There are five pillars of Prisma Cloud, including CWPP for workloads and security posture in the basic configuration. We have also been working with application APIs. These are the areas in which I'm working.

Most of our customers are using multi-cloud or hybrid cloud environments, and the problem they were facing was that they didn't have a one-stop shop for managing all the clouds. For example, Azure has something like that capability, but there are some problems and gaps. Every cloud provider says, "This is our territory, and we can only secure our territory." But the whole idea of Prisma Cloud is that it can take any cloud, whether public or private, bring the accounts on board, and after that, everything is managed by Prisma Cloud.

Another problem with Azure is that it has very overwhelming alerts, making it hard to manage them in native Azure. With Prisma Cloud, we have different rules and it is easier and more manageable. It is not overwhelming. We can look at its different modules. If we're talking about identity management, we can go to that module and see the identity. That makes things quite manageable with Prisma Cloud.

When it comes to investigation time, Prisma Cloud has something like 18,000 or 19,000 predefined policies and has remediations as well, so we know what to do or what not to do. It helps reduce investigation time because all those policies are already there. They are the "top" policies, and it provides remediations alongside.

Most of the customers we are tackling have different tools and solutions, like Qualys, Nessus, and vulnerability management assessment solutions. There are plugins for them, and we can integrate Prisma Cloud with them. We can enrich our telemetry with their data and use the predefined correlation rules in Prisma Cloud. That means we have that work done in seconds.

We also like the firewalls.

It also perfectly provides security across multi- and hybrid cloud environments. We use it with multi-cloud environments, and there are five cloud providers supported, including Amazon Web Services, Oracle, GCP, Azure, and Alibaba. Most of the big companies out there are using multi-cloud or hybrid environments, and they share dependencies on different types of cloud.

The basic idea of Prisma Cloud, and what I like the most, is that it is a managed cloud and everything is easy to do. So we can integrate different cloud-native services. We can use solutions like Defender for Cloud, Azure, and Amazon Inspector and enhance our telemetry using these data lakes. Prisma Cloud is the best for integrating with these cloud-native solutions.

The automation is good so far. If we look at the Kubernetes runtime environment, there is good automation for that.

Prisma Cloud is all about a preventative approach, and we can use it for compliance as well.

We can also integrate it into a CI/CD pipeline, and it can scan different images and containers, such as Kubernetes. Also, when we are loading an account, there are some agents that scan as well. There is Lambda for automation, and, in the first phase—the staging environment—we can have our work done. Pipelining is a continuous process, and the scanning takes place in the previous stage only. It runs in a sandbox environment and gives us all the remediations.

Sometimes, credentials are hardcoded. We can use the code security module and correlate with the predefined rules provided by Prisma Cloud. We get alerts, and based on these alerts, we can harden the policies for that code.

And the dashboard provided by Prisma Cloud has capabilities through which we can make alerts visible based on their severity level. We can create a separate dashboard for rules related to medium or high severity. That way, without wasting our time, we get to the medium- and high-level alerts and tackle the things that need attention the most.

The automation capabilities are growing each day, but the problem is that the updates are not that frequent. There are some services on Amazon that have come out with updates, and Azure is also getting up to date. But Prisma takes some time to follow. There's a time gap that Prisma inherits from these clouds. I understand why it takes some time, but that time should be reduced.

I have been using Prisma Cloud by Palo Alto Networks for two years.

The stability is a 10 out of 10.

The scalability is also a 10 out of 10.

We have a team of 25 to 30 people. Our company is based in India, but we have offices in Malaysia, Singapore, and Bangladesh, and we have clients in India and outside of India. Most of them are enterprise-level.

Their technical support comes up with great solutions. Every time we call we definitely get a solution.

Positive

It is onboarding in the cloud. There are a lot of documents, but it is quite easy. I'm into training as well, and it is quite easy for me to train my interns on how to onboard accounts to Prisma Cloud. If we are only onboarding one account, it happens in minutes.

In terms of price, we have to see the value we are getting for the particular penny we are paying. In that context, Prisma Cloud is a value-back cloud-managed solution; cloud-native solutions are quite expensive. That's why a lot of our clients are shifting from cloud-native to Prisma Cloud: because of its effectiveness and because it is budget-friendly as well.

I love Prisma Cloud. It's a one-stop shop for managing cloud security. And it is very easy to use. The dashboard and all the UI are very easy.

I am using five modules of Prisma Cloud, and I have expertise in CSPM. The use cases are related to securing our host container environment and multi-cloud environment.

We were looking to resolve issues related to host and container security in the Kubernetes environment, vulnerability management, and compliance management.

One of the benefits of using Prisma Cloud is that we can easily make our cloud environment compliant. We can make it vulnerability-free, helping coders or application users bring their applications to production without vulnerabilities or malicious packages.

We have gotten good reviews from our customers, saying that they have improved their security with Prisma Cloud for their cloud environments. That includes customers in finance and in the medical field. And the reporting we get from Prisma is excellent.

