Check Point CloudGuard CNAPP Reviews

We are a VAR. We use posture management in various client environments for different assessments. 

We do not use it internally. We use it in multiple client environments. We have different types of client environments with different sizes.

It is great for identifying misconfigurations. That is the part that I love about it.  It is very good at finding that needle in the haystack. It gives you an overall posture for every little thing, and if you dive into it and look at some of the findings, you start seeing that you have one or two servers that are misconfigured, and you have an open BLOB, open storage instance, unsecured web portal, or something else that you did not know about. 

The effectiveness of its Cloud Security Posture Management for providing compliance rulesets and security best practices is great.

Its Cloud Security Posture Management helps identify the risks that are most critical to our clients relatively quickly. I cannot put a number on that, but not having to go through every little configuration on every asset would probably save a week's worth of effort for the smallest client. 

Its traffic monitoring capabilities are good. Helps visualize traffic flows and possibly exposed assets.

The actual setup is pretty manual. It takes about an hour or two, depending on the client you are working with.

The rulesets and the findings are valuable. The actual core functionality of it and the efficacy of events are great. There is some triaging, but in terms of findings, it does seem to find the needle in the haystack.

The dashboards specifically are great. By just logging in and going into the portal, we can see the high-level dashboard views. We are able to dive into whatever we want to see there, and that is fantastic.

The network mapping and the traffic flow map, where it shows you which VMs might be possibly exposed, are also very valuable. It shows which systems might have direct access to the Internet and which systems do not. It shows you overall how the network flow is set up based on your security groups, routing, and everything. I have got a good use out of that.

The setup can be better. With every other Check Point SaaS product, the setup is scripted. You just approve deployment scripts,  and then you are off. The setup for this solution is still very much manual. I would like to see that transition to more of a scripted setup. That has been an issue when I set up a client because every client has different skill sets.

The general reporting also needs improvement. It is very cumbersome to pull the reports for big environments. I had a client environment with 50 tenants, and I had to manually run a CIS report for each tenant and download it. There were 50 different reports. I wish there was a way to get the reports for all 50 tenants in one report and not 50 different reports.

I have been working with posture management for 3 to 4 years.

I never had stability-related issues. That has always been fine.

It is scalable. You can do it, but you need to redo the setup for each and every additional account and visibility. It is scalable. It is just not quickly scalable.

I would rate their support for CloudGuard CNAPP a eight out of ten.

I have not used a posture management solution before.

Its setup is very manual. I would like to see that transition to more of a scripted setup. It is a very manual process. For the most part it is fine however I have definitely had issues with it. Sometimes, it just does not work, and I have had to open tickets.

I am an integrator and consultant.

Its price is very fair.

N/A

To the new users of this solution, I would advise not following the built-in guide while setting it up. Always open the admin guide for the most up-to-date information.

Overall, I would rate this solution an eight out of ten. Even with all the issues, what you do get out of it is very valuable. The reporting and the setup are holding it back from a ten. That is where it can be improved greatly.

We use it to protect our applications in the cloud. We are doing a lot more cloud migration. We are moving all our applications into the cloud and our servers into the cloud. We need to protect our servers in the cloud.

By implementing CloudGuard CNAPP, we wanted to make sure we get alerts so that we can react much faster.

We use CloudGuard CNAPP's Cloud Security Posture Management capabilities. It knows all the accounts that were spun up. When we create an account in the cloud, it is onboarded automatically. We pull it into automation. Whenever someone changes any settings on the infrastructure side, the posture management will flag it. Sometimes, there is a way to automate a change. If we put some settings, it can make changes right away to shut that down.

Cloud Security Posture Management has a lot of compliances. It helps us to make sure our cloud configuration is up to a certain standard. If we have to be compliant, we have a good start on where we are.

Cloud Security Posture Management identifies the risks that are most critical to our business. It gives a risk score for what is being discovered. After we have that score, it is up to us how fast we want to remediate an issue. Sometimes, we might think that it is not crucial, and we might not take immediate action on it. 

We send every finding to our backend SIEM and work with our SOC to remediate those findings. Our SOC environment has that visibility of the logs so that we can react.

We know the vulnerability in advance, so we can take some action for that vulnerability. It is mostly all about how fast we can react to something.

