Check Point CloudGuard CNAPP Reviews

Primarily, we use this solution to detect security configurations in AWS environments.

The reporting is quite good. It is the most powerful aspect of this solution.

It's user-friendly.

In general, we abandoned this solution this year.

Each component of this solution, in my opinion, could be improved.

Integration with ticketing systems, as well as the most important noise and completeness over findings, are definitely in need of improvement. They didn't take into account some additional context.

The UI is very slow.

There is room for improvement. Consider the entire context of the findings and try to avoid making a comparison between the rule and the entity's state. In general, for the product to be successful, they need to improve security, and configuration detection.

I have been working with Check Point CloudGuard Posture Management for two years.

It generates a large number of false positives.

We haven't attempted to scale the product because there are no additional plug-ins or add-ons.

We have contacted technical support but were not satisfied. Technical support needs improvement.

The initial setup was straightforward.

Licensing fees are paid on a yearly basis.

From a pricing perspective, they are pretty expensive. You can find better offerings on the market.

I would not recommend this solution to other users.

I would rate Check Point CloudGuard Posture Management a seven out of ten.

Public Cloud

I have been using it in my AWS-Azure multi-cloud schema in order to monitor and protect transactions and data from all escalations - not only what we have at the database level. It helps us protect the data of our big data. 

It has been the complete solution to help cover our lack of security at the infrastructure level. Not only does it cover the servers, but at the workstation level, it is monitoring what users are doing. It identifies actions and can make automatic remediation at a user level. 

The solution has helped us to detect possible attacks or access that is not allowed. It also has helped us to identify the configurations that do not meet the company standards and allows us to improve security practices. As a result, we were able to make the necessary adjustments to be more armored and work safely. 

It gives us the peace of mind we need to continue exploring areas of our scheme that will help us with our projects in the short, medium, and long term. It will help us to continue innovating and reinventing ourselves with greater and greater security.

Data security has been very valuable because data is the soul of a company and if the data is not protected, the company has no possibility of existing. 

In all areas of an organization, Check Point CloudGuard is not only in the cloud, as its name implies. It goes beyond. The areas of importance from the most important to the least important are: infrastructure, technological security, data administration, legal department, etc. Check Point solutions can provide a complete 360 security scheme to the entire cloud infrastructure. It transfers its vision to the entire peripheral network.

Today, globally, there are many companies of all sizes that do not understand the value of their data, but even with all the existing clouds, they also do not understand what the shared responsibility model is. They only assume that by having a cloud, the provider must ensure security, when the truth is that providers only protect their sites. Everything we do in the cloud and how we configure it is actually our responsibility, in this sense we can evaluate many solutions that help us protect our clouds, however, and after trying 5 different solutions, the checkpoint solution is by far The most complete

I have been using the solution for 3 months.

If we were using a similar but not as extensive solution. We were using Darktrace.

The solution offers an excellent price, benefit, and installation relationship. Thus far, Check Point has offered us this very successful relationship.

We were evaluating several options before choosing Check Point. What we identified would be important aspects of the new provider were: simplicity in the installation and 360 vision of all our infrastructure. When we were evaluating, we looked at Palo Alto, Check Point, and Cloud Security.

If you are looking for a complete solution for your cloud or clouds, with Check Point you can have everything from one place.

Hybrid Cloud

We have been researching this solution as something to provide for clients who are interested in implementing a high-security AWS environment.

This solution provides some security around holes that are uniquely present on AWS. We try to convey to clients and customers that when you move to AWS, the whole attack surface is different, and therefore you can't take your existing tools to AWS and then secure it in the same way as you can your traditional environment. You need to have tools that understand the nuance of AWS, and that's the reason we use Dome9. It has these unique skills and attributes in the AWS world.

Specifically, we are interested in securing IAM. It controls everything in AWS such as who can create computing instances and who can destroy them. Given that all of the power is with IAM, you have to make sure that you haven't over-privileged, or through the combination of people being users, groups, or roles, that they haven't collected too many privileges that you weren't aware of.

The feature that I found most valuable is the ability to scan IAM, the Identity and Access Management tool, for all of the privileged accounts.

Integration with other security tools would be of benefit.

I would like to see some AI on the back-end, just to assist with doing analysis and making recommendations.

Trial / evaluation.

The stability is rock solid.

I have no concerns with the scalability of this solution.

Technical support for this solution is excellent.

We did not use another solution prior to this one.

This solution is easy to get going, although it requires a lot of training to get the best out of it.

It took us weeks to set it up, which was very quick. In terms of setting it up for a client, the strategy would depend on what holes they have in their security infrastructure, and how we can use this solution to close them.

We implemented the solution in-house and would assume this role for our customers.

This is the sort of tool for which ROI is not really considered. People implementing this solution are concerned with addressing a significant risk, and within the AWS realm, this tool does de-risk substantially.

It is a standard licensing fee, with no additional costs.

We evaluated another solution called Evident.io, but it had a lot of overlap with traditional tools, whereas Dome9 was unique in its approach.

