We use the Bridgecrew, IaC, and CSPM domains.
External reviews
151 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Provides good policies and violation alerts and is easy to use
What is our primary use case?
How has it helped my organization?
Prisma Cloud has given us a good approach to view our security loopholes. Container security has also helped us.
What is most valuable?
CSPM is very useful because it gives us good policies and violation alerts. The solution is very good for IaC too.
What needs improvement?
The reporting should be much more refined.
They need to improve the API gateway.
For how long have I used the solution?
I have been using Prisma Cloud for three years.
What do I think about the stability of the solution?
The stability is improving.
What do I think about the scalability of the solution?
The scalability is good. We can extend it to many cloud vendors.
How are customer service and support?
Palo Alto's support is good.
How would you rate customer service and support?
Positive
What other advice do I have?
The solution is good. It is easy to use, but Prisma keeps on releasing new features. So the console becomes a little bit typical. Auto-remediation is time-efficient.
The RSA conference is valuable to my organization. The conference has an impact on our organization's cybersecurity purchases sometimes. Overall, I would rate Prisma Cloud an eight out of ten.
Improves security posture, but it is challenging to integrate the solution with public cloud providers
What is our primary use case?
I use it for testing and visibility.
How has it helped my organization?
Palo Alto has helped our organization improve its security posture.
What is most valuable?
CSPM is the most valuable feature.
What needs improvement?
They should improve user experience. It is complicated to integrate the solution with the public cloud provider.
For how long have I used the solution?
I have been using the solution for two years.
What do I think about the stability of the solution?
I’m happy with the stability of the solution.
What do I think about the scalability of the solution?
The solution has strong scalability.
What was our ROI?
We have seen an ROI on the solution. We have full inventory visibility and a full security posture.
What's my experience with pricing, setup cost, and licensing?
The pricing of the solution is fair.
What other advice do I have?
I attend the RSA conference to close gaps. Attending the conference impacts our cybersecurity purchases because it helps us build a roadmap for future evolution. Overall, I rate the solution a seven out of ten.
Secures data and allows large volumes of data to be secured and exposed within a tight and well-founded community
What is our primary use case?
We were implementing and expanding a system that we had internally. We were creating a system called Midas, which was about keeping data safe. It was cloud-based. We wanted to keep data safe and provide an analytics environment on the cloud.
How has it helped my organization?
We now have a service offering that secures data and allows large volumes of data to be secured and exposed within a tight and well-founded community.
It helped to reduce downtime in our organization.
What is most valuable?
Its ease of integration is valuable because we need to get the solution out of the door quickly, so speed and ease matter.
What needs improvement?
The area for improvement is less about the product and more about the upsell. If we've already agreed that we'd like your product x, y, or z, don't try to add fries to my burger. I don't need it.
For how long have I used the solution?
The firm has been using it for about two years. My direct interaction with it was about a year ago.
What do I think about the stability of the solution?
I didn't notice any kind of instability, but there are foibles and little nuances.
How are customer service and support?
We are happy with it overall. I'd rate them an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We had a number of different solutions and still do.
How was the initial setup?
It was in-between in terms of complexity. We leveraged our Palo Alto friends to help us get over the humps, and they did a great job.
What about the implementation team?
We didn't take help from any third party. Palo Alto implemented it.
What was our ROI?
We have not seen an ROI in this case, but we didn't buy it for a return on investment.
Which other solutions did I evaluate?
We evaluated multiple solutions. They have a well-known product line in the industry, and we stopped and talked with them and picked them because of their capabilities and competencies.
In terms of providing a unified platform that natively integrates all security capabilities, I'm not expert enough to say that it supplies everything, but it's well-known. There are a number of different features and capabilities in their suite.
What other advice do I have?
To a colleague at another company who says, “We are just looking for the cheapest and fastest firewall," I would say that it's never the cheapest and the fastest. You always need to lay down what your needs are and then go after who has the right level of capabilities, competencies, and price point.
Palo Alto embeds machine learning in the core of the firewall to provide inline, real-time attack prevention. Every vendor needs to be considering how they're going to appropriately integrate both generative AI and machine learning. As we move forward, it's going to be table stakes.
In terms of the value I receive from attending an RSA Conference, I have two hats. I'm working for an organization. It's federally funded research and development. Attending an RSA Conference helps me keep a finger on the pulse of that, but I also am a security blogger, so I make sure that I'm keeping up to date. Talking to people is another important part of this conference. The one thing that's missing from the conference is that there's so much focus on reaction instead of protection up front and thinking about things up front, but it's a very valuable conference overall.
