We use the GlobalProtect module within Prisma Cloud to ensure the security of our mobile users.

Prisma Cloud provides security spanning for multi and hybrid cloud environments.

It includes automation capabilities that we can deploy if the environment is suitable.

Prisma Cloud has enabled us to migrate from multiple vendors, creating a more user-friendly experience for everyone.

Prisma Cloud enhances the security of our cloud-native development lifecycle from start to finish.

One of the advantages of Prisma Cloud's GlobalProtect module is that it provides a centralized tool for monitoring applications, user connections, and latency. Additionally, it allows us to track the percentage of availability.

Prisma Cloud saves the equivalent time of one full-time employee.

The most valuable aspect of Prisma Cloud compared to other VPNs is its security and performance.

In the GlobalProtect module, we can easily guide users experiencing connection issues through the notification column. Within that column, we can submit and escalate notifications on host entries for troubleshooting purposes. Additionally, we can troubleshoot by collecting direct logs during user data connections. On the security front, we have a wide range of SaaS-based items at our disposal. Using Prisma Cloud, we can send internet-based reminders about the option to create a VPN tunnel internally.

Palo Alto needs to add more support staff to improve their response time.

I have been using Prisma Cloud by Palo Alto Networks for two years.

I would rate the stability of Prisma Cloud ten out of ten.

I would rate the scalability of Prisma Cloud ten out of ten.

The support response time is slow, with resolutions sometimes taking up to two days.

Neutral

The initial deployment is straightforward. I have experience with two deployments. In my previous job, the deployment took six months to complete. Currently, we have 15 tenants to deploy and have successfully deployed ten within the first seven months.

The price for Prisma Cloud is reasonable.

I would rate Prisma Cloud by Palo Alto Networks eight out of ten. However, the delay in support time negatively impacts my overall assessment.

We have 90,000 accounts and have already migrated 50,000 users over to GlobalProtect.

Palo Alto does the maintenance.

I recommend Prisma Cloud to others, as long as the solution meets their requirements for cost, support, and number of locations.

I am a cloud security architect. I assess the cloud infrastructure for customers and help implement security control. I use Prisma Cloud for assessment. After we have the visibility, we deploy security controls, such as perimeter firewall control, proxy control, and endpoint security control.

We have purchased the enterprise license that provides all the capabilities such as CSPM, CWP, and DSPM.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments with Azure, GCP, and AWS clouds. It provides comprehensive security for all these CSPs.

By default, Prisma Cloud supports integration with ServiceNow and Remedy. There are a few more default integrations. Cortex is their own native solution, but in terms of overall automation, Prisma Cloud supports a lot of integrations. It is very helpful for organizations to be able to automate these daily tasks. Different organizations use different security tools. A few of them are directly integrated with Prisma Cloud and a few of them are not. However, most organizations use solutions like Remedy and ServiceNow, so these direct integrations are very helpful. They can save about 70% of the time.

Prisma Cloud provides comprehensive visibility into cloud-based resources. Most organizations are shifting their workloads from on-prem to the cloud. Nowadays, everyone is using the cloud infrastructure, and it is a very big challenge for every organization because, without a CNAPP solution, they do not have much visibility into their cloud resources. CNAPP solutions like Prisma Cloud provide visibility into any misconfigurations, threats, or anomalies. They are very good for code-to-cloud visibility.

Prisma Cloud provides code-to-cloud visibility for the application development cycle of an organization. Some organizations use SAST and some organizations use DAST. Prisma Cloud is a combination of both. You can integrate your GitHub or your IDE environment with Prisma Cloud. You can have a view of the vulnerabilities inside your IAC or application code. You also can integrate it with CI/CD. It is very comprehensive. Not many can leverage the complete benefit of Prisma Cloud. In my last organization, we only used it for runtime protection. We did not use it for CI/CD or code and build. In my current organization, we are using it end to end. It is a good tool. We have the complete capability. The first stage is code and build. The second stage is deployment, and the third stage is run time. It provides complete development life cycle protection.

The time to value is usually immediate. At times, the deployment can take some time, but as soon as the deployment is complete, you get the findings.

The visibility and control Prisma Cloud provides completely align with the customers' needs. At times, we have to create some custom policies. It is completely compatible with the needs of the customers.

It provides end-to-end visibility from development to deployment to production. It prevents the development teams from pushing vulnerable code to production. A lot of things can be prioritized and resolved before deployment. By fixing things beforehand, you save a lot of effort or workload later.

Prisma Cloud's findings help us to create policies. In our organization, the vulnerability reports go to the network team or cloud infrastructure team. They analyze the alerts and create organization-level policies. For example, if there is an instance that is using a public IP, based on that incident, they would create a policy at the org level so that in the future, no one assigns any public IP to an instance. It helps them to create better policies.

Different modules are valuable for different customers. We are leveraging CSPM. It is one of the best solutions for comprehensive visibility into cloud resource configurations and compliance. It has a lot of out-of-the-box policies, and the visibility that we are getting is impressive.

The DSPM module is valuable. This is the latest one that Palo Alto procured from Dig Security. No competitor provides this functionality in a single pane of glass. The support for Linux and container security is also very good. That is the beauty of Prisma Cloud. However, in terms of Windows security, Prisma Cloud is lacking because currently, there is no runtime protection available.

