Check Point CloudGuard CNAPP Reviews

We mainly use it as a CSPM solution.

It gives us clarity.

The most valuable feature is the ability to see our customers' environments if they use more than one cloud provider, such as AWS, Google, and Azure.

Also, CloudGuard CDR's intrusion detection and threat hunting capabilities are good enough. They help us detect anomalous behavior and respond to threats before they become an issue.

There are regulatory requirements. I would like to be able to pick the regulation I would like to scheck compliance with and it would tell you where you stand on that regulation and what you are missing to reach compliance. And it shouldn't matter which cloud we're dealing with; we would have these possibilities.

I have been using Check Point CloudGuard CNAPP for about two years.

Scalability really isn't an issue with everything in the cloud. That's the essence of a cloud product: the scalability you get compared to on-prem.

Their technical support is perfect. When we contact them, they answer immediately. Their support knows the platform very well.

We did not use a different solution before.

It's very simple to set up because it's all in the cloud.

We have seen a return on investment. It can reduce the human resources we need. Also, there is ROI from everything connected to the fact that it's in the cloud: I don't need someone for management or to pay for on-prem resources, such as CPU.

If I compare the price of CloudGuard, Palo Alto is more expensive and others are less expensive. CloudGuard CNAPP is in the middle.

We looked at other solutions, but with CloudGuard everything is located in the cloud. It's very convenient for us to manage our assets in the cloud.

If they could reduce the price and provide more capabilities, it would be better.

We use Check Point CloudGuard Posture Management to maintain our organization's security posture.

With a bit of upscaling, it is possible to write custom rules and policies using the GSL Builder. We used the GSL Builder to build the rules for our playground environment and internet-facing environments.

It takes a couple of weeks for a nontechnical person to learn how to use GSL Builder.

The Unified Security Management console is helpful because it provides a single pane of glass. 

From a control plane perspective, the solution offers excellent visibility into our framework, enabling the identification of non-compliance.

CloudGuard provides good value for money in terms of automating our security across multiple clouds.

The agentless workload posture analysis, which primarily focuses on our cloud platform, provided valuable insights into our organization's overall security posture.

CloudGuard helped to eliminate some manual processes for a few teams, freeing up some of their time.

Our organization's security operations were able to save time by using CloudGuard's unified platform.

The most valuable feature is the ability to apply common tools across all accounts.

The integration process could be enhanced by enabling integration at the organizational level rather than requiring the manual setup of individual accounts. The current workflow of creating and linking each role is time-consuming and labor-intensive. Streamlining account onboarding by allowing CloudGuard to identify and integrate at the organizational level would significantly simplify the process.

I have been using Check Point CloudGuard Posture Management for one year.

Check Point CloudGuard Posture Management is stable.

CloudGuard Posture Management is scalable, as it is a SaaS product.

Before implementing Check Point CloudGuard Posture Management, we relied on the native CSPM of AWS Config.

For beginners in the field, AWS might be a good starting point due to its simplicity. However, for more experienced users who require more advanced features, CloudGuard offers a more mature and comprehensive solution.

I would give Check Point CloudGuard Posture Management a rating of seven out of ten. Consolidating additional capabilities into CloudGuard, along with Fusion, would create a comprehensive package offering for customers. This, along with maintaining compatibility with the evolving AWS service, would help to avoid complicating any integration issues.

While developing our tools, there is always a need for ongoing review and updates. However, compared to AWS, the maintenance required for CloudGuard is minimal.

Check Point CloudGuard Posture Management is utilized to monitor our various cloud-related portals on AWS, Google Cloud, Azure, and other platforms. This solution offers a unified console to manage all the servers and provide us with comprehensive details.

We can automate certain aspects of our security through Check Point CloudGuard Posture Management. However, complete automation is not possible due to the dependencies of the applications installed in the cloud VMs.

The agentless workload posture enhances the compatibility of our VMs since there's no requirement to install any agents or assign write permissions. This approach also simplifies management, reduces the need for multiple levels of approvals, and eliminates the necessity of installing anything on our servers.

Check Point CloudGuard Posture Management saves us time by enabling communication with all of our devices within a span of two days.

CloudGuard Posture Management's unified platform has saved our organization time when dealing with our cloud environment.

The visibility in our cloud environment is the most valuable feature.

We have concerns regarding the pricing and would appreciate seeing some improvements.

We are currently conducting a POC with Check Point CloudGuard Posture Management and have been testing it for one month.

I would give the stability an eight out of ten.

The technical support is good.

Positive

The price is on the higher end.

I would rate Check Point CloudGuard Posture Management eight out of ten.

As a manufacturing company, we always ensure our production and workloads are not being interrupted by anything. Therefore, we are making sure our automated processes are not hindered by any means. 

