We use Dome9 to control our AWS security groups, evaluate and map security group traffic, and conduct compliance checks of our cloud environment regularly.
Director, Information Security & Service Transformation at a insurance company with 1,001-5,000 employees
Continues to be a major piece of our cloud security architecture
Pros and Cons
- "Dome9 continues to be a major piece of our cloud security architecture and has given our senior leadership team a high degree of confidence in our ability to protect our cloud environment."
- "We have more visibility than ever before, appreciating the valuable and proactive insight that we receive from the platform."
- "The Compliance engine has helped put our auditors and senior executives at ease, as we can quickly and accurately measure ourselves against hundreds of compliance checks to include CIS benchmarks, PCI, and other best practices."
- "I would like to see tighter integration with other compliance tools, like Chef Compliance, in addition to Inspector."
What is our primary use case?
How has it helped my organization?
Dome9 continues to be a major piece of our cloud security architecture and has given our senior leadership team a high degree of confidence in our ability to protect our cloud environment. We have more visibility than ever before, appreciating the valuable and proactive insight that we receive from the platform.
What is most valuable?
Clarity and Compliance have become two of our favorite features. Clarity allows us to visually depict our security groups and effective policy for both our current environment and can do predictive visualization based on cloud formation templates. The Compliance engine has helped put our auditors and senior executives at ease, as we can quickly and accurately measure ourselves against hundreds of compliance checks to include CIS benchmarks, PCI, and other best practices.
What needs improvement?
Dome9 continues to enrich its features at a blazingly fast pace. I would like to see tighter integration with other compliance tools, like Chef Compliance, in addition to Inspector. Also, I would love to add more richness to the Splunk add-on for Dome9.
Buyer's Guide
Check Point CloudGuard CNAPP
August 2025
Learn what your peers think about Check Point CloudGuard CNAPP. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.
865,295 professionals have used our research since 2012.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
None, it has been a solid performer for us, and well within the SLA.
What do I think about the scalability of the solution?
We have yet to encounter any issues with scalability.
How are customer service and support?
We have not needed it much, but when we have, they have been very responsive and they truly are helpful.
How was the initial setup?
Initial setup was super easy. We were integrated in 15 minutes, then it was just another hour or so of tuning and kicking the tires.
What's my experience with pricing, setup cost, and licensing?
They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match.
Which other solutions did I evaluate?
We evaluated native AWS features and a competitor, Evident.io, but found that Dome9 was able to do all of what we needed in one tool instead of two.
What other advice do I have?
Start with read-only and move to full-control slowly. When you go to full control, there will need to be good communications with your AWS teams, so they know it is there. Do not do full-control on your lab environment.
They are a great partner to work with. Not only is the product solid, but we have loved having a good relationship with their leadership and seeing our feedback manifest into real product updates and features!
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
President at a tech services company with 1-10 employees
We have been able to empower our development team to work with the infrastructure in a managed, foolproof way.
Pros and Cons
- "Compliance is becoming an important tool for us as well."
- "Addressing the large amount of compliance information and benchmarks we need to observe, the tools are becoming our goto dashboards."
Buyer's Guide
Check Point CloudGuard CNAPP
August 2025
Learn what your peers think about Check Point CloudGuard CNAPP. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.
865,295 professionals have used our research since 2012.
Marketing at a tech vendor with 51-200 employees
Vendor
Oct 9, 2013
Dome9 Cloud Street View for AWS Security: The Exponential Cloud Growth Visualization
Confidence is key when it comes to managing large IT systems. The tricky part is when a CIO tries to generate the trust and confidence of a company’s IT environment. Complete transparency is the answer. As you may recall, I’ve written about the need for transparency concerning Newvem’s services in the past. As the cloud industry market matures, the AWS cloud continues to grow at ground-breaking speeds, in addition to the usual individual cloud deployment. In either respect, transparency becomes an issue.
