Check Point CloudGuard CNAPP Reviews

We use it to protect our applications in the cloud. We are doing a lot more cloud migration. We are moving all our applications into the cloud and our servers into the cloud. We need to protect our servers in the cloud.

By implementing CloudGuard CNAPP, we wanted to make sure we get alerts so that we can react much faster.

We use CloudGuard CNAPP's Cloud Security Posture Management capabilities. It knows all the accounts that were spun up. When we create an account in the cloud, it is onboarded automatically. We pull it into automation. Whenever someone changes any settings on the infrastructure side, the posture management will flag it. Sometimes, there is a way to automate a change. If we put some settings, it can make changes right away to shut that down.

Cloud Security Posture Management has a lot of compliances. It helps us to make sure our cloud configuration is up to a certain standard. If we have to be compliant, we have a good start on where we are.

Cloud Security Posture Management identifies the risks that are most critical to our business. It gives a risk score for what is being discovered. After we have that score, it is up to us how fast we want to remediate an issue. Sometimes, we might think that it is not crucial, and we might not take immediate action on it. 

We send every finding to our backend SIEM and work with our SOC to remediate those findings. Our SOC environment has that visibility of the logs so that we can react.

We know the vulnerability in advance, so we can take some action for that vulnerability. It is mostly all about how fast we can react to something.

We could see its benefits right away after we deployed the technology. However, getting visibility does not mean that we can react fast. For that, we have to work closely with all the app guys or server guys to patch all the things after we get the visibility.

Down the road, we would like to see automation. That is probably a feature that most people want. If they can automate patching a vulnerability, it will be much easier.

I have been using CloudGuard CNAPP for about four years.

I am not aware of any problems.

So far, so good. We have plans to increase its usage, but it depends on the collaboration with multiple groups.

We have been using it with a small group in our organization. We want to make sure that this group benefits from it, and then we can use that use case and expand that use case throughout the organization. Currently, it is being used for a small group, and there is an ongoing effort to make it more visible.

They are good and responsive. We have a dedicated engineer, which is good. We have a certain person to go to for any questions or any problems. It has been good so far. Sometimes, we do experience slowness in responding, but overall, it has been pretty good.

We have been using CloudGuard from day one. It used to be known by another name. We have been using it before the name change. We are long-time customers.

Currently, we are just dealing with the public cloud. We have AWS and Azure clouds. 

Its deployment needs a lot more collaboration. From the cybersecurity side, we can only do certain things to protect our environment. From the app side, it also needs collaboration with whoever is managing that application or server. A lot of collaboration is needed rather than just having the security person.

When we get all the permission to do the deployment, it is a lot easier. The security team does not hold the key to the kingdom, so we do not have access to all environments. Once we get that access, it can be deployed a lot easily.

We have definitely seen an ROI. We have not quantified it, but the notifications about misconfiguration or vulnerabilities by CloudGuard CNAPP are helping us to improve our site. Our risk is much lower. It lowers our risk on how we do things, and sometimes, it is hard to quantify that into money.

The licensing part still needs some work. The issue that I have is that we do not use all the services in the cloud, but sometimes, CloudGuard identifies them as an asset. 

We did not explore other options. We are just leveraging what CloudGuard has.

To those evaluating this solution, I would recommend trying it. You never know what you will see until you try.

It is a good product. We definitely want to see more features. We constantly try to see the new features being integrated into the product so that we can leverage them.

We are not yet using CloudGuard CNAPP's CloudGuard Workload Protection capabilities. Because the workload side is hosted by a different group, it requires collaboration. We need to work closely with the workload group. We are looking at opportunities to see if we can collaborate.

We are not yet using CloudGuard Workload Protection for VMs, containers, and serverless, but we are interested in looking into it. If we have it, the scanning provided by CloudGuard Workload Protection will help us identify problems before they go live. I have seen a demo of it, and I am looking into whether we can deploy it for our environment. It will give our cybersecurity visibility. It will help us know what is going on, and then we can react to it.

We are also not using CloudGuard CNAPP's CloudGuard CDR (formerly Intelligence) and its intrusion detection and threat-hunting capabilities. I would love to use that and get some benefits out of it sometime in the future.

I would rate CloudGuard CNAPP an eight out of ten. Automation is what we are looking for because we do not have enough time and people to handle all the events and findings.