As we have many cloud-based applications, CloudGuard gives us prime support in terms of the security of the system. This includes securing cloud workloads, applications, and data by integrating threat prevention, detection, and response capabilities. 

It also ensures compliance and governance across multi-cloud environments.

It provides complete visibility and control over cloud-native applications and infrastructure, allowing our security teams to monitor and manage every part of their cloud environments. 

CloudGuard CNAPP also assures compliance with industry standards and regulatory requirements by automating governance and risk management procedures. This streamlines security management and lowers the operational strain on our IT teams, allowing them to focus on strategic goals. We are able to work freely by putting aside some additional stress.

The most useful element of Check Point CloudGuard CNAPP is its advanced threat prevention capabilities. This functionality is vital because it proactively addresses security issues before they affect cloud applications and notifies a real-time incident, ensuring the integrity and availability of critical services. 

Furthermore, the platform's full visibility and control across many cloud environments allows us to effectively monitor the security posture, uncover vulnerabilities, and consistently enforce security standards.

The management and monitoring of security regulations and incidents might be made easier by improving the user interface, which could be made more intuitive and user-friendly. 

For businesses with varied IT ecosystems, increasing the integration capabilities with additional third-party products and services would also increase flexibility and user-friendliness. 

To further reduce the amount of manual work required by security teams, the future release could benefit from more sophisticated automation capabilities, such as automated incident response and remediation workflows. 

In order to facilitate better decision-making and strategic planning, improved analytics and reporting capabilities would also be beneficial. These would provide deeper insights into security occurrences and patterns.

I've used the solution for two years. 

I'd rate stability nine out of ten.

I'd rate scalability nine out of ten.

Technical support has to be improved.

Neutral

We have not used a different solution previously.

The initial setup is complex.

We implemented it through the vendor. I'd rate the services eight out of ten.

Our inhouse IT department's workload has reduced considerably since using the product. 

Setup cost and licensing are quite expensive. 

We did not evaluate other solutions. 

For two years the product has done its job perfectly. 

We use CloudGuard CNAPP for accessing the security status of our assets, managing inventory, and overseeing configuration settings.

It assists our visibility team in monitoring configurations, enabling us to proactively address issues before they arise.

I find the product to have strong detection capabilities. It is adept at generating the desired reports, provided you are familiar with its functionality.

It offers a range of features tailored to address the unique security challenges.

Having additional documentation on how to use CloudGuard CNAPP would be advantageous, especially if it were made more user-friendly. The application's structure seems to lead users down one path, then into another, making it difficult to backtrack or navigate seamlessly between different components. Streamlining the user interface would greatly improve the user experience.

We have been using it for three years.

It is proven to be stable.

It provides good scalability.

There is room for improvement in technical support. I would rate it five out of ten.

Neutral

Setting up CloudGuard CNAPP is straightforward, as it is API-driven. Just a few quick steps, like providing credentials and configuring settings, and you're ready to go.

The ROI of CloudGuard CNAPP is intangible since it primarily involves cost avoidance rather than direct cost reduction or profit generation. It doesn't directly contribute to revenue generation.

When we were comparing Prisma or Pallos, we found that CloudGuard CNAPP offered a more comprehensive range of tools and configuration management settings. It appeared to be a more mature product with a broader scope of capabilities.

My advice to anyone thinking about implementing it is to consider investing in professional services to handle the setup, as they possess a deeper understanding of the platform. Overall, I would rate it seven out of ten.

CloudGuard constantly monitors cloud systems for misconfigurations and vulnerabilities that attackers could exploit. Many processes associated with cloud security management, such as asset detection, risk assessment, and remediation, are automated by CloudGuard. This allows security teams to concentrate on more strategic efforts. CloudGuard is intended to assist organizations in securing their cloud environments by continuously monitoring and analyzing cloud setups for misconfigurations, vulnerabilities, and compliance violations.

Many of the duties associated with maintaining cloud security are automated by CloudGuard, including asset detection, risk assessment, and remediation. 

In addition to improving compliance, this frees up security personnel to concentrate on more strategic initiatives and enables organizations to adhere to industry standards and laws like PCI DSS, HIPAA, and GDPR. 

It offers security advice and insights to assist organizations in acting quickly to address concerns. It also has automated remediation capabilities to address found problems and automatically enact security policies.

The asset detection, risk assessment, and remediation processes are only a few of the duties that CloudGuard automates while managing cloud security. This improves compliance, enables organizations to adhere to industry standards and laws like PCI DSS, HIPAA, and GDPR, and frees up security personnel to concentrate on more strategic objectives. 

It offers security insights and recommendations to assist organizations in acting and remediating issues swiftly. It also has automated remediation capabilities to address found issues and automatically enforce security policies.

