Sold by: Palo Alto NetworksÂ
Deployed on AWS
Vendor Insights
Prisma Cloud by Palo Alto Networks enhances security across your entire AWS environment for a proactive and unified defense against cloud risks.
Overview
Prisma Cloud secures your applications on AWS and helps you meet compliance with comprehensive and intelligent multicloud security across the entire development lifecycle, from Code to Cloud. Eliminate unnecessary alerts and prevent risk prior to deployment with secure code, sensitive data and AI application security, cloud posture and vulnerability management, and Palo Alto Networks runtime protections.
Transform your business, block risk and attacks, and modernize your security with Precision AI powered by Palo Alto Networks, including intelligence unified with context from Code to Cloud. For more information visit: https://www.paloaltonetworks.com/prisma/environments/awsÂ
Prisma Cloud is a StateRAMP authorized product.
Highlights
- Prevents risk in AWS infrastructure, finds and fixes open-source vulnerabilities and exposed secrets, and secures development pipelines.
- Enhances visibility and control over AWS resources, ensures compliance and least-privilege access, and prioritizes vulnerability management and remediation.
- Detects cloud threats in the runtime and traces attack paths to safeguard hosts, VMs, containers, Kubernetes, and serverless functions from advanced attacks and zero-days.
Details
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(3)
SOC2
FedRAMP
AWS Security Specialization
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Business_100 | 100 Prisma Cloud Business Edition credits | $9,000.00 |
Enterprise_100 | 100 Prisma Cloud Enterprise Edition credits | $18,000.00 |
Vendor refund policy
No refunds
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Support resources available through our Prisma Cloud LIVE Community
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Palo Alto Networks
By Aqua Security Software Inc.
By Fortinet Inc.
Top
10
In AIOps, Compliance and Auditing
Top
10
In Container Workloads
Top
25
In Cloud Governance
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Cloud Security Scanning
Comprehensive security scanning across cloud infrastructure, applications, and development pipelines
Vulnerability Management
Automated detection and remediation of open-source vulnerabilities and exposed secrets
Runtime Protection
Advanced threat detection for hosts, virtual machines, containers, Kubernetes, and serverless functions
Compliance Monitoring
Continuous compliance tracking with least-privilege access control and resource visibility
AI-Powered Security Intelligence
Precision AI-driven security analytics with contextual threat intelligence across development lifecycle
Cloud Native Security
Comprehensive protection for containers, serverless, Kubernetes, and AI workloads across multiple cloud environments
Runtime Protection Mechanism
Advanced threat detection and blocking of malicious activities in production cloud native environments
AI Workload Governance
Security controls for large language models and generative AI applications with policy enforcement and abuse detection
Lifecycle Security Integration
Embedded security across software development lifecycle from code creation to production deployment
Compliance Framework
FedRAMP High Authorized platform meeting rigorous enterprise security and compliance standards
Code Security
Integrated code security with Software Composition Analysis (SCA), Static Application Security Testing (SAST), and Infrastructure as Code (IaC) security with continuous runtime application behavior monitoring
Cloud Security Posture Management
Robust Cloud Service Posture Management (CSPM) and Kubernetes Security Posture Management (KSPM) with attack path analysis and visualization of interconnected infrastructure risks
Cloud Infrastructure Entitlement Management
Comprehensive visibility and assessment of AWS IAM users, groups, roles, policies, and machine entitlements with automatic discovery and excessive permission identification
Behavioral Analytics
Continuous monitoring of AWS workloads using advanced anomaly detection techniques with comparison of past and present states to identify unusual behaviors
Threat Correlation
Automated correlation of multiple security alerts into high-confidence composite alerts using behavioral analytics, anomaly detection, and threat intelligence from AWS CloudTrail and GuardDuty
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
-
-
-
No security profile
Standard contract
No
No
No
Customer reviews
4.3
38 ratings
38 AWS reviews
|
146 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
reviewer2776578
Image scanning has supported consistent security practices during cloud deployment
Reviewed on Nov 14, 2025
Review provided by PeerSpot
What is our primary use case?
We are already using Prisma Cloud by Palo Alto Networks and we're looking at using Red Hat. We have licenses for it as part of the Red Hat contract that we have.
We're looking to replace Prisma Cloud by Palo Alto Networks with Red Hat ACS in some use cases. We are a telecom company, and we've been a customer.
What is most valuable?