I assess the effectiveness of Check Point CloudGuard CNAPP in preventing misconfigurations across cloud environments as an important part.

The ability of Check Point CloudGuard CNAPP to secure multi-cloud environments has impacted my customer's compliance efforts; it is not the priority, but it is an important solution.

Check Point CloudGuard CNAPP is effective. It is not as powerful as Harmony and Collaboration, but it is a challenging solution.

Check Point CloudGuard CNAPP has some advantages over its competitors.

One of the best features is easy integration.

The automated threat prevention of Check Point CloudGuard CNAPP is impressive. It uses the same model and engine as antivirus or Harmony and Collaboration, making it effective.

I find false positives to be the most valuable metrics for threat detection. The number of false positives is important.

I assess the role of Check Point CloudGuard CNAPP in providing real-time visibility into cloud infrastructure depending on the client, and we usually do a business case to address that.

There is a lack of functionalities and usability. I used to compare it with another solution that is focused on specific features. All solutions have some gaps, and we are looking for the best one in every single scope.

I believe improvements could be made to the notification system, ease of use, and integrations.

The interface could be simplified and more focused on user experience. It appears somewhat unrefined in its current state.

If they improve their interface and integration capabilities, I would give them a higher rating.

The technical support provided by Check Point is really good.

I would rate their technical support as eight out of ten.

Positive

I find the initial setup easy to integrate. The main challenge is maximizing the solution's potential.

To get the full power of the solution, you need to fine-tune it extensively to achieve the expected behavior.

I consider the pricing of Check Point CloudGuard CNAPP to be average.

On a scale of one to ten, I rate Check Point CloudGuard CNAPP a seven.

The solution is for used for protection of workloads.

It offers good detection. This capability allows us to effectively manage compliance. 

It helps us find misconfiguration. We use it to try to find possible storage accounts that may be misused or other misconfigurations.

The effectiveness of its cloud security posture management is good. It's really helpful for us and allows us to comply with various standards.

It helps our company identify risks that are most critical to our business. It not only saves us time, it provides us with the visibility we need to manage the cloud.

I don't have any notes for improvements. I'd need some more time to work with it.

I have used the solution for one year.

The stability is good.

We haven't had issues with scalability.

We have not had any issues with customer service so far.

Positive

This was the first solution I tested. I have not used a different solution. 

The initial setup was straightforward.

The pricing is decent.

We only really tested the capabilities of native tools before we implemented this solution.

My overall product rating is ten out of ten.

We are a VAR. We use posture management in various client environments for different assessments. 

We do not use it internally. We use it in multiple client environments. We have different types of client environments with different sizes.

It is great for identifying misconfigurations. That is the part that I love about it.  It is very good at finding that needle in the haystack. It gives you an overall posture for every little thing, and if you dive into it and look at some of the findings, you start seeing that you have one or two servers that are misconfigured, and you have an open BLOB, open storage instance, unsecured web portal, or something else that you did not know about. 

The effectiveness of its Cloud Security Posture Management for providing compliance rulesets and security best practices is great.

Its Cloud Security Posture Management helps identify the risks that are most critical to our clients relatively quickly. I cannot put a number on that, but not having to go through every little configuration on every asset would probably save a week's worth of effort for the smallest client. 

Its traffic monitoring capabilities are good. Helps visualize traffic flows and possibly exposed assets.

The actual setup is pretty manual. It takes about an hour or two, depending on the client you are working with.

The rulesets and the findings are valuable. The actual core functionality of it and the efficacy of events are great. There is some triaging, but in terms of findings, it does seem to find the needle in the haystack.

The dashboards specifically are great. By just logging in and going into the portal, we can see the high-level dashboard views. We are able to dive into whatever we want to see there, and that is fantastic.

The network mapping and the traffic flow map, where it shows you which VMs might be possibly exposed, are also very valuable. It shows which systems might have direct access to the Internet and which systems do not. It shows you overall how the network flow is set up based on your security groups, routing, and everything. I have got a good use out of that.

The setup can be better. With every other Check Point SaaS product, the setup is scripted. You just approve deployment scripts,  and then you are off. The setup for this solution is still very much manual. I would like to see that transition to more of a scripted setup. That has been an issue when I set up a client because every client has different skill sets.

The general reporting also needs improvement. It is very cumbersome to pull the reports for big environments. I had a client environment with 50 tenants, and I had to manually run a CIS report for each tenant and download it. There were 50 different reports. I wish there was a way to get the reports for all 50 tenants in one report and not 50 different reports.

