Check Point CloudGuard CNAPP Reviews

We use CloudGuard CNAPP for accessing the security status of our assets, managing inventory, and overseeing configuration settings.

It assists our visibility team in monitoring configurations, enabling us to proactively address issues before they arise.

I find the product to have strong detection capabilities. It is adept at generating the desired reports, provided you are familiar with its functionality.

It offers a range of features tailored to address the unique security challenges.

Having additional documentation on how to use CloudGuard CNAPP would be advantageous, especially if it were made more user-friendly. The application's structure seems to lead users down one path, then into another, making it difficult to backtrack or navigate seamlessly between different components. Streamlining the user interface would greatly improve the user experience.

We have been using it for three years.

It is proven to be stable.

It provides good scalability.

There is room for improvement in technical support. I would rate it five out of ten.

Neutral

Setting up CloudGuard CNAPP is straightforward, as it is API-driven. Just a few quick steps, like providing credentials and configuring settings, and you're ready to go.

The ROI of CloudGuard CNAPP is intangible since it primarily involves cost avoidance rather than direct cost reduction or profit generation. It doesn't directly contribute to revenue generation.

When we were comparing Prisma or Pallos, we found that CloudGuard CNAPP offered a more comprehensive range of tools and configuration management settings. It appeared to be a more mature product with a broader scope of capabilities.

My advice to anyone thinking about implementing it is to consider investing in professional services to handle the setup, as they possess a deeper understanding of the platform. Overall, I would rate it seven out of ten.

We pull all of our cloud platforms into Microsoft Azure. We needed a tool that would provide us with provides policy compliance to be able to monitor our environment. In the case something is in violation of one of those rules, it will let us know and we can correct it. 

It is also very flexible to configure users, and authentication methods and thus be able to control the activities of each of the system administrators and users, another one of the functionalities it presents is that it allows us to monitor the records of our environment in the Azure Cloud and be able to take the necessary measures if there is a problem.

One of the reasons we were able to implement this solution is that it gives us complete visibility into the workload that we have hosted on our Microsoft Azure platform. This tool came to help improve our security environment in the cloud and provide more detail through reports such as compliance and security, as it shows us complete visibility of the traffic that is flowing to our Azure platform.

Another reason we implemented it and it caught our attention was the access control to our Azure cloud. Every time a policy is created for each purpose, it immediately blocks the access for which it was designed. Dome9 provides excellent visibility.

Check Point CloudGuard Posture Management presents great values, such as the IAM role control, since if it does not meet the established parameters, these controls will not allow the creation of users, and policies that are not allowed.

It presents great visibility of the traffic flow of our cloud, providing information on what data and users are circulating and in the event of a threat, it immediately identifies them by providing detailed and granular information from our entire environment. 

It also has and provides the ability to provide recommendations of the errors that exist and thus be able to correct them as soon as possible

The service is very complete for the functionality that it was created for, however, they can make a couple of improvements such as the validation of policies that must be available before they are implemented in the production environment. It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published. They do not update as they should and the new rules are not applied. They can also try to reduce the false positives generated by the tool.

This solution has been used for approximately five years in the company.

One of the reasons why we chose to do the implementation with Check Point was its stability. Its performance is very good.

My impression was that the scalability was very good. It is a super scalable product.

On some occasions, we have had problems as they do not send the meetings on time or it takes a long time to resolve a case. However, on other occasions, they resolve very quickly.

Positive

Check Point was always our first option as many security teams are from Check Point.

The configuration was very simple. The application is a very user-friendly tool - apart from training and courses for implementation.

A Check Point engineer who had a lot of experience helped us with the implementation.

When making an investment with these tools you are taking care of an important patrimony that will double your profits.

Check Point always manages good prices and costs in the tools they sell.

We do not evaluate other options. We wanted to continue implementing the same brand since the other products have helped us a lot in the security of our company.

Users can fully rely on Check Point products as they are robustly designed for security.

This is one of the solutions that we have sought in order to establish an intelligent analysis. It has helped us collect data on our accounts in the cloud and applications. It offers integrations and provides real-time analysis of security issues. The platform learns automatically and manages to identify abnormal behaviors to help us detect anomalies. Additionally, we can configure automatic notifications that help us act during detected incidents.

