We are mainly using Prisma Cloud for Cloud Security Posture Management (CSPM) and for following the compliance standards as per the industry. Another use case is to get the runtime workload protection.

We are using the WAAS, CWP, application security, and CSPM modules. We are not using the DSPM module because it is not available for the India tenant.

All the features provided by Prisma Cloud are quite helpful for the BFSI sector and other sectors. It protects our overall infrastructure and detects any attacks or threats in real-time scenarios. It can also block any suspicious processes or things from the Internet, so it is quite helpful for the organization.

We are working for an organization with a multi-cloud environment. We have deployed Prisma Cloud in their infrastructure with AWS, Azure, and GCP. We are able to monitor all the tools and all the assets as per the compliance standards. We have deployed Defender on all the environments. We have integrated Defender with an embedded kind of application. We have been able to work with the client as per their specific requirements.

Compliance monitoring is very important for the banking sector. With Prisma Cloud, we can see the compliance status. It shows us how we are following the rules of a particular industry. It helps organizations match the industry level and ensure that their data is secure and they are following the guidelines of their particular industry.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments. It is very important to create a secure infrastructure. Prisma Cloud has the ability to protect a multi-cloud environment with AWS, GCP, Azure, Oracle as well as Alibaba Cloud. It plays a very crucial role in the security of an organization.

For security automation capabilities, we have some integrations. We have initialized application security before deploying the infrastructure over different environments, such as prod and pre-prod environments. Every open point should be closed. If we are creating our infrastructure through any automation code, there should be no cloud security posture management alert. We have also integrated Prisma Defender at the same time with the app-embedded format to protect our workload.

Prisma Cloud has features to detect anomalies, attack paths, and escalation privileges as well. It detects the root cause and lets us know the things in our infrastructure that can lead to the attack. We remediate them and secure our infrastructure.

Prisma Cloud saves a lot of time. It provides a consolidated dashboard for our infrastructure. We have multiple accounts, and on a single page, we can see the types of issues and the resources impacted. From there, we can directly go to the cloud, and we can take action on that. It saves time. We can close an alert in minimal time. It saves about 60% of the time which also has financial benefits. There are more than 50% cost savings.

We are more aware of things. If something suspicious is happening, we can track it and take action on that. Also, if any critical issue or vulnerability is reported that can impact our infrastructure, we can take recommended action from there. It helps us to detect the root cause. If there is any data leakage or server compromises, we can get the details and investigate things in detail. We get the API call as well. We get to know which endpoints are not set or how we can secure them. We can secure the endpoints. It helps us to reduce any attacks. We are using a lot of things from Prisma Cloud.

We could realize its benefits within one week of its implementation. Before we started with the actual implementation, we had done a PoC. It took us one week to observe and understand the flow and how it can help our organization.

Prisma Cloud covers all the stages such as build, deployment, runtime, etc. It has the capability to detect, protect, and escalate at all of these stages. At the build stage, we can initiate scanning for application security. It has the capability to scan the images at runtime. It also has features to block things in real-time scenarios. It has all the features. We have already adopted all the features of Prisma Cloud.

We trust Prisma Cloud and follow all the recommended actions. If there is any module that we have not yet adopted, we do a PoC and adopt that as well. As security engineers, we have to secure our infrastructure and assets in real time. Most of the competitors are providing CSPM, but only Prisma Cloud has the features to detect and block things in real-time scenarios. That is why we believe in Prisma Cloud.

Prisma Cloud provides a single tool to protect all of our cloud resources and applications, without having to manage and reconcile disparate security and compliance reports.

Prisma Cloud provides near to real-time alerts for our cloud infrastructure. At run time, when our Defender is running, it instantly gives the impacted process in a particular environment. So far, we have reduced more than 40% runtime alerts.

We have pre-production, production, prod, and UAT accounts. We can take action on the basis of severity and close any vulnerabilities.

The CWP module, runtime protection, and WAAS API are valuable.

For Prisma Cloud, I have already raised some requests, which are in progress. I am hoping they will be implemented soon. One of the requests is that Prisma Defender for the ECS solution is only supported for Linux. It does not support Windows.