I have been working with posture management for 3 to 4 years.

I never had stability-related issues. That has always been fine.

It is scalable. You can do it, but you need to redo the setup for each and every additional account and visibility. It is scalable. It is just not quickly scalable.

I would rate their support for CloudGuard CNAPP a eight out of ten.

Positive

I have not used a posture management solution before.

Its setup is very manual. I would like to see that transition to more of a scripted setup. It is a very manual process. For the most part it is fine however I have definitely had issues with it. Sometimes, it just does not work, and I have had to open tickets.

I am an integrator and consultant.

Its price is very fair.

N/A

To the new users of this solution, I would advise not following the built-in guide while setting it up. Always open the admin guide for the most up-to-date information.

Overall, I would rate this solution an eight out of ten. Even with all the issues, what you do get out of it is very valuable. The reporting and the setup are holding it back from a ten. That is where it can be improved greatly.

CloudGuard is a posture management and workload protection platform. We're also using it for data and risk management.

Our environment includes a hybrid cloud and three public cloud providers: GCP, AWS, and Azure. CloudGuard enables us to manage all the cloud providers from one dashboard. It enables a team approach, so we're more flexible and operationally efficient. The solution provides a holistic view from a single dashboard, making posture management and threat prevention more effective. Detection is not a significant challenge. When I block a particular incident, CloudGuard will implement some kind of prevention activity so that those types of activities are prevented automatically in the future. Prevention is more beneficial for us.  

When managing our service partner, CloudGuard enables easier enrollment and allows us to consolidate all those rules and privileges. It will give them complete visibility of the identities that I am using for all the services, whether it's privileged user access or a normal user. It's based on user suggestions. CloudGuard helps me handle my user identities.  

Another benefit is posture management. We are governed by four regulatory entities in India. We need to stay in 100 percent compliance by avoiding any misconfigurations on our platforms, and this tool helps us.  It also helps with virtual protection of our code by adding another layer of security and an extra step. It can detect abnormalities in the image and register, enabling us to identify and fix compromised packages before any major release. 

As a regulated entity, we receive a monthly external audit from the agency, and we always pass them using CloudGuard because we have a  single dashboard for multiple services for user activity reviews and policies that we have set for the user levels. It's easy to demonstrate our compliance posture using this portal and any incidents with compromised credentials or NetFlow security. 

CloudGuard allows us to do more work with fewer people. A team of six people can manage our entire enrollment. CloudGuard covers a huge footprint. It saves a lot of resources, but I cannot measure that in time saved. Onboarding and learning the product took six months, and it took us another year to address all of the solution's findings. The third year should be focused on monitoring. I can't quantify how much time is consumed in days or weeks, but if I had to rate it on a scale of one to 10, I would say nine. 

A reduction in human error is part of posture management. When we first onboarded to the posture management platform, we had to customize and build some rules for enrollment. We fixed the issues we found, and we don't need to run the posture management tool again. Instead, we run the GSL builder and cross-check the findings. Before addressing the finding, we must create a default rule set in the GSL  Builder. We copy what's in the builder and execute it on a particular enrollment, and we'll say it is good to go. We can save time building custom rulesets with GSL builder, but it's hard to say how much. 

We like the GSL Builder feature. When you're running a security operations center, you spend a lot of time monitoring endpoint activity to ensure there is no malicious traffic or anonymous access in the environment. The GSL Builder is helpful for deep investigations of a particular reason for an incident. You can use it to get more information.

We have more than 30 AWS accounts and use more than 16 versions with some different tenants. I don't want to turn on each enrollment and app one at a time in the application. With GSL Builder, I can select multiple accounts from one place and execute the commands. I can see the results of which entities passed and failed.

It's easy to write custom rules and policies. I have limited coding knowledge, but I can make policies from inside the UI. It will show what services are available in the cloud provider, and I can go through and check the ones I need. It requires no scripting knowledge. If you have experience in the industry, you can immediately learn GSL Builder and adapt it. 

Auto-remediation is a module you can enable at the enrollment level. It detects and fixes human errors or misconfigurations.  For example, we can't create a bucket that is exposed to the internet for compliance reasons. CloudGuard can prevent that bucket from being created, ensuring compliance. 