The UI is very good. We get all the things within a single UI. It is easy to use. A new user can easily understand it. It is very user-friendly.

It does not provide runtime security or protection for Windows Server. It is currently lacking in terms of Windows environment. They are integrating their Cortex solution with Prisma Cloud. Once they have a unified agent, I am sure that these challenges will go away.

DSPM is a bit limited in terms of data security and storage capabilities. It only supports a few databases or storage accounts. There is still a long list of services that they need to support.

I have been using Prisma Cloud for four years.

I would rate it an eight out of ten for stability.

It is working smoothly. There is no issue. Scalability also depends on the environment. It depends on how much credit you have purchased. If you go beyond that, they notify you. They will not allow you to onboard more accounts. It totally depends upon the credits that you have purchased, so scalability within the credit limit is good. It is 100%.

We have about 40 to 50 people using this solution.

Their support is average. It is not too good and not too bad. For about 50% of the cases, they have to reach out to their engineering team. The engineering team takes a couple of days or weeks to revert. They are usually unable to provide support without the involvement of the engineering team.

Neutral

I have worked with CrowdStrike's CNAPP solution and Aqua Security. Prisma Cloud is the best in my opinion. It is a market leader. 

Prisma Cloud has more than 100 compliances built in. It supports almost all the services inside the CSPs, whereas other CNAPP solutions only support a few of the services or most commonly used services such as compute, databases, or networks. Prisma Cloud supports maximum services from the CSP side and more than 100 compliances. It has the capability of RQL, so you can create custom queries and get the required data.

It is very easy if you have an understanding of the solution. If you are new to this field, you can face challenges during implementation. Without proper knowledge of the roles, IAMs, and infrastructure, you will face some challenges during the deployment.

I can deploy it within an hour, but before that, we have to fulfill some prerequisites. We have to create a role for Prisma Cloud. We have to create a service credential. Every organization has its own procedure. They might take a day or a week to create the required service credential and assign necessary permissions to that. Once we have all the prerequisites, within an hour, we can deploy it. After the deployment, it starts providing visibility. It takes approximately 24 hours.

Our environment is hybrid. We are using AWS, Azure, and GCP. We also have an on-prem environment for which we have deployed Defender for CWP capability. Prisma Cloud provides us with cloud-native security and visibility.

They are regularly implementing new features in Prisma Cloud. They are doing regular updates in the backend, and they keep us informed. Mostly, they are performing these kinds of activities at night so that there is minimal impact.

Maintenance-wise, there is not much. Everything runs smoothly. They take the feature requests and notify us when they implement those requests. They are regularly changing and updating it.

I do not have any metrics for cost savings, but it certainly helps with security and compliance. The visibility it provides helps to fix any vulnerabilities. A data or security breach can cost an organization a lot in terms of money and reputation.

Prisma Cloud provides visibility into vulnerabilities, but it is an organization's responsibility to fix those vulnerabilities. Prisma Cloud only provides visibility. It is only an assessment tool. The team has to fix those vulnerabilities. The time taken to fix the vulnerabilities varies because different teams work on it. 

I have not explored all CNAPP solutions. Overall, I would rate Prisma Cloud an eight out of ten.

We use Prisma Cloud's CSPM and container modules to secure our workloads across multiple cloud platforms, including GCP, Azure, and AWS.

Prisma Cloud provides spanning for multi-cloud environments. We are using GCP, AWS, and Azure.

Security automation is beneficial. By hosting applications and containers in the cloud, we can implement policies to automatically detect and shut down unauthorized network access attempts, simultaneously alerting us to the potential threat.

The security automation has saved us around ten percent of our time.

Prisma Cloud has significantly enhanced our cloud security posture. When deploying applications to the cloud, prioritizing robust security is essential, especially within the complex Kubernetes environment. Prisma Cloud's comprehensive toolbox enables us to design and implement robust security systems, including RBAC. This unified platform allows for proactive security measures and rapid response to attacks, eliminating the need for multiple third-party tools. Its consolidated approach to scanning, monitoring, and traffic control proved highly effective during our previous engagement.

I quickly recognized the value of Prisma Cloud after reading about the effectiveness of its CSPM module in securing enterprise environments.

The software development lifecycle was previously handled as a separate task. I was involved in the build process, where developers frequently introduced security vulnerabilities that went unnoticed until Prisma Cloud was integrated into the system. The recognition of Prisma Cloud's value in addressing container security issues on the cloud became apparent. There was no integration between the SDLC scanning, building, deploying, and running and deploying systems. However, a process was being developed to enable full end-to-end monitoring by the development and security teams, including the desktop team, to identify security issues before applications reached the cloud. Prisma Cloud continues to monitor for vulnerabilities and security breaches even after deployment to the cloud.

Prisma Cloud provides visibility and management, allowing us to understand and control our environment. When we identify potential issues, we notify our superiors, who can take further action, such as removing a container. Due to our limited privileges, our role is primarily to report anomalies. Prisma Cloud offers valuable insight into what's happening in our environment, not just in terms of visibility but also in terms of access control. It's a reliable tool that has proven helpful in our work.

