Check Point CloudGuard CNAPP Reviews

We were in the review analysis, seeking a fast, efficient infrastructure with solid bases of data analysis and investigation. We wanted something that managed to establish and analyze systems in production so that it would not impact their use. We also wanted a visualization of our current state, with a solution that could give an example of the route that must be taken to achieve excellence in security. This tool has allowed us to achieve stronger security, allows for better analysis, and provides structure and guidance for better guides and international policies under a legal framework. 

It has given us a way to clearly and objectively identify items or issues before making any changes to the network. It offers assurance, after investigation, of a clear understanding of what each analysis is trying to define. We can now clearly and specifically achieve what we need to do from a security standpoint to help us make an action plan and achieve goals. Once we have the information, it is important to define and analyze the data collected, organize information in a format that makes sense to us administrators, and look for patterns or trends that may be useful for our investigation.

It has an analytics service that does research for us. This can provide valuable information to ultimately improve our infrastructure. Via research and analysis, we are able to identify problem areas. We can find trends and take action to fix problems while improving performance. 

Its fairly advanced automation allows us to simplify and speed up security management in the cloud. This includes being able to identify, correct, and validate all kinds of vulnerabilities that reduce the manual workload for each of our company's administrators, thus being more efficient. With this new efficiency, we are able to reach effective resolutions at all times. 

The tool has several specific characteristics at the Microsoft 365 or Exchange level. 

The solution could be improved with a greater analysis of its Microsoft Security score. They should be improving the visualization of data and greater coverage in Sharepoint or Teams. Its posture analysis is currently low. There could be improvement or capacity to be more efficient if we managed to achieve greater integration with Microsoft Security score, improvements in data visualization,, and greater coverage of Microsoft 365 resources.

I've used the solution for one year. 

Check Point CloudGuard Intelligence Security is one of the most robust tools on the market. That's why we decided to implement it in our company when all our operations were migrated to the Azure cloud area. 

We needed a tool that would provide security in the network and help analyze any vulnerabilities that we might face in these new environments. We wanted to be able to attack all the weak points that we have in the cloud in order to guarantee effective and stable security. We also have some applications in our systems that deserve excellent security.

Check Point CloudGuard Intelligence came to strengthen our security and has helped the IT department achieve excellent network security. 

In addition to that, it has helped us centralize all the security infrastructure in this tool and helped us a lot to counteract vulnerabilities that were present. With this product, we were able to reduce the rate of attacks that we had. The database that they have is in real-time and updated instantaneously. All these factors helped a lot to reduce vulnerabilities.

Check Point's CloudGuard Intelligence tool presents some features that should be highlighted. For example:

It presents a real-time database that is always updated.

The environment can be centralized within Check Point Infinity, and thus we can have several security tools.

It also presents a forensic analysis that helped us to determine the root of several issues. 

Integration with Sentinel can be made, which allows us to obtain more security data and analyze it.

It presents a portal that is relatively easy to use and configure.

The tool works perfectly and improvements should be made, if any, in various technical and administrative aspects.

It was implemented approximately one year ago.

Check Point CloudGuard Intelligence has good stability. We have not presented performance problems or any other that would lead to a forced restart of the tool.

The tool presents very good and functional scalability. To this day, we have not presented any problems.

The support it provides is not very good. They should improve it since we have had several setbacks due to support issues.

Positive

Previously, there was no tool in the company's infrastructure. We needed the solution when we moved to the cloud and decided to improve security.

The implementation of the tool is very easy. There are several steps in the wizard where it gets complicated around the configuration, however. If you do not have extensive knowledge of the tool, it becomes complicated.

The implementation was done through the vendor, who gave us a support engineer to help us with the implementation and configuration of the tool. We also received some training.

By making an investment in security tools, we are doing ourselves a great favor. With this tool, we are protecting our information while maintaining operations. It is always a great investment to acquire these tools. Also, afterward, there is a noticeable economic return.

Whenever an investment is made in a security tool, it is high due to many factors. that said, investing in security will provide economic returns in the short or long term since it will greatly lighten workloads and provide security.

We evaluated many options on the market, such as Fortinet, Sophos, and Cisco NGFW. However, Check Point had better features.

With the time that I have used this tool, we have noticed that it is a very good solution and that it has excellent features. It provides very secure connections.