With effective risk management, we can identify every asset and assign a score to each network violation or process. We will flag the most critical assets and bring them to private subnets. There's also a graph, which is useful if we need to explain things to developers and administrators.

The user interface could be improved. Sometimes, the visibility is not immediately available for the environment. We have the native servers that come with the solutions, but we cannot see them in the Check Point log. Another issue is with the integrated file monitoring. It would make sense to have stuff like file integrity monitoring and malware scanning available within this module because we don't want to integrate another product. 

For example, let's say it's showing a process violation. It should be able to do some additional malware scanning in that particular bucket to get some additional information. I don't want to integrate with another third-party tool or go to the native server to check something. It would be helpful to have integrated monitoring and malware scanning for the file types. 

There are a few flaws with the security management portal where I have limited visibility into the workload protection features. There is no error visibility where I can see the communication and workflow between services. Some of the dashboards need to be fine-tuned if they are not customized. For example, I cannot customize anything on the effective risk management dashboard. Some of the information is not correct for my tenant. With respect to passwords and user management, there are no policies I can measure at the user level. If the user was created more than six months ago, you don't need to worry about that password or do anything like two-factor authentication associated with that user. They can still log in after six months or one year. 

It's also a challenge to use CloudGuard's agentless workload posture with AWS. An Azure storage is summed up with a CNAPP encryption by default. We tried onboarding this data, but the problem is the attachment is not done. After a few days, we identified that it was impossible to do the encryption detection. But CloudGuard's default rules say that this has to be encrypted. 

The AWS module says that we cannot access this volume with this encryption, so we cannot use an agentless workload posture with AWS because of this. It is a best practice to ensure that all the volumes are being encrypted. Without the encryption, how can I do this? It is a big challenge for CloudGuard.

I have used CloudGuard for 14 months.

We only see downtime when there is a global outage. It typically only lasts a few minutes. Also, we sometimes see latency issues when accessing this portal. We double-checked that with the team also, and they asked us to check on our network side. We are in the office network, so we could not refer to that. 

Some of CloudGuard's modules are slower. For example, if I go and click on the posture, it loads immediately within 30 or 50 seconds, but workload protection might take more than a minute. There are some differences in the latency between the services within the cloud version.

We don't have any issues with CloudGuard's performance or scalability. 

I rate Check Point support 10 out of 10. Their customer service is fantastic. We have premium support, so I don't know what their standard support is like. When we open a ticket, they immediately call us back regardless of the severity. 

Positive

We have Prisma Cloud, which is not fully implemented, so we need to use Check Point simultaneously. Prisma Cloud excels in terms of UA, visibility, and user-level policies and management. CloudGuard is more cost-efficient but not as user-friendly as Palo Alto. At the same time, having the GSL Builder makes it more efficient to make CNAPP rules without much background knowledge.

Generally, the deployment is pretty easy. We have a template, so it's automatic. However, we run into problems when we're supporting multiple CSPs. AWS supports CloudGuard 100 percent, whereas for Azure, it's 75 or 80 percent. Some Azure services, like user identity, are not supported, which is a challenge. It should be available in Q1. 

Deploying the threat intelligence for AWS was fine, but we had problems with Azure. I'm part of the security group, which is onboarded into the AWS. The next time I create a new security group, it automatically discovers the asset and will put it in the log. For Azure, a new network security group must be added manually. If I'm doing that manually, I want to completely remove the onboarded threat intelligence, which means I want to completely remove what we added from the portal. That is one problem we face doing the onboarding of Azure.

I don't know the initial proposed amount, but the procurement team looked at the market and compared Prisma and CloudGuard, then settled on one solution.

I rate Check Point CloudGuard CNAPP nine out of 10. Any advice I could give to potential users would be completely based on their use cases. You must look at various criteria, like your environment and enrollment level, but my general advice for implementing a CNAPP solution is to get a cloud dev. 

If you are using AWS with multiple CNAPPs and you don't have a control tower or any other landings in the budget, you want to do policies at each enrollment level. But we're using this out that what we do is, like, we build guardrails where we can apply it at the enterprise level itself. 

For example, we'd want to allow any data to be researched outside the area. I'll create one policy and apply it at the organizational level. I set a policy so that any user in my enrollment could not create an SD bucket or any volumes outside using their agent. If you have multiple CSPs, AWS accounts, or Azure subscriptions, this is one solution where you can cover your entire organization's accounts.

