Prisma Cloud License Types
Table of Contents
Prisma Cloud Enterprise Edition
Expand all | Collapse all
-
- Prisma Cloud
- Prisma Cloud License Types
- Prisma Cloud—How it Works
- Get Prisma Cloud From the AWS Marketplace
- Get Prisma Cloud From the GCP Marketplace
- Access Prisma Cloud
- Prisma Cloud—First Look
- Prisma Cloud—Next Steps
- Enable Access to the Prisma Cloud Console
- Access the Prisma Cloud REST API
- Prisma Cloud FAQs
-
- Cloud Account Onboarding
-
- Onboard Your AWS Organization
- Onboard Your AWS Account
- Configure Audit Logs
- Configure Flow Logs
- Configure Data Security
- Configure DNS Logs
- Configure Findings
- Update an Onboarded AWS Organization
- Add AWS Member Accounts on Prisma Cloud
- Update an Onboarded AWS Account
- Update an Onboarded AWS Account to AWS Organization
- AWS APIs Ingested by Prisma Cloud
- Troubleshoot AWS Onboarding Errors
- Prisma Cloud on AWS China
- Manually Set Up Prisma Cloud Role for AWS Accounts
- Automate AWS Cloud Accounts Onboarding
-
- Connect your Azure Account
- Connect your Azure Tenant
- Connect an Azure Subscription
- Connect an Azure Active Directory Tenant
- Authorize Prisma Cloud to access Azure APIs
- Update Azure Application Permissions
- View and Edit a Connected Azure Account
- Troubleshoot Azure Account Onboarding
- Microsoft Azure API Ingestions and Required Permissions
-
- Prerequisites to Onboard GCP Organizations and Projects
- Onboard Your GCP Organization
- Onboard Your GCP Projects
- Flow Logs Compression on GCP
- Enable Flow Logs for GCP Organization
- Enable Flow Logs for GCP Project
- Update an Onboarded GCP Account
- Create a Service Account With a Custom Role
- GCP API Ingestions
- Cloud Service Provider Regions on Prisma Cloud
-
- Prisma Cloud Administrator Roles
- Create and Manage Account Groups on Prisma Cloud
- Create Prisma Cloud Roles
- Create Custom Prisma Cloud Roles
- Prisma Cloud Administrator Permissions
- Manage Roles in Prisma Cloud
- Add Administrative Users On Prisma Cloud
- Add Service Accounts On Prisma Cloud
- Create and Manage Access Keys
- Manage your Prisma Cloud Profile
-
- Get Started
- Set up ADFS SSO on Prisma Cloud
- Set up Azure AD SSO on Prisma Cloud
- Set up Google SSO on Prisma Cloud
- Set up Just-in-Time Provisioning on Google
- Set up Okta SSO on Prisma Cloud
- Set up Just-in-Time Provisioning on Okta
- Set up OneLogin SSO on Prisma Cloud
- Set up Just-in-Time Provisioning on OneLogin
- View and Forward Audit Logs
- Define Prisma Cloud Enterprise and Anomaly Settings
- Add a Resource List on Prisma Cloud
- Adoption Advisor
-
- Prisma Cloud Alerts and Notifications
- Trusted IP Addresses on Prisma Cloud
- Enable Prisma Cloud Alerts
- Create an Alert Rule for Run-Time Checks
- Configure Prisma Cloud to Automatically Remediate Alerts
- Send Prisma Cloud Alert Notifications to Third-Party Tools
- View and Respond to Prisma Cloud Alerts
- Suppress Alerts for Prisma Cloud Anomaly Policies
- Generate Reports on Prisma Cloud Alerts
- Alert Payload
- Prisma Cloud Alert Resolution Reasons
- Alert Notifications on State Change
- Create Views
-
- Prisma Cloud Integrations
- Integrate Prisma Cloud with Amazon GuardDuty
- Integrate Prisma Cloud with Amazon Inspector
- Integrate Prisma Cloud with Amazon S3
- Integrate Prisma Cloud with AWS Security Hub
- Integrate Prisma Cloud with Amazon SQS
- Integrate Prisma Cloud with Azure Service Bus Queue
- Integrate Prisma Cloud with Cortex XSOAR
- Integrate Prisma Cloud with Google Cloud Security Command Center (SCC)
- Integrate Prisma Cloud with Jira
- Integrate Prisma Cloud with Microsoft Teams
- Integrate Prisma Cloud with PagerDuty
- Integrate Prisma Cloud with Qualys
- Integrate Prisma Cloud with ServiceNow
- Integrate Prisma Cloud with Slack
- Integrate Prisma Cloud with Splunk
- Integrate Prisma Cloud with Tenable
- Integrate Prisma Cloud with Webhooks
- Prisma Cloud Integrations—Supported Capabilities
-
- What is Prisma Cloud IAM Security?