It helps to have a centralization of data, alerts, and reports. There is a main data center that has generated reports and alerts that can include information about security trends and unusual user activity. It offers recommendations to improve security. The data collection and action activity logs provide information about usage, performance, and resources including traffic logs, usage logs, storage, and available space. We can also see CPU and memory, among other characteristics.

Currently, as an organization, we rely on technologies to save and store advanced data analysis information. We can take advantage of automated learning to detect and respond to security threats in real time in the cloud. 

This platform has allowed us to collect data from multiple sources, centralizing everything under a single source. The repository includes audit logs, activity logs, and network logs to help us identify unusual patterns and negative trends that may affect the security of users.

Using the information the product provides, we have effectively and accurately detected real-time troubleshooting of suspicious user attempts to log into an account and we can detect suspicious login attempts. We'll get alerts, which have helped us automate security in order to act fast.

We want to optimize the tool in the future. They should allow us to have greater integration with other security solutions and third-party tools so that the organization can take advantage of and improve the protection of all the company infrastructure. 

We would like to optimize and improve its high demand for customization, which allows us to adapt to specific necessary security solutions. We want to be able to customize the solution more in order to meet the needs of our company. Currently, the solution is quite rigid and complies only with standards. 

I've used the solution for one year.

When idle virtual machines hosting Azure Functions require protection and vulnerability scanning, we can leverage the Check Point CloudGuard CNAPP solution to gain a consolidated single pane of glass view and manage these workloads.

By utilizing Check Point CloudGuard for security, our clients can now protect both their cloud assets and on-premise assets. CloudGuard also provides a single pane of glass for multi-cloud management, including protection for their Azure resources.

The new scanning function is a valuable feature that wasn't available until recently. Importantly, it's enabled by default.

Another advantage of CloudGuard CNAPP is that it can be deployed as a SaaS solution on Check Point Standard, eliminating the need for a custom subscription. This flexibility is a significant improvement.

CloudGuard CNAPP could be enhanced by increasing the number of components that run natively on Azure. This would allow Check Point to offer a forward-looking security solution that caters to customers who require a purely Azure-based environment. Currently, the mixed architecture involving on-premises and AWS deployments might not meet all compliance and security needs.

I have been using Check Point CloudGuard CNAPP for one year.

Our clients can measure the return on investment of CloudGuard CNAPP in several ways. Firstly, it offers improved operational metrics compared to traditional methods. This eliminates the need for retraining staff on specific cloud vendors, as CloudGuard CNAPP provides a unified platform. Secondly, the ease of implementation contributes to a faster ROI. By considering factors like implementation speed, ongoing maintenance requirements, and reduced training needs, we can effectively measure the ROI of CloudGuard CNAPP.

We evaluated Azure Functions, but for existing Check Point customers, it might be more advantageous from a security standpoint for their operations team to maintain a single pane of glass for their existing on-premises and other cloud provider investments. This would allow them to adopt a multi-cloud approach.

I would rate Check Point CloudGuard CNAPP ten out of ten. Check Point CloudGuard CNAPP is a great solution.

We use the posture management capabilities of CloudGuard CNAPP and the workload protection capabilities.

As an organization, we have implemented Azure Microsoft and AWS for some applications. Most of the workloads are managed in the cloud. Therefore we needed a tool that could protect us against some type of cyber threat that would generate losses in the apps that are being used. We apply CloudGuard Workload that comes to us to cover all those security breaches that we could see presenting. In the beginning, we used the free trial to do some tests, and it worked for what we needed it for, and then we acquired it with all the functionalities

CloudGuard Workload Protection came to help us a lot in the organization in the application development part since it is one of the areas where there is more workflow and vital generation of the company since applications are generated and modified daily. With this tool, IT came to us to help provide a series of security layers to all these flows by providing us with different types of security options such as alerts and improvements. One of the characteristics that we liked very much is that it can be coupled with different public clouds.

One of the CloudGuard Workload Protection features that we liked a lot is the security it handles in containers. 

Another interesting thing is that it works without an agent involved. 