It has helped us reduce runtime alerts by 70 to 80 percent.

And because it's very transparent, we can directly investigate things. It has reduced investigation time by 100 percent. We can easily go to the dashboard and check what's happening when investigating. We have to be experts with our tools to investigate and do a deep dive into an incident.

The best feature of Prisma Cloud is that the various modules have different features. With the CSPM, we have compliance management, and we also have an auto-remediation module. In CWP, we can go with runtime, where one of the great features is blocking vulnerabilities or malicious activities from the pipelines or CI. All five modules are taking a preventative approach to the security of the cloud environment, from the network to the cloud, posture management and workload protection.

In CI/CD, we have the option to add a Prisma scan, which helps us remove the vulnerabilities and malicious parts of packages used to create an application. This option enables us to scan the images before running or building them and to get a vulnerability report.

Prisma scans things and shows all the vulnerabilities and packages that are vulnerable, and which layers, by default, have vulnerabilities. So developers can easily go into the package or a particular layer and make changes to their code. It's very transparent.

Reporting from Prisma Cloud is very straightforward. We can export reports in CSV format, or we can use the APIs in Prisma to fetch reports. Reporting is very easy and customizable.

It is also compatible with multi-cloud and hybrid environments. It gives the option to onboard with five clouds: AWS, Azure, Alibaba, Oracle, and GCP. Most of the companies we deal with use parts of various services from different clouds. To provide them with solutions, we need Prisma Cloud, as it helps manage multi-cloud environments.

A lot of automation capabilities are coming out with the updates, and they are growing day by day. The basic automation covers remediation of alerts, and in live applications we can block malicious activities in the files where the vulnerabilities come across.

In terms of cloud-native application comprehensiveness, we can integrate various cloud-native applications with Prisma Cloud. We can use Defender to protect workloads or Kubernetes in any native cloud like AWS EKS.

The CSPM provides the whole asset inventory, where we can see all the services in our cloud environment and how they are working, as well as how the assets are connected to each other and which network is connected. We can see the configuration.

We face some GUI issues related to new permissions for AWS. So far, we don't have any automation to complete them through the GUI. We have to manually update the permissions. Our customers have faced some issues with that.

I have been using Prisma Cloud by Palo Alto Networks for more than four years.

The stability is a nine out of 10.

The scalability is a nine out of 10. We just need some of the automations to come around in Prisma.

With all the capabilities it has and how comprehensive it is, with CSPM, CWPP, and more, we get help from the technical team at Palo Alto. They help us to get into what Prisma Cloud is and all the capabilities it has.

Their technical support comes up with good solutions for every difficulty we face.

Positive

The initial deployment is very straightforward, with the help of the technical team and tech support. It's very easy to get into Prisma Cloud. It takes time, one to two weeks, to complete the deployment. Most of our customers are enterprise-level, although we also have small clients.

The maintenance is mostly handled by Palo Alto teams. The updates are scheduled so that we know at what time they will update and what the new features are. They are good when it comes to updates.

I'm on the technical side and not into sales, but Prisma Cloud is better than the native applications when it comes to pricing.

I suggest that my customers adopt Prisma for every module. It's the best security platform, where we can provide security for multiple clients without using the native security approach.

I highly recommend this solution.

My company provides solutions for Cisco customers and helps them secure their cloud environments. Most of our clients are adapting to the cloud, and we're trying to resolve vulnerabilities in their configurations. I use all of the Prisma Cloud modules but have expertise in the CSPM and CWP modules. We work with SMEs but also have some enterprise clients. 

Using Prisma Cloud has improved customer satisfaction. Our customers are happy with the solution and the level of security we can provide with this. Prisma can secure a cloud-native development cycle. We can configure Prisma to run a scan before we build the images. 

Prisma is known for its visibility and comprehensiveness. It provides insight into our entire inventory of assets and everything happening in our multi-cloud or hybrid environments. We want to know all the services working in our environment and who is accessing them. 

It provides a single tool for protecting all cloud resources without the need to reconcile compliance reports. All of our reports come into Prisma's CSPM module via the APIs. It's easy to get the reports coming into CSPM. We can get the inventory, asset, and alert reports containing all of the alert notifications coming into the CWPP and the reliability and compliance. It has enhanced our overall reporting experience. We can do a deep dive into alerts from various integrated third-party applications and get alerts sent via email or SMS text to keep track of any incidents in our environment.

My favorite feature is the CWPP module. We can define various kinds of rules for vulnerabilities, incidents, or suspicious activities. Prisma Cloud covers various cloud providers, including AWS and GCP. It covers every cloud on the market. 

Many customers in finance, healthcare, and other industries are adopting cloud or hybrid environments. Some of them are using GCP, AWS, and Azure services together, and Prisma is compatible with all of them.