We cannot answer questions about facing other issues with Prisma Cloud by Palo Alto Networks. What we know is that we don't use all the capabilities.
We are mainly using the image scanning in the repository. Prisma Cloud by Palo Alto Networks can also be used at runtime to detect security issues, but we don't use that part. We use the workload image scanning for cloud computing, not the VM.
We are only looking at Red Hat at the moment, and the focus is on Red Hat because we have the licenses. Engineering is thinking it's easy to integrate because we use many Red Hat products.
The opportunity in our company is good because we are already using Red Hat at different stages of cloud computing.
We are using Red Hat's operating systems, cloud products, and container security. For the private cloud, we're using the full OpenShift, OpenStack , and Linux Red Hat everywhere. We are using Red Hat Enterprise Linux .
What needs improvement?
On a scale of ten, we would say people are happy with Prisma Cloud by Palo Alto Networks for the part we use. People are okay with it. We probably would give an eight.
We don't give ten because if we don't use the other parts of Prisma Cloud by Palo Alto Networks, it's because it was difficult to implement from an operational point of view.
We could have deployed the runtime monitoring with Prisma Cloud by Palo Alto Networks, but within our organization at our company, it was very difficult to find who would be the owner for the alerts.
People have other tools and in the end, we don't use the full capabilities of a product that we pay for. It's partially related to the difficulty to integrate Prisma Cloud by Palo Alto Networks runtime in our company's support process.
We don't use the real-time monitoring part of Prisma Cloud by Palo Alto Networks. We don't know about the automated remediation feature of Prisma Cloud by Palo Alto Networks.
For how long have I used the solution?
We don't know exactly how long we've been working with Prisma Cloud by Palo Alto Networks overall. We were not involved in the beginning, but it's probably something around three to four years.
What other advice do I have?
Based on our experience, we would recommend Prisma Cloud by Palo Alto Networks to others. We would not recommend it to any specific types of companies.
Our knowledge is limited on this topic, but we don't believe there are types of companies to exclude. Our overall review rating for Prisma Cloud by Palo Alto Networks is eight out of ten.
Mohammed Talib Khan
Supports threat detection and real-time monitoring while enabling custom security assessments
Reviewed on Nov 13, 2025
Review provided by PeerSpot
What is our primary use case?
Currently, we are using Prisma Cloud by Palo Alto Networks for CSPM, CWP, and application security. In CSPM, we check for cloud security posture and overall assets that we have. We verify whether we meet the compliance standards based on company compliance requirements.
In CWP, we deploy a defender on containers that we use to monitor vulnerability and compliance issues. We have also started doing runtime protection, which checks for any runtime security threats such as crypto mining or port scanning.
In application security, we perform Terraform scanning. We use containers with Prisma Cloud by Palo Alto Networks .
What is most valuable?
From the CSPM perspective, RQL in Prisma Cloud by Palo Alto Networks is a feature where we can conduct any kind of investigation and create our own custom policies. This is really helpful because in the cloud, there are millions of assets. With RQL, we can drill down to as fine a level as per our requirement.
For CWP, the runtime protection is the most valuable feature. Every tool does vulnerability monitoring through tools such as Qualys, but the additional feature we get here is runtime protection in CWP.
Prisma Cloud by Palo Alto Networks supports auto-remediation. Currently, it supports more than 100 policy auto-remediations, and we can even customize the auto-remediation policy.
From a security perspective in Prisma Cloud by Palo Alto Networks, if we integrate CI at the early stage, it gives all the vulnerability details so we can fix issues before going to production. The CI feature is helpful in application development from a security perspective.
Prisma Cloud by Palo Alto Networks is real-time in CWP. It fetches all the data within a second. For CSPM, it takes approximately 30 minutes to one hour to ingest the data. In CSPM, it scans the whole inventory on some time intervals. From my observations, it depends; sometimes five minutes, sometimes ten minutes, so approximately I consider it between 15 minutes to one hour.
What needs improvement?
There is a tool called PingSafe , which is a cloud security tool and a Sentinel tool. It also does monitoring of CSPM. There I saw one feature called dummy payloads, in which we trigger the dummy payload, so it exactly gives the exploitable resources. That might be a feature that would be helpful if Prisma Cloud by Palo Alto Networks also had some kind of that feature.