We could see its benefits right away after we deployed the technology. However, getting visibility does not mean that we can react fast. For that, we have to work closely with all the app guys or server guys to patch all the things after we get the visibility.

Down the road, we would like to see automation. That is probably a feature that most people want. If they can automate patching a vulnerability, it will be much easier.

I have been using CloudGuard CNAPP for about four years.

I am not aware of any problems.

So far, so good. We have plans to increase its usage, but it depends on the collaboration with multiple groups.

We have been using it with a small group in our organization. We want to make sure that this group benefits from it, and then we can use that use case and expand that use case throughout the organization. Currently, it is being used for a small group, and there is an ongoing effort to make it more visible.

They are good and responsive. We have a dedicated engineer, which is good. We have a certain person to go to for any questions or any problems. It has been good so far. Sometimes, we do experience slowness in responding, but overall, it has been pretty good.

We have been using CloudGuard from day one. It used to be known by another name. We have been using it before the name change. We are long-time customers.

Currently, we are just dealing with the public cloud. We have AWS and Azure clouds. 

Its deployment needs a lot more collaboration. From the cybersecurity side, we can only do certain things to protect our environment. From the app side, it also needs collaboration with whoever is managing that application or server. A lot of collaboration is needed rather than just having the security person.

When we get all the permission to do the deployment, it is a lot easier. The security team does not hold the key to the kingdom, so we do not have access to all environments. Once we get that access, it can be deployed a lot easily.

We have definitely seen an ROI. We have not quantified it, but the notifications about misconfiguration or vulnerabilities by CloudGuard CNAPP are helping us to improve our site. Our risk is much lower. It lowers our risk on how we do things, and sometimes, it is hard to quantify that into money.

The licensing part still needs some work. The issue that I have is that we do not use all the services in the cloud, but sometimes, CloudGuard identifies them as an asset. 

We did not explore other options. We are just leveraging what CloudGuard has.

To those evaluating this solution, I would recommend trying it. You never know what you will see until you try.

It is a good product. We definitely want to see more features. We constantly try to see the new features being integrated into the product so that we can leverage them.

We are not yet using CloudGuard CNAPP's CloudGuard Workload Protection capabilities. Because the workload side is hosted by a different group, it requires collaboration. We need to work closely with the workload group. We are looking at opportunities to see if we can collaborate.

We are not yet using CloudGuard Workload Protection for VMs, containers, and serverless, but we are interested in looking into it. If we have it, the scanning provided by CloudGuard Workload Protection will help us identify problems before they go live. I have seen a demo of it, and I am looking into whether we can deploy it for our environment. It will give our cybersecurity visibility. It will help us know what is going on, and then we can react to it.

We are also not using CloudGuard CNAPP's CloudGuard CDR (formerly Intelligence) and its intrusion detection and threat-hunting capabilities. I would love to use that and get some benefits out of it sometime in the future.

I would rate CloudGuard CNAPP an eight out of ten. Automation is what we are looking for because we do not have enough time and people to handle all the events and findings.

We use it as a CSPM (cloud security posture management) solution. In particular, the main use case it to identify misconfigurations in our cloud environments. 

We have different cloud providers, and it monitors all of them: Google Cloud Platform, Amazon Web Services, and Microsoft Azure. For each workload or subscription, Check Point Cloud Guard checks whether the configuration is in line with the sector standards and guidelines or not. 

It also checks for each subscription to see if it is compliant with a given policy. It has multiple policies for Europe, the USA, and even Australia.

With Check Point CloudGuard CNAPP, we are able to monitor the security of all of our cloud environments. Moving to a more and more cloud-centric environment is vital for us to ensure security. 

In addition, we have to comply with some standards that require us to guarantee compliance and overall data security and safety in the cloud environments that host our exposed applications, databases, servers, and virtual machines. 

With Check Point CloudGuard CNAPP, we are able to identify which remediation actions need to be taken in order for us to be compliant with the standards and to secure our environments better.