Prisma's ability to protect a fully cloud-native stack is comprehensive. We benefit from Palo Alto's technical knowledge, training sessions, and learning programs to develop robust solutions for our customers. Prisma's automation features are helpful. We can set up automated remediation, messaging, and alerts. The CSPM module can be automated directly, and we can automate runtime rules in the CWP module. We can also automate some code scanning. 

Prisma is integrated into our CI/CD pipeline through the CWP module. We can load the images into Azure DevOps and scan them for vulnerabilities or compliance issues. We can block the vulnerabilities or disable the application so it cannot run with the vulnerabilities in place. 

Runtime alerts are among the best capabilities. In CWP, we have to block malicious or suspicious activities to stop the incoming attacks against our workloads. Using various templates, we can reduce our runtime alerts by 60 to 70 percent. 

I have some challenges customizing and personalizing some of the capabilities in the CSPM in terms of new policies and services. We have to reconfigure and rebuild the CSPM.

I have used Prisma Cloud for around three years. 

I rate Prisma Cloud nine out of 10 for stability. 

I rate Prisma Cloud nine out of 10 for scalability.

I rate Palo Alto support 10 out of 10. They come and help us a lot. 

Positive

Deploying Prisma Cloud is straightforward. We received some training from Palo Alto's technical team. The deployment time varies depending on the client and the modules you deploy. It may take a few weeks or a couple of months. After deployment, Palo Alto handles the maintenance. They notify us by text or email when there will be a scheduled maintenance window. 

I'm not involved on the financial side, but I know that Prisma Cloud isn't cheap. 

I've seen some other solutions with CSPM and CWP capabilities, but they do not have the same coverage of multi-cloud or hybrid environments. That's an area where Prisma stands out from its competitors. 

I rate Prisma Cloud 10 out of 10. 

We use Prisma Cloud Data Security for security compliance and detection.

We implemented Prisma Cloud because it eliminates the need for hardware appliances, thereby reducing our on-premises footprint.

Prisma Cloud provides security scanning multi and hybrid cloud environments which is important.

Prisma Cloud provides comprehensive protection for the entire cloud-native stack, encompassing threat protection, global protection, threat intelligence, and zero-trust architecture.

Prisma Cloud's security automation capabilities are effective. It utilizes AI-powered cloud-based technology to analyze unknown files and identify potential threats.

Prisma Cloud employs a combination of features to safeguard against both known and unknown threats, including IPS and threat intelligence integration.

Prisma Cloud has benefited our organization by providing URL filtering, facilitating secure customer connections, implementing endpoint security with a zero-trust architecture, and enabling user identification.

Prisma Cloud safeguards our entire cloud-native development lifecycle. Palo Alto's architecture encompasses multiple engines, each with distinct functionalities. These engines include the SP3 engine, application visibility control engine, URL filtering engine, Wildfire, intelligent saving, zero trust, threat prevention, and content infection. Together, these engines enhance security, reliability, and threat monitoring.

Prisma Cloud provides visibility and control of our web traffic at the URL level and across other technologies.

Prisma Cloud's visibility improves our confidence in our security compliance posture.

Prisma Cloud effectively integrates security into our CI/CD pipeline and seamlessly harmonizes with existing DevOps processes.

Prisma Cloud provides a single monitoring tool. The single point of monitoring makes our company more secure.

Prisma Cloud provides up-to-date information about real-world threats at runtime and across the entire pipeline, through communications, community, and mail.

Prisma Cloud reduces the number of runtime alerts. The extent to which alerts are reduced depends on the appliance and the number of throughputs purchased.

Prisma Cloud has saved our organization money. 

What I like most about Prisma Cloud is its zero-day signatures, maximum security, minimal downtime, cloud visibility, control, and ease of deployment.

Firewalls can identify application and user activity within network traffic. This includes information such as, what applications are being used, what URLs are being accessed, how frequently applications are being accessed, and how much time users are spending on particular applications.

The Palo Alto support needs to improve. Their response time is not good.

I have been using Prisma Cloud by Palo Alto Networks for two years.

Prisma Cloud is stable.

Prisma Cloud is scalable.

The technical support is slow to respond.

Neutral

We previously used Fortinet, CheckPoint, and Cisco. Palo Alto Prisma Cloud is more efficient in single scans.

The initial deployment was straightforward. Using a basic configuration, we can deploy within six hours. I completed the deployment myself.

Prisma Cloud by Palo Alto Networks carries a higher cost, but its enhanced security measures justify the expense.

I would rate Prisma Cloud by Palo Alto Networks nine out of ten. Its architecture is well-designed, more reliable, and more secure.

We have Prisma Cloud deployed in multiple locations across the globe.

The maintenance is done on the cloud.

I recommend Prisma Cloud to others.

The solution is integrated with cloud environments such as Azure, Alibaba, and Oracle. After integrating, we do check the network logs, including what are the config logs or configuration issues clients are facing. We see what their cloud requirements are. There are email use cases specific to the modules, and we do have visibility over the entire cloud environment. We handle vulnerability management and can block according to the rules and policies. 