Prisma Cloud reduces our costs by consolidating multiple third-party tools into a single platform, eliminating the need for separate contracts with various vendors.

Prisma Cloud significantly reduced runtime alerts.

Prisma Cloud's most valuable asset is its ability to provide detailed visibility into container activity. It offers insights into application networking, container behavior, potential issues, and immediate remediation suggestions.

The training documentation provided for the two-hour boot camps is notoriously poor and disorganized. It might be beneficial to restructure the documentation into a step-by-step format that is more straightforward for beginners to follow.

I have been using Prisma Cloud by Palo Alto Networks for one year.

Prisma Cloud is a stable solution.

Prisma Cloud is designed to be highly scalable due to its cloud-based architecture.

The technical support was good.

Neutral

Some aspects of the deployment were straightforward, while others presented challenges due to the complexity of engineering. The entire process took between one and two months to complete.

Prisma Cloud is a high-end enterprise solution, making it quite expensive. As I am based in Nigeria, I have limited knowledge of its usage here, as it appears to be more widely adopted in North America and Europe.

I would rate Prisma Cloud by Palo Alto Networks eight out of ten. It's a complex, dynamic world with countless security challenges arising daily, and Prisma Cloud is a valuable tool for addressing many of them. While not an omnipotent solution, Prisma Cloud effectively tackles numerous security issues. However, as the threat landscape evolves, we must continually reassess and adapt our security strategies. Despite these challenges, Prisma Cloud remains an excellent tool for now.

Prisma Cloud was deployed in around 15 locations.

I suggest conducting a proof of concept in the desired deployment location for Prisma Cloud. Given that cost is a primary concern, I recommend discussing the matter with a Prisma Cloud solution architect before proceeding to the next stage.

We use Prisma Cloud to check for vulnerabilities and handle integration with the Azure Cloud.

Prisma benefits the company by securing our infrastructure and monitoring the logs. We realized the benefits immediately. For example, our Windows Server went down the other day, and Prisma Cloud quickly caught it. 

It has helped us build confidence in our security and compliance. Prisma Cloud enables us to implement all these SOC 2 compliances and check the security. It provides visibility and control regardless of how complex our environment is. 

Prisma Cloud offers a single tool for checking all this information. It's saved us time and money, reducing the time we spend on these tasks by around 10 percent. It also decreased our runtime alerts by 10 percent. 

I like Prisma's identity and access management features. The AI event-driven model has helped us a lot.

The cloud integration is too complex. It should be simple to integrate Prisma Cloud with any cloud environment. Policy management could also be simpler. 

I have used Prisma Cloud for two years.

I rate Prisma Cloud 10 out of 10 for stability.

I rate Prisma Cloud nine out of 10 for scalability. 

I rate Palo Alto support seven out of 10. 

Neutral

We previously used FortiGate, FortiAnalyzer, and FortiCloud, but management decided to switch to Palo Alto. 

Deploying Prisma Cloud can be straightforward or complex, depending on the client. Previously, I worked for a managed service provider. We have multiple clients on the cloud, so it depends on the client's situation. We mostly work for large enterprises and some SMEs. It takes around a week to deploy by a team consisting of me and two or three managed service engineers. 

I rate Palo Alto Prisma Cloud eight out of 10. I would recommend it to large enterprises. 

We use Prisma Cloud for cloud security management. We use the CSPM and compute modules.

Prisma Cloud provides security spanning multi and hybrid cloud environments, which is moderately essential to our organization.

The security automation capabilities help remediate vulnerabilities, which correlate to cost savings.

After a few months, the benefits of Prisma Cloud became apparent. We have begun integrating the Prisma Cloud alert or inventory module into the computing environment. This is a positive development as it enhances tool interoperability and consolidates a significant amount of previously inaccessible data.

Prisma Cloud can secure 60 to 70 percent of the entire Cloud-native development life cycle.

Prisma Cloud provides the visibility and control we need regardless of how complex or distributed our cloud environment becomes. This improves our compliance posture.

Prisma Cloud provides 70 percent of coverage in a single tool to protect our cloud resources and applications.

It has helped save our organization around 20 percent, protecting our cloud resources and applications.

Prisma Cloud compliance monitoring helps us improve our overall compliance posture.

Prisma Cloud's most valuable features are its ability to detect vulnerabilities as they occur and its CSPM function, which provides a complete inventory of assets.

I like the scanning features provided by Prisma Cloud, including the image scan and source scan.

Prisma Cloud needs to improve its reporting. If they report a Go vulnerability and claim that Prisma Defender hasn't released a patch, it won't help us. However, if they report that Prisma Defender has released a patch, that is beneficial. Reporting the Go vulnerability within Defender is ineffective because I cannot directly fix a Go vulnerability.

The integration with other tools can be improved. It provides all the cloud details but is not entirely linked to the compute model.

There needs to be more transparent communication when they will have downtime.

I have been using Prisma Cloud for over two years.

I would rate the stability of Prisma Cloud nine out of ten.

I would rate the scalability of Prisma Cloud five out of ten because it is dependent on vendor resources rather than its own. For example, image scanning is entirely reliant on us.

