Check Point CloudGuard CNAPP Reviews

The threat-hunting system provides forensics through machine learning visualization with real-time insights into processes from a multi-cloud environment. 

It has powerful tools that detect any threats in the network infrastructure in advance before it penetrates into our systems. 

It has repulsed many attacks that have been launched by malware attackers that could destroy data. 

The CloudGuard Intelligence provides alerts that prepare the IT team to set up effective measures after detecting threats. 

The product performance has enabled each team to work without fear of any threats.

It provides the most useful tools for protecting our financial account records from hackers. 

The application has boosted security from all the company sources. We have not lost confidential data to external cyber attackers since we deployed this platform. 

Faster responses to malware threats have saved the organization from engaging in insecure transaction losses. 

The product has safeguarded the entire financial system from external interference. 

We used to experience the challenges of data protection before we deployed this application. There are improvements in data management and security with a positive impact on work processes.

The advanced data analytics on the security of the applications has provided effective insights that helped in safeguarding confidential information. 

The intrusion alerts and notifications have saved us a lot of time and resources in enhancing reliable security. 

The comprehensive security from cloud and on-premises has saved data centers from attacks and provides a reliable environment for boosting production. 

Cloud threat intelligence provides useful insights that help in planning effectively during the process of implementing projects and tasks.

The security investigation features that are present have been performing excellently since we deployed this application. There are few licensing and network coverage cases, however, the customer service team is always ready to solve any problem. 

Timely updates and upgrades to meet modern technological changes could help improve performance and limit the chances of downtime. 

The performance has been stable for a long time since we deployed it. The few hitches which we have experienced can be solved without affecting the workflow performance. 

The Check Point team has done a great job, and I recommend their products to other companies.

I've used the solution for ten months.

This solution has been stable with reliable operations.

I am impressed by its reliable performance, and I recommend it to other business enterprises.

Customer service and support always provide effective guidelines when contacted.

Positive

The other security products that I have worked with had responded poorly which is why we moved to Check Point.

The setup procedure was straightforward.

The implementation was done by the vendor.

There is increased ROI from the product's stable performance.

This platform offers modern security for threats that will arise in any organization.

I evaluated several products. I settled on Check Point CloudGuard Intelligence based on their reliable services.

This is a great and powerful platform for securing organizations from cyber attacks.

This is one of the solutions that we have sought in order to establish an intelligent analysis. It has helped us collect data on our accounts in the cloud and applications. It offers integrations and provides real-time analysis of security issues. The platform learns automatically and manages to identify abnormal behaviors to help us detect anomalies. Additionally, we can configure automatic notifications that help us act during detected incidents.

It helps to have a centralization of data, alerts, and reports. There is a main data center that has generated reports and alerts that can include information about security trends and unusual user activity. It offers recommendations to improve security. The data collection and action activity logs provide information about usage, performance, and resources including traffic logs, usage logs, storage, and available space. We can also see CPU and memory, among other characteristics.

Currently, as an organization, we rely on technologies to save and store advanced data analysis information. We can take advantage of automated learning to detect and respond to security threats in real time in the cloud. 

This platform has allowed us to collect data from multiple sources, centralizing everything under a single source. The repository includes audit logs, activity logs, and network logs to help us identify unusual patterns and negative trends that may affect the security of users.

Using the information the product provides, we have effectively and accurately detected real-time troubleshooting of suspicious user attempts to log into an account and we can detect suspicious login attempts. We'll get alerts, which have helped us automate security in order to act fast.

We want to optimize the tool in the future. They should allow us to have greater integration with other security solutions and third-party tools so that the organization can take advantage of and improve the protection of all the company infrastructure. 

We would like to optimize and improve its high demand for customization, which allows us to adapt to specific necessary security solutions. We want to be able to customize the solution more in order to meet the needs of our company. Currently, the solution is quite rigid and complies only with standards. 

I've used the solution for one year.

We need more infrastructure in the cloud to avoid vulnerabilities.                        

With this shield infrastructure, we seek to protect, improve, and close security problems that generally arise in the implementation of code, apps, and APIs that maintain privileged keys or identities, for which we have achieved increased security with best practices.

This tool really gave us development implementation security. Many times the applications were built with a user or identity with privileges to be able to manage within their infrastructure. However, it is not the best way to deal with this challenge. APIs were also exposed that were connected to the infrastructure that could be violated. Thanks to Check Point, we have been able to improve with best practices and protect the information and code of our infrastructure.

This Check Point security tool has many benefits. Some of the ones that we liked the most include:

1 - How Check Point CloudGuard centralizes the protection of the workload. In the Infinity Portal all the administration can be managed easily. We can monitor and scan the codes and make decisions to improve security.