We can manage identities as well, right down to a particular machine. 

We've been able to solve various problems. It's helped with cloud security. It problem solves for threat detection and compliance. 

It's helped clients with cloud security. When it comes to the financial aspect, we have clear visibility into what is going on, and we have a clear idea of how we can inspect and prevent issues. 

It offers full visibility.

There is auto-remediation capability with this solution. 

It offers threat detection across multi-cloud environments. Many clients are using hybrid setups and different clouds in India. When it integrates, it's helpful in gaining visibility across the entire environment.

It is comprehensive. It's very easy to define rules and auto-remediation. It's basically one click. It's great for protecting the full cloud-native stack. 

The security automation capabilities are very good. It's played an important role with auto-remediation, which is important to the automation process. We can decide how we want to respond as well. We can arrange logs and alerts. All of this can be automated. 

It allows us to take a preventative approach to security. When I started with Prisma, we had sessions about how we could work with the capabilities. We have a lot of features in Prisma Cloud. The UI has improved and helped us gather information about vulnerabilities and compliance issues.

The build, deploy, and run lifecycle is good. We have particular pipelines, and we have out-of-the-box policies defined. We can see what is going on. We can move faster within the environment with it. 

It provides complete microservices that we can check on a micro level. The solution provides visibility and control regardless of how complex or distributed our cloud environments become.

The solution enabled us to enter our CI/CD pipeline and touchpoints into existing processes. It provides us with a good backbone. 

We are provided with a single tool to protect all of our cloud resources and applications without having to manage and reconcile compliance reports. It can fetch the reports for us. We have APIs and pretty refined plugins to get the reports. We can get it all from the console. We can also schedule reporting. The third-party integrations are very helpful.

The runtime policy is very helpful. We can define runtime rules and go through alerts or blockages. It's one of the best parts of the solution. It's reduced the number of alerts, sometimes by 80% to 90%, depending on the situation.

With the amount of visibility we get, we've been able to reduce alert investigation times. We can investigate if we need to, or we can make custom answers to specific alerts. Depending on your level of expertise in the tool, it barely takes any time at all. If you understand the case, if you already know the type of answer, you can put it in. With Prisma, we've been able to reduce investigation times by 80%.

While, as a cloud security engineer, I can't say how much money it saves, I can see the credit, and it looks like less money is spent.

When there are updates, whether daily, weekly, or monthly, it needs configuration or permission adjustments. There is no automation for that, which is too bad. 

I've been using the solution for two years. 

This is a very stable product. 

Prisma users are increasing day by day. We have a team of around 12 people using the solution. We have a variety of clients coming onto Prisma, and we work to help them become more compliant using the solution. 

It's very scalable and very easy to use. 

We used technical support during deployment, and they were very good. Technical support is awesome. 

Positive

I haven't really worked with other tools. I started with Prisma Cloud.

The initial setup is pretty straightforward. We had good support to help with learning and the capabilities of the solution. 

The training took two to three weeks. The deployment would take around two to three days. 

There isn't too much maintenance. There are updates. There's nothing other than that. 

Prisma's support helped with the deployment. 

We are a Palo Alto partner.

After using the solution for about two years, I would rate it nine out of ten so far. 

Prisma Cloud by Palo Alto Networks is a comprehensive cloud security platform that encompasses vulnerability management, container management, Kubernetes management, and serverless management. It utilizes modules, such as Cloud Workload Protection, to provide comprehensive cloud security. Before deploying any applications, Prisma Cloud performs cloud scans to identify and address vulnerabilities, minimizing potential threats. The solution provides visibility into our cloud environment, enabling us to effectively manage and monitor our infrastructure. This capability is particularly valuable in the financial industry, where hybrid multi-cloud environments are prevalent.

We use all the modules Prisma Cloud offers.

Prisma Cloud offers security scanning for multi-cloud and hybrid cloud environments. This is crucial because managing multiple cloud accounts, such as AWS, GCP, and Azure, typically necessitates accessing each account individually to view the inventories of assets and services. Prisma Cloud eliminates this inconvenience by consolidating all of this information into a single unified interface, providing a comprehensive overview.

The comprehensiveness enhances threat protection by providing integrated and out-of-the-box policies, along with all the necessary components, to effectively secure cloud environments and achieve comprehensive visibility through Prisma's capabilities.

The security automation capabilities of Prisma Cloud are effective. We can automatically remediate some of the alerts using predefined policies. We utilize Defender to detect vulnerabilities in our containers, AKS, and GKE environments.

Prisma Cloud has benefited our organization in so many ways that we can't count them all on our fingers. The Cloud Security Posture Management module of Prisma provides a wide range of capabilities, including visibility, governance, compliance, auto-remediation, integration with hybrid cloud environments, vulnerability reporting, and blocking capabilities. It also offers compliance reports, integration with third-party tools for vulnerability and alert notifications, and Cloud Workload Protection capabilities for blocking, alerting, and specifying affected containers or servers. Additionally, it provides visibility into code security by monitoring the Infrastructure as a Code environment for unauthorized users.

