We use Check Point CloudGuard CNAPP for the application protection of our assets on Azure, AWS, and Google Cloud.
We implemented CloudGuard CNAPP to address data exposure, prevent exfiltration attempts, ensure compliance with frameworks like SOC 2 and PCI DSS, and gain improved oversight of our cloud environment.
We haven't had any cloud security incidents since implementing CloudGuard CNAPP in 2017. It's been a critical tool as we've grown our cloud usage, transitioning applications from data centers to the cloud. CloudGuard's scalability has kept pace with our growth. As the third-largest enterprise user of Azure, our cloud footprint is significant.
The benefits of CloudGuard CNAPP were immediately apparent upon deployment. Back in 2017, we found ourselves needing to catch up on securing our existing AWS assets. We required a solution that offered quick implementation and usability. CloudGuard was the first platform we considered, and we've continued to expand its use alongside Check Point's ongoing development of new capabilities.
We create custom rules to address our organization's unique security policies, in addition to leveraging the built-in rules within CloudGuard CNAPP's CSPM module. This flexibility is crucial for us.
While CloudGuard CNAPP's CSPM capabilities effectively provide compliance rule sets and security best practices, it's important to understand that this is just one aspect of achieving full alignment with security frameworks. To be fully compliant, additional measures outside of CloudGuard need to be addressed and implemented. However, CloudGuard CNAPP remains a valuable piece of the puzzle.
CSPM helps us identify the most critical business risks. It's a time-saver that translates into cost savings. CSPM provides insights from multiple perspectives. We can analyze what a breach would mean for the business, including brand reputation and the significant cost and time required for recovery. Even in terms of day-to-day operations, CSPM saves us employee hours by streamlining security tasks.
The security provided by the CWP for containers is good. We are extremely satisfied.
Our CI/CD environment utilizes some scanning capabilities offered by workload protection, but it's not fully integrated. This creates limitations in proactively identifying issues before deployment. When we do use the workload protection capabilities they are critical for us.
Cloud security posture management is the feature we've been using the longest. What we particularly like about it is the rule-based capability. This allows us to develop our own custom rules using the GSL language provided by the CloudGuard platform.
The platform would be significantly enhanced by incorporating data security management capabilities.
I'd like to see CloudGuard offer more agentless functionality beyond what's currently available.
I have been using Check Point CloudGuard CNAPP for over seven years.
Check Point CloudGuard CNAPP is extremely stable and if there is an issue, Check Point is on top of it.
Check Point CloudGuard CNAPP is scalable. We haven't run into any scale issues and we have scaled significantly over the last six years.
We plan on expanding it into some of the newer capabilities that Check Point is coming out with.
The technical support is good.
The initial deployment was straightforward. As a SaaS platform, it is extremely easy to deploy it into environments.
We can deploy CloudGuard CNAPP and use it out of the box within hours.
Our initial strategy was to implement a basic solution and then expand its capabilities over time. Check Point, frankly, has done an excellent job of keeping its platform up-to-date by continuously adding and improving features. This is why we're still using it even after six years.
I would rate Check Point CloudGuard CNAPP nine out of ten.
Check Point CloudGuard CNAPP is predominantly owned by and controlled by the central security organization within our company.
Details matter. When comparing features to other security solutions on the market, the ability to develop custom rules is important to us, along with security posture capabilities. The ability to scale flawlessly is also important to us. The direct and overwhelming support that we received from the Check Point account team, the support team, and the leadership team has been fantastic.
Integrating with the cloud through APIs offered by a SaaS platform has significantly reduced the burden on our organization by eliminating the need for all the complex backend work we previously had to handle. This experience highlights the importance of embracing new ways of doing things.