When a customer has a multi-cloud environment with AWS, Azure, GCP, or any other cloud, maintaining posture across the cloud environment is very difficult. They need a CNAPP solution for governance and centralized compliance. It gives centralized visibility where they can track each and every cloud account, compliance check, misconfigurations, risks, and vulnerabilities. Accordingly, they can take remediation action as well. That is the main purpose of a CNAPP solution.

CloudGuard CNAPP helps to be compliant across a multi-tenant environment. We can be sure of the compliance status with respect to different cloud tenants. There is visibility into each and every cloud tenant. It is very easy to get visibility from a single console. Centralized management gives good granular control where we can check the risks and vulnerabilities and also do remediation centrally.

Its benefits can be realized in four weeks. It is API integration, so it is very straightforward. You integrate with the client, and you start monitoring. You get the information in real-time. The overall implementation time frame is about four weeks. The first two weeks can be for the monitoring stage. In the third week, you can fine-tune your policies, and in the fourth week, you can start remediating.

Posture management is a part of CloudGuard CNAPP. CloudGuard CNAPP is a combination of three technologies: Cloud Security Posture Management, Cloud Workload Protection (CWP), and Cloud Infrastructure Entitlement Management (CIEM). It is a combination of technologies. When customers use CloudGuard CNAPP, they use all these three models.

Cloud Security Posture Management is very good for identifying misconfiguration. It is able to capture all misconfigurations.

They maintain different compliance standards. Apart from that, they are also very good with the alerts and notification part. Whenever they perform a scan and find a vulnerability, it is sent to different channels as an alert or notification. It is good. They only need to improve the impact analysis on CSPM.

Cloud Security Posture Management identifies the risks that are most critical to the business. In terms of time savings, it can identify a risk within 10 to 15 minutes instead of it being a day-long task. The scanning happens in almost real-time. It is a good feature they have given, and I appreciate their solution.

The scanning provided by CloudGuard Workload Protection helps to identify problems before they go live. It has good capability for that. It can perform a proactive analysis, and we can identify the risks or vulnerabilities before the exploit. This identification of problems is very important because knowing about a problematic scenario in advance and being able to address it can save us a huge business loss. A proactive analysis is very critical. In the cybersecurity domain, it is one of the critical features for every customer.

CloudGuard CNAPP gives us the severity score. When it identifies any risks or vulnerabilities, it assigns a severity score.

CloudGuard CNAPP gives good visibility across all the multi-cloud tenants. We have everything covered in one solution. It covers risks, vulnerabilities, misconfigurations, compliance, data security, data loss, etc. It gives good visibility. This visibility is important for customers.

The identification of misconfigurations, maintenance of compliance in a centralized way, and visibility across all the multi-cloud tenants are the key functionalities.

The first improvement area is the impact analysis. The impact analysis that they perform can be improved. It is currently lacking. It should be more detailed.

The second improvement area is that they should adopt more remediation on various resources.

The third improvement area is that they should introduce Gen-AI capability on their platform so that remediation can be very easy. They have the threat hunting and detection part, but they need to adapt more on the Gen-AI side so that the remediation can happen automatically. People should be able to do remediation with a click. It would be a very good feature to have for remediation.

These are three main improvement areas for them. I have already provided Check Point feedback about these through another channel.

With respect to Cloud Workload Protection, they should introduce more granular security control in terms of policy. I feel they should work on it and develop it more. They need to provide more granular security control in terms of various attacks, such as the MITRE ATT&CK framework. They need to give a different policy for each technique and tactic such as ransomware, exploitation, etc. I also work with CrowdStrike, so I know about different types of granular controls. From the Cloud Workload Protection perspective, they need to improve the policy framework.

I have been working with CloudGuard CNAPP for 2 years.

I have not seen any issues. It works in the passive mode, so it does not impact performance or anything like that.

It is a scalable solution. Every SaaS solution is scalable, so CloudGuard CNAPP is also a scalable solution.

I have not contacted them much, which is a good thing. CloudGuard CNAPP works in a passive mode. If anything needs to be done, it has to be done in your cloud tenant. There are very few times when you or an admin is required to communicate with the support team.

I also work with CrowdStrike and Palo Alto. CrowdStrike does not have the CNAPP capability. CrowdStrike is an EDR solution.

Palo Alto has the Prisma solution. Its capabilities are similar to Check Point. They are similar to me. I do not see much difference. There might be some difference in the cost, but technology-wise, they are the same.