It might be possible because currently, I think Prisma Cloud is migrating to Codex Cloud. They are changing their platform from Prisma Cloud to Codex Cloud. There might be a chance that they will introduce all these new features in Codex Cloud. From next year, Prisma Cloud will be decommissioned and it will be called Codex Cloud.
For how long have I used the solution?
I have been working with Prisma Cloud by Palo Alto Networks for more than three years.
How are customer service and support?
Prisma Cloud by Palo Alto Networks has more support than other tools at this time. This helps Prisma Cloud by Palo Alto Networks capture the market overall. In terms of features and models, a tool can have some issues and bugs. To fix those issues and resolve queries, any tool requires a strong support system and background technical support. Prisma Cloud by Palo Alto Networks has a strong background technical support system. Anywhere we raise a tech case, they revert back within an hour. This helps them capture the market in terms of support.
For technical support in Prisma Cloud by Palo Alto Networks, I rate it a nine out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup for Prisma Cloud by Palo Alto Networks is a very simple feature. It depends on the different types of cloud environments, but it is simple.
What other advice do I have?
I am still working with Prisma Cloud by Palo Alto Networks. I will definitely recommend this tool to others. I give this review a rating of nine out of ten.
Nijat I.
Centralized Data and Analytics That Save Time
Reviewed on Nov 06, 2025
Review provided by G2
What do you like best about the product?
i like how Cortex Cloud centralizes all data and analytics in one platform. It makes monitoring performance and generating reports much faster and easier, saving me time and helping me make better decisions.
What do you dislike about the product?
The interface can feel a bit cluttered, and it takes time to find certain features. Some advanced analytics options are not very intuitive for first-time users.
What problems is the product solving and how is that benefiting you?
Cortex Cloud helps me consolidate data from multiple sources and track key metrics in real time. This solves the problem of manual reporting, saves time, allows me to make faster, more informed decisions for my projects.
Ravi S.
Efficient and Secure, But Configuration Can Be Complex
Reviewed on Nov 05, 2025
Review provided by G2
What do you like best about the product?
I appreciate Cortex Cloud because it gives a secure, centralized way to manage and scale workloads without the usual headaches of on‑premise infrastructure. Its streamlined interface and automation features save you time, while the built‑in compliance and security controls align with your focus on safety and proper protocols. I value how it integrates smoothly with existing systems, making troubleshooting and monitoring more efficient, so I can focus on solving problems rather than wrestling with tools.
What do you dislike about the product?
One drawback I found with Cortex Cloud is that it can feel overly complex at times navigating its layers of configuration and permissions isn’t always intuitive, which slows down troubleshooting.
What problems is the product solving and how is that benefiting you?
Cortex Cloud addresses the challenges of securing and managing today’s complex multi-cloud environments by bringing together visibility, compliance, and threat response within a single platform. It enables organizations to detect and prioritize risks such as misconfigurations, vulnerabilities, and suspicious activities in real time, while also automating remediation to minimize manual work. By consolidating alerts into context-rich cases, Cortex Cloud helps reduce incident response times, maintain continuous compliance with regulatory standards, and avoid the inefficiencies of managing multiple dashboards. Ultimately, it tackles the issues of fragmented monitoring, slow manual workflows, and increasing cyber threats, providing teams with a streamlined and scalable solution to safeguard their cloud workloads.
pratik b.
Blazing Fast Performance, But UI Needs Improvement
Reviewed on Nov 03, 2025
Review provided by G2
What do you like best about the product?
What I like best about Cortex Cloud is its unified and scalable platform for security operations. It integrates threat detection, investigation, and response in one place, which reduces complexity and improves efficiency. The automation and AI-driven analytics also help teams focus on high-priority incidents rather than repetitive tasks.
What do you dislike about the product?
While Cortex Cloud is a powerful and comprehensive platform, I’ve noticed that its learning curve can be quite steep, especially for teams new to its ecosystem. Some configurations and integrations require deep product knowledge, which can initially slow down adoption. However, once the platform is properly set up, its automation and analytics capabilities make the effort worthwhile.
What problems is the product solving and how is that benefiting you?
Cortex Cloud solves the major challenge of fragmented security operations by unifying detection, investigation, and response within a single cloud platform. It automates repetitive SOC tasks, correlates threat data across multiple sources, and accelerates incident resolution. For me, this means less manual analysis, fewer false positives, and faster response times — ultimately improving overall operational efficiency and security posture.