We pull all of our cloud platforms into Dome9: AWS and Azure as well as our Kubernetes environment. We use it for a few things: 

1. It provides policy compliance. If we wanted to use SOX compliance or HIPAA, then we can turn on rules for that. Then, if something is in violation of one of those rules, it will let us know and we can correct it.
2. We are able to set users, authentication, and powers, e.g., give users the ability to create networks. 
3. We use it for log monitoring. We are able to pull in logs from cloud environments, review them, and take action.

Dome's security rule sets and compliance frameworks do great at helping us stay in line with various industry standards that we try to keep our company inline with automatically. We have had several examples where we have had users create machines or networks that wouldn't be in compliance with those policies. Dome9 immediately took care of them, preventing them from even being stood up. There is a lot of peace of mind with this stuff.

We are pretty thoroughly regulated for financial compliance. When we are talking to new clients or existing clients, we can point out that our cloud environment is completely in sync with the various industry standards of regulations.

The solution helps us to minimize attack surface and manage dynamic access because it automatically takes action based on the rules that we provide for it. It closes holes before they even open.

Dome9 integrates security best practices and compliance regulations well into the CI/CD, across cloud providers. This helps automate security and improve compliance posture. Rules are automated on their own. You set the policy that you want to hold your cloud environment and company to, while Dome9 is scanning your cloud platforms for those issues which are occurring at all times. If we didn't have that in place, then we would have to manually check every single network or machine that anyone stands up with a cloud. Because Dome9 is so efficient at this, anytime a machine, environment, or network gets stood up, it's able to go in and check the parameters to see if it is inline with our compliance rules.

All the features are very valuable. The policy compliance piece is probably the most valuable. It provides monitoring of your environment and whether you are actively looking at it. So, if I have a user who will try to spin up a network in the cloud that isn't inline with our policies, it will automatically stop that from being able to be created, then delete it. Therefore, it will take action whether or not we are explicitly looking at the platform, keeping it in compliance with the rest of the company at all times.

Dome9 enables customizable governance using simple, readable language. It comes with a robust tool set that they have already created with their own rules that they have already built. However, you do have the capability of going in to write your own stuff. We haven't had to do too much of that because the prebuilt stuff that they have is really good, but it is there if you need it.

Dome9's accuracy when it comes to compliance checking is tremendous. It finds issues in the environment pretty quickly when you run a scan. It will do it on an automated basis as well, so you don't have to manually scan your environment all the time. It will be constantly doing it in the background for you.

Security visibility accuracy is tremendous. A lot of that comes in as flow logs and lets us see who is trying to access what almost on a real-time basis. That is not something you usually get easily from cloud providers.

It works great at identifying, prioritizing, and auto-remediating events. Whatever scenario or set of criteria you feed Dome9, it will quickly and efficiently look for those issues in your environment and correct them.

The biggest thing is the documentation aspect of Dome9 is a little lacking. They were purchased by Check Point about a year and a half to two years ago. When they integrated into Check Point's support system, a lot of the documentation that they had previously got mangled in the transition, e.g., linking to stuff on the Dome9 website that no longer exists. There are still a lot of spaces with incomplete links and stuff that is not as fully explained as it could be. However, the product itself is really easy to use, so there is not too much of an issue with that. Also, it's not too hard to get on with the actual Check Point support to go over this stuff.

I have been using it for about two years.

I haven't had any issues with it going down or any connectivity issues.

This solution doesn't require any post-deployment maintenance. It takes care of itself. The only stuff that you would want to do is look for new rule sets as they get added by Dome9, i.e., if you want to add anything or change it. Otherwise, you can set and forget it pretty well.

It scales well. The only thing to watch out for is the licensing. We just ran into that. Dome9 will take how much you have from a cloud deployment standpoint, and you need to be appropriately licensed for it. You can't have too many cloud assets or you will exceed your license, then it stops reviewing the data that was added later.

Everyone who uses Dome9 is security at the moment. We are probably going to change that, as we are probably going to expand it in the future. We will have a lot of developers in there pretty soon.

I haven't had to use Check Point's technical support in a while. I used them more back during the initial deployment, and earlier on, when the solution was just purchased by Check Point. I think the documentation could definitely use some improvement: their secure knowledge stuff. 

Before Dome9, we just used native.

What we were doing natively wasn't sufficient. Once we saw what we were capable of doing with Dome9, that showed us all the stuff that we weren't doing with the native stuff that we could and should have been doing. Because it was so buried in there, we didn't know about it or how to do it. So, Dome9 helped us learn from a native tool perspective that there are other things that you can be doing with those tools that may not be that apparent.