The feature that I value the most about Check Point CloudGuard CNAPP is the possibility of checking compliance with different standards. This compliance check can be performed for each subscription or service that we have on all the different cloud providers that we use. The result of the compliance check is having a list of issues, misconfiguration, or vulnerabilities that need to be fixed and addressed. The list is detailed with severity, description of the issue, risk, and how to mitigate it. It also points out the exact bit that needs to be addressed, so there is no guessing game, and when we address the issue to the technical team, they already know what needs to be done

The service is already top-notch; both on the commercial side and on the technical side. I had the luck to be put in contact with a very talented and skilled technical after-sales team that guided us step by step through the configurations. Also, the commercial team was very comprehensive with our situation and allowed us to create a package that best fit our needs.

One feature of the product that I would like to enhance is the possibility to connect to vulnerability management platforms so that the issues that emerge from the scans can then be ingested directly into the vulnerability management process. It would be very nice to provide, on top of API connections, built-in plugins for the major ticketing systems.

I've used the solution for three years.

No, we have not used any solution before.

The setup cost is really low compared to the license cost. However, it's a good investment if you want to secure the cloud ecosystem.

We evaluated other options, among which Prisma Cloud and Orca Security.

We use the solution to protect workloads and users on the cloud, including both internal and external users. The solution must monitor user roles, the overall posture of the cloud application, and database and web servers that are exposed to the internet. It is an improvement over the default Amazon AWS security posture because it is sensitive to the context in which the application is being used, such as whether it is being used by a public user or an internal user who is managing the system on the cloud.

We used on-premises solutions until recently. However, we are now moving to the cloud for all of our applications. Posture management tools are now essential, and we must have them, regardless of whether they are from Tenable, Check Point, CrowdStrike, or another vendor. This solution is cost-effective, so we chose it, but we may change it in the future.

Embedded machine learning in the core of the firewall to provide in-line real-time attack prevention is most valuable. This is because analytics and machine learning capabilities come much later. In a high-volume situation, things can go bad quickly. Therefore, an in-line alert mechanism is much better than any other.

Visibility is the most important part. On the cloud, shared resources can make it difficult to see all of the resources that are deployed. This solution helps to keep everything visible, and it also alerts us if something is wrong, such as if someone opened extra ports or services that they are not supposed to. This is a valuable tool for monitoring and maintaining our cloud environment.

The solution is also capable of controlling resources, but this is a highly controversial and context-aware area. If the platform takes too much control, it could potentially stop our applications from working. Therefore, we limit its use to monitoring and visibility only.

Check Point must provide a multi-cloud facility where AWS, Azure, and GCP can seamlessly work together and display posture in an integrated manner. Instead of showing separate AWS, Azure, and GCP environments, the solution should provide a single integrated view. This will make it easier to decide which issues to fix first and will reduce the amount of technical work required.

Check Point is always adding new features. However, we are sometimes confused about how to use the features that are already available. There are so many features and we are unable to use all of them.

I have only been using Check Point CloudGuard Posture Management for a very short time, not even a year yet. Earlier, we were not using the cloud very much, so there was no need for such a product. However, after we shifted a few of our applications to the cloud, we started using the solution.

The solution has been quite stable for the past year. However, I cannot say how it will behave in the future, as it may experience a bigger load and a wider variety of workloads. The stability of the solution is subjective and will depend on the specific environment in which it is used.

We have not yet tested the solution at that scale. It is just a starting point. We may add more applications and more load to it. We will have to see how scalable the solution is.

The technical support is good. They sometimes call people from outside India to help us, because we are longtime Check Point customers. We have been using their hardware, software, and firewalls for about two decades. This solution is a new addition to our support.

Neutral

We are still using a variety of firewall solutions, including Juniper and Cisco, throughout our organization. As a government organization, we are required to purchase the cheapest option available. Therefore, we must utilize the solution that is the most affordable in each case.

I am involved in the deployment of the solution. I am not the technical hands-on person for this project. I manage the deployment process.

It is very difficult to measure the return on investment for security measures. Security is not an investment in the traditional sense, as it does not generate direct revenue. Instead, security is a safety measure, similar to insurance. As such, it is difficult to quantify the ROI of security measures.

It is difficult to contextualize the pricing because we are used to Indian pricing and licensing. In India, there is very little interaction with North America and the private sector regarding pricing.

We evaluated all the firewalls including Juniper and Cisco.

