Check Point CloudGuard WAF Reviews

We use the product to access the internet internally. It helps us to block unnecessary networks. 

The tool helps us to block IPs and applications. 

I have faced issues with the tool's blocking aspects. It is hard to open or block web services due to the multitude of cloud centers. I have to do the process manually at times. We have a bug which is hard to solve. 

I have been using Check Point CloudGuard Application Security for ten years. 

I like the tool's stability. 

Check Point CloudGuard Application Security is scalable. 

Check Point CloudGuard Application Security's support is sometimes good. 

We had used Sophos before Check Point CloudGuard Application Security. We switched to the product since Sophos did not have a firewall then. 

Check Point CloudGuard Application Security's deployment is not complicated. 

The tool's control helped us with the deployment. 

Check Point CloudGuard Application Security's pricing is not friendly. 

False positives happen occasionally, but it's not a big deal for me. I prefer false positives over the risk of something going undetected. The tool's abilities for preemptively blocking zero-day attacks and detecting hidden anomalies are good. It has helped us reduce the TCO for the web application firewall. I rate it a nine out of ten.  

Check Point CloudGuard Application Security is a one-stop unified solution for securing workloads and IT assets most efficiently. The Web Application Firewalls of this solution are designed in a most customizable and advanced manner, which suits different requirements in an effortless way.

Also, all APIs integrated with our IT system are completely prevented and secured by this product. It helps restrict malware attacks on our APIs and enables the blacking of any malware and phishing elements in the system.

One of the highly versatile and deployable products for any kind of IT security. 

CloudGuard Application Security strengthened the IT security of our organization. We faced lesser trouble in managing the endpoints and it went through quite smoothly. Also, the trial version of the solution is extremely beneficial and has enormous utility features to test the features before final deployment. My IT administrator understood the requirement well and also propose API integration with our internal cloud and server system.

The application security is an advanced product with high threat detection rates with full agility and also is a highly scalable solution for any organization. It takes less time to comprehend the features and their utilities are of paramount importance.

It is a highly scalable solution with a quick turnaround time for deployment and running of the software across any IT system.

Easy and effortless API integration of this application security tool with any other IT assets and software on-premise and cloud.

The solution is highly replicable across diverse IT environments. No problem or hassle faced in running the same.

Cost-effective application security product with high utility features available for testing in their trial version. It helps in making mindful buying decisions as per customer requirements.

Cost reduction and trial period extension should be considered with some lucrative discount offerings in buying standard versions. This will attract more and more new vendors and customers to partner and will be a win-win situation for all stakeholders involved.

Also, the IT security environment is dynamic and ever-evolving, with new developmental changes every now and then. We are customizing our needs and requirements for business mindfully, and this requires a lot of effort in immersing new and advanced features to enhance customer satisfaction.

Cloud Guard Application Security should attune their working and new developments in alignment with the business requirements in these changing environments.

I've used the solution for the past year now.

The solution has good stability and replicability.

It's a highly scalable solution.

Technical support is good.

Positive

We were using an in-house solution with few features and more of manual intervention. It was not very satisfactory.

The solution is an effortless go-to software tool for IT security.

We implemented via a vendor ONLY.

We've seen an ROI of over 70%.

We are at the inception phase but can undoubtedly recommend Cloud Guard Application Security solution for prospective organizations as the product is an advanced and customized solution with a high-performance rate in detecting malware and fewer false negatives.

A lot of options were chosen by the IT team before the final buy decision. We looked into McAfee, IBM, and other security solutions, which were examined, tried, and tested thoroughly.

They are offering fantastic IT security solutions and should keep evolving this way to keep up with the pace of IT security advancements in a recent technological era.

We were focused on mitigating malicious activity at the application level. We were searching for technology to help manage frequent traffic issues, which is why we decided to implement a WAF. Our main use case was to also address the security of APIs. Since we were using many APIs in our environment, we wanted a solution that could manage restrictions and throttling for these APIs effectively.