For a runtime incident, it only has the option to archive. After validating the incident, the team members should have the option to add some comments and then archive. We should be able to add comments saying, "It is a false positive." or "This is the action we have taken." We have requested a few more improvements. The Palo Alto team is working on them.

I have been using Prisma Cloud for more than one and a half years.

It is a stable solution. We can trust it and rely on it. I would rate it a ten out of ten for stability.

I would rate it a nine out of ten for scalability.

In our organization, more than 60 users are using this solution. We have some team members working on AWS. We have some team members working on networking and we have some team members working on creating the infrastructure.

We are using the enterprise version, and we are getting the required support. If we find something suspicious, we can raise a ticket with the support team. They are working on priority, and they are following their timeline as well. They are working properly based on the severity and agreed timeline. There is no recommendation for any kind of change.

They are quite helpful, and they are aware of the things. If something is beyond their understanding, they reach out to their internal engineering team, and they are able to help us. They are very nice.

Positive

I have used multiple security vendors. Every vendor has its specific use case. Every tool has some kind of limitation. Overall, we found Prisma Cloud to be better. It has features like template scanning, runtime scanning, and runtime blocking. Endpoint blocking is also there in Prisma Cloud. 

Other products do not have all the features. Some products have only the CSPM feature. Some products have only vulnerabilities and scanning features. Some products only have API endpoint discovery features. Prisma Cloud has all the features integrated or consolidated into one platform. As a single platform, we are getting all the things. Prisma Cloud gives a consolidated report in a single platform. This is why we chose it.

Its deployment is very straightforward. The time taken for its deployment can vary depending on whether it is a migration or a new deployment. Overall, it takes a maximum of one week.

It is fairly priced. However, its price can be better so that small banks or small organizations can afford it and adopt it to secure their environment and data.

I would recommend Prisma Cloud if you are looking for security, real-time protection, and real-time API discovery. If a client needs such a solution, we recommend implementing Prisma Cloud.

Overall, I would rate Prisma Cloud a nine out of ten.

We use the GlobalProtect module within Prisma Cloud to ensure the security of our mobile users.

Prisma Cloud provides security spanning for multi and hybrid cloud environments.

It includes automation capabilities that we can deploy if the environment is suitable.

Prisma Cloud has enabled us to migrate from multiple vendors, creating a more user-friendly experience for everyone.

Prisma Cloud enhances the security of our cloud-native development lifecycle from start to finish.

One of the advantages of Prisma Cloud's GlobalProtect module is that it provides a centralized tool for monitoring applications, user connections, and latency. Additionally, it allows us to track the percentage of availability.

Prisma Cloud saves the equivalent time of one full-time employee.

The most valuable aspect of Prisma Cloud compared to other VPNs is its security and performance.

In the GlobalProtect module, we can easily guide users experiencing connection issues through the notification column. Within that column, we can submit and escalate notifications on host entries for troubleshooting purposes. Additionally, we can troubleshoot by collecting direct logs during user data connections. On the security front, we have a wide range of SaaS-based items at our disposal. Using Prisma Cloud, we can send internet-based reminders about the option to create a VPN tunnel internally.

Palo Alto needs to add more support staff to improve their response time.

I have been using Prisma Cloud by Palo Alto Networks for two years.

I would rate the stability of Prisma Cloud ten out of ten.

I would rate the scalability of Prisma Cloud ten out of ten.

The support response time is slow, with resolutions sometimes taking up to two days.

Neutral

The initial deployment is straightforward. I have experience with two deployments. In my previous job, the deployment took six months to complete. Currently, we have 15 tenants to deploy and have successfully deployed ten within the first seven months.

The price for Prisma Cloud is reasonable.

I would rate Prisma Cloud by Palo Alto Networks eight out of ten. However, the delay in support time negatively impacts my overall assessment.

We have 90,000 accounts and have already migrated 50,000 users over to GlobalProtect.

Palo Alto does the maintenance.

I recommend Prisma Cloud to others, as long as the solution meets their requirements for cost, support, and number of locations.