The technical team requires a lot of information for every ticket we submit, and if there is ever an out-of-the-box issue, they don't respond to us or take a long time to respond.

Neutral

I previously used AWS tools and Tenable products, but we switched to Prisma Cloud because of its real-time vulnerability identification.

Initial deployment is straightforward and takes one to two hours when all required information is available. However, if complete requirements are missing, manual deployment of all agents is necessary, which is a significantly time-consuming process.

Prisma Cloud is affordable.

I would rate Prisma Cloud eight out of ten.

We have over 100 users.

Our environment is complex. Prisma Cloud is deployed across multiple locations using many tools.

Prisma Cloud requires a lot of maintenance for upgrades and Defender.

I would recommend Prisma Cloud to others. The scanning and runtime are one step ahead of the competition.

I primarily use the solution to uncover misconfiguration and for cloud code security. We can find gaps that hackers might access in order to steal data. It can trigger alerts and show you everything.

It's been helpful for managing multiple accounts. If we had to handle hundreds of accounts manually, it would take a lot of time. 

We've been able to mitigate issues and fix them before they become bigger problems. If the system detects any critical misconfiguration, we'll receive alerts. 

The risk control is very good. They have scanning that runs often and we can see the latest configurations and get alerts.

The solution offers very good configuration capabilities. It can show you how to resolve and remediate issues, and you can pull reports that will show you everything you need to know.

It provides security across multi- or hybrid-cloud environments. It can work with AWS, Azure, Google, Oracle, et cetera.

We have many projects within our organization, and we need protection from people trying to steal our information. We can see gaps from every corner of the cloud. Having a solution like this is important to our organization so that we have the capability to see and monitor everything from everywhere, which would be hard to do manually. 

We can take a preventative approach to cloud security. If anything is open to the public, we can find it and see it. That said, we are using other solutions also. Still, this product will alert you and engage you if there are any areas where information weaknesses filter up. It will guide you and show you how to fix the issues with configurations.

We might have witnessed some cost savings. If anything gets stolen, it would cost our company monetarily; however, that hasn't happened.

It does help us save time since we don't have to check every console ourselves manually. 

We've noted the benefits of the solution across the last five years.

The remediation data is already available in its logs. You don't have to Google fixes. It's already there on the platform.

We're using containers and Docker. Instead of using open-source, we can use our own code and cloud. We'll be able to know if there is a misconfiguration. For example, if there is an AWS-level misconfiguration, Prisma will help us discover this. 

We use a variety of tools, and we can use Prisma to handle various types of misconfiguration. It covers our entire cloud-native development life cycle.

It provides us with the visibility and control we need regardless of how complex or distributed our cloud environment becomes. It's very helpful. It mitigates 98% to 99% of mitigation issues. It's helped us maintain confidence in our compliance and security reporting. I'm able to see configuration changes. If something changes, I know.

It helps us reduce runtime alerts. You can log in and check each and every account via the portal quite easily. If I see an alert, I can quickly fix issues. Or I can go through each alert and find out which are important or not. It reduces the time we take to handle these tasks by 75%. We can focus on the alerts that have the most impact. It prioritizes alerts to critical, high, and low. 

The console is good and user-friendly. We can see the logs very easily. People without experience can also easily adopt the solution.

We only use the solution for misconfigurations. There may be other features that are lacking, however, we don't use the full scope of the product.

Technical support could use some improvement. 

I've been working with the solution for the last seven years.

The stability is very good. There is no issue. 

We only have two security people using the solution currently. We have it across multiple clouds and regions. 

We haven't had any issues scaling the solution. 

We've only used support if we've had issues around false positives. In those cases, we create a ticket.

Neutral

I also work with CrowdStrike. Both offer a lot of features. We've recently switched to CrowdStrike. 

The initial deployment is very easy. You can add it, for example, to your AWS account. You just need to configure it in Prisma Cloud. You may have to create a policy and allow access. After that, you'll be able to see the console. 

We had two people managing the setup process. The time it takes to deploy depends on how many accounts there are. If you only have one account, it's very easy and only takes one to two days. If you have 100+ accounts, you will need a few weeks. 

There is no maintenance needed from our end. 

We didn't use any consultants during the implementation. 

I don't manage the licensing aspect of the solution. 

We are not using application-level security here. At the application level, we're using other tools. We're also using other XDR and EDR tools. We're only using this product for misconfiguration.

I'd advise other users to try the solution. It's a product that offers many features. It's a good idea to go and look at the market and see which solution is the best. It depends on your environment and what you might need. 

I'd rate the solution eight out of ten.

Currently, we use Prisma Cloud by Palo Alto Networks in my company for our clients who operate in the finance and banking teams and want data, network security, and posture management for the cloud infrastructure.

The solution has improved our organization, and I believe that it is a continuous process to protect you in any environment. Prisma Cloud gives you an overview of what gaps are in their environment, but how they are going to be solved depends upon the client, especially the security gaps. Prisma Cloud by Palo Alto Networks gives 60 to 70 percent of the overview, which the client ignores in their infrastructures. The tool provides users with a better overview of what is going on in their infrastructure.

The most valuable features of the solution are areas like compliance and asset inventories, along with runtime protection.