Overall, I'd rate them an eight out of ten. They are well known in this field, and they do have good products that are niche to what they're doing.
Comprehensive security across the board, but not perfect
What do you like best about the product?
* The automated threat detection works well
* All risk assessments are valuable
* Policy enforcement is well developed
* Identity monitoring is brilliant, we use it daily
* All risk assessments are valuable
* Policy enforcement is well developed
* Identity monitoring is brilliant, we use it daily
What do you dislike about the product?
* The setup process required some substantial hands-on time from dozens of my colleagues, including myself, and the implementation overall took much longer than expected.
* the visibility into system resources is lacking - the graph doesn't give us any value
* lots of manual processes for everything (CSPM, DSPM, not automated enough)
* Relatively high cost for larger organizations like ourselves
* the visibility into system resources is lacking - the graph doesn't give us any value
* lots of manual processes for everything (CSPM, DSPM, not automated enough)
* Relatively high cost for larger organizations like ourselves
What problems is the product solving and how is that benefiting you?
We solve many issues around cloud deployments, and the automated threat detection with the RT risk assessments is fantastic for us to identify issues quickly. It also helps us with compliance.
Prisma integrates well with existing systems
What do you like best about the product?
Prisma integrates well with existing systems and provides a good level of visibility and control over your cloud environment.
What do you dislike about the product?
The level of granularity and control is not always as high as users may need and some features might seem too basic for specific use cases. Additionally, the product may lack some key features.
What problems is the product solving and how is that benefiting you?
The product is designed to help organizations maintain visibility and control over their cloud environment, thus providing the assurance that the cloud infrastructure is configured and managed according to industry best practices and regulatory requirements
It helped our governance evolve, enabling us to build more policies and determine where we needed exceptions
What is our primary use case?
I was managing Prisma Cloud for a client. They were scanning container images for vulnerabilities and remediation.
How has it helped my organization?
Prisma Cloud is a terrific resource for preventing security concerns, from breaches to malware. They provide a compliance index, which is an excellent feature. Prisma Cloud provides visibility into and control over complex cloud environments. It could provide more awareness about the need to implement different types of benchmarks. Prisma helped our governance evolve. It enabled us to build more policies and determine where we needed exceptions.
We could use Prisma to integrate security into our client's CI/CD pipeline and add touchpoints to existing DevOps processes. However, the touchpoints weren't as seamless as we would've liked. It was a little tricky because they were moving to two different types of cloud accounts. They had to decide whether to use Prisma Cloud or another tool for those new cloud accounts. It's a difficult question because they were doing a lot of cleanup for PTS and moving to the more recent version of AKS. It depends on the strategy.
What is most valuable?
The client wasn't using all of the features, but the one that stood out was infrastructure-as-code (IaC). I built IaC use cases and was trying to get them to use it. I also liked cloud workload protection. I worked with the vulnerability management team to develop a process. It's a manual process, so it can be challenging to remediate many image or container issues. It was nice that we could build out a reporting process and download the reports. The reports are solid.
Prisma Cloud provides security across multi-cloud and hybrid environments. My client was migrating to Azure, but it's great for anyone with a hybrid environment. Prisma offers visibility to developers and high-level leadership because the dashboard is excellent and the alerts are comprehensive. You can understand it even if you don't know all the technical terms. For example, when I wanted them to use another feature that would've been beneficial, I could demonstrate it to them visually so they could understand.
The automation is a mixed bag. Sometimes you'll run into issues while mitigating various vulnerabilities, and it's still a manual process. You can automate with an API, but it depends on the corporate policies for containers. You have the option. However, it's still a struggle, but that's not necessarily due to Prisma Cloud. You have many workloads in the pipeline, and things are constantly being repaved. The containers are up and down, and the environment changes continuously, so many things are hard to automate. It's possible if you put the work into it.
Prisma can comprehensively protect a cloud-native development environment. You must also consider cloud security posture management. That's where infrastructure-as-code comes into play. You must ensure that you're utilizing the alert feature in the dashboard for the analytics. If you're not, then you need to integrate something else. The client wasn't using CSPM, but it was on the roadmap. They didn't because they're moving to an Azure environment.
What needs improvement?