I give Check Point CloudGuard Posture Management a seven out of ten.

The solution claims to provide a unified platform that integrates all security capabilities. However, there are on-premises issues, cloud issues, and hybrid issues that make this impossible. No tool can ever provide such capability.

We are not a small office. Therefore, I have no experience with how the solution helps small offices. However, for us, the solution only helps us with our cloud posture management. We still use different tools on-premises. And maybe in the future, we will go directly to the cloud.

I have doubts about the value of looking for the cheapest or fastest firewall. There is always someone who is coming out with a new product that is faster or cheaper than the current one. However, it is important to consider the overall security capabilities of a firewall, not just its speed or price. A firewall that is slower because it is doing more analytics may actually be more secure than a faster firewall that does not do as much analysis. The best firewall for you will depend on your specific needs and requirements.

This is my first time at an RSA conference, and I find it very confusing. There are too many vendors, too many products, and too much to see. I only had a few hours to visit today, and it was overwhelming. I think the conference would be better if it were split into two or three parts, with one part focused on the Asia Pacific and another part focused on North America. Most of the vendors here are focused on North America, so it would be helpful to have a dedicated space for vendors from Asia Pacific. I will try to visit the RSA conference in Singapore next year, and I hope it will be more manageable.

The RSA does not impact our cybersecurity solution purchases. The Indian government's procurement process is completely independent of vendors and their products. Our purchases are based on our needs and requirements, and the solutions must be supported in India.

When a customer has a multi-cloud environment with AWS, Azure, GCP, or any other cloud, maintaining posture across the cloud environment is very difficult. They need a CNAPP solution for governance and centralized compliance. It gives centralized visibility where they can track each and every cloud account, compliance check, misconfigurations, risks, and vulnerabilities. Accordingly, they can take remediation action as well. That is the main purpose of a CNAPP solution.

CloudGuard CNAPP helps to be compliant across a multi-tenant environment. We can be sure of the compliance status with respect to different cloud tenants. There is visibility into each and every cloud tenant. It is very easy to get visibility from a single console. Centralized management gives good granular control where we can check the risks and vulnerabilities and also do remediation centrally.

Its benefits can be realized in four weeks. It is API integration, so it is very straightforward. You integrate with the client, and you start monitoring. You get the information in real-time. The overall implementation time frame is about four weeks. The first two weeks can be for the monitoring stage. In the third week, you can fine-tune your policies, and in the fourth week, you can start remediating.

Posture management is a part of CloudGuard CNAPP. CloudGuard CNAPP is a combination of three technologies: Cloud Security Posture Management, Cloud Workload Protection (CWP), and Cloud Infrastructure Entitlement Management (CIEM). It is a combination of technologies. When customers use CloudGuard CNAPP, they use all these three models.

Cloud Security Posture Management is very good for identifying misconfiguration. It is able to capture all misconfigurations.

They maintain different compliance standards. Apart from that, they are also very good with the alerts and notification part. Whenever they perform a scan and find a vulnerability, it is sent to different channels as an alert or notification. It is good. They only need to improve the impact analysis on CSPM.

Cloud Security Posture Management identifies the risks that are most critical to the business. In terms of time savings, it can identify a risk within 10 to 15 minutes instead of it being a day-long task. The scanning happens in almost real-time. It is a good feature they have given, and I appreciate their solution.

The scanning provided by CloudGuard Workload Protection helps to identify problems before they go live. It has good capability for that. It can perform a proactive analysis, and we can identify the risks or vulnerabilities before the exploit. This identification of problems is very important because knowing about a problematic scenario in advance and being able to address it can save us a huge business loss. A proactive analysis is very critical. In the cybersecurity domain, it is one of the critical features for every customer.

CloudGuard CNAPP gives us the severity score. When it identifies any risks or vulnerabilities, it assigns a severity score.

CloudGuard CNAPP gives good visibility across all the multi-cloud tenants. We have everything covered in one solution. It covers risks, vulnerabilities, misconfigurations, compliance, data security, data loss, etc. It gives good visibility. This visibility is important for customers.

The identification of misconfigurations, maintenance of compliance in a centralized way, and visibility across all the multi-cloud tenants are the key functionalities.