It enables a proactive approach to cloud security, allowing us to prevent vulnerabilities, threats, and complications arising in cloud or hybrid cloud environments. We can easily investigate and obtain comprehensive reports.

We spent the first five months after implementing Prisma Cloud familiarizing ourselves with the solution and completing the training sessions provided by Palo Alto. During this time, we began to see the benefits that Prisma Cloud offered our organization.

Prisma Cloud works with the CIB. Therefore, when we build and deploy something, we can incorporate a Prisma scan, which assists us in scanning the images and gaining insights into the state of our environment. It provides us with comprehensive visibility and raises alerts or triggers notifications to inform us of any missing elements or potential issues. This is how Prisma can contribute to the build and deploy phases.

It provides deep visibility and control regardless of how complex our cloud environment becomes.

Prisma Cloud enables us to integrate security into our CI/CD pipeline and it provides us with a single tool to protect all of our cloud resources.

Prisma Cloud provides run-time risk clarity throughout the entire pipeline, revealing issues as they arise. This enables us to effectively block vulnerabilities and rectify identified problems.

We have reduced run-time alerts. The run-time protection has helped many of our clients protect their environments.

Prisma Cloud has significantly reduced our investigation time. The clear visibility it provides into our environment and the process flow has streamlined our investigations. Additionally, using Prisma to investigate issues rather than directly accessing our cloud accounts saves valuable time.

The most valuable features of Prisma Cloud are its cloud security posture management and cloud workload protection capabilities. Integrating Prisma Cloud with our cloud service providers provides a comprehensive view of our multiple cloud environments through a single dashboard. This enhanced visibility improves vulnerability management and compliance. With CWP, we can gain complete visibility into all workloads within our environment.

We are encountering issues with the new permissions required for AWS integration with Prisma. Specifically, we need a mechanism to automatically identify and integrate the missing configuration permissions that are introduced on a biweekly or monthly basis. We have requested the Palo Alto team to develop this automation, and we are eagerly awaiting its implementation. We appreciate the efforts of the engineering team for their contributions.

I have been using Prisma Cloud by Palo Alto Networks for two years.

Prisma Cloud is a stable platform. The only downtime we experience is scheduled, and Palo Alto notifies us in advance of the scheduled outage and its duration.

I would rate the scalability of Prisma Cloud a nine out of ten. I have received positive feedback from our clients indicating that Prisma Cloud is an excellent fit for their environment.

We have repeatedly contacted technical support to address issues encountered by both ourselves and our clients. The support is helpful.

Positive

We previously used AWS GuardDuty for vulnerability management and compliance visibility, but it was not user-friendly due to the requirement to log into separate accounts to access reports.

When I first started using Prisma, I found it to be very easy to learn. Several of our engineers were already familiar with Prisma Cloud and were able to help me understand how it worked, including the UI, navigation, and integration with other tools. They also showed me how to make API calls and integrate Prisma with third-party tools. Additionally, the Prisma team was incredibly helpful whenever I contacted them for assistance. They were always willing to answer my questions and help me troubleshoot any issues I was having.

I completed the implementation myself after completing the training sessions with the Palo Alto team and attending a lab session for the Prisma Cloud deployment.

I don't have direct access to financial information, so I'm not fully aware of the overall costs. However, I do work with clients and solution teams to provide relevant solutions. I also collaborate with the research team to explain Prisma's capabilities and its comprehensive range of features. When I see the credits and other similar programs may make Prisma's licensing costs appear lower than those of competing tools, it's important to consider the overall cost when evaluating cloud security solutions. For example, when implementing cloud security measures for CSPs or CWPs, other tools may be required, potentially leading to higher overall costs than Prisma Cloud's comprehensive solution.

I would rate Prisma Cloud by Palo Alto Networks nine out of ten.

Prisma Cloud necessitates maintenance for both weekly and monthly updates.

My advice to new users and researchers is to delve into Prisma Cloud's capabilities and potential. Understanding the full scope of what it can do is crucial for new users. It's not just about visibility or the GUI; it's about the underlying work that engineers do, such as runtime protection, virus detection, and code security. New users should have a clear understanding of these capabilities. They should participate in sessions, practices, and labs to gain hands-on experience.

I work with various modules, including CSCM, CWP, Code Security, and NS.

We use the solution for day-to-day activities, from onboarding accounts to deploying Defender to creating rules to monitoring incidents. It's used for alerts and monitoring of what happens on the workloads. 

Our customers use the solution to try to meet their compliance standards, and for audit purposes. It helps create policies. SmartCloud itself has around 2,000 policies. It can cover compliance standards around banking, for example, around workloads and data. It helps align with governing bodies' compliance standards. We can create custom policies and anyone can create workloads.

There are many modules that have various capabilities. We can look at the misconfiguration of cloud resources, for example. They can help with compliance as well. We get notified and get data alerts and this is automated. However, we can manage items manually as well. 