The WAF allowed us to define objectives like throttling to control API usage. Additionally, we utilized the WAF to handle OWASP Top Ten vulnerabilities by creating rules to inspect incoming traffic from the internet to our internal infrastructure. Suspicious activities would be flagged and alerted as necessary. These features were key to our decision to implement the WAF in our last organization.

Check Point CloudGuard WAF provides a range of built-in features. It includes default policies based on the OWASP Top Ten vulnerabilities, which help detect and mitigate common threats. However, for vulnerabilities beyond the OWASP Top Ten, the WAF also offers the flexibility to create custom rules.

You can create and implement custom rules if you need to address other common vulnerabilities in the external environment. There are various options for implementing these custom rules, including using Terraform. For organizations that prefer to use only default policies, those are also effective at handling traffic and identifying application-specific vulnerabilities.

WAF solutions offer a wide range of features, and many cloud vendors integrate WAF capabilities directly into their platforms. For instance, Azure CloudGuard includes built-in WAF features fully integrated with the Azure environment.

Within this platform, you can easily define API restrictions, set web application vulnerability policies, and manage security headers like content security policies and HSTS policies. This integration streamlines the process of configuring and managing these security features, making it more efficient than using separate tools for each task.

When I was working with the WAF platform, there were limitations, particularly concerning compliance and reporting. Managing multiple tools for different functions like WAF, firewall, CDN solutions, and antivirus—could be cumbersome for organizations. They often prefer a more centralized platform to manage various features efficiently.

While having separate tools can enhance visibility and support a defense-in-depth strategy, the WAF platform's reporting capabilities could have been improved. 

Security headers, such as content security policies and HSTS policies, protect applications from web vulnerabilities like cross-site scripting attacks and cookie theft. These parameters can be defined at the CloudFront level or within a WAF.

WAFs operate in two main modes. Initially, they may be set to detection mode, monitoring activity without blocking traffic. This is useful for assessing the impact and tuning the rules. Once your implementation and team are ready, you can switch to the blocking mode, where the WAF actively blocks suspicious traffic. It’s important to carefully configure this mode to avoid blocking legitimate traffic, which can cause disruptions.

Additionally, you might see cost savings if you don’t use an API management platform and instead rely on WAF to manage API-related features. However, the decision depends on your specific architecture and implementation needs.

Overall, I rate the solution an eight out of ten.

Check Point CloudGuard Application Security enabled us to develop strength and process efficiency coupled with a secure environment in the IT system. We've installed software all over 3rd party dashboards and internet systems. This application security platform helped us put a strong security system in place with an advanced bot prevention system, ensuring end-to-end security across a complete chain of processes. Our cost of the security system was greatly reduced, and it helped us to achieve cost efficiency within six months.

Check Point CloudGuard Application Security helps to bring the cost down and increase process and cost efficiency. It provides improved productivity in system outcome and output. It is one of the master security solutions in the market for enhancing system security through an intrusion prevention system that restricts entry of malware and any kind of threat attempts on system confidential data and ensures flawless security inside out. The performance efficiency of users and their department increased multifold due to the introduction of the software.

The Intrusion Prevention System is an awesome feature with high-end security properties to ensure a sustainable security system across IT assets and software.

It offers high performance and improved productivity for users.

Our organization marks lowered expenses and improved revenue as part of the technical outcome.

The chatbot system is highly advanced with automated security enhancements and enables real-time system security. It helps the users continuously learn about any potential threats on the system and warns them with pop-ups and notifications.

There are end-to-end web applications protecting and securing IT assets from the inside out. 

The technical team needs to exercise the pilot testing across all kinds of IT hardware and software to ensure the pilot QA testing shows the highest rate of positives while ensuring system protection. The trial version should be extended further so that QA test engineers can actually test the utilities in a real sense and can provide the maximum amount of feedback for enhancements.  

There needs to be an improvement in features and utilities now and then as per business demand. It needs to be customized to match market trends and demand. 

I've used the solution for one year.

The solution is stable.

The solution is quite scalable.

We were using our own in-house system security solution to prevent any ransomware and malware.

It offers easy onboarding and is not complex at all. The solution has quite structured onboarding for deployment.

We implemented it through a vendor team.

The ROI is great.