Prisma is good about compliance, and their support is excellent, but they struggle with automation and integration. They need to stay on top of the newest types of connectors. How can you connect other applications and other tools in order for this to work cohesively? That's a challenge.
For how long have I used the solution?
I've been managing that solution for a year.
What do I think about the stability of the solution?
Prisma Cloud is solid.
What do I think about the scalability of the solution?
Prisma Cloud is highly scalable.
How are customer service and support?
I rate Palo Alto's support an eight out of ten.
How would you rate customer service and support?
Positive
What's my experience with pricing, setup cost, and licensing?
I don't think Prisma saved this organization any money, but it could have. They didn't know how to optimize Prisma Cloud. I was trying to help them do that, but they had other high-level projects that got in the way. They needed to consider their budgets and which Prisma features they wanted to use.
If they were to build out those use cases and map out anything involving governance and compliance, they would find that this tool could save them lots of money. If Prisma Cloud is optimized, it's an excellent tool that isn't as costly as some think. You need to invest time and effort to determine the number of cloud accounts you're connecting and how many containers you expect to stand up.
Once you're more aware of how to optimize Prisma, you can determine how many credits you need. It's all based on credits, which will be expensive if you purchase too many credits. This client bought more credits than they needed. I told them it was unnecessary because somebody in the DevOps team decided they were going to push everything to the dev environment needlessly. They crossed a threshold that didn't need to happen and panicked. A strategy to optimize costs will save you money.
What other advice do I have?
I rate Prisma Cloud a nine out of ten. Before implementing Prisma, research the different features and look at your current tools to identify the gaps. What is not meeting your compliance needs? What policies do you have, and how can Prisma align with the strategy?
Which deployment model are you using for this solution?
Public Cloud
Some solid tools in there, but never-ending deployment and frustrating user experience
What do you like best about the product?
There are some solid products hidden in there. For super specific use cases it can do a solid job (if you manage to complete deployment). They bought some solid startups.
What do you dislike about the product?
high cost, complex setup, lack of features and inadequate support. Prisma is composed of multiple technologies from different startups that were acquired and integrated together, this means the product has different interfaces, different policies, and different approachs. This makes it difficult for our team to have a consolidated view of the platform and can make it hard to navigate through the different modules.
What problems is the product solving and how is that benefiting you?
Prisma provides a centralized platform that allows IT teams to continuously monitor and assess the security of their cloud infrastructure, detect potential vulnerabilities, and respond to security incidents in real-time.
Prisma cloud for CSPM
What do you like best about the product?
If you are looking for a solid cloud security product with a good set of features, Prisma is a decent option.
What do you dislike about the product?
Prisma is a cloud security product that offers a lot of functionality on the surface, but upon deeper examination, it lacks depth in certain areas. The product has a wide range of features, but some are not as robust as they could be.
What problems is the product solving and how is that benefiting you?
Prisma is a product that helps organizations with solving the problem of Cloud Security Posture Management (CSPM), which is the process of monitoring and managing the security posture of your cloud environment
Prisma Cloud for AWS and GCP
What do you like best about the product?
If you're looking for a product with a lot of functionality and are willing to put in the time to learn it, Prisma could be a good fit. But if you prioritize a good user experience, you may want to look into other options.
What do you dislike about the product?
Prisma is a cloud security product that offers a lot of functionality but falls short in terms of user experience. The product has many features, but navigating through them can be confusing and overwhelming at times. Additionally, the user interface is not intuitive and could be improved.
What problems is the product solving and how is that benefiting you?
Prisma is a cloud security product that helps organizations to gain visibility into their cloud environments, detect potential threats and vulnerabilities, and ensure compliance with security best practices and regulatory requirements. It provides a centralized platform that allows IT teams to monitor cloud resources.
Prisma Cloud Review - CSPM
What do you like best about the product?
Prisma supports multi cloud enviornments and checks most of the security functionality needed for your organisation. We can choose to implement different components of the product, according to the current maturity of our platform. Out of the box functionality is basic but that works for us and provides us with compliance view.
What do you dislike about the product?
It does not feel like one product, Palo has acquired many startup companies and Prisma Cloud feels like a Frankenstein's mashup. The console and overall user experience is pretty bad you have to gain some prior knowledge before using the tool. It feels like a gen-one CSPM that tries to check additional checkboxes but in a shallow way.
What problems is the product solving and how is that benefiting you?
Secure our AWS and Azure cloud enviorenments, mainly used for CSPM and Container Security.
showing 151 - 160