The initial setup was straightforward. A lot of the work for Dome9 is done upfront. There is an onboarding tool that Dome9 has when you want to add a cloud environment. That holds your hand and walks you through it pretty easily. It will show you everything you need to do both on the Dome9 side and on the cloud side to get the cloud environment integrated and set up. From there, the compliance rule sets that you want to apply to your company are all neatly laid out. With a single click, you can tell it that you want to run the X, Y, Z rule set against your current environment, then it will do that in a matter of minutes.

Initially, our deployment took probably a week just to get ourselves up and running. At that time, we were also trying to get the cloud deployment figured out. Knowing what we know now, we have stood up subsequent environments in minutes.

We did the deployment ourselves. Two people were involved in the deployment process; I worked with a cloud security architect for Dome9's deployment. 

I have 100 percent seen ROI from money and time savings. We don't have to spend all day maintaining cloud environments. They take care of that for us. 

Dome9 helps our developers save time by as much as 50 percent. It prevents us from having to make them go back and redo their work. They do not even have the option to be out of compliance. It stops them from building machines and non-compliant stuff only to have to go back and redo them later, especially if Dome9 will shut that down before it even starts. A lot of people, when they get in the cloud, don't know what they're doing. So, if we're limiting the options they have available, then we see that cutting their time in half.

For security, there is a 90 percent time savings. Just having to manually check this stuff would be a nightmare, so I don't mind doing it on an automated basis.

A unified security solution across all major public clouds affects our cloud security operations by saving us a ton of time and effort. We don't have to redo things manually or check every individual environment all the time for compliance. This frees us up to build out and make a more sophisticated environment, really working on fine tuning things. We have a smaller team, so this has definitely helped us.

The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay.

We didn't evaluate other solutions or vendors. We were impressed with the demo and PoC that we received.

While other vendors do have tools that are pretty good, the thing which we run into is that we have multiple cloud environments. Also, even within the cloud environments themselves, there are a lot of the tools but they are not as streamlined as the one that Dome9 offers. Dome9 pulls everything together into a single pane of glass for you.

I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better. The different cloud platforms all have their own way that they handle a lot of the stuff that Dome9 handles. Even within their platform, they are in a lot of disparate places, e.g., in AWS, there are five different tools. You have to jump between them to get the same information that you can just pull in automatically on Dome9, which is just one platform. We are using multiple platforms, so that makes it even more complicated and time consuming if you had to just rely on them to get all of your information. Whereas, it's all just summarized and put together on the Dome9 end.

I would recommend people buy it. Design your environment with Dome9 in mind. From the ground up, let Dome9 analyze your environment and get you compliant with the rules that you need to be compliant with.

Its remediation works really well. Some of the more advanced remediation stuff can get more complicated because it involves spinning up, like Lambda functions in the cloud. That can be a more complicated procedure than some of the normal compliance remediation, but it's there and it's powerful.

We just use AWS and Azure, but they have Google Cloud Platform as well that you could use.

We are using it pretty extensively for what we are currently doing now, and we will expand that. My team manages all our cloud deployments, so we have everything that we are currently using integrated into Dome9, but we are also in the process of redoing our cloud deployment. So, instead of just building the cloud stuff, then putting Dome9 on top of it, we will be building it knowing that we will have Dome9 from the ground up.

I would rate this solution as a 10 out of 10. I love it.

We want network security through machine learning. The product offers threat detection and intelligence for the endpoints. It also provides real-time information on application security. 

Check Point CloudGuard CNAPP's initial configuration is very easy. It is plug-and-play. It also gives regular updates. 

The tool should incorporate more use cases like improving security scores. It should also improve documentation.  

I have been using the product for a year. 

The product is stable. 

Check Point CloudGuard CNAPP is scalable. My company has more than 1000 users. 

Check Point CloudGuard CNAPP's support is very good. 

Positive

The tool's deployment is very easy and takes two weeks to complete. We need engineers to install the product. You need to ensure the overall device landscape before the product's installation. Its maintenance is easy. 

I can get 50-60 percent ROI with the tool's use. 

The tool's pricing is moderate. Its licensing costs are yearly. 

The solution helps to improve security scores, which is important for auditing and compliance. I rate it a nine out of ten. 

The threat-hunting system provides forensics through machine learning visualization with real-time insights into processes from a multi-cloud environment. 