CloudGuard CNAPP is a SaaS-based solution, and you need to integrate all your cloud accounts into that. That is it.

You need to integrate your cloud account or onboard your cloud account in the CloudGuard CNAPP solution by doing the API integration. After you onboard, you first put the cloud account in the monitoring mode. You monitor things for two weeks. After you validate your findings on CloudGuard CNAPP and you do not see any false positives, you can go for the block mode as well. That is the approach the industry should follow while onboarding any CNAPP solution.

You start to get an ROI from the day you deploy CloudGuard CNAPP or integrate it with your cloud account. 

It is like insurance. When something happens, only then you realize its value. CloudGuard CNAPP works in the same way. Without such a solution, it is very difficult to find vulnerabilities, misconfigurations, and data breaches on each and every cloud tenant. When you integrate CloudGuard CNAPP with your cloud account, you get a single view. It is very easy for your cloud administrator to take quick action. The ROI starts once you integrate or onboard a cloud account with CloudGuard CNAPP.

After you have subscribed to CloudGuard CNAPP, I would advise onboarding your cloud account and then monitoring your cloud account and the CloudGuard CNAPP findings for two weeks. After that, you can fine-tune the policies and then run the solution in block mode. That is the process.

A CNAPP product is mandatory for any organization that works in a multi-cloud environment.

Overall, I would rate CloudGuard CNAPP a nine out of ten.

We are a multi-cloud service provider that leverages all major cloud providers, such as AWS, Azure, GCP, and OfficeLab, for our internal consumption and for our customers. Managing and monitoring the compliance of the platform across hundreds of accounts can be challenging, especially without a solution like Check Point CloudGuard Posture Management, which continuously scans and alerts us against policy violations. If the policy is violated, we are alerted, the issue is identified, and we are assisted in resolving it.

It is easy to write custom rules and policies using the GSL Builder. We do not need to learn any programming language or structured query language to write back queries. GSL Builder enables us to click and drag to build our own rules. For example, if we want to fetch all the servers that are accessed publicly, we can simply put down the servers where access is public. GSL Builder creates an easy-to-use interface so that administrators no longer need to know a specific language to make this happen. Therefore, once the query is ready, we can quickly test it to check its effectiveness, modify it quickly, and then start using it.

Non-technical people can learn to use the GSL Builder in less than ten hours.

We have reduced human error using GSL Builder by 20 percent. For example, if I have to write a query, I could make a typo or omit spaces, which could cause the query to be structured incorrectly. With GSL Builder, the only thing humans need to do is drag and drop logic from existing utilities. This means that I can simply click and select when to perform an action, and the system will generate the query for me. This reduces the amount of human input required and, consequently, the likelihood of human error.

The GSL Builder has saved us a significant amount of time. What used to take several hours now only takes a few minutes to complete.

Automatic remediation is very helpful. When an alert is raised, it allows us to trigger bots that can automatically fix the issue. For example, if I'm granting server access to the public, I can create a remediation rule to monitor this. If the rule is violated, the bot will automatically disable public access. This has been very efficient for us.

We have created custom policy checks for our organization, leveraging industry standards such as CIS and SIPAA. We also perform custom assessments against the policy based on our regulatory requirements. Overall, this helps us to mitigate risks and ensure compliance integrity. It also helps us to build cloud solutions correctly and detect and respond to unauthorized authentication changes and security compromises.

Unified Security Management provides a single pane of glass view, eliminating the need to toggle between different consoles and service providers to get a complete picture of our security landscape. The solution provides all the answers we need on a single dashboard. Simply connect to the portal to get all the information we need. For example, if we need to understand the details of a specific cloud, such as its name, configuration, and additional attributes, we don't need to log in to the cloud or another service provider. We can simply look up the server within the Unified Security Management dashboard.

Check Point CloudGuard Posture Management has helped our organization achieve almost 100 percent compliance from zero visibility. I'm proud to say that we upgraded hundreds of thousands of tools and assets against the policy set, and we are now close to 99.6 percent compliant. CloudGuard Posture Management has been very effective for us. In an ever-changing landscape, we ensure that we meet our compliance requirements. Once we have achieved compliance, we can change our policies to make them more stable, and then we strive to meet those standards again.