The first improvement area is the impact analysis. The impact analysis that they perform can be improved. It is currently lacking. It should be more detailed.

The second improvement area is that they should adopt more remediation on various resources.

The third improvement area is that they should introduce Gen-AI capability on their platform so that remediation can be very easy. They have the threat hunting and detection part, but they need to adapt more on the Gen-AI side so that the remediation can happen automatically. People should be able to do remediation with a click. It would be a very good feature to have for remediation.

These are three main improvement areas for them. I have already provided Check Point feedback about these through another channel.

With respect to Cloud Workload Protection, they should introduce more granular security control in terms of policy. I feel they should work on it and develop it more. They need to provide more granular security control in terms of various attacks, such as the MITRE ATT&CK framework. They need to give a different policy for each technique and tactic such as ransomware, exploitation, etc. I also work with CrowdStrike, so I know about different types of granular controls. From the Cloud Workload Protection perspective, they need to improve the policy framework.

I have been working with CloudGuard CNAPP for 2 years.

I have not seen any issues. It works in the passive mode, so it does not impact performance or anything like that.

It is a scalable solution. Every SaaS solution is scalable, so CloudGuard CNAPP is also a scalable solution.

I have not contacted them much, which is a good thing. CloudGuard CNAPP works in a passive mode. If anything needs to be done, it has to be done in your cloud tenant. There are very few times when you or an admin is required to communicate with the support team.

I also work with CrowdStrike and Palo Alto. CrowdStrike does not have the CNAPP capability. CrowdStrike is an EDR solution.

Palo Alto has the Prisma solution. Its capabilities are similar to Check Point. They are similar to me. I do not see much difference. There might be some difference in the cost, but technology-wise, they are the same.

CloudGuard CNAPP is a SaaS-based solution, and you need to integrate all your cloud accounts into that. That is it.

You need to integrate your cloud account or onboard your cloud account in the CloudGuard CNAPP solution by doing the API integration. After you onboard, you first put the cloud account in the monitoring mode. You monitor things for two weeks. After you validate your findings on CloudGuard CNAPP and you do not see any false positives, you can go for the block mode as well. That is the approach the industry should follow while onboarding any CNAPP solution.

You start to get an ROI from the day you deploy CloudGuard CNAPP or integrate it with your cloud account. 

It is like insurance. When something happens, only then you realize its value. CloudGuard CNAPP works in the same way. Without such a solution, it is very difficult to find vulnerabilities, misconfigurations, and data breaches on each and every cloud tenant. When you integrate CloudGuard CNAPP with your cloud account, you get a single view. It is very easy for your cloud administrator to take quick action. The ROI starts once you integrate or onboard a cloud account with CloudGuard CNAPP.

After you have subscribed to CloudGuard CNAPP, I would advise onboarding your cloud account and then monitoring your cloud account and the CloudGuard CNAPP findings for two weeks. After that, you can fine-tune the policies and then run the solution in block mode. That is the process.

A CNAPP product is mandatory for any organization that works in a multi-cloud environment.

Overall, I would rate CloudGuard CNAPP a nine out of ten.

We use Check Point CloudGuard Posture Management to maintain our organization's security posture.

With a bit of upscaling, it is possible to write custom rules and policies using the GSL Builder. We used the GSL Builder to build the rules for our playground environment and internet-facing environments.

It takes a couple of weeks for a nontechnical person to learn how to use GSL Builder.

The Unified Security Management console is helpful because it provides a single pane of glass. 

From a control plane perspective, the solution offers excellent visibility into our framework, enabling the identification of non-compliance.

CloudGuard provides good value for money in terms of automating our security across multiple clouds.

The agentless workload posture analysis, which primarily focuses on our cloud platform, provided valuable insights into our organization's overall security posture.

CloudGuard helped to eliminate some manual processes for a few teams, freeing up some of their time.

Our organization's security operations were able to save time by using CloudGuard's unified platform.

The most valuable feature is the ability to apply common tools across all accounts.

The integration process could be enhanced by enabling integration at the organizational level rather than requiring the manual setup of individual accounts. The current workflow of creating and linking each role is time-consuming and labor-intensive. Streamlining account onboarding by allowing CloudGuard to identify and integrate at the organizational level would significantly simplify the process.

