Help Needed: Has anyone used Palo Alto Prisma to automate alert rules and remediation workflows at scale?"

Hi everyone,

I’m working on a project for a large enterprise environment (~7000 apps, multi-cloud) where we’re using Palo Alto Prisma Cloud to manage vulnerabilities and compliance. Really the core ask is a remediation operations solution, but the challenge is trying to use what we have already deployed so trying to find a way to build automation workflows to streamline vulnerability remediation and compliance management.

I've checked a bunch of the standard resources online and it vaguely feels like it's possible but I am stll not certain if Prisma Cloud supports the following functionality natively or if we’ll need to rely on custom scripts or external tools:

1. Can Prisma Cloud handle automation for remediation natively, like automatically fixing misconfigurations or compliance failures?
2. How does Prisma Cloud enable this automation—are there specific features, built-in workflows, or API-driven solutions? Hoping to avoid needing Cortex or some other tooling.

Context:
We’re designing a phased project where Phase 1 focuses on discovery and assessment of their current Prisma configuration, and Phase 2 involves building workflows, automating processes, and addressing gaps. The long-term plan might include evaluating additional tools like Seemplicity, Vulcan.io, or others, but for now, we want to maximize Prisma Cloud’s capabilities.

Questions:

• Has anyone implemented something similar in Prisma Cloud?
• Are the native features sufficient for this type of automation, or will we need heavy reliance on APIs, serverless functions, or external integrations?
• Any tips, examples, or pitfalls we should watch for when building out alert rules and automation?

Appreciate any insights from those who’ve done this before or are familiar with Prisma’s capabilities. Thanks in advance!