The tool's UI is an area with certain shortcomings where improvements are required. With the cloud protection and UI, the tool should have the option to download the data for the vulnerabilities. One should have the option to download detailed data about vulnerabilities in the host. The tool should have a guide or a knowledge base document. The tool should specifically provide a guide about the solution's UI, which can be helpful for clients.

Sometimes, it does provide an error, or I can say that when we integrate our infrastructure cloud with Prisma Cloud, we face some issues. Most of the time, the integration issues are not due to Prisma Cloud but from the client side.

The tool's support team needs to improve.

I have been using Prisma Cloud by Palo Alto Networks for two years. My company has a partnership with Palo Alto Networks.

Stability-wise, I rate the solution a seven out of ten. I rate the stability at a seven, considering the time we needed to get the data from DSPM. Most of the time, when the client requires data, it is not available. At other times, it requires a lot of time to get the data. It also requires time to import data from the cloud as per our requirements.

It is a scalable solution. Scalability-wise, I rate the solution a nine out of ten.

My company's clients are medium and enterprise-sized businesses.

The solution's technical support team doesn't reply on time. There is a gap in communication. The solution's technical support team doesn't have enough engineers to handle the cases. The support team wants us to work as per their time, so it is not according to the clients’ needs and time. I rate the technical support a six out of ten.

Neutral

I got a chance to work with CrowdStrike and SharePoint, but I never got the project since the client did not give me a chance.

The product's initial setup phase is straightforward. For the deployment phase, we just need some minimal data from the cloud to be able to integrate with Prisma Cloud. Just in case of custom issues, there are some points where we faced some issues with the deployment, but it was basically from the client side as they had multiple policies deployed on AWS and Azure Cloud, making it a little difficult for Prisma Cloud to integrate. In general, it is easy to integrate anything on the Prisma Cloud.

For the product's deployment phase, one cloud admin from the client's end and one from my company's side, one person is required. Two to three people are required to take care of the deployment.

The solution can be deployed in a matter of days.

Though the company's clients have multiple tools, they were not able to integrate all of the cloud accounts in a single SIR tool, which is why we had to use Prisma Cloud by Palo Alto Networks to monitor all of our company's clients' cloud accounts.

The solution provides security scanning for multi and hybrid cloud environments, but it does not provide the details about the product that provides the security. Most of the time, it just provides an overview of the security gaps. In real life, I didn't see any of the scenarios where it is protecting our company's infrastructure. Clients are sometimes not ready to use runtime protection for the Prisma Cloud because they don't want to take any risks in the production environment.

The comprehensiveness of Prisma Cloud for protecting the full cloud-native environment involves network protection. The most important thing is network security, and the second is IAM security, which is important for the banking team. I see that the tool has a large number of containers. Deployment and pipeline security are the main areas for the banking sector. Our clients don't use much of Prisma Cloud by Palo Alto Networks because it contains complexity, and the UI is not user-friendly. There have been multiple cases of their client complaining about the UI. From the standpoint of the client, the tool is too complex.

Speaking about the tool's help that allows users to take a preventative approach to cloud security, I would say that based on the asset inventory, we check the details about the assets and the number of assets. Secondly, we go through the alerts, which consist of IAM and the network security rules. Following the severity, like critical, high, or medium, we first resolve those issues and take steps monthly. The alerts that are generated monthly should be resolved only in that month.

After the deployment, it took three to four months to notice the value derived from using the solution, from my point of view and experience.

The discovery is good. The discovery provides details about the assets and the data, along with the data inside the infrastructure and about the infrastructure. There are some issues because if only about the data, it does not give out any issues for the user and instead gives more information about the infrastructure and some within the infrastructure.

Palo Alto DSPM did not discover much data existing outside of our company's official IT systems.

The solution provides insights into the content that has been discovered, along with some detailed information.

I cannot reveal the type of insights into the content that the solution has provided because our client would not want our company to open up about such details.

The insights into the content have affected the data security operations since following the compliance provides and helps clients regulate their security. It also prevents data breaches. The data breaches open up whatever data can be opened, and it helps clients to determine what data they need to secure and how. Speaking about data security posture, our company's clients take steps to resolve any issues because they want to save their reputation, especially in scenarios involving hacking.

It took around two to three months to see the value derived from the use of the product.

The tool provides an automated discovery of new data assets as they get onboarded. It does take one to two days on an average basis to show all the data.

In terms of whether the solution provides a prioritized list of all the data security posture issues in our company's environment, I can say that as soon as the assets are discovered, Prisma Cloud starts scanning and does all of the data security scanning. It does not take much time, and it can be done in four to five hours. If it is a large-scale infrastructure, then it can take an average of eight to ten hours.

I have not used the solution's connectors for the SOC's DDR solution to help automate remediation since the plant where it is used did not integrate Prisma Cloud with the same tools they use, with one of the reasons being that Prisma Cloud overflows the alerts, and they did not want alerts to overflow with their production in an SIMP environment.

The solution provides visibility and control regardless of how complex or distributed the cloud environment becomes, but when it comes to getting the data from the UI shown to the upper management, things do become complex because the tool doesn't have many options to import or export data.