2 - This tool is very cloud-based. In addition, it can handle hybrid environments, which is a great feature for clients with mixed environments.

3 - The automatic learning and an AI engine help to find more modern vulnerability problems. With this, it provides greater security to the client.

Some improvements that can be made to Check Point CloudGuard are the following:

1. Cost improvement. Currently, this solution is somewhat expensive. We have not really seen a solution with these characteristics and so complete. However, the cost is high.

2. There is very little Check Point documentation as it is a very new tool. Sometimes we followed the documentation, yet it was not possible to implement it in the tool, for which we had to verify with the executive of our partner to request help.

3. Support is very slow.

This tool has been used this year by development partners and managed by support. It is a great tool that is coupled with new technologies that cloud development has produced, and thus we've been able to adjust and provide the required security.

This tool and Spectral are some of the best tools we've tried. Using both is excellent.

Prepare to pay, since the tool is expensive. However, I recommend talking to a Check Point partner so that they can provide you with everything related to the tool along with costs.

This tool is centralized with the Infinity Check Point Portal. This, with the other Check Point tools that we handle, is excellent for administration.

We validated this along with some other tools. We did not have the same confidence that Check Point provided due to its prestige, its characteristics, and its comments.

Evaluate this tool and also check the new Spectral Check Point tool, which can help complement this.

Both are recommended.

Check Point CloudGuard Intelligence surveys the company's multi-cloud servers to ensure they are free from threats. 

The software provides real-time data analytics on the performance and security situation around the applications. Data visualization enables the company IT team to easily monitor the networking system and notice any abnormality. 

The intelligence provision on workflow infrastructure enables my team to prepare for risks and put measures for curbing malware attacks. The system has provided CloudBots that detect any threats and misconfigurations automatically from our cloud servers.

The platform has enabled the company to avoid unnecessary data threats affecting the workflow chain and slowing down performance. 

Intelligence information with real-time data has enabled all the teams to plan effectively and make informed decisions. 

It is highly flexible since it can operate on both mobile and desktop devices. It allows each department to access and control operations and deploy security measures based on the demands. 

Cloud security monitoring has enhanced the safety of workloads and created a clean infrastructure for transferring data to our cloud stores and on-premises.

Typically, the threat-hunting mission scales down the performance of the entire network traffic flow to establish any drawback. Cloud threat intelligence detects any form of violation that goes beyond our policies for immediate rectification. The system has deployed security tools to enhance effective investigations in the entire company networking system. The out-of-the-box integrations enable us to integrate security technologies and create robust security management systems. The set features have a great impact on the overall performance of the company programs, and we are grateful for this great solution. 

The software configurations theory is complicated, and without proper planning and a well-skilled technical team, it cannot perform its tasks properly. Without effective mapping of critical areas, the platform cannot provide very good results. 

The maintenance cost is high after deployment, and it requires close monitoring for effective results. 

This version performs effectively when it is channeled to the right network infrastructure. It has created a centralized operation system that can comprehensively monitor and manage security for all connecting systems.

I've used the solution for one year.

It is stable and has created a better work environment.

Providing security for a multi-cloud networking system has been awesome.

The customer service team has been providing reliable support at all times, and I thank them for such contribution.

Positive

I have no experience from similar solution in my career experience.

The setup was complex, however, the vendor's technical team provided effective guidance.

We deployed it through a vendor team, and they were knowledgeable in all aspects.

The recorded ROI has been growing on a daily basis based on an excellent performance.

The setup cost is high.

I did not check other products.

This tool provides organizations with full security visualization data. It enables each department to discover the best security practices to protect data from ransomware attacks. 

It detects any security misconfigurations with an automated alert response to the IT team to take quick action. 

It has fully deployed reliable data protection tools to our cloud servers that detect any form of data theft in advance. 

The provision of advanced data analytics helps teams in the organization to deploy awareness to all sectors to ensure each team is fully equipped with data protection knowledge.

This solution has saved the company from unnecessary data loss that occurs due to cyber attacks. 

It has enforced the best security guidelines to protect against external threats. The cloud computing system has deployed digital security systems that monitor the entire networking system. 

The user interface gives timely security performance with suitable data indicators. The cloud monitoring tool provides timely feedback to on-premise teams on the state of cloud security to enable them to focus on more important tasks.

The solution offers full visibility of cloud workloads giving team members peace of mind since they can easily identify inefficiency and act quickly to restore normal workflow processes. 

The detection of environmental safety enables teams to collaborate effectively without any fear of external attacks. 