It's good for monitoring your environment for AWS.

For visibility, we can create one service account.

Regarding the assets, regarding the alerts, we get all the data. It's great for our cloud security posture and management.

It's cloud-native and is used in major cloud environments. With it, we can monitor clouds like AWS, DPP, Azure, Alibaba, and Oracle. This is important. Many customers work with various key cloud providers. They often have their resources across different cloud providers and all resources must be protected and monitored. With this product, we can monitor all the things even if they are on different clouds - and it can be done on one platform. 

The most valuable aspect of the solution is the computing part.

Prisma Cloud makes it easy to host virtual machines and cluster environments like container Kubernetes. It does this while providing a single dashboard, from which we can monitor all of the workloads and perform vulnerability scanning.

It's very good at helping us take a preventative approach to security. Many bans are using it as a cloud security tool based on the level of prevention they offer. 

It supports the multi-cloud environment beautifully. If there is any kind of anomaly, it helps alert you to it. If there are malware or brute force attack attempts, it will report that. We can both monitor and audit the system. They have their own out-of-the-box configurations or we can customize them to create our own monitoring and auditing policies. 

The solution provides us with data sessions to help gain visibility of workloads in various regions. For example, if there is a workload created just in the US region, we can see that. It will give an overview also. It supports all kinds of workloads, from host protection to Kubernetes and container environments. It even provides support for the Oracle Kubernetes environment.

It ensures that nothing impacts operations. It will block vulnerabilities or implement fixes. 

The solution provides the visibility and control you need regardless of how complex or distributed your cloud environments become. It's very easy to see the entire security posture from every angle - region, data, compliance, et cetera.

We can integrate it into our CI/CD pipelines into existing DevOps processes. We can integrate via APIs or code. When a developer is in the code and integrating, if there's a vulnerability present, or a misconfiguration, it will scan and provide data. With Terraform templates, we can create a lot of instances. With one Terraform code, we can create hundreds of instances. 

The solution helps developers go to very specific locations, to exact areas, at which point they can perform fixes. 

Overall, it provides us with a single tool to protect all of our cloud resources and applications. It's got the best features for web applications and ETL security.  By enabling data, we can monitor whatever is deployed on the cluster or on the IT environment. It provides risk clarity across the entire pipeline. For example, the vulnerability explorer gives you a view of the top critical vulnerabilities. That way, developers can see what the priorities are for what needs fixing. 

It reduces runtime alerts. They provide us with a runtime alert console. It's also reduced alert investigation time. By clicking right on the investigation, we get all the data, including the source IP and any kind of suspicious detail in the workload. We can quickly go ahead and block IP as necessary.

We're able to directly integrate alerting to tools like QRadar.

The solution has helped our customers save money. They don't have to go ahead and hire individual experts for different areas like AWS and Azure. Having everything separate can be hectic and expensive. This is centralized. YOu don't need different teams. With its user-friendly interface, you only need one or two resources to monitor the whole cloud environment.  

Prisma Cloud introduced some new permissions so we have to go and manually add that permission. It is a little bit hectic. If someone onboards single accounts they have to go through each account in that IIM role, and they have to manually add that permission. It's a manual job that takes time. It would be ideal if there was some sort of automation involved.

In scanning, it does not provide runtime protection. 

The licensing could be better. You need to deploy an agent and it would be more convenient if it was agentless, which should be possible. With agents, you are consuming the same amount of credit, yet it does not provide the same amount of features. The automation needs to be improved and included in terms of AWS onboarding. For Azure, it's good, however, with AWS it requires manual intervention. 

Sometimes we do get false alerts. That should be improved. 

I've used the solution for around one year.

The solution is stable. There is occasionally some downtime.

The solution has been scalable. 

Technical support is strong. They have different levels of support, critical, high, medium, and low. For issues rated as a high priority, they provide assistance within one to two hours. Lower priorities may take 24 hours. 

Positive

I did work with a different product previously. Often, other solutions do not have as much visibility. AWS native services, for example, are not able to monitor the workload or data of Azure. You'd need another product for that. Similarly, Defender will only monitor an Azure environment. I have not worked with something that moved across clouds like this solution does. 

I've helped deploy the solution for five to six clients. 

In the early stages, it's a bit complex to set up due to the fact that it's new and we need to train. We need to give users a session and a POC or demo. So the complexity comes from the training and onboarding, not necessarily from the product itself.

Typically, we can deploy it in one week, and deploying it to any cloud environment would take one to two hours. After onboarding the new cloud environment, we need to create rules and integrate the ticketing tool. That might take two weeks also. There's a dependency with the cloud team in that sense, since, if you are going to integrate anything you need to schedule a call. If Defender is included, we need to deploy it manually. We'd also decide what is being automated. 

The solution does require some maintenance. On the portal, it would show whenever some maintenance is needed or if they are updating their versions. There may be maintenance downtime. The maintenance is provided by Palo Alto itself. We'd notify the customer if they need to be prepared for some downtime. 