We have strong in-house capabilities and a team of developers who have a deep understanding of CloudGuard Posture Management. Using the solution's APIs, we can automate our security. We have been able to segregate workloads, accounts, and assets by department, business, cloud provider, and responsible stakeholders. We can then secure these assets according to our internal business requirements. All of this has been achieved and made possible by the CloudGuard Posture Management platform.

The best thing about agentless workload posture is that it doesn't impact our production workloads. Other solutions install agents on our system and continuously scan them, which can sometimes cause performance problems. CloudGuard Posture Management, on the other hand, takes a snapshot of our current workloads and scans it offline, which is a more efficient process.

The solution has helped us reduce our compliance and audit activities. I used to spend a week capturing all the data required for an audit and now I can do it in a couple of hours. With a click of a button, we can run reports to show auditors our compliance for anything in the last run mode. We can also download, share, and view all the details, including how many views are assessed against an account, the outcomes, and the current posture. All of this information is clearly presented in black and white, so we don't have to manage any data ourselves. If we want to report against certain clients, such as those covered by HIPAA, we can get a comprehensive report that we can easily share with our auditors.

CloudGuard Posture Management has reduced a lot of effort. Before implementing the solution, I had to write a separate script for each platform. Once I had the data, I needed to spend time understanding the output of the scripts and identifying the compliance aspects of compliant assets. I also had to segregate the data for all clouds and then work on it. Finally, I had to repeat the same exercise to see if things had remained secure. This was a very tedious process, but CloudGuard Posture Management has saved us a lot of time.

CloudGuard Posture Management has saved our SecOps team time. It is connected to our alerting systems and is accessible to all of our security teams. This includes the security team, the operations team, and the backend team. All of these teams have access to the solution and can see the changes that they are implementing and whether or not they are segregating properly. They are also constantly monitoring the alerts that are raised to take corrective action.

Check Point CloudGuard Posture Management provides a complete overview of all our cloud security solutions. It offers a single-pane-of-glass view of our entire cloud inventory across all cloud service providers.

Another advantage is that CloudGuard Posture Management supports a wide range of automation capabilities and has access to APIs that we can leverage. For example, I can take proactive actions based on an alert without having to interact with the platform directly.

The ability to help organizations modify their own policies is essential. For example, consider the CIS benchmark 1.5 for AWS. In the past, I would have added the CIS rulesets to my custom policy, along with my own rules for Internet requirements. This created a custom policy that was tailored to my specific needs. However, the CIS benchmark is constantly changing, and it can be difficult to keep my custom policy up-to-date. As a result, I now have to recreate my entire policy whenever the CIS benchmark is updated. This is a time-consuming and manual process. Adding a feature that allows me to easily identify the changes that have been made to the CIS benchmark and update my own policy accordingly would be a valuable addition to Check Point CloudGuard Posture Management. This would save me a significant amount of time and effort.

I have been using Check Point CloudGuard Posture Management for seven years.

Check Point CloudGuard Posture Management is stable.

Check Point CloudGuard Posture Management is scalable.

Check Point's support needs improvement. Given our extensive knowledge gained over the years, my team has found that we get better support from Check Point's higher-level team than from their basic support team. We only reach out to Check Point support for serious issues, such as product bugs or encounters. We find that basic support is not adequate and that we only get proper support when our issues are escalated.

Neutral

The initial deployment was straightforward. Two admins from our organization along with some solution architects and one consultant from Check Point helped us with the proof of concept, and we were able to acquire the solution after the POC.

We have seen close to a 40 percent return on investment with Check Point CloudGuard Posture Management.

The pricing is extremely competitive.

I would rate Check Point CloudGuard Posture Management ten out of ten.

If an organization is in the market for a cloud security solution, then it needs a solution like CloudGuard Posture Management. Otherwise, if they are sticking to a specific platform or to a specific service provider like AWS, their tool sets and their solution will be focused on one platform. If they go to Azure, GCP, or any of the other cloud providers, they will be limited. Therefore, I believe that a solution should have flexibility and the ability to function across multiple clouds. Additionally, it should be a solution that grows and evolves. In the time that I have seen Check Point CloudGuard Posture Management, it has grown leaps and bounds and has always stayed ahead of its time. For example, even if an organization has a unique need, CloudGuard Posture Management likely has an academic solution built with the platform. I have not seen this kind of responsiveness from other products.

Our company is spread across four different cloud platforms, which are located in regions around the globe. All departments use these platforms, which include 550 employees.