Compliance checks on cloud resources against various industry standards and compliance framework templates need to be improved, to ensure that organizations meet regulatory requirements with clear visibility action controls. This can make it difficult to create and manage custom security policies. 

Cloud security posture management is a proprietary solution, which means that there is no open-source community to support it. This can make it difficult to get help with troubleshooting and other issues.

We have been adopting the solution for more than a year.

CloudGuard is known for being highly scalable and reliable. It handles big cloud workloads with ease and may be implemented in complex cloud infrastructures.

In terms of cloud solutions, the scalability was a fairly simple and entirely software-driven approach.

The customer support is good and offers regularly updated new features and security patches. This ensures that CloudGuard is always protected against the most advanced threats.

Positive

We adopted our cloud journey last year, and while developing the cloud, we took all security precautions. CSPM was a priority solution, and we have apt.

We implemented CSPM in 30 days. Since the solution was simple to implement and the transition was painless, we added many of our cloud environments.

We implemented the solution through a partner.

CloudGuard's return on investment (ROI) varies based on the organization and its cloud environment.

CSPM is an invaluable resource for any organization that makes use of cloud computing. It can assist organizations in improving their cloud security posture, reducing the risk of cyberattacks, and adhering to industry norms and regulations.

We evolved various CSPM tools such as PAN, TRELIX, and Fortinet, however, our management opted to install CloudGuard as a strategic step.

CloudGuard provides a comprehensive set of security solutions for cloud environments.

We have a hybrid environment so we use Check Point Cloud Guard to protect the cloud workload. On-prem, we are already using the Check Point Firewalls so we can manage both environment firewalls using the same management server, AKA the smart console, which saves time and effort to look for logs during any type of troubleshooting. It helps us avoid creating the same objects for each firewall but also provides a single pane of glass through which we can see all gateways, logs, policies, objects, user management, and traffic tracing. 

It is a next-generation firewall that helps a lot in many ways to protect my workloads from threats, such as: 

- firewall blade providing protection at Layer 3 and 4

- application filtering blade providing protection from unauthorized applications or services

- URL filtering providing protection on malicious URLs based on various categories as updated by Check Point on a daily basis

- threat prevention and sandboxing capability to actually help with unknown or zero-day threats (it tests, removes the malicious content, and then releases or blocks by itself)

Overall, it provides good security.

The threat extraction and emulation module is a savior for us from unknown threats. We know that daily millions of new threats emerge over the internet so we like that it provides protection from them all. It's good to have a sandboxing environment that can first assess the threat before releasing it to the production environment. These threats are called zero-day threats for which there is no signature or update available whether it be on an endpoint, machine, antivirus solution, or other software. Therefore, it becomes very useful to use this feature to stop threats from spreading right at the gateway itself.

Their service needs improvement. Their vendor doesn't provide good support. Also, there is no way to escalate it to Check Point so that Check Point can take action against their partner. I don't have direct support with Check Point. We have collaborative support with one of the Check Point partners who do not provide good support. When we reached out to Check Point to escalate; they denied taking any action against the vendor.

I've used the solution for five years.

We were in the review analysis, seeking a fast, efficient infrastructure with solid bases of data analysis and investigation. We wanted something that managed to establish and analyze systems in production so that it would not impact their use. We also wanted a visualization of our current state, with a solution that could give an example of the route that must be taken to achieve excellence in security. This tool has allowed us to achieve stronger security, allows for better analysis, and provides structure and guidance for better guides and international policies under a legal framework. 

It has given us a way to clearly and objectively identify items or issues before making any changes to the network. It offers assurance, after investigation, of a clear understanding of what each analysis is trying to define. We can now clearly and specifically achieve what we need to do from a security standpoint to help us make an action plan and achieve goals. Once we have the information, it is important to define and analyze the data collected, organize information in a format that makes sense to us administrators, and look for patterns or trends that may be useful for our investigation.

It has an analytics service that does research for us. This can provide valuable information to ultimately improve our infrastructure. Via research and analysis, we are able to identify problem areas. We can find trends and take action to fix problems while improving performance. 

Its fairly advanced automation allows us to simplify and speed up security management in the cloud. This includes being able to identify, correct, and validate all kinds of vulnerabilities that reduce the manual workload for each of our company's administrators, thus being more efficient. With this new efficiency, we are able to reach effective resolutions at all times. 

The tool has several specific characteristics at the Microsoft 365 or Exchange level. 

The solution could be improved with a greater analysis of its Microsoft Security score. They should be improving the visualization of data and greater coverage in Sharepoint or Teams. Its posture analysis is currently low. There could be improvement or capacity to be more efficient if we managed to achieve greater integration with Microsoft Security score, improvements in data visualization,, and greater coverage of Microsoft 365 resources.

I've used the solution for one year.