Customers have witnessed a good ROI based on the ability to create and customize multiple policies. It helps them meet compliance and auditing requirements. 

I don't know the exact cost; that's handled by another team. However, my understanding is that the cost is based on consumption. 

It takes a little bit of time to create time to value for the solution. A new customer might not have any idea of a cloud's capability. Some people need training and this might be on a quarterly or monthly basis to get the customer up to speed. Once they are more knowledgeable about the solution, they can utilize its capabilities more fully.

I'd recommend the solution. It's comprehensive for securing the entire cloud-native development life cycle across the build, deploy, and run. It not only provides security protection in the runtime environment - it also covers CI/CD. We can integrate Azure DevOps or any kind of solution like Jenkins. 

For new customers, I'd recommend they take on a demo or POC. They can get a one-month license and try it out. Customers can coordinate with partners and see how it would work in their environment. If a customer has a multi-cloud environment, this is a good choice. 

I'd rate the solution nine out of ten. 

We used a couple of modules, mostly WAFs. We use it for detection. 

We use it for our modern infrastructure, mostly run on the cloud. We use it to measure the security of cloud-native infrastructure and to calculate the risk of the applications we use and APIs we interact with. We also use it to meet compliance requirements. We have plenty of use cases for this product.

We really wanted to capture all of the information. To make something in-house would be too much engineering work for us. We don't have to bui;d something from scratch; this allows us to use something that is highly accurate.

We're a fintech company and we deal with a bank. Doing certain tasks manually, like logging every node, server, and container, can take six to nine months. However, if you can automate the process, you achieve the same results in a short time span to help ensure product security.

We were using common CBE for general identities.

I personally used the web application API security, WAF for in-line controls. It helps with implementing an additional layer of security to block the attacks and get alerts on vulnerabilities. I am just focusing on that side.

The support is excellent. They'll call us personally and keep us updated. It's some of the best support I've dealt with.

It's great for protecting the full cloud-native stack. Being a security engineer, I have the visibility of the solution on the infrastructure. The tool is doing a good job of automating this process and making it less time-consuming for me. I don't need to handle as many manual tasks.

There are various cloud configurations that can help you gain insights. If a threat is on the portal, it will give you insight into the cloud infrastructure to help you improve the configuration to make it more secure. In terms of threat detection, you can see different kinds of payloads coming to the API. It helps you consider fixes, like adding more validation.

It is very easy for us to generate reports and download the findings while working with the team to resolve issues.

It's good for build, deploy, and run, however, we still need to figure out how to better integrate it. We're still in the early stages of exploring this for CI/CD. 

The solution does provide the visibility and control we need regardless of how complex or distributed your cloud environment becomes. When we were using our core infrastructure previously, we didn't have the visibility, for example, on which APIs we had or were using. Now, there's a better understanding. It's helped us become more confident in our security and compliance posture. If someone comes tomorrow to audit, we can do a fast report and we can pass that over to show to compliance. It would show the risk factors and what we are monitoring. It's the first thing we would go to during an audit, to provide transparency. 

The solution provides a single tool to protect all of our cloud resources and applications without having to manage and reconcile disparate security and compliance details. It's mandatory to have a tool like this to run a fintech in India as we need to have an audit trail in order to be able to submit reports. Operationally, it's helping us stay compliant. 

We are able to enable alerts. We are using it more manually. We can see alerts on Slack. We can configure alerts as we like.

The UI is good, however, they could improve the experience. The animations on the dashboard could be better. They may already be working on an update to improve this.

We'd like to understand better how to automate between the pipeline and CI/CD. There's a bridge needed between DevOps and security. We need to understand the alerts. There seems to be a gap in DevOps that we need to reconcile. 

I've been using the solution for more than six months. 

While running the solution, we have no issues at all. 

We have Prisma installed on Google Cloud, across multiple accounts and environments. We also have data recovery in another region. I'm not sure if that is covered by Prisma. 

It's scalable. It's not difficult. In fact, it's easy. You just need to add agents to the nodes you want. 

Technical support is great. There are two teams. One is always available. Another is creating tickets and looking into issues. Both are quite good. They are eager to support the customer. 

Positive

We were using another product previously. It was called Lacework. The virtual business aspect was a reason we switched. We also wanted to have more functionality and more insight and control into APIs. The visibility was also better with Prisma. 

The deployment was handled by the DevOps team, not the security team, which is the team I am a part of. There was a requirement to install it on every node of the infrastructure. However, my understanding is it did not take too much time. My understanding is that it was easy to install and it was done within 30 minutes to an hour. It was deployed in a very short amount of time. One person was able to deploy it; we didn't need a team. 

There may be some maintenance required. 

I'm not sure of the licensing terms or the exact pricing. 

We did evaluate multiple tools. We knew what we needed the tools to do and we were comparing them all together. We realized that Prisma did a better job and decided to go with them. 