I am a cloud security architect. I assess the cloud infrastructure for customers and help implement security control. I use Prisma Cloud for assessment. After we have the visibility, we deploy security controls, such as perimeter firewall control, proxy control, and endpoint security control.

We have purchased the enterprise license that provides all the capabilities such as CSPM, CWP, and DSPM.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments with Azure, GCP, and AWS clouds. It provides comprehensive security for all these CSPs.

By default, Prisma Cloud supports integration with ServiceNow and Remedy. There are a few more default integrations. Cortex is their own native solution, but in terms of overall automation, Prisma Cloud supports a lot of integrations. It is very helpful for organizations to be able to automate these daily tasks. Different organizations use different security tools. A few of them are directly integrated with Prisma Cloud and a few of them are not. However, most organizations use solutions like Remedy and ServiceNow, so these direct integrations are very helpful. They can save about 70% of the time.

Prisma Cloud provides comprehensive visibility into cloud-based resources. Most organizations are shifting their workloads from on-prem to the cloud. Nowadays, everyone is using the cloud infrastructure, and it is a very big challenge for every organization because, without a CNAPP solution, they do not have much visibility into their cloud resources. CNAPP solutions like Prisma Cloud provide visibility into any misconfigurations, threats, or anomalies. They are very good for code-to-cloud visibility.

Prisma Cloud provides code-to-cloud visibility for the application development cycle of an organization. Some organizations use SAST and some organizations use DAST. Prisma Cloud is a combination of both. You can integrate your GitHub or your IDE environment with Prisma Cloud. You can have a view of the vulnerabilities inside your IAC or application code. You also can integrate it with CI/CD. It is very comprehensive. Not many can leverage the complete benefit of Prisma Cloud. In my last organization, we only used it for runtime protection. We did not use it for CI/CD or code and build. In my current organization, we are using it end to end. It is a good tool. We have the complete capability. The first stage is code and build. The second stage is deployment, and the third stage is run time. It provides complete development life cycle protection.

The time to value is usually immediate. At times, the deployment can take some time, but as soon as the deployment is complete, you get the findings.

The visibility and control Prisma Cloud provides completely align with the customers' needs. At times, we have to create some custom policies. It is completely compatible with the needs of the customers.

It provides end-to-end visibility from development to deployment to production. It prevents the development teams from pushing vulnerable code to production. A lot of things can be prioritized and resolved before deployment. By fixing things beforehand, you save a lot of effort or workload later.

Prisma Cloud's findings help us to create policies. In our organization, the vulnerability reports go to the network team or cloud infrastructure team. They analyze the alerts and create organization-level policies. For example, if there is an instance that is using a public IP, based on that incident, they would create a policy at the org level so that in the future, no one assigns any public IP to an instance. It helps them to create better policies.

Different modules are valuable for different customers. We are leveraging CSPM. It is one of the best solutions for comprehensive visibility into cloud resource configurations and compliance. It has a lot of out-of-the-box policies, and the visibility that we are getting is impressive.

The DSPM module is valuable. This is the latest one that Palo Alto procured from Dig Security. No competitor provides this functionality in a single pane of glass. The support for Linux and container security is also very good. That is the beauty of Prisma Cloud. However, in terms of Windows security, Prisma Cloud is lacking because currently, there is no runtime protection available.

The UI is very good. We get all the things within a single UI. It is easy to use. A new user can easily understand it. It is very user-friendly.

It does not provide runtime security or protection for Windows Server. It is currently lacking in terms of Windows environment. They are integrating their Cortex solution with Prisma Cloud. Once they have a unified agent, I am sure that these challenges will go away.

DSPM is a bit limited in terms of data security and storage capabilities. It only supports a few databases or storage accounts. There is still a long list of services that they need to support.

I have been using Prisma Cloud for four years.

I would rate it an eight out of ten for stability.

It is working smoothly. There is no issue. Scalability also depends on the environment. It depends on how much credit you have purchased. If you go beyond that, they notify you. They will not allow you to onboard more accounts. It totally depends upon the credits that you have purchased, so scalability within the credit limit is good. It is 100%.