I highly recommend Check Point CloudGuard Posture Management. It has been very helpful to our organization, and we have gained many benefits from it. We have had a positive experience with Check Point CloudGuard Posture Management.

We use Check Point CloudGuard for full visibility across our workloads in the cloud and on-premises.

The GSL builder's graphical interface makes writing custom rules and policies easy, but some knowledge and training are still required. The training required takes around two weeks to complete.

The GSL builder helps reduce human errors by almost 80 percent because it provides compliance rules and performs intelligence queries on our behalf.

The GSL builder saves us time creating custom rules. Initially, defining the rules takes time, but once that is downloaded, it becomes an automated process. We save around ten hours per week.

Our organization requires the use of Check Point's auto-remediation feature. This feature automatically analyzes and remediates threats, enabling us to perform forensic analysis on detected events. By implementing this feature, we benefit from several detection capabilities, including anti-ransomware and behavioral analysis, which ensure comprehensive threat detection and analysis. Additionally, the auto-remediation feature automatically quarantines and remediates malicious files, preventing data breaches. As a result, we can leverage the forensic report to enhance our endpoint security posture and effectively protect our internet connectivity.

The auto-remediation feature stands out for its ability to prioritize alerts. It focuses on high-risk issues first and then remediates them accordingly.

The unified security management console, a component of the monitoring tool, offers a comprehensive overview of our platform's security posture. This holistic view enables us to promptly identify emerging environmental threats and conduct thorough investigations, ensuring swift and effective responses.

The evaluation of the application depends on its criticality. For example, in an airport scenario, an AODV application is used for critical operations. This means that the AODV application is of high importance and requires a more thorough investigation or a faster response in case of issues.

Check Point CloudGuard has significantly improved my cloud threat handling. It has been a great asset in increasing my security posture score due to its automated remediation capabilities. Additionally, its threat intelligence provides valuable insights, making it a comprehensive security solution. Furthermore, CloudGuard offers comprehensive lifecycle security for all my applications, including new deployments. It also addresses complex security needs within my cloud environment, ensuring compliance with all relevant regulations and governance requirements.

CloudGuard provides good performance for automating our organization's security across assets, workloads, and multiple clouds.

The agentless workload posture plays a crucial role in determining our organization's security posture. This includes security and posture management, threat prevention, and high-availability posture management. All these aspects are highly important, and they also help automate my DevOps multi-cloud security threat level.

Network security helps us reduce the amount of compliance and audit activities we need to perform. It provides advanced threat protection, allowing us to inspect all traffic entering and leaving our private subnets within our entire virtual network. This comprehensive approach ensures robust network security and ongoing time savings.

CloudGuard can help free up around six hours of our staff time because it can be integrated with different applications and systems. 

CloudGuard's unified platform can free up an average of six hours per day, a feat impossible for any human worker. However, the system's automated configurations can function around the clock, achieving this level of efficiency.

The most valuable features are the ability to create pipeline rules, the enhanced NetOps security, and the deep visibility across our entire infrastructure. 

Check Point CloudGuard also helps us adhere to the compliance and regulatory requirements, I can ensure best practices are implemented, prioritize risk management, and prevent critical attacks.

Automation and advanced threat prevention have room for improvement. I would like the rules configuration which are manually reviewed to be automated according to the defined rules.

I have been using Check Point CloudGuard for two years.

Check Point CloudGuard is stable.

Check Point CloudGuard is scalable.

The technical support is good.

Positive

The initial deployment required knowledgeable people. We had already planned the required configuration type, the necessary posture management approach, and the rules that needed to be defined. We had discussed these requirements with the CloudGuard team member and implemented them together. Four people were involved in the deployment.

A person from CloudGuard helped with the implementation.

We have the enterprise-level license and we renew it annually because it is worth the cost.

I would rate Check Point CloudGuard an eight out of ten.

Check Point offers a bundled solution that includes cloud threat hunting, cloud migration security, DevSecOps, and cloud security compliance. This comprehensive package is a superior choice as it provides a unified approach to cloud security.

We have Check Point CloudGuard deployed in one location with 400 users.

A team of four admins performs maintenance on CloudGuard every quarter.

CloudGuard boasts advanced threat prevention for network security, seamlessly securing public, private, and hybrid cloud environments. It also provides unified security management and simplifies complaint handling.