I am a customer and end-user. 

I'm not sure if the product is useful in a multi-cloud environment. I hope it is. We just have the one cloud environment we use it in. That said, we are using it in multiple staging environments. 

We have not enabled the Code Security module. We still need to integrate in that sense with Prisma. We did do the integration with cloud infrastructure. 

For any product you choose, it's good to consider security. I'd recommend Prisma as it offers good security. 

I'd rate the solution eight out of ten. There isn't really anything missing in the product. However, there's always scope for improvement. 

We host a Prisma Cloud platform on AWS. My role is to host the Prisma Cloud application and provide support to the development team.

We use Prisma Cloud to monitor the health of our Kubernetes clusters and to scan images for vulnerabilities. Developers use Prisma Cloud via twistcli CLI to scan images and view vulnerabilities on the Prisma Cloud user interface.

My job is to maintain the production and staging environments, including installing the twistcli client and deploying dependencies. I also help developers troubleshoot issues with pipelines that connect to Prisma Cloud using twistcli CLI.

Prisma Cloud provides security for multi- and hybrid-cloud environments. It can also monitor multiple on-premises and cloud accounts. In our use case, we have around 40 AWS accounts, which we have added to the Prisma Cloud monitoring tool. We receive non-conformance alerts every month. Prisma Cloud monitors every node in AWS. If a developer opens ports globally, Prisma Cloud will detect it and send an alert to our cloud operations technical team, who will immediately alert the respective developer teams. Prisma Cloud also detects certain types of alerts related to managing data plane infrastructure. For example, if a developer deploys an application on a Kubernetes cluster on AWS and then deletes the application, but the EBS & balancer is not deleted, Prisma Cloud will automatically detect this and send a non-conformance alert to our group email ID.

Prisma Cloud's security automation capabilities provide a variety of features, including twistcli CLI, which can be used to identify vulnerabilities in Docker images. When twistcli CLI detects a vulnerability, it sends an alert to a group email address. The alert includes remediation steps that can be easily followed to fix the vulnerability.

In my experience, Prisma Cloud is the best cloud security solution, whether on-premises or in the cloud. It can monitor multiple cloud products, such as Azure and AWS. I believe it is the best tool for meeting the container requirements of cloud-native applications. It is user-friendly, and upgrades are easy to perform, with documentation available on the official site. It can be deployed on-premises or in the cloud infrastructure. I think it is a good security tool for cloud infrastructure.

We started using Prisma Cloud around version 808.48. That is one of the console versions. Recently, they added some features in the newer version, so our dev team asked us to upgrade to the latest version to get those features. As the administrator, I am not aware of all the cases that Prisma Cloud provides, but I can see that it is easy to manage and has improved all the stakeholders' experience, especially for Docker image scanning. We started with a few teams using Prisma Cloud, but now many stakeholders are using it to scan their Docker images using Prisma CLI. With their request, we recently upgraded the console to the latest version to get the latest features. When we started, we only used basic monitoring, but later we started using it for pipelines to scan Docker images. Then, we added AWS accounts and Kubernetes clusters for monitoring. We deploy twistcli depending on the cluster, and it monitors in the console.

It provides good visibility and control regardless of how complex or distributed our cloud environments become.

Prisma Cloud has enabled us to integrate our security into CI/CD pipelines.

It allows us to add touchpoints to existing DevOps processes.

It also provides us with a single tool to protect all of our resources and applications.

Prisma Cloud provides risk clarity at runtime and across our entire pipeline.

Prisma Cloud has reduced runtime alerts and reduced our alert investigation times. We can remediate alerts within 20 minutes.  

twistcli CLIs are the best feature. They provide a twistcli for scanning Docker images. We have integrated a number of pipelines so that whenever any development is built, the image is scanned for vulnerabilities. Based on the vulnerability reports, the pipelines confirm whether the image needs to be rebuilt after fixing the vulnerabilities, and then build another version if necessary.

I have been using Prisma Cloud by Palo Alto Networks for almost four years.

The technical support team is good. They always help me resolve my tickets with minimal downtime.

Positive

The initial deployment was straightforward because of the well-written documentation that was available. I handled the deployment for the AWS cloud environment.

They have an excellent technical team with sound knowledge of the product.

I would rate Prisma Cloud by Palo Alto Networks a nine out of ten for its compatibility, easy upgrades, user-friendliness, and UI.

Regarding maintenance, we have deployed the application on a Kubernetes environment. We will have one EBS value for the console pod and one persistent volume for the application data. We are taking a snapshot of the PV because we can take a backup of the PV in the Prisma Cloud console UI, but this backup is stored on the same PV where the application is running. If the application crashes completely, we will not be able to restore the backup from the UI, and Prisma Cloud has suggested that we maintain a separate cluster for disaster recovery. However, this is too expensive for us. Therefore, we are taking a snapshot of the PV. If the application crashes, we can simply deploy the console on a new cluster and restore the data from the snapshot.