We have about 40 to 50 people using this solution.

Their support is average. It is not too good and not too bad. For about 50% of the cases, they have to reach out to their engineering team. The engineering team takes a couple of days or weeks to revert. They are usually unable to provide support without the involvement of the engineering team.

Neutral

I have worked with CrowdStrike's CNAPP solution and Aqua Security. Prisma Cloud is the best in my opinion. It is a market leader. 

Prisma Cloud has more than 100 compliances built in. It supports almost all the services inside the CSPs, whereas other CNAPP solutions only support a few of the services or most commonly used services such as compute, databases, or networks. Prisma Cloud supports maximum services from the CSP side and more than 100 compliances. It has the capability of RQL, so you can create custom queries and get the required data.

It is very easy if you have an understanding of the solution. If you are new to this field, you can face challenges during implementation. Without proper knowledge of the roles, IAMs, and infrastructure, you will face some challenges during the deployment.

I can deploy it within an hour, but before that, we have to fulfill some prerequisites. We have to create a role for Prisma Cloud. We have to create a service credential. Every organization has its own procedure. They might take a day or a week to create the required service credential and assign necessary permissions to that. Once we have all the prerequisites, within an hour, we can deploy it. After the deployment, it starts providing visibility. It takes approximately 24 hours.

Our environment is hybrid. We are using AWS, Azure, and GCP. We also have an on-prem environment for which we have deployed Defender for CWP capability. Prisma Cloud provides us with cloud-native security and visibility.

They are regularly implementing new features in Prisma Cloud. They are doing regular updates in the backend, and they keep us informed. Mostly, they are performing these kinds of activities at night so that there is minimal impact.

Maintenance-wise, there is not much. Everything runs smoothly. They take the feature requests and notify us when they implement those requests. They are regularly changing and updating it.

I do not have any metrics for cost savings, but it certainly helps with security and compliance. The visibility it provides helps to fix any vulnerabilities. A data or security breach can cost an organization a lot in terms of money and reputation.

Prisma Cloud provides visibility into vulnerabilities, but it is an organization's responsibility to fix those vulnerabilities. Prisma Cloud only provides visibility. It is only an assessment tool. The team has to fix those vulnerabilities. The time taken to fix the vulnerabilities varies because different teams work on it. 

I have not explored all CNAPP solutions. Overall, I would rate Prisma Cloud an eight out of ten.

We're using the solution for container monitoring in one project and workload security in another. We've installed the agents on the servers to monitor for threats.

We haven't had an issue with the product for over a year. 

Its threat-hunting capabilities are very good. Security is a major thing for us.

We're using it in a banking setup and are using it only on a private cloud. 

The security automation is very useful.

Compared to AWS, the cost management is very low. The automation ensures we have limited tasks to do. In other security tools that I am using, there is no automation option at all.

We can integrate it very easily.

It's very easy to remotely connect. We can do that within fractions of a second.

We are getting a lot of visibility and control.

We've been able to reduce runtime alerts with Prisma Cloud.

We'd like to have more tools for threat hunting.

Sometimes, on the Azure side, there are issues. Some errors aren't being found on Prisma Cloud.

I've used Prisma Cloud for my past two projects. I've used it for one and a half years. 

We haven't had issues with downtime.

The solution is scalable. 

We've contacted support during some deployments on Windows servers in order to open ports. We had issues when we opened some ports and had no connection. Sometimes, their responses were slow or late.

Positive

The solution was very easy to deploy and integrate. We had a three-member team working on the setup. We only have ten to 20 servers. 

There is no maintenance needed after deployment.

The pricing can be a bit costly. However, it has low cost management.

We're a customer.

I'd rate the solution nine out of ten.

I am using Prisma Cloud CSPM. It is a business as well as an enterprise license. We have the licenses for data security and host security for particular tenants. We have IAM, Code to Cloud, CI/CD pipelines, and scanning of code. These models are activated.

We are getting alerts and vulnerabilities for cloud asset misconfiguration and identity access management. We are using Prisma Cloud to find out these vulnerabilities and remediate them manually and automatically.