I cannot say that the solution has reduced all the alerts by prioritizing the ones that have the most impact on sensitive data. The alerts that were critical and high, have been resolved by the team, while also taking care of areas involving IAM and networks.

The prioritization of alerts in the tool has affected our company's operations, and from my point of view, right now, I am able to show my CIS and the upper management team what steps we have taken and how the issues that are there as per the alerts have been resolved based on the critical, medium and high severity basis. I can say that 60 percent of the issues have been resolved as per the alerts. It gives me the flexibility to provide details to the management team that we are on track to provide security to our infrastructure. It gives me the flexibility to provide data to management for some time. As the environment grows, it generates a lot of alerts, and it takes time to resolve all of them.

The solution does not require any maintenance, and one just needs to make sure that the tool is up to date.

Based on my experience, I would recommend Prisma Cloud because I have hands-on experience with the solution. The integration is easy. The tool provides visibility in the infrastructure and for the alerts about the security gaps, the tool provides precise details. Talking about the new app in the tool, I would say little improvements are required. The tool is quite informative for me, but from the client side, it does require some improvement.

If someone has a large infrastructure, I won't recommend Prisma Cloud to them. If they have medium and enterprise, then I will recommend Prisma Cloud to such people because it can handle and, as per the working out of the tool, it can change the details about the small-scale, medium-scale, and enterprise businesses, but not for the large scale enterprises.

I rate the tool an eight out of ten.

We currently leverage Prisma Cloud's Cloud Security Posture Management and Cloud Workload Protection Platform modules and plan to migrate to their full Cloud Native Application Protection Platform solution for a more holistic security approach.

Our security system uses three major CSPMs, ingesting logs and integrating them with a central CSPM page for visibility. We also incorporate identity and document management systems. Prisma Cloud's detection tool based on its policies provides initial alerts, with our SOC team focusing on the most relevant ones. We leverage a modified threat framework combining NTSF and MITRE to monitor key policy areas like malware, unauthorized access, phishing, data loss, and system failures. Within Prisma, we categorize policies based on our organization's priorities, using custom tags to identify them and create dashboards. Webhooks then send these alerts to our SIEM platform for further analysis.

Prisma Cloud offers security spanning across multi-cloud and hybrid cloud deployments, supporting industry leaders like Google Cloud Platform, Microsoft Azure, Amazon Web Services, Alibaba Cloud, and Oracle Cloud.

Prisma Cloud simplifies compliance with regulations, a crucial security aspect for large organizations, by providing full visibility into our cloud environments. This eliminates the time-consuming need to manually check configurations within each cloud service provider. With Prisma Cloud's single pane of glass view, everything can be done in one place, saving us an average of 15-20 percent of the time compared to the previous method of having a dedicated person manage each CSP individually.

Automation streamlines report delivery and notification generation. It can also integrate with various third-party services like Slack, Jira, Microsoft Teams, and Microsoft Sentinel, allowing for further automated notifications and actions within those platforms.

Our cloud visibility was limited before Prisma Cloud. Now, we have a good level of insight, not perfect, but significantly improved. We can monitor new deployments, configurations, and overall activity. This is crucial because most organizations, like ours, are increasingly cloud-based. Stricter regulations require compliance, and Prisma Cloud simplifies this. They offer pre-built compliance standards so we can easily generate reports, ensuring we meet our obligations.

While Prisma Cloud delivered as promised, realizing its full benefits in our large organization took several months. Due to the size and complexity of our internal communication and collaboration structures, it naturally took time for everyone to fully understand and adopt the platform's capabilities.

Prisma Cloud offers timely runtime alerts when properly configured. These alerts integrate well with our SIEM and are easy to understand. However, the majority stem from the CSPM module, as CWPP typically necessitates manual investigation for actionable insights. Prisma Cloud has reduced the runtime alerts by 20 percent.

Our initial Prisma Cloud deployment has already delivered a 5 percent cost saving, and we expect these savings to grow as we expand its use across our cloud environment.

Our primary focus right now is compliance. This means having clear visibility into our organization's security posture. Additionally, agentless scanning with Prisma Cloud is important for us. While we're also interested in the Cloud Workload Protection Platform, it's important to consider that our environment includes both containers and virtual machines. Overall, the most valuable features for us in Prisma Cloud are those that provide visibility, ensure compliance with regulations, and help us align our on-premises servers and cloud environments with mandated security standards.

Prisma Cloud stands out as a user-friendly and powerful CSPM solution thanks to its comprehensive capabilities, built-in features, and flexible tagging system. It simplifies cloud security by automatically connecting to numerous cloud service providers and pulling relevant information for our use, minimizing the need for manual configuration and troubleshooting.

Prisma Cloud's preventative approach to cloud security can be complex, especially for features like automated certificates. These require specific access permissions for Prisma Cloud, introducing dependencies and additional configuration steps.

While Prisma Cloud offers agent-based deployment for comprehensive visibility and control, agent dependencies and user resistance can create hurdles. Improved agentless scanning capabilities from Prisma Cloud would be ideal, but currently, agents remain necessary for optimal visibility.

Prisma Cloud is a powerful security platform, but like any similar tool, it won't eliminate the need for occasional manual interaction with our CSPs. While Prisma Cloud can handle many tasks, some actions might still require us to log directly into our CSP account.