- Enable IAM Security
- Investigate IAM Incidents on Prisma Cloud
- Cloud Identity Inventory
- Create an IAM Policy
- Integrate Prisma Cloud with IdP Services
- Integrate Prisma Cloud with Okta
- Integrate Prisma Cloud with AWS IAM Identity Center
- Remediate Alerts for IAM Security
- Context Used to Calculate Effective Permissions
Prisma Cloud License Types
Prisma Cloud is available as a one-, two-, or three-year subscription in the following offerings:
- Prisma Cloud Compute Edition—Subscription includes workload protection for hosts, containers, and serverless deployments. This offers both an agentless and an agent-based approach to protect assets across the application lifecycle. Prisma Cloud Compute edition is a self-operated software solution that you deploy, manage, and update in your own environments—whether public, private, or hybrid clouds—including entirely air-gapped environments.
- Prisma Cloud Enterprise Edition—Subscription is a SaaS offering that comprises product modules providing distinct security capabilities. These product modules offer you the flexibility in where and how you secure your code and cloud environments.The options are:
- Standard—An a la carte option where you can select any combination of Prisma Cloud capabilities with a standard success plan. The Enterprise edition—delivered as a SaaS model—combines agentless, API- and agent-based approaches to deliver comprehensive host, container, serverless, IaaS, PaaS, WAAS, IAM security, network security, application security, and data security for supported environments. It is an add-on approach where you can pick and choose the security capabilities that are most important to your organization. The capabilities protect you from the most sophisticated threats with advanced machine learning capabilities, network security monitoring, user entity behavior analysis (UEBA) for detecting location- and activity-based anomalies, and integration with host vulnerability management tools.
- Cloud Security—Plans for the runtime security offerings are available with a combination of VM-based and developer-based metering. You can choose from the bundles for Cloud Security Foundations and Cloud Security Advanced, and you can take advantage of additional capabilities as add-ons.Cloud Security Foundations includes the core capabilities of Visibility, Compliance and Governance (VC&G), Threat Detection, Infrastructure as Code (IaC) Security, IAM Security, and Agentless Vulnerability Management.Cloud Security Advanced includes the core capabilities in the Foundations plan along with Host Security, Container Security, Serverless Security, and Web Applications and API Security.Both the Cloud Security Foundations and Advanced plans also include the option to subscribe to Data Security, Software Composition Analysis (SCA), and Secrets Scanning.
The SCA and Secrets Scanning modules have a developer-base metering plan. To take advantage of these modules you must switch from a resource-block based metering plan to a developer-based plan. You can make this switch from the
Settings > Application Security Configuration
page on the Prisma Cloud administrative console. After you switch, the new plan will calculate your credit usage based on the number of developers using the IaC Security, SCA, and Secrets Scanning modules.A Developer seat refers to an active Git committer, identified as such through their unique Git author email address. Anyone that made a contribution to a code repo protected by Prisma Cloud within the last 90 days can also be considered a Developer.
With the Enterprise Edition, you can optionally upgrade to a premium success plan that includes 24x7 access to customer success experts, custom workshops, implementation assistance, configuration and planning, and best practices guides.
