Check Point CloudGuard CNAPP Reviews

Check Point CloudGuard Posture Management has helped us a lot with generating a more secure public cloud. It tries to verify and apply improvements in order to seek to avoid vulnerabilities in environments such as Azure.

The tool is really robust. It allows us, through evaluations, to verify our compliance, detecting and correcting it in a timely manner.

The integration with the intelligence tool helps us a lot to detect and prevent threats in a timely and effective manner.

At a business level, Check Point CloudGuard Posture Management helps us a lot with the management, security, control, and prevention of cyber threats in multi-cloud environments. In our case, our environments are both in Microsoft Azure and local environments.

Another great help is in identity. It helps us to manage your protection in a timely manner. Compliance evaluations are great for all security.

In addition, the Check Point Infinity Portal is quite good and centralized.

The key features of Check Point CloudGuard Posture are:

• The ability to provide automated compliance checks.
• Helps identify and correct misconfigurations in cloud environments, ensuring that infrastructure and applications are secure and optimized.
• Provides visibility into cloud infrastructure, applications, and security posture.
• Automates security policies and remediation actions to ensure cloud environments remain secure and compliant.               

Some CloudGuard Check Point positions are not required by the company, however, if we do not apply it, it affects our score.

The support SLA is not met. Sometimes they don't seem to like solving cloud issues or modern security applications.

The Check Point solution is somewhat expensive. It must be validated first before purchasing it. 

We used the solution for our public cloud environment with Azure, over the last year.

We review CloudGuard results and generate tickets to contact the owners.

Check Point CloudGuard Posture Management will improve the organization. Currently, it is operating as a stopgap measure to address these issues. This is because there are a lot of them being generated. They are working on automation to automatically create tickets and track when issues are remediated. So, hopefully, when that comes into play, it will be a much more valuable tool.

The ability to drill down to individual hosts on an account and see which ones are affected is valuable. This is because we have a lot of cases where people remediate part of the solution on half of their hosts, but don't realize that they have more hosts that need to be addressed.

The rules are not well-tuned, and many of them generate false positives or nonsensical results. For example, they might flag port 443 as open, even though it is supposed to be open for a public web server. There needs to be a better way to exclude certain hosts that are compliant and are supposed to be open.

I have been using Check Point CloudGuard Posture Management for three months.

The solution has not crashed yet, and there are a lot of findings, so that is a good sign of its stability.

The solution is able to handle a large number of vulnerabilities, so it seems to be able to scale well.

We've only been using the solution for a few months, but we're already starting to see the numbers go down. This is encouraging, but it's important to be aware of any vulnerabilities that may exist so that we can take steps to address them.

I'm glad I don't have to pay the licensing fee. Everything in this field is very expensive. I don't have a say in the matter.

I give Check Point CloudGuard Posture Management a six out of ten. It could be better once fully tuned and properly deployed.

My usage is rather difficult because the client has not spent much time tuning the solution, as they are planning to automate a lot of it. As a result, I am currently the manual.

The solution actually created more work for the staff because it made them aware of all the vulnerabilities. As a result, their priority is now to fix them, which created a lot of work and a lot of tickets.

I wish I had been involved in the deployment because I would have done it differently.

At the RSA conference, we receive a lot of promotional items.

The RSA conference does not impact our organization's cybersecurity purchases.

We required a centralized, modern, and easy-to-use tool. After validating the technology of the available security applications, we found the correct tool in Check Point CloudGuard.

It helped us with the security posture to follow best practices. The recommendations and the automated implementations are through a multi-cloud portal that was easily linked with the cloud that we manage. All those previous virtues plus an effective dashboard full of graphs have helped us with decision making. It's been very helpful for the company's security requirements.

We have been able to comply with the recommendations and improvements in our cloud infrastructure using this product.

Thanks to the best practices recommended in the CloudGuard Posture Management, we were able to provide an incredible layer of security to our Microsoft Azure environment. We required a great layer of security to be able to certify ourselves with security regulations.

Also, all its reports are very useful to be able to carry out good work of improvements and avoid vulnerability within the multi-cloud perimeter.

Another requirement was not to have different security environments. The CloudGuard Posture Management correctly met the business needs.

We really liked its ease of implementation against our Microsoft Azure environment.

In addition, its centralized portal, which showcases multiple security solutions in one place, is very helpful.

Another feature that we really liked is the score function for improvements and good practices. You can take a security posture that complies with regulations or company policies.