The CSP logs could be improved by providing more visibility into the specific logs Prisma is feeding. Since CSP has multiple versions and Prisma might be receiving different logs than expected, it would be helpful to have a clearer indication of the log types or more detailed logs themselves. This would allow us to verify if we're receiving everything or missing something. While Prisma Cloud offers log searching, it requires queries to navigate the vast amount of data. Ideally, Prisma could integrate a simpler way to view the logs it's collecting without extensive searching.

Some module customization might be needed and certain features like adding custom labels are currently unavailable unless we have administrator access. This limitation can be frustrating and I would like to have this functionality included in Prisma Cloud.

I have been using Prisma Cloud for two years.

I would rate the stability of Prisma Cloud seven out of ten. Occasionally when we have an issue it can take some time to resolve.

I would rate the scalability of Prisma Cloud nine out of ten.

We have a dedicated account manager who provides support whenever needed. While they're always responsive, responses may occasionally take some time.

Positive

Despite being a cloud-based solution designed for easy deployment, Prisma Cloud's initial setup took a few months due to our team's workload on other projects. Fortunately, only two people were required for the actual deployment process, which itself is straightforward as long as the necessary network connectivity is established beforehand.

Prisma Cloud's licensing system functions as expected with a solid licensing infrastructure.

In our evaluation of Wiz and Aqua Cloud Security Platform, we investigated their capabilities to address detection rule limitations in Prisma Cloud CSPM. We were hoping to find alternative solutions offering broader rejection capabilities. However, both Wiz and Aqua require agents for in-depth details, similar to Prisma Cloud. While neither excelled in overall detection capabilities, Wiz impressed us with its integration of external alerts. Unlike Prisma Cloud, Wiz allows for easy visibility and filtering of alerts from AWS Guard Duty, a significant advantage.

I would rate Prisma Cloud by Palo Alto Networks eight out of ten.

Prisma Cloud offers built-in security automation for tasks like remediating misconfigurations. For instance, it can automatically adjust a non-compliant AWS configuration, but only if you grant the necessary permissions. While this is useful, a SOAR solution like XSOAR can provide a fuller approach to security automation.

Over 50 people in multiple departments within our organization USE.

Prisma Cloud required minor maintenance for platform updates and policy changes that need to be reviewed.

While many Cloud Security Posture Management tools offer similar features, consider your budget before choosing Prisma Cloud. Some CSPMs bundle all functionalities into one package, forcing you to pay for everything even if you don't need it. Prisma Cloud, on the other hand, allows you to purchase only the modules relevant to your organization's needs. Additionally, Palo Alto is a well-established vendor in the market.

I am in a services company. My company is also a partner of Palo Alto, so all the Palo Alto products have been tested, researched, and deployed at least three to four times by every engineer in my team.

It is being used for posture management. We have many users coming from many locations. All of them are having the same experience and all are secured. We used to use CASB which is a solution for authentication. This solution is in line with CASB. It helps to ensure that data protection is fine and all the data is coming properly. We can see whether there are any leakages or vulnerabilities. We can check all these aspects of security with this solution. All this is configurable. It is a web-based solution.

Our company is a vendor. If customers want, they can purchase solutions via us. We then take care of the physical box as well as the configuration. We manage the physical as well as the logical. In the case of Palo Alto, it is all logical. We can even code for a customer if the customer wants to upgrade their existing cloud setup, migrate to a cloud setup, or bring in a new setup. It is our bread and butter. We are one of the leading sellers of Palo Alto solutions.

Prisma Cloud helps reduce vulnerabilities. The number of vulnerabilities is less. If you have 1,200 vulnerabilities, after implementing Prisma Cloud, the number is drastically reduced to 500. That is one of the key advantages of using Prisma Cloud. You can see its benefits within a month.

Prisma Cloud helps to identify all the vulnerabilities in modern scenarios. For traditional scenarios, we have enough products, but a solution like Prisma Cloud helps to identify vulnerabilities in containerized environments and modern traffic scenarios. It helps with run-time security and east-west traffic.

Prisma Cloud helps secure the entire cloud-native development lifecycle, across build, deploy, and run. I would rate it an eight out of ten for this.

As an enterprise architect, I seek three capabilities from a solution. It should be preventative. It should be corrective, and it should be detective. Prisma Cloud is good in these aspects. I would rate it an eight out of ten for these capabilities.

Palo Alto DSPM's discovery and data classification processes are comprehensive. I would rate it an eight out of ten for comprehensiveness. For data security, we have a DLP solution. We have a separate solution. We never use Palo Alto for that.

Palo Alto DSPM provides us with insights into the content it has discovered. It also provides automated discovery of new data assets as they onboard and a prioritized list of all the data security posture issues in our environment.

The security provided by Prisma Cloud is important for our customers, especially for our banking and finance customers. We are a service company. We never use any of these products. I am a security architect. I am the one responsible for assessing and finding the right product and then deploying the product with the help of my engineering team.

Prisma Cloud definitely reduces complexity. We can see the issues or vulnerabilities that have been there for a while. We get good clarity on why they have been there and how to resolve them. Palo Alto is very good at this, and they make complex work quick and easy.

