. We are managing the security posture. Prisma Cloud is the product that we have to manage the security posture for different companies. They are e-commerce companies that do online shopping, payment companies, banks, and even online bakeries and cloth stores. Prisma Cloud is a very good product. We have never seen a breach. I have never come across a situation where Prisma Cloud caused data leakage.

We mainly use AWS, but we also have some of our workloads in Azure. Prisma Cloud is a multi-cloud solution. So far, I have not seen any other solution capable of doing all the jobs that we do in Prisma Cloud.

With respect to the AWS cloud, we can achieve whatever we want in terms of automation most of the time. I have not come across a scenario where I am not able to automate any security-related feature for AWS with Prisma Cloud.

Prisma Cloud helps to take a preventative approach to cloud security. It is about 97% there. It is very good for cloud security posture management. It is also good in terms of prevention.

Prisma Cloud was deployed before I joined the company, but within six months, I was able to see the ability of Prisma Cloud. Compared to the old solution that I was using in my previous company, it has more capabilities and more features. It has less than 1% false positives. It is a very nice product.

As it was already implemented when I joined, I only tried to use all of its features or enhance the features wherever I could. I have never come across a breach situation, but if there is a breach, it will provide immediate remediation or at least give us the information. If you have configured it properly, it alerts you that this breach is happening, and this could be a possible cause and a possible solution. In my experience so far, it has been quite comprehensive.

Palo Alto DSPM is one of the best features because we have customers across different domains. For data classification, it is a very nice product. It also has some customization capabilities where you can define your categories and categorize the data according to that. It is one of the top-rated solutions.

Palo Alto DSPM can help discover data that exists outside of your official IT systems, but I do not have experience with that. Based on the documentation and what people discuss on different forums, it is capable.

Palo Alto DSPM provides automated discovery of new data assets as they onboard. When we onboard a new customer or their new AWS environment, it helps a lot in discovering. This automated process is very nice. We are able to discover them as soon as possible. It is quite easy to discover and classify. We are more comfortable now.

Palo Alto DSPM provides us with a prioritized list of all the data security posture issues in our environment. We can categorize and prioritize what needs to be done. We can see what kind of alerts should be prioritized and what data we can prioritize to monitor. 

Prisma Cloud has good insights. You can have graphs and very good statistics. To present the statistics, it has very good reports. The representation within the reports is very nice. It takes you to the core of the things. You can get the statistics at a very granular level.

Prisma Cloud is one of the best products. We renew annually because it seems that we cannot survive without it.

We have integrated Prisma Cloud with our SOC operations. It is a Cloud Security Posture solution that can be integrated with multiple SOC standards or SOC solutions or products.

Prisma Cloud provides the visibility and control we need, regardless of how complex or distributed our cloud environments become. Otherwise, we would not continue with the solution. Our chief security officer and others find it to be one of the best solutions.

It is not very easy to deploy, but once you learn it and deploy it properly, it provides a very granular level view of your entire security environment. You can do a lot of customization. You can monitor. You can remediate. You can automate a lot of processes.

Prisma Cloud has reduced a lot of our manual work and a lot of our time from having to go into different environments and looking into them. We do not have to use different products for different purposes. That is why Palo Alto Prisma Cloud is one of the best solutions. We can have everything within one solution. It has helped us with cloud security posture management. We mostly work with AWS. We have time savings, and we have productivity improvements. We have moved towards a rapid remediation or an automation of remediation. We have moved towards more effective alerts related to any kind of vulnerability. That has helped a lot. We can report them to our management and our teams, and we can also communicate the same to our customers. That is where Prisma Cloud has an edge.

Prisma Cloud has saved us money. Previously, we were using multiple products. We were using one product to check the encryption and multiple products to maintain a security posture and capture vulnerabilities or issues with our CI/CD pipelines. The company was using four or five products. We are now able to get all those functionalities in Prisma Cloud, so the license cost of the products we were using previously is gone. Prisma Cloud initially seemed expensive to us, but when we started utilizing it, we were able to save the cost of other products that were giving us just a slice of the pizza but not the entire pizza. Prisma Cloud has helped us reduce costs, and there is also efficiency. The cost management team knows exactly how much we have saved, but as per the 2023 report, we have had about 37% savings from not having to spend on multiple products. We were able to achieve the same things with Prisma Cloud.

Through Prisma Cloud, we can write Lambda functions, configure policies to check the security posture, and get reports. We can do a lot more. That is my main expertise, and that is one of the advantages of Prisma Cloud. For example, we have almost 7,000 AWS assets. If I want to check how many of my S3s have encryption, I can write a Lambda function in Prisma Cloud and get that report. Things like this are helpful in understanding where we lack security and where we can improve it.

Prisma Cloud is very comprehensive, but there should be better support for the customization of the reports. If Palo Alto can have more customized reports available or give an option to the users to customize the reports, that would be great.

As Palo Alto is developing Prisma Cloud, they can provide more graphical visibility. That would help organizations like ours where we have to generate multiple reports and share them not only with the technical people but also with the management of customers. The reports should be as per the requirement of non-technical people.

I have been using Palo Alto Prisma Cloud for almost four years.

We are renewing its license because we are getting a lot out of it.

It supports multi-cloud environments. It is already scalable. It has very good features such as discovery.

We are a multinational company spread across the globe. I am in the UAE. Some people are connecting from the US, and some are connecting from the UK. All of them are working within their domain. The cost optimization team is within the US. In the technical team, eight members are from the UAE. A couple of them are from India and the US as well. Our customer base is mostly in the US, UK, and some of the European regions. We have very few from the UAE.

Their support is very good. If we have anything to discuss or want to learn something that has been added, we engage the support.