This is a product that I would recommend because it does unique things that I'm not aware any other product can solve those issues. It is incredibly powerful and gives our customers a lot of assurance that we're taking AWS security seriously.

My advice for those implementing this product is to use every piece of it. Explore every option and feature and leverage it to the max.

I would rate this solution a nine out of ten.

It is a good tool for a large enterprise operating across multiple cloud environments, like AWS, Azure, or a hybrid infrastructure. Check Point posture management gives you visibility across your entire cloud infrastructure, so it helps you with management, maintenance, and compliance. With visibility across all these cloud platforms, you can protect against compromised credentials or identity theft. 

The assessment history lets you test each environment for each rule you set. You can see if the security tests have passed or failed, then plan a roadmap ahead on how to strengthen your security to defend against attacks on your cloud environment.

I would be great to have additional features when it comes to vulnerability assessments in terms of how the solution discovers vulnerabilities or compromised workloads and not just on security configurations with customizable reports would be nice. 

I'm a system integrator and a managed service provider. I've been using CloudGuard for a couple of years.

So far it works and we've had no major issues with stability. When it comes to managing clouds or gaining visibility, generating, or scanning different cloud environments, it meets all the requirements, especially if you're going through a specific compliance audit.

When it comes to scaling up, it's very easy to just add licenses. But to prior implementing this solution, you need to have a good accounting of all your assets to onboard on this platform. CloudGuard is good for bigger, more complex cloud infrastructures. But if you have only one cloud infrastructure, I don't think you will see much advantage over other cloud posture management. That's why this is useful mainly for bigger enterprises with multiple cloud instances and different cloud environment providers. 

So far, they've met all the service-level agreements (SLAs) with no delay. When it comes to Check Point, they have local distributors to provide level one or level two support. For level two or level three, it will go directly to the Check Point support. And I think that's how their SLAs work. The first line of their support should be local. If it cannot be handled locally, it goes global Check Point support. 

Positive

Setup is usually simple. It's not hard to implement it and gain visibility across two or more cloud infrastructures. It's quite fast. As long as you have the right number of assets, workloads, and applications for each cloud environment, you can easily deploy CloudGuard.

In terms of pricing, it's in the middle but more on the high side. It's not steep. However, I think the price is right for its functionality and the value you get from it when you're managing multiple clouds. It solves a lot of your compliance problems.

The licensing model is based on the size of your cloud infrastructure. So to estimate what you will pay, you need to count each and every asset. And when I say assets, that means every application, database, server, or virtual network on your cloud infrastructure. 

I'd like to see more flexibility in their licensing model. It's based on assets, but we all know that assets keep on growing. I would recommend a flexible, upgradeable license, so when you add assets, they can easily bill you or upgrade you.

I rate CloudGuard a nine out of 10.

I recommend CloudGuard posture management for anyone who needs to take control of multiple cloud environments. It streamlines visibility, so this is the right tool if you are trying to meet a specific compliance standard or you're managing hundreds or thousands of servers within your cloud environment. It unifies your cloud environment. 

Public Cloud

The most valuable feature of Check Point CloudGuard Posture Management is the training.

The security of Check Point CloudGuard Posture Management could improve. There are always new security issues coming out.

I have been using Check Point CloudGuard Posture Management for a few months.

Check Point CloudGuard Posture Management is a reliable solution.

The scalability of Check Point CloudGuard Posture Management is good.

The support from Check Point CloudGuard Posture Management is very good.

The initial setup of Check Point CloudGuard Posture Management difficulty depends on how you want to set it up. There are always some problems when you have to connect it to your cloud systems. However, this will only add time to the process.

Check Point CloudGuard Posture Management is always known as a good solution but an expensive one. When you're using Cisco, Check Point, or Palo Alto, you know that you will pay more, but you know that it will work.

I rate Check Point CloudGuard Posture Management an eight out of ten.

The most valuable feature is posture management, which gives you complete visibility of all your assets in the cloud and allows you to do governance and compliance.

CloudGuard could be improved by including integration with vendors other than AWS, especially Azure, especially in permissions. In the next release, I would like them to include some kind of online scanning on code in the development phase.

I've been working with this solution for two years.

CloudGuard is easy to implement.

For those looking into implementing CloudGuard, I would suggest contacting SharePoint professional services to get the job done easily. I would give CloudGuard a score of ten out of ten.

We resell the CloudGuard Workload Protection product. If a customer comes to us looking for a CSM tool, for example, we evaluate their needs and suggest a good option, like this solution.

The way they offer container security is a big highlight that I have noticed. The solution is also agentless, so the scanning, runtime, really everything is offered directly by CloudGuard.

The technical support could be better, but I do not know of any other needed improvements.

My company has been involved with this solution for almost one year.

This is a stable product. 

The solution is scalable.

I would rate technical support as an eight out of ten. It has some room for improvement. 

Positive

The initial setup is really easy. On a scale of one to five, I would rate it as a five.

If your company's environment is more developer-focused, meaning it has more containers and is running on Kubernetes, I would certainly recommend choosing Checkpoint.

Public Cloud