It also offers great complete visibility of all devices, and assets in the cloud, which allows us to control all those assets, thus generating complete analysis of the infrastructure in real-time. In this way, we've been able to attack the points where there is some vulnerability in our infrastructure and being able to be at the forefront of security.

It cost us a little to find some information about CloudGuard Workload Protection. It cost us to find information about the tool and recommendations.

The configuration administration documentation is not very available on the web, or it is not completely updated. They should also improve the support so that we can create a case and they can respond faster. They take time to respond or coordinate a meeting since they maintain a schedule that does not fit Latin America very well. It is sometimes difficult to coordinate support hours. 

They do not provide a concrete and rapid solution which causes security implementations to be delayed.

The solution was implemented a¿twoo ago.

So far, the stability of the product has remained excellent. We have not presented any failures.

It has great scalability. It's very fast and precise.

The support offered by Check Point in general is very regular.

Positive

No other solution has been implemented.

Like all setup-type software, it is very easy to install.

The implementation was done in conjunction with a support team from the company and the supplier.

The implementation of a security tool is always an excellent investment. One thing outweighs the other.

The installation of the product is very reliable, and fast, and it is a very competitive cost in the market.

Check Point was the first solution we used. It was recommended by third parties.

It is a very complete tool for workflows. It provides excellent security.

Currently, the company I work for has implemented several cloud solutions such as Azure and AWS, in which they are migrating from AWS to Azure to have everything unified in a single environment. 

At the moment, we have different applications in both clouds, which have their own system of security in the environments. Recently, in the country there were several ransomware attacks on government companies they were the target due to this we decided to expand security a little more and it was where we made use of Check Point tools that will help us comply with a more centralized security that is more robust on all our end devices.

We have made the decision to centralize our security infrastructure via that CloudGuard for Cloud Intelligence tool. It has contributed a lot to security since many companies were having security problems. We decided we could be one of the few that was not violated with this tool as it gave us a lot of security and helped us avoid vulnerabilities. We were able to counteract attacks with the recommendations that the tool gave us since each point of vulnerability that we found told us how to increase security. That is how our organization was able to survive even an attack.

The CloudGuard for Cloud Intelligence tool has several significant features that provide security to our company. These are helping us to prevent misfortune. Some of these features are centralized monitoring, alerts that indicate some type of vulnerability, recommendations on how to reduce these vulnerabilities, and configuration and monitoring of policies, all based on real-time monitoring with excellent efficiency. They are very effective.

One of the most effective functionalities is integration with the cloud since a match can also be done between the two. 

Check Point tools need to improve the latency in the portal since they take a long time to load. 

They also need to improve the support a little or hire more staff since the response time is slow or the solutions take a long time to implement.

Check Point should give added value to all those customers who purchase their product by providing training so that they can certify in the tool. That way, the customer stops depending so much on support and can solve incidents themselves.

I've used the solution for approximately Three year.

The stability is very good. Even when updates are made, it has not presented any type of failure.

The tool has excellent scalability.

The support must improve the level of service and must train their staff a bit more.

Positive

Currently, we only had other Check Point tools.

Making the investment is a bit high, however, it is very effective to make the acquisition of the tool.

The implementation was done with the help of the vendor and an engineer.

Here it will be reflected in the long term since it is not something tangible but by making the investment in security we can have a company always working

The cost is a bit high, however, the investment is worth it.

We evaluated Palo Alto and Cisco however, they forced us through Check Point at the company.

The solution is very effective. It fulfills perfectly for what it was made to do.

CloudGuard constantly monitors cloud systems for misconfigurations and vulnerabilities that attackers could exploit. Many processes associated with cloud security management, such as asset detection, risk assessment, and remediation, are automated by CloudGuard. This allows security teams to concentrate on more strategic efforts. CloudGuard is intended to assist organizations in securing their cloud environments by continuously monitoring and analyzing cloud setups for misconfigurations, vulnerabilities, and compliance violations.

Many of the duties associated with maintaining cloud security are automated by CloudGuard, including asset detection, risk assessment, and remediation. 

In addition to improving compliance, this frees up security personnel to concentrate on more strategic initiatives and enables organizations to adhere to industry standards and laws like PCI DSS, HIPAA, and GDPR. 