Cloud management vendors recognize the need for transparency and are taking the necessary steps to enhance their solutions to better support active visibility. The natural evolution of a typical management system begins with gathering data and presenting it in report tables. While traditional IT tools have had a similar evolution, the infinite cloud resources and dynamic manner of the environment take the lack of controllability issue to the extreme. This, makes visualization more crucial than in a traditional, finite data center.
This week, I met my good old `cloud friends` from Dome9 that released their new cloud security visualization solution, Dome9 Clarity –
“Think Street-view for AWS security. Transparency into on-premise security has been around for the last 15 years, we are simply extending this value to the cloud.” Zohar Alon, Co-Founder and CEO at Dome9.
Dome9 Clarity – Visualizing the data flows between AWS security groups
The value of IT management features has more than proven itself over the last two decades. Issues concerning systems’ availability, security and performance are anything but new in the world of IT services. Despite the fact that the cloud doesn’t eliminate any of these concerns, it does force a change to the key methodologies and processes. As an ex-Check Point employee, Zohar Alon, Dome9’s Co-Founder and CEO, built and led the security giant’s security firewall management systems. With this experience, the natural next step was to apply his knowledge to the world of the cloud.
Dome9’s Cloud Clarity provides cloud network security visualization within the AWS cloud. It is the sensible solution for optimized cloud security management. Controlling an environment with hundreds or thousands of EC2 instances that are grouped into as many as hundreds of security groups, not to mention the rapid and dynamic growth of inter-dependencies is far from an easy DevOps’ task. With Dome9, AWS users get a visual picture of their AWS VPCs and security group configurations. According to Alon, their new capability reduces such security audit efforts significantly and has been proven to condense four hours of auditing work into a mere 15 minutes – quite impressive!
As cloud deployments become more and more complex, consequently, the overall stack complicates as well. DevOps models evolve to be able to regain control supported by distributed systems’ methodologies. With the help of Clarity’s real visibility feature, customers are enabled with a clear understanding of their security system, which in turn enables control and support of the modern application stack.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Useful training, good support, and reliable
Pros and Cons
- "The most valuable feature of Check Point CloudGuard Posture Management is the training."
- "The security of Check Point CloudGuard Posture Management could improve. There are always new security issues coming out."
DevSecOps Engineer at a tech services company with 11-50 employees
Stable, scalable container security that's great for a developer-focused environment
Pros and Cons
- "The way they offer container security is a big highlight that I have noticed. The solution is also agentless, so the scanning, runtime, really everything is offered directly by CloudGuard."
- "The technical support could be better, but I do not know of any other needed improvements."
Implementer at a tech services company with 51-200 employees
Excellent posture management that's easy to implement
Pros and Cons
- "The most valuable feature is posture management, which gives you complete visibility of all your assets in the cloud and allows you to do governance and compliance."
- "CloudGuard could be improved by including integration with vendors other than AWS, especially Azure, especially in permissions."
Buyer's Guide
Download our free Check Point CloudGuard CNAPP Report and get advice and tips from experienced pros
sharing their opinions.
Updated: August 2025
Product Categories
Vulnerability Management Cloud and Data Center Security Container Security Cloud Workload Protection Platforms (CWPP) Cloud Security Posture Management (CSPM) Cloud-Native Application Protection Platforms (CNAPP) Data Security Posture Management (DSPM) Compliance ManagementPopular Comparisons
Microsoft Defender for Cloud
Prisma Cloud by Palo Alto Networks
SentinelOne Singularity Cloud Security
Qualys VMDR
Varonis Platform
AWS GuardDuty
CrowdStrike Falcon Cloud Security
Tenable Security Center
AWS Security Hub
Akamai Guardicore Segmentation
Orca Security
Buyer's Guide
Download our free Check Point CloudGuard CNAPP Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the pricing for Check Point software?
- How inadvisable is it to use a single vulnerability analysis tool?
- What are the benefits of continuous scanning for vulnerability management?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
- Which is the best vulnerability scanner tool?
- What are your recommended automated penetration testing tools?
- How do you use the MITRE ATT&CK framework for improving enterprise security?
- Can you recommend API for Tenable Connector into ServiceNow