Areas that can be improved are few. However, some can be mentioned, such as the costs for this solution going down a bit. Not all clients, despite the great power of the tool, can afford it.

The support must be more effective. Sometimes they take several days to resolve an issue. However, it must be mentioned, they always resolve it correctly.

Finally, I think that the solution meets all expectations but can also improve the performance of the administrator portal a little so that it does not sometimes stop.

This is a very good cloud tool and has been used in the last quarter with surprising results.

We have witnessed very good performance with the solution.

The solution offers excellent performance.

We have not found a more centralized, powerful, or complete solution than Check Point Cloud Guard Posture Management, neither before nor now.

It is essential to validate the costs and have a good representative for Check Point that can provide security in the tools. They need to be able to understand your needs as clients.

We continuously evaluate various options and manufacturers, however, on its own merits, the Check Point solution became our first choice.

It's an excellent tool that is a bit expensive yet worth it.

We primarily use this solution for:

1. Posture management and compliance for the complete cloud environment (AWS).
2. Centralized visibility of our cloud assets across multiple accounts in our cloud environment.
3. Monitoring and alerting of cloud activity (API calls) happening across all the accounts.
4. Reviewing security configuration (network configuration of security groups).
5. Scanning serverless functions for existing vulnerabilities.
6. The baseline for security policy as per workload based on services such as S3, EC2, et cetera.

This solution helped us improve by:

1. Improving the overall security posture of our cloud environment.
2. Maintaining Asset inventory for Cloud.
3. Continuously reporting and alerting for reactive approach.
4. Providing a best practice policy helping in strengthening security of workloads. 
5. The biggest lesson that I have learned from using this product is that organizations are very uninformed about their cloud presence, what assets they have, and what shape it's in which this solution is capable of and provides better visibility.

1. The queries for detecting any type of incident are great.
2. The solution provides a granular level of reports - along with issues based on compliance.
3. Alerts of cloud activity happening across all accounts is helpful.
4. Customization of rulesets as per our cloud security policy is useful and strengthens the security.
5. Reporting against compliance is an important feature that helps you comply with policies and standards within our organization.
6. Assets Management is excellent as it provides complete visibility of our workload in our EC2 instance. 

The following things can be improved:

1. Reporting should have more options.
2. Investigation of security events should be more comprehensive be it for cloud activity or traffic activity.
3. The false positives can be annoying at times.
4. We do not use remediation at the moment. We do the remediation manually, since we are still using Dome9 in read-only mode. I don't know if we will use the remediation in the future as we prefer to do it ourselves.
5. The price of this solution should be reduced so that it is more affordable to scale.

We have been using this solution for last year.

This was the first time we used any CSPM solution.

The price of this solution should be reduced so that it is more affordable to scale - specifically for features like Intelligence Pro.

We evaluated Prisma Cloud, however, we found many of the features that we won't be using we would still be paying for unnecessarily.

We utilize Check Point CloudGuard Posture Management to gain visibility into our cloud environments and their configurations. The cloud services we employ include AWS, Azure, and GCP.

A while back, we deployed Kubernetes, and it was exposed to the internet, resulting in the environment being affected by malware. Check Point CloudGuard Posture Management has helped our organization prevent such attacks from occurring in our environment.

The most valuable feature is the single dashboard that enables us to manage the entire cloud environment from one place.

The dashboard customization has room for improvement.

I have been using Check Point CloudGuard Posture Management for four years.

Check Point CloudGuard Posture Management is highly stable. There was only one instance when the solution experienced downtime.

The technical support is good.

Positive

The initial setup is straightforward.

Check Point CloudGuard Posture Management is expensive.

I give Check Point CloudGuard Posture Management a ten out of ten.

Check Point CloudGuard Posture Management is an important component of a cloud environment that enables us to gain visibility across all areas and configure easily. I highly recommend this solution.

We required a tool for our Microsoft Azure environment to validate and find threats under machine learning, forensic validations, and extremely important reports for the company to determine possible vulnerabilities and change the infrastructure to improve the security posture of our public cloud environment.

We also needed an environment that could show us monitoring and dashboards of value to improve our security easily.

One of the most important details to monitor is the network in our infrastructure, based on those requirements, we look for a tool, in this case, Check Point.

The Check Point CloudGuard Intelligence tool helped us perfectly with the search for a cloud security posture for our environments and security in the Microsoft Azure cloud, a centralized environment, and has great features within the tool, such as forensic analysis. In case of any vulnerability, we had to determine what happened.