It offers security advice and insights to assist organizations in acting quickly to address concerns. It also has automated remediation capabilities to address found problems and automatically enact security policies.

The asset detection, risk assessment, and remediation processes are only a few of the duties that CloudGuard automates while managing cloud security. This improves compliance, enables organizations to adhere to industry standards and laws like PCI DSS, HIPAA, and GDPR, and frees up security personnel to concentrate on more strategic objectives. 

It offers security insights and recommendations to assist organizations in acting and remediating issues swiftly. It also has automated remediation capabilities to address found issues and automatically enforce security policies.

Compliance checks on cloud resources against various industry standards and compliance framework templates need to be improved, to ensure that organizations meet regulatory requirements with clear visibility action controls. This can make it difficult to create and manage custom security policies. 

Cloud security posture management is a proprietary solution, which means that there is no open-source community to support it. This can make it difficult to get help with troubleshooting and other issues.

We have been adopting the solution for more than a year.

CloudGuard is known for being highly scalable and reliable. It handles big cloud workloads with ease and may be implemented in complex cloud infrastructures.

In terms of cloud solutions, the scalability was a fairly simple and entirely software-driven approach.

The customer support is good and offers regularly updated new features and security patches. This ensures that CloudGuard is always protected against the most advanced threats.

Positive

We adopted our cloud journey last year, and while developing the cloud, we took all security precautions. CSPM was a priority solution, and we have apt.

We implemented CSPM in 30 days. Since the solution was simple to implement and the transition was painless, we added many of our cloud environments.

We implemented the solution through a partner.

CloudGuard's return on investment (ROI) varies based on the organization and its cloud environment.

CSPM is an invaluable resource for any organization that makes use of cloud computing. It can assist organizations in improving their cloud security posture, reducing the risk of cyberattacks, and adhering to industry norms and regulations.

We evolved various CSPM tools such as PAN, TRELIX, and Fortinet, however, our management opted to install CloudGuard as a strategic step.

CloudGuard provides a comprehensive set of security solutions for cloud environments.

It helped us a lot in improving the regulations and security of our cloud environments.

We still manage an on-premise environment, however, many companies at the beginning believe that the cloud is invulnerable or that the manufacturer must ensure everything, which is not correct. With this implementation, it is possible to improve all current cloud security.

In the company I work for, it was implemented to be able to have governance in addition to good practices in our Microsoft Azure environment. It's a somewhat expensive tool, however, it is worth it to be able to solve all those improvements and avoid so many modern vulnerabilities, which have their point in cloud attacks.

As in our company we have environments that are hybrid in some cases and others totally cloud. We find in Check Point a reliable tool to improve security, implement regulations, and generate governance in cloud environments. In our case, we have a Microsoft Azure public cloud with enough resources which we need to protect. We achieved it together with  Check Point.

It was possible to provide greater security to identities with admin access to the cloud - a critical part of IT management.

The most striking features are:

1- Identity protection generated through Check Point posture management, which is helping to prevent user theft or unauthorized access.

2- The governance that can be provided with this tool is very good since we have been able to implement good practices to avoid vulnerabilities.

3- The administration portal panel is very intuitive. It also generates scores based on regulations and good practices to go little by little with the recommendations, significantly improving security.

Some general improvement characteristics can be made, including the following:

1- Cost improvement. Some tools are quite expensive, and some non-equal manufacturers offer more comfortable capabilities at the cost level.

2- The guidelines to implement or to link with the clouds are not complete. Following them sometimes the task of implementing under the best practices of the manufacturer is not achieved.

3- Many Check Point guides are only available to partners and not to the general public. They can make a better impression by having them public and thereby helping the client.

It's an excellent tool and is available in the Infinity Check Point Portal. Its main function is to centralize governance in the same administration portal and has been tested for more than a year to validate our cloud security.

Previously we used only Microsoft with Defender for Cloud. However, we wanted to have our security centralized. Check Point through the infinity portal achieves that feature.

It's very important to have a reliable and good partner. The proactivity helps us to see the existing needs and check with Check Point what characteristics are required.

We chose Check Point as it provides integrated and centralized security, improving the effectiveness of security reviews.

Even though the cost is somewhat expensive. I recommend this solution for users who use the public cloud.