We have a multi-cloud environment. We have on boarded multiple client clouds. The data is on the AWS, Azure, Oracle, and Google clouds. All the organization-level accounts or individual accounts are onboarded into Prisma Cloud. Instead of using cloud-native CSPM solutions such as Security Hub for AWS, Security Command Center for GCP, and Microsoft Defender for Azure, we have integrated all cloud accounts with Prisma Cloud. So, centrally, we can manage and monitor all the vulnerabilities, misconfigurations, and cloud environments. We have all the logs. It may be the audit log. It may be the virtual network log, network flow log, firewall log, or any cloud trail log.

We can monitor all the cloud assets and cloud resources. For example, if a user has wildcard permission or is a power user but only requires read-only access, Prisma Cloud lets us know. It recommends the access that needs to be given to the user. We can create custom policies according to the customer usage over the last 90 days.

If some users and service accounts have access keys that are not rotated in 90 days, Prisma Cloud alerts us that a key has expired or not rotated in 90 days. We then manually rotate the keys and update them in the cloud environment. Prisma Cloud provides best practices for insider threats and external security exposure.

If a VM or S3 bucket is publicly exposed, Prisma Cloud alerts us about it. It also suggests a way to fix the issue. It provides remediation and also provides information about the severity. The recommendations are given based on best practices and ISO standards, and we can then remediate those alerts.

Prisma Cloud provides security spanning multi- and hybrid-cloud environments. They are also launching Prisma for MSPs. It is in progress and not yet officially launched. That will help with the next-generation cloud security.

Prisma Cloud continuously scans the cloud assets we have, such as virtual machines, S3 buckets, IAM configurations, CloudTrail logs, and VPC flow logs. It continuously scans and generates alerts. There is also a feature for the outbound integration with Splunk, Teams, or Slack so that you can get alerts in these solutions.

The remediation team takes action on generated alerts. The recommendations that it gives speed up the remediation. We can remediate issues or threats before they spread in the cloud environment.

It has a lot of features. It has different modules for application security, cloud security, DSP, etc. There are different versions. Prisma Cloud provides overall network security, application data security, and customer data security. If a customer has a Palo Alto firewall installed on their on-premise data centers, its logs can be integrated into Prisma Cloud. From the cloud infrastructure perspective and the network infrastructure perspective, Prisma Cloud helps to improve the overall security posture. It is very helpful.

Because of Prisma Cloud, we have reduced asset misconfiguration within the asset inventory. We have also reduced the risk and improved governance and compliance. We get proper alerts and recommendations to improve the security posture. It also helps from the application security perspective.

Its benefits can be realized very quickly. Once a cloud account or a cloud environment is integrated with Prisma Cloud, it takes seven to eight hours for Prisma Cloud to scan it. After the logs are ingested into Prisma Cloud, it assesses misconfigurations and generates alerts.

From the operations perspective, it is good. The console availability is there. They notify us about any upgrades and maintenance. For any data or logs being ingested, it creates alerts and provides the recommendation.

It categorizes the risks based on their severity. We are confident about our security and compliance postures. We can create our own compliance rules or follow the compliance standards applicable to an industry such as HIPAA, SOC2, etc. It is a good feature.

It is comprehensive. It can scan all cloud assets. It can scan Docker images, so image scanning is there. Infrastructure As Code scanning is there. Agent-based scanning is there. Container security is there. We can scan these and find out the vulnerabilities. Prisma Cloud supports application security and container security.

It reduces the remediation time. The critical alerts that we get also provide the remediation steps. We can remediate an issue in five to ten minutes.

They have data security posture management. We can apply the data loss prevention policies to S3 buckets or the data assets we have in the cloud. It is a good tool for securing our sensitive information.

Prisma Cloud is more cost-effective than cloud-native tools. We can remediate the multi-cloud environment and improve the overall cloud security through this single tool. As compared to the other solutions, Prisma Cloud is good. There is runtime protection, container security, and other things for multi-cloud environments.