The solution is low-cost and offers an easy renewal process as well as smooth onboarding for vendor partners.

We evaluated a lot many options available in the market, including Trend and McAfee, among others.

It is a must-try security solution for all kinds of businesses. There are awesome features at extremely low cost.

We use AppSec. The primary use case was for our client's app. We did a successful project with the biggest university in Mexico. It was a big survey for all the former students. There were thousands of them, and it needed to be completed based on some specifications from the security team.

The service was available for the client on time. They had a go-to-market or a due date to start sending the app to various students to apply. We were there 24/7 hoping and waiting for everything to be fine, and it worked perfectly and smoothly.

The client was very happy with the performance of Check Point on this project. When comparing it with Imperva, we strongly feel that the formula that Check Point delivers on WAF was what the client needed.

Check Point CloudGuard works perfectly for preemptively blocking Zero Day attacks and detecting hidden anomalies. Check Point is all about prevention. We strongly believe that if you want to prevent threats, Check Point is the one. There is no one else.

There are two main features. The first valuable feature is that it is not a complex process to get it up and running. It was not complex at all. We were in a close relationship with the team that developed the app, and it worked in a few hours.

The second valuable feature is the information that comes out of it. With the dashboard or the information that came from it, we made some executive reports for the client. They were very happy with it.

I do not know if it is already there, but I would like to have complete visibility between the posture management and firewall as a service. I would like the complete visibility of every product for the client to see in an executive way. I do not want it in a very complex way with so many warnings and threats. They should focus on the main things in all the products. I would like to see that.

We started using it six months ago.

Its stability is perfect. We have had no issues.

It is made for scalability. We have no issues on the matter. 

Check Point helped us a lot with the project. We interacted with Check Point engineers. They knew it was our first project, and we came across as one strong team in front of the client. I would rate their customer service and support a ten out of ten.

Positive

The client had Imperva, but for this project, they used Check Point. They have some current contracts and some expiration dates. We are hoping to have more deals with them.

They went for this solution for multiple reasons. The first reason was our service as a partner. The client needed somebody to handle the solution. They are not specialists in handling WAF or security. The second reason was that Check Point has authority over security. We were not delivering a solution that was new in the market. We were not an underdog. The third reason was that when we did the workshop, not a POV, the client saw that the solution was intuitive. The dashboards were executive. They liked it a lot. It provided visibility to focus on the efforts. It gave a list of all the threats. It was focused on the main ideas and threats.

Check Point CloudGuard WAF can reduce the total cost of ownership for your web application firewall, but in this case, it was not a big deal. 

Our client could see that they can have a great solution that does not cost much more than Imperva.

It is not cheap, but it is worth it. For this project, our channel manager and our territory manager helped us a lot. We got a lot of flexibility on the license. I do not know how much discount there was, but it was big enough to win the opportunity.

For those evaluating WAF solutions, there are so many options, but I would recommend relying on a company like Check Point that has a great ecosystem. Their solutions are not only made for the cloud. They also have specialization in all types of security. With their AI and ThreatCloud, you have information about what is happening in the security world. The information that they provide is very useful, so rely on a company that is big enough to provide the security that you deserve.

In this project, there were a lot of technical issues that we had to manage through our engineers. It was our first project and the interaction with the development teams was important. It was very important to get the due dates and stay on track. For a successful project, you need to have a close interaction with the client, especially if the client is not a specialist in security. Check Point also helped us a lot with this project.

Overall, I would rate Check Point CloudGuard WAF a ten out of ten.

As one of the solutions that we need for protection at the API level, we have found the level of attack detection needed to comply with the internal regulations of the corporation.

It protects both financials and identity searches. It is a new generation of security that can help us seek, implement, and select different brands products for enhanced protection. This is important due to the acceleration and development of many applications. It helps us reduce the risk of vulnerability in productive applications. 

The use of CloudGuard Application Security protects the page and online web services against SQL injection attacks. This prevents attackers from accessing our databases and stealing financial information from customers. These services help identify and fix vulnerabilities in our application and allow us to identify when there is a vulnerability, such as a code injection, and click on the site to see recommendations in order to fix issues before attackers can exploit weaknesses.