As for the reports, we could help determine what happened, valuable details which allowed us to generate greater security according to the values shown.

The most important features that we like in Check Point CloudGuard Intelligence are the centralization of the security environment within the Check Point Infinity Portal, which already has other security tools that we have and that can also be managed from this site.

Forensic analysis is one of the features we liked a lot since it is easy to understand and helps us improve security.

The ability to integrate it with Microsoft Azure Sentinel allows us to validate the logs in an even more complex and meaningful way.

Something that needs to be improved little by little in tools like Check Point CloudGuard Intelligence is the lowering of costs as some customers can't buy such a solution. They could also sell it based on various versions for different customers and various business needs.

It is also important to improve performance issues at the Infinity Portal level, which is sometimes slow, yet not always.

We would like there to be more public documentation to generate implementations with best practices.

We started using the application no more than a year ago. It's excellent for the analysis of the public cloud infrastructure.

This is a really stable solution.

The solution is incredibly scalable and managed by Check Point Infinity Portal infrastructure.

We had never used or known a tool like Check Point CloudGuard.

The best option is to have a partner who helps them with support in addition to helping with cost issues since pricing is not public.

We always value various issues such as centralized environments, costs, and support, among other details to make the best decision. Even so, with this validation, the best option for our company is Check Point.

Our developers work in our Microsoft Azure public cloud environment, where they build applications and app service sites. These developments did not always avoid vulnerabilities, so we required a tool to guarantee that these environments complied with robust security measures to avoid attacks including identity theft, and denial of services, among others. We needed to protect from damage to the operation or hijacking of our data which would prevent the internal operation of the company. Thanks to this tool, we could cover ourselves and our environment safely.

The importance of having a security tool for our developers' workloads; most of the time, our apps services use identities to log in against databases, generating a possible loss of data and credentials. 

Thanks to Check Ppoint CloudGuard Workload Protection, we were able to provide assessments to verify security problems, best practices, and changes that were listed from the solution portal to be able to correct them both automatically and manually, achieving safe environments.

Check Point CloudGuard Workload Protection is a very important tool for the company and developers. The characteristic that caught our attention the most was that it is a native solution and was created for cloud application protection that was automated.

This solution not only provides recommendations or best practices for applications that are already finished or productive. However, we can protect from the beginning of development to testing and production, having recommendations and improvements throughout the process.

The tool is also very intuitive; its dashboards are very complete and provide a lot of valuable information for decision-making to improve security.

Check Point CloudGuard Workload Protection is a very powerful, comprehensive, centralized tool but also a very expensive solution. It is worth it, however, it is not available to everyone.

The Check Point Infinity admin portal sometimes freezes.

There is little documentation for the implementation and start-up of some configurations. They could improve the public documentation to be able to generate the help that the client requires to be able to generate the correct and effective provisioning.

This is an excellent security tool for the workload of the company's internal developers; we have used this technology in the last year with very encouraging results.

I really like the solution.

This product offers excellent availability; its scaling is managed by the manufacturer.

A centralized tool with the potential of Check Point CloudGuard Workload Protection is not found in other manufacturers. We have not had such a solid and secure solution.

The recommendation is always to have a provider or a partner that can generate and answer all questions about the solutions and provide costs and analysis to see if the solutions are what the company needs.

Before implementing this solution, we validated solutions from other manufacturers such as Fortinet and Cisco. However, the benefits provided by Check Point exceeded the validations, and we chose CloudGuard.

It is an excellent security tool for dev departments and the entire company.

The primary use case has been for auditing the cloud infrastructure in terms of security, because our company has been audited a lot of times. For the cloud, this is a tool that we use to audit the cloud environment. For example, all of the S3 buckets are encrypted to know if we don't have servers exposed to the Internet where they shouldn't be. This solution runs some compliance reports. That is why we use it.

We use it the most to check if things are complaint, because the compliancy checking is accurate.

On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures. 

We use the compliance rule set to run some reports on our infrastructure. According to the report, we know if we are secure or compliant with our security recommendations. We wanted a default security compliance toolset. So, we cloned it, then we did some customization of some security measures that we wanted. 

We run the compliance rule set report, then the InfoSec team receives that report. They go through it and see if we are compliant and need to do some security measures on some of it resources. It helps us towards visibility and security.

We use the solution to enable customizable governance using simple, readable language. We are not just stuck with the default rules set. If we think the security measures they recommend are not needed, then we can add some others instead, change them, or customize them.