With the query language, we can analyze logs and find out which IPs are malicious. It also provides a graphical representation. It provides the overall visibility and how the traffic is flowing. We can see where the malicious IP is and whether it is an insider threat or an outsider threat.

We also have the reports tab. We can easily capture reports for the last month and the type of vulnerabilities and alerts we are having.

From the compliance and governance perspective, we can create custom policies or custom compliance and governance rules as per various industries or compliance standards, such as HIPAA, PCI DSS, and NIST. From the compliance and governance perspective, we can track the cloud environment. It is a good feature.

Some of the clients onboard individual cloud accounts into Prisma Cloud. When any new service comes into the AWS, Azure, or any other cloud, Prisma Cloud generates a warning about the new service and any missing permissions to be able to ingest the logs. We then manually run a Terraform template for Azure or a CFT template for AWS. It is a manual task that we have to do as and when needed. It is a repetitive and manual task. They should find a way to automatically update the role with the CFT or Terraform template. It would be best if this task is automated. When an account is onboarded, if it is missing any permission, it should automatically be updated with the required permissions and policies.

If they can do something from the AI security perspective, it will be helpful. I am not sure if it has any AI capabilities, but it would be helpful to have AI integration for finding out issues and remediating alerts.

I have been working with Prisma Cloud for the last three years.

It is stable. The cloud environment is dynamic, so the tool must be dynamic. We have not had any issues with it.

It is scalable. It scales up properly.

Currently, we have multiple locations. We have about 20 companies with multiple cloud accounts. It is a multi-cloud environment.

The support from the Palo Alto team needs to be improved. Sometimes, we do not get an immediate response. It does not happen regularly, but more interactive support is required for Prisma Cloud.

Neutral

I worked with Wiz in my previous company. Wiz's GUI was better than Prisma Cloud. They provide remediation and recommend which policy needs to be created and how we can create the policy. From the GUI perspective, I like Wiz, but Prisma Cloud is improving. 

Wiz was also better from a cost perspective. I am not sure about the current price, but at the time, the client went to Wiz from a cost perspective. However, for runtime protection and continuous security, Prisma Cloud is good. Wiz did not provide these features.

It is tenant-based. If you have a multi-tenant environment, it is complex.

In terms of the implementation strategy, a customer requests us to onboard an account to Prisma Cloud, and we check with the customer what exactly they want. We first enable VPC Flow Logs and CloudWatch Logs in the AWS environment. We create a tenant with the help of the Palo Alto Networks team. After the tenant is built, we onboard the particular cloud account into Prisma Cloud. The alert rules, user access, and policies are created. This is the way we implement this solution.

It is not difficult to maintain. Only the cleanup process is there. If a user leaves the organization, we need to manually remove the access for the user, so the cleanup process is there. Apart from that, there is no maintenance. When a license expires, we need to renew those licenses.

From a deployment perspective, currently, we have three to four people, depending on the task. If a customer has a multi-regional cloud environment or a multi-cloud environment, it requires more time. Generally, four to five people in coordination with the Palo Alto team can handle those tasks.

The ROI is good from the security perspective for the multi-cloud environment. It is cost-effective. To secure the cloud environment, Prisma Cloud costs less than the cloud service provider's solution. The monthly cost of Security Hub for AWS or Security Command Center for GCP is more than Prisma Cloud. Prisma Cloud is a better solution in my opinion.

Its licensing cost depends on the type of license such as the business license or the enterprise license. The enterprise license is costlier than the business license, but we get more visibility and more modules. 

If you have a multi-cloud environment and subscribe to each cloud's native CSPM tool, it is costly. If you are using a single tool like Prisma Cloud, with a single license, you can monitor all environments, such as Google Cloud, Azure, AWS, and Oracle Cloud. The cost of Prisma Cloud is less than the cost of subscribing to the CSPM tool of each cloud provider. This is where Prisma Cloud can save costs.

If you are looking for cloud security posture management, application security, and container security, Prisma is the one. It is the best solution to track and monitor all the security postures for your cloud environment and the application and code environment. I would recommend using Prisma and its various flavors.

I would rate Prisma Cloud a nine out of ten for its capability.