Prisma Cloud drastically reduces the number of vulnerabilities in the organization. There can be 60% to 70% reduction. It also depends on the industry again. For the web-based industry, where the company is providing solutions through the internet, such as share market or banking companies, it is very helpful. Production companies rarely use online solutions. 

With the reduction in vulnerabilities, the security cost automatically reduces. There is an indirect impact on an organization's cost.

It is user-friendly. It has a good look and feel and reporting structure. It provides a single pane of glass. These are the things that I like.

There should be some kind of automation, AI incorporation, and bot system. All these would add value. For example, AI should be able to detect all related viruses based on one virus. That will be a great invention. 

I have been using this solution for about five years.

It is stable. I would rate it an eight out of ten for stability.

It is scalable. I would rate it an eight out of ten for scalability.

Their support is very good. I would rate them a nine out of ten.

Positive

I have worked with Trend Micro Deep Security, Singularity, and Lacework. There is a new vendor called Orca Security. They are phenomenal. They can even beat Palo Alto.

Prisma Cloud is better in terms of cost, GUI, and look and feel. There is a single pane of glass and very good reporting.

Its deployment is straightforward for me. It is deployed across multiple geographies and departments. We mainly work with enterprises.

We have some stringent processes for getting the system to a perfect stage and ensuring that it is running properly. It takes at least a month. We do all sorts of testing, and then based on our test outcome, we configure everything in the right way. After that, we consider the data shown in the report as official.

Prisma Cloud is one of the top solutions in the market. When customers ask for alternatives, I recommend Trend Micro Deep Security, Singularity, Lacework, and Orca to them. I provide them with a detailed comparison, and then customers make the decision. I help customers with architecture design, decision-making, vulnerability assessment, and penetration testing. I also help them compare vulnerabilities before and after implementing a solution.

There were some cases where we struggled with some customer requests such as related to zero trust. We were struggling to configure that. They thought that this product also supported zero trust. We then had to tell them to buy the Prisma Cloud CNAAP solution. In many cases, we also moved them from DSPM to CNAAP.

As a security professional, I would not suggest automated remediation. That is because we need to see that automatic remediation does not impact anything else. We have a team. We register all the vulnerabilities and threats, and then at the backend, we do the testing to ensure that remediation or automated remediation will not create any other problems. As soon as we get that assurance, only then we do the fix. This is a requirement from the customer side, especially from the banking and finance organizations. Because everything is crucial, we do not configure automatic resolution for any of the issues.

Overall, I would rate Prisma Cloud an eight out of ten.

Our enterprise customers tend to use it for compliance. 

A big drive towards Prisma Cloud came during COVID-19 when many organizations were moving away from traditional VPNs. There was a drive to facilitate people working from home, and traditional VPNs were not the right solution for large customers who had a huge amount of staff working from home. Prisma Cloud offered multiple solutions that facilitated the ability to work securely from anywhere. That was one of the big things, and that continues to be a big thing today.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments. That is what its big strength is.

It is one of the most comprehensive solutions available. If you compare it with the likes of Netskope and Skyhigh, Prisma Cloud is fairly similar in terms of features and depths of features. Automation capability is built in. It has got extensive logging. Automation is there, but it is not extensive. You can combine it with other tools like XO. The integration capability is already strong. That itself makes it a good contender.

Prisma Cloud takes away a lot of manual work for our clients. It has reduced costs by not having to work with pre-COVID-19 traditional networking scenarios. It has given them the ability to have staff working securely from anywhere on the globe. I do not have the metrics for cost savings, but all customers who bought the solution from us say that it has reduced their costs. Over the last three years, we have not had a customer who has not renewed, and it is based on the reduced costs.

As long as it is set up correctly and it is integrated correctly with the SOAR and the SIEM components, it provides very good visibility. It is a very good enterprise solution. No one toolset or platform can protect every single cloud resource, but it can cover a lot of cloud resources.

They claim to secure the entire cloud-native development lifecycle, across build, deploy, and run, but I am not 100% sure. It probably can do 80% of the job.

Visibility is a key feature. Integration with other technologies across the board, whether they are Palo Alto technologies, Windows technologies, or cloud technologies, is probably the biggest thing.

They can improve the integrations into the SDLC lifecycle.

Their support is good. I would rate the Palo Alto technical team an 8 out of 10.

Positive

It is not easy, and it has to be well-planned. You need good skills to deploy any of these tools, but that is the same for many solutions. These platforms are complex, and it is important to understand exactly what outcome you want when you are deploying any tool like this. 

The deployment duration depends on the size of the environment. It can take anywhere from two weeks to four or five months depending on the size of the environment and the complexity of the environment. Some customers have a very simple setup in Azure only or in AWS only. It is very quick to deploy. Other customers have complex hardware environments where they are in the process of migrating to the cloud. Those implementations typically take much longer. It depends on how many global offices they have.

It is an expensive tool. It is not cheap technology. It is a serious investment for any customer. Customers typically buy it together with services. In my experience, customers buying Prisma Cloud are prepared to pay for the implementation and the tool itself.

Overall, I would rate Prisma Cloud an 8 out of 10.