Each of these offerings has a different capacity unit and unit price in Prisma Cloud Credits. The number of credits required to secure your assets can vary based on the offering and the size of your deployment. Refer to the Prisma Cloud Licensing and Editions Guide for details. Licensing is sold in increments of 100 credits and you estimate the number of units you need to monitor and protect.
License and Consumption Details
On the Prisma Cloud administrative console
Settings > Licensing
, you can easily view your active license plan, the average credit consumption trend, and details on how the average credits are being used by cloud type and each cloud account.Only resources that are active (or running) count towards Prisma Cloud credit usage. Non-active (or dormant) resources do not count towards credit usage.

The page is grouped in five sections:
- License Information—The complete details on the license type, the currently active license and support plan. It also includes information on your Prisma Cloud tenant, such as the serial number and tenant ID.
- Filters—The filters enable you to narrow the information in the consumption trend graph and the table. You can choose the time range, cloud type, cloud account and account group.The zip file download is available for the standard plan only. It provides a granular breakdown of assets that are consuming credits within a module.
- Consumption Trend Graph— The graph provides the overall view of your license consumption trends for the selected time period. Credit consumption is measured hourly and the hourly samples are averaged to create daily samples. The credit usage for a specified time range uses the appropriate hourly, daily or monthly average. If there is less than 30 days of data available, the average is calculated using the days available.You can review the average usage overlaid against the Prisma Cloud credits you have purchased and the actual credit usage trends. The usage trends can help you identify bursts in usage to meet short-term needs for your business and the steady usage as you accelerate or scale back in deploying assets in your cloud adoption journey.The average usage graph presents a daily average for up to a 6-month period, and monthly averages for 6 months to last 3-year term.
- Consumption Details Table—The tabular format provides you with the average credit usage for run-time assets and build-time assets that you are monitoring with Prisma Cloud. The Build Time view displays usage information only if you have activated the Application Security subscription.If you have environments where you have deployed Prisma Cloud Defenders either on-premises or on private or public cloud platforms that are not onboarded on Prisma Cloud, such as on OpenShift or on-prem Kubernetes clusters, these are grouped asOthercloud accounts. The row labeled Other displays the average credits used towards assets deployed on cloud environments that are not onboarded on Prisma Cloud.You can also download the data that you are viewing in the table in a CSV file format. For a time period of 180 days, you can download daily usage information. To hide/show columns and reset the default view, use the column picker above the table.
Behavior on License Expiry
Prisma Cloud licenses are valid for the period of time associated with the license purchase. After your Prisma Cloud license expires, your access to the Prisma Cloud administrative console is disabled until you renew the license.
If the license is not renewed within the first 90-days of your license expiration (“Grace Period”), your Prisma Cloud tenant is completely deleted. It may take up to 30 days after the Grace Period to permanently delete the data you provided and stored in the Prisma Cloud console and/or API, except in the case of the Cloud Application Security module, it will take up to 365 days from the last date of scan to permanently delete your data.
Credit Allocation
Prisma Cloud credits are used towards the features that you have subscribed and are using to monitor your cloud assets and environments. On the Credit Allocation page you can distribute credits to specific account groups and receive notifications when the credit usage exceeds a specific threshold, you can . After your set up these allocation rules, the page displays the list of rules and the current status of the purchased versus used credits.
- Select.SettingsLicensingCredit Allocation
- Add Credit Allocation Rule.Enter the details for the rule. ..Nameto identify the rule. .. Select theAccount Groupsfor which you want to monitor credit usage. .. Enter theTotal Credit Balance. This is the number of credits you want to allocate for the selected account groups. .. Enter a percentage value for theAverage Usage Threshold.+ When this threshold is met, say 75% of 1000 allocated credits, an alarm is generated. You can view this alarm in the Alarm Center, and also configure alarm notifications.
- Submityour changes.
- View the rules and credit usage violationsFor each rule, the following information is available for your review. You can select each rule to edit or delete it. Rule Name, Allocated Credits, Total Credit Usage, Average Credit Usage (%), Account Groups.