The solution offers sophisticated security techniques with unique characteristics that can be particularly valuable for the financial sector, which is where we develop apps. It helps us to guarantee that financial applications are secure, protected, and resistant to attacks, which is essential to maintain trust and reputational power with any client that is subscribed to our services.

Deeper and more transparent integration between Cloud Application Security and analysis monitoring tools could be very valuable - although the solution currently offers integrations with third-party security tools. Still, a deeper integration could provide better visibility of all the threats. It would be ideal if they could be found in real-time, allowing our financial or security team to offer a more effective response to attacks. 

I've used the solution for two years.

We were looking for a solution that met the following criteria: 

• A web application security solution that uses real-time attack prevention techniques and vulnerability scanning to protect applications and data running in public or private cloud environments. 
• Monitoring and logging of application traffic to detect anomalies and suspicious attacks.
• Integration with automation and orchestration tools for cloud application security management and scalability. 
• Detection and prevention of SQL injection attacks, cross-site scripting (XSS), and other types of injection attacks. 

The product benefits my business by giving enhanced protection for useful cloud applications. 

Using enhanced visibility and analytics, the product provides visibility into security. By using a cloud application security solution, our company can save costs by reducing the need for additional security hardware and software and improving operational efficiency. 

With this product, we are achieving regulatory compliance. CloudGuard Application Security can help businesses meet security regulatory requirements, which makes for an outstanding organization. 

This cloud web application security solution can be quickly and easily deployed in public or private cloud environments, allowing a company to protect web applications and reduce downtime quickly. 

This solution provides us with enhanced visibility, giving us the ability to provide web application security analysis in the cloud.

A feature we'd like to see in the future is something that could protect against other attack vectors, with a focus on application protection. We need to protect against other attack vectors like network or device email attacks in order to provide the greatest protection possible. It is very understandable that there are many characteristics of an attack, including if it is from the inside or outside the organization. However, it would be important to validate threats and have all manner of solutions on hand to help protect the company.  

I've used the solution for one year.

This solution safeguards applications that are hosted in the organization's cloud servers. 

It monitors the performance of applications from the deployment stage to the implementation of assigned tasks. 

Check Point CloudGuard Application Security blocks any cyber attacks channeled to destroy confidential data. 

Configuration of this platform with other tools took place efficiently without any challenge. The set security features alert the IT team when there are external threats that can affect workflows. the organization's networking infrastructure is ever secure since we deployed this product.

The solution has comprehensive security cover for the cloud applications, which has been a great achievement in the organization since we deployed this platform. 

It provides advanced analytics that gives each team time to prepare for any threat that might occur in the future. 

Enhanced data intelligence helps us to plan and turn provides analytics into actionable insights. 

Safeguarding applications has enabled members to focus on more productive activities without fear of being attacked. The set of security tools enables each app to perform its role without external interference.

Sensitive data exposure has enabled us to plan and make reliable decisions based on the work environment. 

The product has confirmed to each department that the injection of new data into the systems is highly secured to enhance transparency. 

Security misconfigurations enable the IT team to rearrange application codes and take full control. 

Insecure deserialization provides a comprehensive report of applications that enables the IT team to identify malicious coding and execute it in advance before it affects workflows.

The coding configurations can be simplified to save time for IT teams and developers. 

Insufficient logging among applications breaches security, and this may lead to undetected malware attacks contributing to data compromise. 

The set security tools target known vulnerabilities, and when there is an outbreak of new viruses, it may not be noticed, easily exposing data to cyber attackers. 

Broken access control enables members to gain unauthorized access to saved files allowing them to edit accounts to enable other users to gain access. The software has great capability of preventing data with the set organization policies.

I've used the solution for nine months.

This platform is stable, and the performance is excellent.

I am impressed by the scalability.

There is great support and cooperation from the customer service team.

Positive

I have not worked with a similar solution.

The initial setup was straightforward.

The vendor team was responsible for the full deployment.

There is increased ROI from improved application security.

The cost and setup are good, depending on the company size.

I have no experience with other security products on the market.

This platform is good for safeguarding cloud applications.