We have full visibility of our cloud infrastructure in terms of compliance and security. For example, if someone has a machine that doesn't comply with the company policy, then we get an alert.

Security visibility is very good. Usually, when it's the security report, they match the reality and are correct, then they raise some alerts. Almost 100 percent of the time, we will need to do some tweaking to fix issues.

It is a very good tool for both cloud compliance and governance. We use it for both. We can monitor our entire cloud infrastructure. It provides reports on our security, then if we have to fix something in regards to the security, we can do it in a centralized tool. If you go to AWS and check each tool and server if it is compliant, then it's a mess, but this tool works. It is very simple for governance and reducing the risk.

The solution helps us to minimize attack surface and manage dynamic access. With Dome9, we are sure our machines are not exposed to the Internet. We have reports about users who access of our AWS accounts with the EAM function, which reduces our attack surface.

This solution provide a unified security solution across all major public clouds. We have all our infrastructure integrated on Dome9, so it provides us security on our entire cloud infrastructure, both AWS and Azure, which we are currently integrating. 

The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point. I think they have solution to this issue.

We have been using it for approximately a year and a half.

It is very scalable since we only need to buy licenses for more protective items. However, the overall license is very protective.

Dome9 integrates security best practices and compliance regulations into the CI/CD, across cloud providers. We are also currently integrating our ancillary environment on the domain. At the moment, we have more than 500 servers and domes protected by Dome9. Therefore, it's a tool that can accomplish security for almost all call environments.

Dome9 is used by the technical team. It is utilized in production and nonproduction. It is also integrated with Azure along with Office 365.

Dome9 has 100 percent adoption rate, as all our environment will be integrated with it. 

There are two types of users:

• My team who implements the domain.
• The infrastructure team who looks at the report. There are three guys on the infrastructure team.

I would rate the technical support an eight out of 10. We received a lot of support when implementing the solution directly with the product owners of Check Point, which is not their regular support. They were very useful and helpful, which was very good. We haven't had many complaints.

The solution helps save our security team time. Before we had Dome9, our security team had to go through each problem and check it. Nowadays, we just need to analyze one report and use one tool. We don't have to go through all the accounts with all their data. Dome9 is saving them approximately 10 hours a week.

We implemented Dome9 as soon as we started having some production services on our current environment and started our cloud journey three years ago. 

The initial setup process was very quick: Create the user on AWS, then you can log in and have all your information. On the domain side, it was very quick to log in with the account created on the AWS.

The deployment was one or two days. We had three remote session, where two of those sessions were about how it works. 

Our approach was to have our accounts on Dome9. After adding accounts, we ran some reports and compliance rule sets based on the security measure recommendations from Dome9 for our AWS product. We also went through the recommendations and made some changes on some of them. That is how we deployed the solution.

Our implementation strategy was to first only add the key accounts in the first stage, seeing how it worked. Then, after some weeks of working with it, we added the rest of the accounts to production.

We did the initial setup directly with Check Point. They were very good and helpful because we were one of the first customers after they bought the domain company. They were very interested in helping us. We didn't have any complaints.

Dome9 helps developers save time. If you enable the remediate mode, then it will help you save time as it eliminates manual work. The reports also save time because you don't have to go into the tool and search for information. The reports save about five hours a week.

This solution has enabled us to reduce the number of employees involved in managing our cloud environment, especially the personnel who have had to analyze reports and implement security measures to mitigate risks. Before we had the tool, we had more people working on this task. Now, we only need one or two people to look through the report to review the risks.

Right now, we have licenses on 500 machines, and they are not cheap.

They didn't find many other competitors for this type of domain and security tool.

The cloud providers give you the tools for their solutions to be secure, but they aren't easy to implement nor are they clear how to use because each tool that we have has its own security measures. This solution provides clarity for what you need to do to be secure in one centralized tool.

Try it in read-only mode. 

We do not use remediation at the moment. We do the remediation manually, since we are still using Dome9 in read-only mode. I don't know if we will use the remediation in the future because we prefer to do it ourselves. We don't know what will be the impact of doing it automatically from the tool. 

If you use the remediate mode, which we currently don't use, it will leave you with automation to help out with your call environment for compliance. However, if we wanted to use it, we do have the tool.

Biggest lesson learnt: Securing the cloud is more difficult than we originally thought.

I would rate this solution as an eight out of 10.