It has powerful tools that detect any threats in the network infrastructure in advance before it penetrates into our systems. 

It has repulsed many attacks that have been launched by malware attackers that could destroy data. 

The CloudGuard Intelligence provides alerts that prepare the IT team to set up effective measures after detecting threats. 

The product performance has enabled each team to work without fear of any threats.

It provides the most useful tools for protecting our financial account records from hackers. 

The application has boosted security from all the company sources. We have not lost confidential data to external cyber attackers since we deployed this platform. 

Faster responses to malware threats have saved the organization from engaging in insecure transaction losses. 

The product has safeguarded the entire financial system from external interference. 

We used to experience the challenges of data protection before we deployed this application. There are improvements in data management and security with a positive impact on work processes.

The advanced data analytics on the security of the applications has provided effective insights that helped in safeguarding confidential information. 

The intrusion alerts and notifications have saved us a lot of time and resources in enhancing reliable security. 

The comprehensive security from cloud and on-premises has saved data centers from attacks and provides a reliable environment for boosting production. 

Cloud threat intelligence provides useful insights that help in planning effectively during the process of implementing projects and tasks.

The security investigation features that are present have been performing excellently since we deployed this application. There are few licensing and network coverage cases, however, the customer service team is always ready to solve any problem. 

Timely updates and upgrades to meet modern technological changes could help improve performance and limit the chances of downtime. 

The performance has been stable for a long time since we deployed it. The few hitches which we have experienced can be solved without affecting the workflow performance. 

The Check Point team has done a great job, and I recommend their products to other companies.

I've used the solution for ten months.

This solution has been stable with reliable operations.

I am impressed by its reliable performance, and I recommend it to other business enterprises.

Customer service and support always provide effective guidelines when contacted.

Positive

The other security products that I have worked with had responded poorly which is why we moved to Check Point.

The setup procedure was straightforward.

The implementation was done by the vendor.

There is increased ROI from the product's stable performance.

This platform offers modern security for threats that will arise in any organization.

I evaluated several products. I settled on Check Point CloudGuard Intelligence based on their reliable services.

This is a great and powerful platform for securing organizations from cyber attacks.

This is one of the solutions that we have sought in order to establish an intelligent analysis. It has helped us collect data on our accounts in the cloud and applications. It offers integrations and provides real-time analysis of security issues. The platform learns automatically and manages to identify abnormal behaviors to help us detect anomalies. Additionally, we can configure automatic notifications that help us act during detected incidents.

It helps to have a centralization of data, alerts, and reports. There is a main data center that has generated reports and alerts that can include information about security trends and unusual user activity. It offers recommendations to improve security. The data collection and action activity logs provide information about usage, performance, and resources including traffic logs, usage logs, storage, and available space. We can also see CPU and memory, among other characteristics.

Currently, as an organization, we rely on technologies to save and store advanced data analysis information. We can take advantage of automated learning to detect and respond to security threats in real time in the cloud. 

This platform has allowed us to collect data from multiple sources, centralizing everything under a single source. The repository includes audit logs, activity logs, and network logs to help us identify unusual patterns and negative trends that may affect the security of users.

Using the information the product provides, we have effectively and accurately detected real-time troubleshooting of suspicious user attempts to log into an account and we can detect suspicious login attempts. We'll get alerts, which have helped us automate security in order to act fast.

We want to optimize the tool in the future. They should allow us to have greater integration with other security solutions and third-party tools so that the organization can take advantage of and improve the protection of all the company infrastructure. 

We would like to optimize and improve its high demand for customization, which allows us to adapt to specific necessary security solutions. We want to be able to customize the solution more in order to meet the needs of our company. Currently, the solution is quite rigid and complies only with standards. 

I've used the solution for one year.

We pull all of our cloud platforms into Microsoft Azure. We needed a tool that would provide us with provides policy compliance to be able to monitor our environment. In the case something is in violation of one of those rules, it will let us know and we can correct it. 

It is also very flexible to configure users, and authentication methods and thus be able to control the activities of each of the system administrators and users, another one of the functionalities it presents is that it allows us to monitor the records of our environment in the Azure Cloud and be able to take the necessary measures if there is a problem..

One of the reasons we were able to implement this solution is that it gives us complete visibility into the workload that we have hosted on our Microsoft Azure platform. This tool came to help improve our security environment in the cloud and provide more detail through reports such as compliance and security, as it shows us complete visibility of the traffic that is flowing to our Azure platform.