I would rate them a nine out of ten because whenever there are issues, they are able to resolve them within the timelines and SLAs.

Positive

Prisma Cloud was already deployed when I got into this company.

In my previous company, we were using a Cloud Security Posture Management solution from a smaller US company. I do not know if they are still using that or not. I do not remember the name, but we were getting a lot of false positives and things like that. We even gave this feedback to them.

I was not involved in its deployment. It was already deployed when I got here.

It does not require any maintenance from our side.

Prisma Cloud is no doubt one of the best solutions in the market. Among cloud security or cloud-based posture solutions, Prisma Cloud is one of the best.

We are getting what we want, so I would rate Prisma Cloud a nine out of ten.

I am in a services company. My company is also a partner of Palo Alto, so all the Palo Alto products have been tested, researched, and deployed at least three to four times by every engineer in my team.

It is being used for posture management. We have many users coming from many locations. All of them are having the same experience and all are secured. We used to use CASB which is a solution for authentication. This solution is in line with CASB. It helps to ensure that data protection is fine and all the data is coming properly. We can see whether there are any leakages or vulnerabilities. We can check all these aspects of security with this solution. All this is configurable. It is a web-based solution.

Our company is a vendor. If customers want, they can purchase solutions via us. We then take care of the physical box as well as the configuration. We manage the physical as well as the logical. In the case of Palo Alto, it is all logical. We can even code for a customer if the customer wants to upgrade their existing cloud setup, migrate to a cloud setup, or bring in a new setup. It is our bread and butter. We are one of the leading sellers of Palo Alto solutions.

Prisma Cloud helps reduce vulnerabilities. The number of vulnerabilities is less. If you have 1,200 vulnerabilities, after implementing Prisma Cloud, the number is drastically reduced to 500. That is one of the key advantages of using Prisma Cloud. You can see its benefits within a month.

Prisma Cloud helps to identify all the vulnerabilities in modern scenarios. For traditional scenarios, we have enough products, but a solution like Prisma Cloud helps to identify vulnerabilities in containerized environments and modern traffic scenarios. It helps with run-time security and east-west traffic.

Prisma Cloud helps secure the entire cloud-native development lifecycle, across build, deploy, and run. I would rate it an eight out of ten for this.

As an enterprise architect, I seek three capabilities from a solution. It should be preventative. It should be corrective, and it should be detective. Prisma Cloud is good in these aspects. I would rate it an eight out of ten for these capabilities.

Palo Alto DSPM's discovery and data classification processes are comprehensive. I would rate it an eight out of ten for comprehensiveness. For data security, we have a DLP solution. We have a separate solution. We never use Palo Alto for that.

Palo Alto DSPM provides us with insights into the content it has discovered. It also provides automated discovery of new data assets as they onboard and a prioritized list of all the data security posture issues in our environment.

The security provided by Prisma Cloud is important for our customers, especially for our banking and finance customers. We are a service company. We never use any of these products. I am a security architect. I am the one responsible for assessing and finding the right product and then deploying the product with the help of my engineering team.

Prisma Cloud definitely reduces complexity. We can see the issues or vulnerabilities that have been there for a while. We get good clarity on why they have been there and how to resolve them. Palo Alto is very good at this, and they make complex work quick and easy.

Prisma Cloud drastically reduces the number of vulnerabilities in the organization. There can be 60% to 70% reduction. It also depends on the industry again. For the web-based industry, where the company is providing solutions through the internet, such as share market or banking companies, it is very helpful. Production companies rarely use online solutions. 

With the reduction in vulnerabilities, the security cost automatically reduces. There is an indirect impact on an organization's cost.

It is user-friendly. It has a good look and feel and reporting structure. It provides a single pane of glass. These are the things that I like.

There should be some kind of automation, AI incorporation, and bot system. All these would add value. For example, AI should be able to detect all related viruses based on one virus. That will be a great invention. 

I have been using this solution for about five years.

It is stable. I would rate it an eight out of ten for stability.

It is scalable. I would rate it an eight out of ten for scalability.

Their support is very good. I would rate them a nine out of ten.

Positive

I have worked with Trend Micro Deep Security, Singularity, and Lacework. There is a new vendor called Orca Security. They are phenomenal. They can even beat Palo Alto.

Prisma Cloud is better in terms of cost, GUI, and look and feel. There is a single pane of glass and very good reporting.

Its deployment is straightforward for me. It is deployed across multiple geographies and departments. We mainly work with enterprises.

We have some stringent processes for getting the system to a perfect stage and ensuring that it is running properly. It takes at least a month. We do all sorts of testing, and then based on our test outcome, we configure everything in the right way. After that, we consider the data shown in the report as official.

Prisma Cloud is one of the top solutions in the market. When customers ask for alternatives, I recommend Trend Micro Deep Security, Singularity, Lacework, and Orca to them. I provide them with a detailed comparison, and then customers make the decision. I help customers with architecture design, decision-making, vulnerability assessment, and penetration testing. I also help them compare vulnerabilities before and after implementing a solution.

There were some cases where we struggled with some customer requests such as related to zero trust. We were struggling to configure that. They thought that this product also supported zero trust. We then had to tell them to buy the Prisma Cloud CNAAP solution. In many cases, we also moved them from DSPM to CNAAP.

As a security professional, I would not suggest automated remediation. That is because we need to see that automatic remediation does not impact anything else. We have a team. We register all the vulnerabilities and threats, and then at the backend, we do the testing to ensure that remediation or automated remediation will not create any other problems. As soon as we get that assurance, only then we do the fix. This is a requirement from the customer side, especially from the banking and finance organizations. Because everything is crucial, we do not configure automatic resolution for any of the issues.

Overall, I would rate Prisma Cloud an eight out of ten.