Overview

Prisma Cloud, developed by Palo Alto Networks, functions as a Cloud-Native Application Protection Platform (CNAPP) designed to secure applications across public cloud environments. It aims to provide comprehensive security from code development to runtime, encompassing various cloud services and deployment models, including containers, serverless functions, and virtual machines. The platform consolidates multiple security capabilities, such as Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP), and Cloud Infrastructure Entitlement Management (CIEM), into a single offering. This integration is intended to reduce complexity and provide a unified view of security risks across multi-cloud and hybrid environments, as detailed in the Prisma Cloud documentation.

Prisma Cloud is designed for organizations that operate in multi-cloud environments and require a consolidated approach to cloud security. It is applicable for security teams seeking to enforce compliance policies, identify misconfigurations, and protect cloud workloads. Developers can integrate Prisma Cloud into their workflows through Infrastructure as Code (IaC) scanning and API-driven automation, which supports embedding security checks early in the development lifecycle. This focus on developer integration is part of the platform's strategy to shift security left, enabling issues to be identified and remediated before deployment.

The platform's core offerings include Cloud Security Posture Management (CSPM), which continuously monitors cloud configurations for compliance deviations and misconfigurations across AWS, Azure, and Google Cloud. Cloud Workload Protection Platform (CWPP) secures hosts, containers, and serverless functions against vulnerabilities and runtime threats. Cloud Network Security (CNS) provides network visibility and threat prevention for cloud environments. Additionally, Cloud Infrastructure Entitlement Management (CIEM) helps manage and enforce least-privilege access, while Web Application and API Security (WAAS) protects web applications and APIs from common attacks, as outlined in the Prisma Cloud product overview. These combined features aim to provide an end-to-end security solution for cloud-native applications.

Key features

  • Cloud Security Posture Management (CSPM): Continuously monitors cloud configurations for compliance and misconfigurations across AWS, Azure, and Google Cloud, providing automated remediation capabilities.
  • Cloud Workload Protection Platform (CWPP): Secures hosts, containers, and serverless functions with vulnerability management, runtime protection, and compliance enforcement.
  • Cloud Network Security (CNS): Offers network visibility, microsegmentation, and threat prevention for cloud environments.
  • Cloud Infrastructure Entitlement Management (CIEM): Manages and enforces least-privilege access for human and machine identities across cloud environments to reduce the attack surface.
  • Secrets Management: Helps discover, manage, and secure secrets within cloud environments to prevent unauthorized access.
  • Web Application and API Security (WAAS): Protects web applications and APIs against OWASP Top 10 threats, bot attacks, and other common vulnerabilities.
  • Infrastructure as Code (IaC) Security: Scans Terraform, CloudFormation, and other IaC templates for security misconfigurations before deployment, integrating into CI/CD pipelines.
  • Compliance and Governance: Provides out-of-the-box compliance templates for standards like SOC 2, GDPR, HIPAA, PCI DSS, ISO 27001, and FedRAMP, with continuous monitoring and reporting.

Pricing

Prisma Cloud offers custom enterprise pricing, which is determined based on the specific services and scale required by an organization. A free trial is available for prospective users to evaluate the platform's capabilities. For detailed pricing information and to request a personalized quote, organizations are directed to contact Palo Alto Networks sales or visit the official Prisma Cloud pricing page.

Service Tier Description Pricing Model As of Date
Free Trial Access to core Prisma Cloud features for evaluation. Free for a limited period 2026-05-27
Enterprise Custom Comprehensive suite of CNAPP features, tailored to organizational needs. Includes CSPM, CWPP, CIEM, WAAS, etc. Custom quote based on usage, features, and scale 2026-05-27

Common integrations

  • Cloud Providers: Integrates with AWS, Azure, and Google Cloud for comprehensive security posture management and workload protection across multi-cloud environments. Prisma Cloud API overview.
  • CI/CD Pipelines: Supports integration into CI/CD pipelines using tools like Jenkins, GitLab CI, and GitHub Actions for Infrastructure as Code (IaC) scanning and vulnerability management. Prisma Cloud API documentation.
  • Security Information and Event Management (SIEM) Systems: Connects with SIEM solutions such as Splunk and IBM QRadar for centralized logging and security event correlation. Prisma Cloud API details.
  • Identity Providers: Integrates with identity management systems like Okta and Azure AD for single sign-on (SSO) and user authentication. Prisma Cloud API reference.
  • Container Orchestration: Provides security for containerized environments managed by Kubernetes and OpenShift, including vulnerability scanning and runtime protection. Rancher's perspective on CNAPP solutions.

Alternatives

  • CrowdStrike Falcon Cloud Security: Offers cloud security posture management, workload protection, and threat detection for multi-cloud environments.
  • Lacework: Provides a Polygraph Data Platform for cloud security and compliance, focusing on anomaly detection and behavioral analytics.
  • Wiz: Specializes in agentless cloud security, offering visibility into cloud environments, vulnerability management, and misconfiguration detection.

Getting started

To begin using Prisma Cloud, you typically start by integrating it with your cloud environments (AWS, Azure, Google Cloud) and then configuring policies for posture management and workload protection. The following Python example demonstrates how to use the Prisma Cloud API to retrieve a list of alerts.

import requests
import json

# Replace with your Prisma Cloud Console URL and API credentials
PRISMA_CLOUD_CONSOLE_URL = "https://api.prismacloud.io"
ACCESS_KEY_ID = "YOUR_ACCESS_KEY_ID"
SECRET_KEY = "YOUR_SECRET_KEY"

def get_access_token(access_key, secret_key):
    url = f"{PRISMA_CLOUD_CONSOLE_URL}/login"
    headers = {"Content-Type": "application/json"}
    payload = {
        "username": access_key,
        "password": secret_key
    }
    try:
        response = requests.post(url, headers=headers, data=json.dumps(payload))
        response.raise_for_status() # Raise an exception for HTTP errors
        return response.json()["token"]
    except requests.exceptions.RequestException as e:
        print(f"Error getting access token: {e}")
        return None

def get_alerts(token, limit=10):
    url = f"{PRISMA_CLOUD_CONSOLE_URL}/alert"
    headers = {
        "Content-Type": "application/json",
        "x-redlock-auth": token
    }
    params = {"limit": limit}
    try:
        response = requests.get(url, headers=headers, params=params)
        response.raise_for_status() # Raise an exception for HTTP errors
        return response.json()
    except requests.exceptions.RequestException as e:
        print(f"Error getting alerts: {e}")
        return None

if __name__ == "__main__":
    token = get_access_token(ACCESS_KEY_ID, SECRET_KEY)
    if token:
        print("Successfully obtained access token.")
        alerts = get_alerts(token, limit=5)
        if alerts:
            print(f"Retrieved {len(alerts)} alerts:")
            for alert in alerts:
                print(f"  Alert ID: {alert.get('id')}, Status: {alert.get('status')}, Policy: {alert.get('policyName')}")
        else:
            print("No alerts retrieved or an error occurred.")
    else:
        print("Failed to obtain access token. Please check your credentials and console URL.")

This Python script first authenticates with the Prisma Cloud API using an access key and secret key to obtain an authentication token. It then uses this token to fetch a list of security alerts. Before running, replace YOUR_ACCESS_KEY_ID and YOUR_SECRET_KEY with your actual Prisma Cloud API credentials, which can be generated within the Prisma Cloud console. This example demonstrates a fundamental interaction with the API for security operations, as described in the Prisma Cloud Admin API reference.