CloudGuard Posture Management deploys routine checkups of the security situation from the networking system to enhance compliance. Reliable security governance has enabled the company to meet the set international policies on security and boost performance.

There is no full support for bot management, and the company can work on that to enhance faster service delivery and enhance reliable security checkups. 

The reporting dashboard responds slowly, which leads to late report compilation. The next release can be equipped with robust dashboards and highly responsive data models. 

The performance was more stable compared to a few challenges we faced, but with new upgrades, it could be even more stable. 

The enhancement of cloud servers' security and management of dataflows has been a great achievement, and I highly recommend this solution.

I've used the solution for one year.

CloudGuard Posture Management is highly stable and powerful in securing company workloads.

The entire deployment process took place smoothly, and we were impressed by the vendor team.

The customer service team has been helpful and very supportive when we enquire about anything.

Positive

I have not used a similar cloud networking security platform before.

The initial setup process was not complicated since the customer service team had deployed professionals to set up and provide guidelines.

We implemented it through the vendor team, and their level of expertise was very impressive.

We have achieved 35% ROI since we deployed it.

The setup cost is high, however, the pricing terms vary based on the size of an organization.

We were in rush, and we did not hae enough time to evaluate other products in the market.

This solution is highly powerful in the management of enterprise security, and I totally recommend it to other companies.

In recent years, in search of a new strategy, we have tried to strengthen our security and infrastructure posture, being one of the fundamental pillars of a large organization. 

As a result of this situation, we have begun to adapt using solutions that support us at the cloud and on-premise. Posture Management is the solution that supports us in this search for a healthy, strong infrastructure and, above all, is aligned with the legal and regulatory frameworks at an international level.

This tool is very integrated for emerging infrastructures such as the cloud. It comes to support us with this new legal framework. Ideas, opinions, and regulations serve as a baseline to protect us from new methods or attacks. Without this legal framework, it would become more difficult, as many organizations are new to the use of the cloud. This solution gives us support from the experts who have been first in this model of infrastructure and services. We can ensure that by following and adapting our needs based on these guidelines we will be a great organization with a strong vision and a great security framework established to protect us. 

We like the ability to investigate, analyze, and generate reports.

Its most notable feature is to extend the analytics it performs to teams in any available cloud. 

We can collect analysis and be able to transform in such a way that the data provided allows us to find great value in institutional security. We can support each other to be better and more efficient daily. 

Currently, I would like this solution extended to cellular devices or tablets. This will be able to allow us to be more efficient.

I've used the solution for one year.

We are at a point where we must have security at the level of the cloud that we were managing, and we reached a point where this need led us to use the alliance we had with Check Point. It was one of their solutions that came to give us analysis value. 

It offers threat security forensics through machine learning visualization and analyzes real-time and cloud anomalies. With it, we provide that security line for our two public clouds in which we have resources and applications.

This solution provides threat prevention and detection of anomalies automatically and investigates the activity of each one of them. It offers actionable intelligence with intuitive visualization and queries of alerts and notifications that are customizable based on the activities found.

All these benefits and features that Check Point CloudGuard Intelligence offers have helped us to achieve a security posture in our cloud environments, being safer and more efficient, enhancing a state-of-the-art level of security at the end of the day or year. 

One of its excellent or outstanding characteristics is having a contextualized visualization of the entire public cloud infrastructure and its security analysis, which helps us see and detect any intrusion in real-time. 

It is also possible to take advantage of its cloud bot technology and advanced encryption, thus the analysis of entry and exit of our cloud environment and identifying any unwanted agent or any incorrect configuration. According to those events, we can respond and take action against those activities.

I would like an interface more adapted to cell phones or tablets. In its web version, it is quite efficient, however, I would like this improvement and the possibility of action to be able to enjoy and manage even the identity and administration under applications optimized in said function - whether they are iOS or Android. 

Another feature that I would like is being able to carry out more frequent assessments on the solution with direct Check Point teams. 

We've used the solution for one year.

We did not previously use a different solution.

We did not evaluate other options. 

The primary use case has been for auditing the cloud infrastructure in terms of security, because our company has been audited a lot of times. For the cloud, this is a tool that we use to audit the cloud environment. For example, all of the S3 buckets are encrypted to know if we don't have servers exposed to the Internet where they shouldn't be. This solution runs some compliance reports. That is why we use it.

We use it the most to check if things are complaint, because the compliancy checking is accurate.

On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures. 

We use the compliance rule set to run some reports on our infrastructure. According to the report, we know if we are secure or compliant with our security recommendations. We wanted a default security compliance toolset. So, we cloned it, then we did some customization of some security measures that we wanted. 

