What do you like most about Prisma SaaS by Palo Alto Networks?
Thanks for sharing your thoughts with the community!
Prisma's most valuable feature would be its ability to identify bad or risky configurations.
To quarantine and clean a malware file provides a lot of security.
It has predefined or preconfigured rules, which are getting periodically updated. They are providing continuous improvements and periodically updating all search queries that they are looking for. That is one thing that helps us to stay vigilant and focused. If we query our AWS account for any breaches or vulnerabilities with any of the cloud tests, and it alerts us based on these predefined rules. It also provides an option to configure our own rules, and based on these rules, it can query the cloud trail logs, pull the information, and trigger alerts in real-time. I haven't explored this feature much because there are multiple accounts, and we don't have enough time to explore this feature.
It also provides multiple integrations. When vulnerabilities or breaches are happening, you should be aware of them immediately. It provides integration with tools such as Slack, PagerDuty so that you can get alerted as soon as the high severity stuff comes up. For example, you have a security group that has allowed public traffic on port 22. As TechOps, you should be aware of this immediately. You cannot scan each machine or look into all security groups to identify it. So, Prisma helps us and alerts us when this kind of high-priority stuff comes up.
It has different statistics, analytics, and graphs for data. The description of alerts is also pretty good. They describe what are the possible causes for this and what are the solutions. From Prisma Cloud, you can directly go to the AWS account. When you click on an alert, a resource, or a resource ID, it takes you to the AWS console where you need to log in. If you are already logged in, it will take you to that instance directly, and you can fix the issue there. I have found this feature very useful.
The remediation process is easy compared to other platforms.
Prisma SaaS is very easy to use; it's common sense — it's the best-in-class.
The performance is good.
Monitoring is the most valuable feature because we can easily monitor all kinds of stuff coming over the network. We can check the dashboard and work accordingly.
Its hands-off security and the fact that we don't have to maintain it are the most valuable features.
This solution provides a DLP on the cloud and very few people have a scanning device for data at rest.
Which is better and why?