Another reason we implemented it and it caught our attention was the access control to our Azure cloud. Every time a policy is created for each purpose, it immediately blocks the access for which it was designed. Dome9 provides excellent visibility.

Check Point CloudGuard Posture Management presents great values, such as the IAM role control, since if it does not meet the established parameters, these controls will not allow the creation of users, and policies that are not allowed.

It presents great visibility of the traffic flow of our cloud, providing information on what data and users are circulating and in the event of a threat, it immediately identifies them by providing detailed and granular information from our entire environment. 

It also has and provides the ability to provide recommendations of the errors that exist and thus be able to correct them as soon as possible

The service is very complete for the functionality that it was created for, however, they can make a couple of improvements such as the validation of policies that must be available before they are implemented in the production environment. It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published. They do not update as they should and the new rules are not applied. They can also try to reduce the false positives generated by the tool.

This solution has been used for approximately five years in the company.

One of the reasons why we chose to do the implementation with Check Point was its stability. Its performance is very good.

My impression was that the scalability was very good. It is a super scalable product.

On some occasions, we have had problems as they do not send the meetings on time or it takes a long time to resolve a case. However, on other occasions, they resolve very quickly.

Positive

Check Point was always our first option as many security teams are from Check Point.

The configuration was very simple. The application is a very user-friendly tool - apart from training and courses for implementation.

A Check Point engineer who had a lot of experience helped us with the implementation.

When making an investment with these tools you are taking care of an important patrimony that will double your profits.

Check Point always manages good prices and costs in the tools they sell.

We do not evaluate other options. We wanted to continue implementing the same brand since the other products have helped us a lot in the security of our company.

Users can fully rely on Check Point products as they are robustly designed for security.

I work with the solution for patching over all the cloud vulnerabilities. We have a different monitoring team that monitors all the alerts on the solution. They send us a report, and we work on that report to patch all the vulnerabilities of our cloud environment, such as Azure and AWS.

The solution's main benefit is that it automates all the patching and reporting parts and generates an automated report. The solution automatically notifies you whenever any alert comes into your cloud environment via mail or message.

Sometimes, the solution provides us with false alerts of vulnerabilities that are not present in our cloud environment. The solution should include an auto-remediation feature, which most tools currently provide.

I have been using the solution for three years.

Apart from the occasional false positives in the reports, we haven't had any issues with the solution's performance or stability.

Check Point CloudGuard CNAPP is a scalable solution.

The solution is implemented in multiple locations, and each location has around 300 users.

We contacted the technical support team during the deployment phase, and their support was very good and responsive.

Positive

We previously used CrowdStrike. We switched to Check Point CloudGuard CNAPP because CrowdStrike lacked many features. Check Point CloudGuard CNAPP is a more advanced version of CrowdStrike, integrated with AI capabilities. It also provides different automatic reports, such as compliance reports.

Around three to four people were involved in the solution's deployment. Since there are multiple environments in the cloud, it takes an entire day to deploy the tool.

The solution's cloud security posture management scans your cloud environment and cloud-configured policies and gives you a report of all the loopholes in your cloud environment. You can also get compliance reports from the solution, and I am completely satisfied with its effectiveness.

The solution's cloud security posture management identifies risks most critical to the business and segregates them into low, medium, and high categories. The solution's workload protection capabilities provide protection for VMs. The scanning provided by the solution's workload protection capabilities helps us identify problems before they go live.

We can schedule the solution to scan our cloud environment daily for vulnerabilities. The solution takes 20 to 25 minutes to scan the entire cloud environment. Earlier, it used to take an entire day because we had to perform all the manual tasks to find out all the loopholes in our cloud environment.

Before using the solution, we used to spend an entire day finding all the loopholes in our cloud environment. Check Point CloudGuard CNAPP automated most of our tasks by providing automatic reports to our security team. We also use the solution's CDR capabilities.

The visibility we get from the solution's CDR capabilities helps simplify incident investigation time or process. After providing all the loopholes in our cloud environment, the solution provides a step-by-step remediation plan to fix particular vulnerabilities. We extract the report from the tool and work on the patching part.

We perform intrusion detection and threat hunting from the same console. Check Point CloudGuard CNAPP is a SaaS-based solution. All the configurations have gone through the secret key we fetch from the cloud environment and integrate with the solution. From there, it fetches all the configurations for the entire cloud environment.

I would recommend the solution to other users.

Overall, I rate the solution ten out of ten.