We run the compliance rule set report, then the InfoSec team receives that report. They go through it and see if we are compliant and need to do some security measures on some of it resources. It helps us towards visibility and security.

We use the solution to enable customizable governance using simple, readable language. We are not just stuck with the default rules set. If we think the security measures they recommend are not needed, then we can add some others instead, change them, or customize them.

We have full visibility of our cloud infrastructure in terms of compliance and security. For example, if someone has a machine that doesn't comply with the company policy, then we get an alert.

Security visibility is very good. Usually, when it's the security report, they match the reality and are correct, then they raise some alerts. Almost 100 percent of the time, we will need to do some tweaking to fix issues.

It is a very good tool for both cloud compliance and governance. We use it for both. We can monitor our entire cloud infrastructure. It provides reports on our security, then if we have to fix something in regards to the security, we can do it in a centralized tool. If you go to AWS and check each tool and server if it is compliant, then it's a mess, but this tool works. It is very simple for governance and reducing the risk.

The solution helps us to minimize attack surface and manage dynamic access. With Dome9, we are sure our machines are not exposed to the Internet. We have reports about users who access of our AWS accounts with the EAM function, which reduces our attack surface.

This solution provide a unified security solution across all major public clouds. We have all our infrastructure integrated on Dome9, so it provides us security on our entire cloud infrastructure, both AWS and Azure, which we are currently integrating. 

The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point. I think they have solution to this issue.

We have been using it for approximately a year and a half.

It is very scalable since we only need to buy licenses for more protective items. However, the overall license is very protective.

Dome9 integrates security best practices and compliance regulations into the CI/CD, across cloud providers. We are also currently integrating our ancillary environment on the domain. At the moment, we have more than 500 servers and domes protected by Dome9. Therefore, it's a tool that can accomplish security for almost all call environments.

Dome9 is used by the technical team. It is utilized in production and nonproduction. It is also integrated with Azure along with Office 365.

Dome9 has 100 percent adoption rate, as all our environment will be integrated with it. 

There are two types of users:

• My team who implements the domain.
• The infrastructure team who looks at the report. There are three guys on the infrastructure team.

I would rate the technical support an eight out of 10. We received a lot of support when implementing the solution directly with the product owners of Check Point, which is not their regular support. They were very useful and helpful, which was very good. We haven't had many complaints.

The solution helps save our security team time. Before we had Dome9, our security team had to go through each problem and check it. Nowadays, we just need to analyze one report and use one tool. We don't have to go through all the accounts with all their data. Dome9 is saving them approximately 10 hours a week.

We implemented Dome9 as soon as we started having some production services on our current environment and started our cloud journey three years ago. 

The initial setup process was very quick: Create the user on AWS, then you can log in and have all your information. On the domain side, it was very quick to log in with the account created on the AWS.

The deployment was one or two days. We had three remote session, where two of those sessions were about how it works. 

Our approach was to have our accounts on Dome9. After adding accounts, we ran some reports and compliance rule sets based on the security measure recommendations from Dome9 for our AWS product. We also went through the recommendations and made some changes on some of them. That is how we deployed the solution.

Our implementation strategy was to first only add the key accounts in the first stage, seeing how it worked. Then, after some weeks of working with it, we added the rest of the accounts to production.

We did the initial setup directly with Check Point. They were very good and helpful because we were one of the first customers after they bought the domain company. They were very interested in helping us. We didn't have any complaints.

Dome9 helps developers save time. If you enable the remediate mode, then it will help you save time as it eliminates manual work. The reports also save time because you don't have to go into the tool and search for information. The reports save about five hours a week.

This solution has enabled us to reduce the number of employees involved in managing our cloud environment, especially the personnel who have had to analyze reports and implement security measures to mitigate risks. Before we had the tool, we had more people working on this task. Now, we only need one or two people to look through the report to review the risks.

Right now, we have licenses on 500 machines, and they are not cheap.

They didn't find many other competitors for this type of domain and security tool.

The cloud providers give you the tools for their solutions to be secure, but they aren't easy to implement nor are they clear how to use because each tool that we have has its own security measures. This solution provides clarity for what you need to do to be secure in one centralized tool.

Try it in read-only mode. 

We do not use remediation at the moment. We do the remediation manually, since we are still using Dome9 in read-only mode. I don't know if we will use the remediation in the future because we prefer to do it ourselves. We don't know what will be the impact of doing it automatically from the tool. 

If you use the remediate mode, which we currently don't use, it will leave you with automation to help out with your call environment for compliance. However, if we wanted to use it, we do have the tool.

Biggest lesson learnt: Securing the cloud is more difficult than we originally thought.

I would rate this solution as an eight out of 10.