We just raised a $30M Series A: Read our story

Bridgecrew OverviewUNIXBusinessApplication

Bridgecrew is the #12 ranked solution in our list of Cloud Workload Security Solutions. It is most often compared to Prisma Cloud by Palo Alto Networks: Bridgecrew vs Prisma Cloud by Palo Alto Networks

What is Bridgecrew?

Bridgecrew is transforming the way teams secure their cloud infrastructure by bridging the gap between run-time cloud security posture and build-time infrastructure code security. Learn how to automate and codify your infrastructure security from commit to cloud with Bridgecrew.

Buyer's Guide

Download the Cloud Workload Security Buyer's Guide including reviews and more. Updated: September 2021

Bridgecrew Customers
Rapyd, BetterHelp, Brex, People.ai, Globality
Bridgecrew Video

Bridgecrew Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
TP
Founder/ CEO
Real User
Top 5Leaderboard
Easy to use with good technical support and strong brand recognition

Pros and Cons

  • "New users don't have too many problems with the product. They have a lot of training documentation around it."
  • "The biggest issue that I see companies run into is that they immediately think that, "Oh, this solution will be right, simply due to the name." But that's the same issue Splunk runs into. People will immediately jump to Splunk being the best SIEM tool, just because they're the largest. When in reality, QRadar, LogRhythm, and all these other ones are performing similar functions and would actually fit better in some people's environments. Therefore, it's important a company does its homework and does not assume one size fits all."

What is our primary use case?

A lot of the companies that we work with specifically have already had a foundation with Palo Alto, whether they've bought the on-premises solutions or are looking at the cloud side. However, Palo Alto is one of those names that hold a lot of weight in the industry, and they can't really put out a bad product. Being a Palo Alto engineer and having that title specifically has become its own job rec that a lot of companies just are standardizing. 

A lot of the clients that we interact with are not doing full-fledged SOCs. Most of them have less than 50 people dedicated to their security team. They're relying on third-party consultants to kind of come in and come up with the logic behind it. That's what we typically do from my side. We come up with the logic and then we will recommend someone to actually put the logic in place. The company may hire someone. We're more on the architecture side, however, finding an engineer for a Palo Alto solution is a lot easier than finding one for Carbon Black, for example, even though it is a huge company.

What is most valuable?

The brand behind the product is quite useful. The solutions that are coming out, granted out of the box, typically work a lot better than SIEM tools.

A lot of the problems you have with vendors are if they're new to the game in terms of developing software or hardware or firmware or anything along with that. For example, their support typically is lacking. CrowdStrike has run into that problem. However, with any Palo Alto product that they put out, they typically have a very extensive amount of documentation behind it. Their technical account management team is almost unrivaled. The only others I've interacted with that I would put above them would be Microsoft or Fortinet. You just have amazing support behind the product      

We have a lot of government contracts, and what is once about the product is that they've thought of processes and features at an enterprise level, as opposed to Microsoft Azure Firewall which is not really ideal for large, established companies. They've kind of released a base product as opposed to a fully-fledged one.

New users don't have too many problems with the product. They have a lot of training documentation around it.

Technical support is extremely helpful.

The stability is good.

It's my understanding that the solution can scale. 

What needs improvement?

Any solution would have its pros and cons, however, for the most part, it would come down to specific environments. For those considering purchasing the thing that I would try to avoid is buying it just for its name. I know people do that specifically, however, if you are going in thinking  "Hey, I've got some random environment, let me just go and buy this solution and it will work perfectly" you will be disappointed. The solutions themselves have to be architected or actually designed in there as opposed to just placed.

The biggest issue that I see companies run into is that they immediately think that, "Oh, this solution will be right, simply due to the name." But that's the same issue Splunk runs into. People will immediately jump to Splunk being the best SIEM tool, just because they're the largest. When in reality, QRadar, LogRhythm, and all these other ones are performing similar functions and would actually fit better in some people's environments. Therefore, it's important a company does its homework and does not assume one size fits all. Everyone needs to make sure that this actually works in the environment before just purchasing it.

For how long have I used the solution?

We've been dealing with the solution for three years or so at this point. I couldn't tell when the first client that we had was it or the last one. Palo Alto is pretty common out there, especially with a lot of the larger enterprise clients.

What do I think about the stability of the solution?

I haven't had any issues with stability and I haven't heard anyone say anything about them being bad. Before the Palo Alto acquisition, BridgeCrew had a reputation of them not being the best, however, since having that additional support from Palo Alto, I haven't heard of any issues.

What do I think about the scalability of the solution?

I haven't run into any problems with scaling. I've never really come in and actually had to scale a ton, however. From personal experience, I wouldn't be able to comment. That said, I haven't heard anyone complain either.

How are customer service and technical support?

The support is great. They are very helpful and give above and beyond. Companies just need to leverage them.

How was the initial setup?

I have not run into any problems with deploying any of their firewalls or any other security products. For the most part, they're really well-documented either with open-source intelligence or official documentation. 

We had a client just the other day that was deploying their PA-800 series, which is just a firewall. They have less than a thousand users and Palo Alto gave a dedicated engineer to them as well as a technical account manager that was able to walk them through the first 90 days of ownership. The support is certainly there. A lot of the time, from what I know, people just don't use that support.

What's my experience with pricing, setup cost, and licensing?

I'm not privy to a lot of the pricing information. From what I've seen, smaller companies are able to purchase them without blowing their budget out of the water. With Splunk conversation or even Azure Sentinel, a lot of smaller companies are not able to leverage those tools properly as the cost is insane. If these companies with less than a thousand employees are able to purchase them and use them effectively, then I don't see cost being a huge problem for other companies. I could be wrong there, I'm not a CFO or anything.

What other advice do I have?

I'm not necessarily technical. I'm more on the consulting side of what policies they have and what they should have. I can't go into super details, beyond knowing, for example, if Ping or Port 22 or Port 443 be blocked on VSAT, should this load balancer be in this method, or should this actually sit in relation to X, et cetera. We'd primarily interact with those types of tasks.

Typically, we work with clients that have up-to-date versions. 99% of the time we won't interact with clients that don't keep their systems up to date. This is due to the fact that if you're not updating then there's no point in even calling in a consultant, as that lack of updating likely is your number one problem.

I would advise those considering the solution to certainly leverage all of the access with Palo Alto, in terms of setting up with the technical account management teams and ensuring that what you have in mind for the product is actually going to be what happens.

I don't really like automated security solutions. I would probably give it, in terms of effectiveness in securing an organization by itself, out of the box, a six out of ten. With the proper configurations and design behind it, you could probably get that to an eight. With any solution. if you're just looking at them to just come out of the box and work it's going to be a rating of five or six. After you put the time into making sure that it's built around your environment, you could get them to an eight or nine, within six to eight months. Therefore, for me, I'd rate the product at an eight out of ten overall.

BridgeCrew is marketed as an all-in-one DevOps security platform. However, there may be standards put into place such as the CIS standard or NIST, et cetera, and companies may follow those. Yet, I've never met a company that's followed that 100% unless their compliance requires them. I'd advise companies to make sure that whatever rule sets you have in place or whatever design or standard that you have at your company, that is properly configured within the product itself. That's the drawback to XDRs in general. If you have a rule that is only looking at a standardized NIST framework and table 20% of it, then you can only expect it to work at 80% effectiveness. That's where you have to go in there and add those additional data points.

Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Flag as inappropriate
Product Categories
Cloud Workload Security
Buyer's Guide
Download our free Cloud Workload Security Report and find out what your peers are saying about Palo Alto Networks, Threat Stack, Lacework, and more!