I have been using Check Point CloudGuard Posture Management for one year.

Check Point CloudGuard Posture Management is stable.

CloudGuard Posture Management is scalable, as it is a SaaS product.

Before implementing Check Point CloudGuard Posture Management, we relied on the native CSPM of AWS Config.

For beginners in the field, AWS might be a good starting point due to its simplicity. However, for more experienced users who require more advanced features, CloudGuard offers a more mature and comprehensive solution.

I would give Check Point CloudGuard Posture Management a rating of seven out of ten. Consolidating additional capabilities into CloudGuard, along with Fusion, would create a comprehensive package offering for customers. This, along with maintaining compatibility with the evolving AWS service, would help to avoid complicating any integration issues.

While developing our tools, there is always a need for ongoing review and updates. However, compared to AWS, the maintenance required for CloudGuard is minimal.

Check Point CloudGuard Posture Management is utilized to monitor our various cloud-related portals on AWS, Google Cloud, Azure, and other platforms. This solution offers a unified console to manage all the servers and provide us with comprehensive details.

We can automate certain aspects of our security through Check Point CloudGuard Posture Management. However, complete automation is not possible due to the dependencies of the applications installed in the cloud VMs.

The agentless workload posture enhances the compatibility of our VMs since there's no requirement to install any agents or assign write permissions. This approach also simplifies management, reduces the need for multiple levels of approvals, and eliminates the necessity of installing anything on our servers.

Check Point CloudGuard Posture Management saves us time by enabling communication with all of our devices within a span of two days.

CloudGuard Posture Management's unified platform has saved our organization time when dealing with our cloud environment.

The visibility in our cloud environment is the most valuable feature.

We have concerns regarding the pricing and would appreciate seeing some improvements.

We are currently conducting a POC with Check Point CloudGuard Posture Management and have been testing it for one month.

I would give the stability an eight out of ten.

The technical support is good.

Positive

The price is on the higher end.

I would rate Check Point CloudGuard Posture Management eight out of ten.

As a manufacturing company, we always ensure our production and workloads are not being interrupted by anything. Therefore, we are making sure our automated processes are not hindered by any means. 

As we have many cloud-based applications, CloudGuard gives us prime support in terms of the security of the system. This includes securing cloud workloads, applications, and data by integrating threat prevention, detection, and response capabilities. 

It also ensures compliance and governance across multi-cloud environments.

It provides complete visibility and control over cloud-native applications and infrastructure, allowing our security teams to monitor and manage every part of their cloud environments. 

CloudGuard CNAPP also assures compliance with industry standards and regulatory requirements by automating governance and risk management procedures. This streamlines security management and lowers the operational strain on our IT teams, allowing them to focus on strategic goals. We are able to work freely by putting aside some additional stress.

The most useful element of Check Point CloudGuard CNAPP is its advanced threat prevention capabilities. This functionality is vital because it proactively addresses security issues before they affect cloud applications and notifies a real-time incident, ensuring the integrity and availability of critical services. 

Furthermore, the platform's full visibility and control across many cloud environments allows us to effectively monitor the security posture, uncover vulnerabilities, and consistently enforce security standards.

The management and monitoring of security regulations and incidents might be made easier by improving the user interface, which could be made more intuitive and user-friendly. 

For businesses with varied IT ecosystems, increasing the integration capabilities with additional third-party products and services would also increase flexibility and user-friendliness. 

To further reduce the amount of manual work required by security teams, the future release could benefit from more sophisticated automation capabilities, such as automated incident response and remediation workflows. 

In order to facilitate better decision-making and strategic planning, improved analytics and reporting capabilities would also be beneficial. These would provide deeper insights into security occurrences and patterns.

I've used the solution for two years. 

I'd rate stability nine out of ten.

I'd rate scalability nine out of ten.

Technical support has to be improved.

Neutral

We have not used a different solution previously.

The initial setup is complex.

We implemented it through the vendor. I'd rate the services eight out of ten.

Our inhouse IT department's workload has reduced considerably since using the product. 

Setup cost and licensing are quite expensive. 

We did not evaluate other solutions. 

For two years the product has done its job perfectly.