Check Point CloudGuard WAF vs Cisco SecureX [EOL] comparison

Check Point Software Technologies and Cisco are both solutions in the Application Security Tools category. Additionally, 100% of Check Point Software Technologies users are willing to recommend the solution, compared to 100% of Cisco users who would recommend it.

Check Point CloudGuard WAF

Read 32 Check Point CloudGuard WAF reviews

405 Views
121 Comparison Views

100% willing to recommend

Cisco SecureX [EOL]

Read 13 Cisco SecureX [EOL] reviews

100% willing to recommend

Check Point CloudGuard WAF

Cisco SecureX [EOL]

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Check Point CloudGuard WAF and Cisco SecureX [EOL] based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools.

To learn more, read our detailed Application Security Tools Report (Updated: September 2024).

Buyer's Guide

Application Security Tools

September 2024

Download the complete report

Helped 801,525 peers since 2012

Categories and Ranking

Check Point CloudGuard WAF

Average Rating

8.8

Number of Reviews

Ranking in other categories

Application Security Tools (9th), Web Application Firewall (WAF) (14th)

Cisco SecureX [EOL]

Average Rating

9.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Featured Reviews

SanjayPatel3

Sr network engineer at a outsourcing company with 10,001+ employees

Jul 12, 2024

If a zero-day attack originates in Europe, Check Point CloudGuard can detect it within minutes and distribute a new signature globally

When we activate the WAF, our security signatures and all the latest threat intelligence are immediately updated. Our protection is automatically refreshed every few hours to address emerging threats. For example, if a zero-day attack originates in Europe, Check Point CloudGuard can detect it within minutes and distribute a new signature globally. This ensures that when the attack reaches Australia, it is already blocked by our up-to-date WAF. Although the WAF still produces false positives because of the signatures, we can apply a rule to exclude them easily. Automated threat intelligence is crucial because a ransomware attack can compromise a network in minutes. Imagine an attack occurring at 3 AM when staff is unavailable; the damage may already be done when someone investigates. Ransomware can infiltrate and complete its task within just a few sessions. Once inside, attackers can lay dormant for months, covertly sending data using internal IP addresses. These addresses are often whitelisted, making it difficult to detect whether the outbound traffic is authorized or malicious. Automated threat intelligence can rapidly detect and respond to attacks, unlike manual processes that take 15 to 20 minutes, often too late to prevent significant damage like a completed ransomware attack. Systems like OCSP, utilizing best practices from multiple vendors such as Azure, Microsoft, CheckPoint, Palo Alto, and CloudStrike, provide an open platform for sharing and updating threat signatures. This enables organizations to tailor their security measures based on specific application needs and behaviors, effectively mitigating risks without unnecessary restrictions. Cloud-based WAF solutions, such as Check Point's, offer significant advantages compared to traditional on-premises WAFs like Cisco or Palo Alto. On-premises WAFs require substantial upfront costs for hardware, expensive licenses, and frequent, costly upgrades as technology evolves. Cloud-based alternatives eliminate these expenses by providing the latest features and capabilities without hardware or software management. This flexibility and cost-efficiency make cloud WAFs appealing to many organizations. However, cloud solutions can be more expensive for high-throughput applications like Instagram or Facebook due to data transfer costs. At the same time, on-premises options might be more economical in these cases. Ultimately, the best choice depends on specific network size, criticality, and application requirements.

Read full review

Alon K

CTO & VP of Cyber Solutions, Israel at Rockwell Automation

Aug 5, 2022

Gives our customers visibility and they don't have to go multiple management consoles anymore

One of the examples is related to forensics. The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever. With just one click you have information from email, from the endpoint, from the web. Let's say that tomorrow morning, you have a ransom[ware] attack in your organization and you would like to know from which email it came, or where the customer saved the file, even though the incident didn't occur at the same moment. With SecureX, you have Cisco Threat Response inside. [With] one click, you get all of the flow. That's amazing value. That also releases resources for our customers. The customers don't have to connect many systems and try to register the event on each system, or to go to the SIEM and do a correlation. That's the one-stop shop for the customers, and that's amazing.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"User attitude reviews help us keep all online users compliant with company regulations and policies."

"The solution offers continuous security monitoring and alerting, which can help organizations detect and respond to security incidents in real time."

"The solution's strongest point is that you can connect everything to it, giving you a full view of what's connected."

"The most effective CloudGuard feature for threat prevention is its web app protection."

"With the solution, we managed to obtain complete comprehensive visibility of the entire environment in the cloud, thus having better control of each of the resources."

"The tool helps us to block IPs and applications."

"The tool's most valuable feature is AI, which makes operations easier. Moreover, it is easy to deploy."

"On the endpoint side, the most valuable feature is undoubtedly the cloud-based management capability, along with the ransomware protection, despite not encountering any instances so far."

More Check Point CloudGuard WAF pros

"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."

"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."

"The automation and orchestration tools are the most valuable features."

"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."

"The ability to create firewalls online has been most valuable including the ability to create rules."

"SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together."

"Integrates well with our existing security infrastructure."

"It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place."

More Cisco SecureX [EOL] pros

Cons

"I have faced issues with the tool's blocking aspects. It is hard to open or block web services due to the multitude of cloud centers. I have to do the process manually at times. We have a bug which is hard to solve."

"They need improved latency in the main window."

"I do not know if it is already there, but I would like to have complete visibility between the posture management and firewall as a service."

"I advise proactive threat detection intelligence offline, which can also help monitor and ensure system checks and compliances are in place."

"We would like to have a solution of this type for the administration of applications from mobile devices."

"Cost reduction and trial period extension should be considered with some lucrative discount offerings in buying standard versions."

"The coding configurations can be simplified to save time for IT teams and developers."

"There are occasions when it interfaces with other systems, leading to a loss of visibility."

More Check Point CloudGuard WAF cons

"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."

"If they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality."

"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."

"Enhancing automation capabilities could further improve the product."

"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."

"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."

"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."

"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."

More Cisco SecureX [EOL] cons

Pricing and Cost Advice

"I work for an Indian banking client. In India, companies are on a budget. The company liked Check Point very much, but it was a little bit costly compared to FortiWeb. However, it had more features compared to FortiWeb."

"It is not cheap, but it is worth it."

"Check Point CloudGuard WAF is expensive compared to Azure WAF."

"If the pricing for the Infinity platform covers everything, it would be more straightforward. I had a hard time selling it to our CEO as a former CFO because of the differentials. There are different deltas year to year over a five-year period. It is very difficult to explain. It would be easier to digest for our executives if there was a flatter scale"

"Considering all the benefits we've observed, we find the price to be satisfactory."

"The pricing is not that expensive considering what it offers."

"Check Point CloudGuard Application Security's pricing is comparable to other products in the market."

"It is reasonable as compared to the other solutions."

More Check Point CloudGuard WAF pricing and cost advice

"The pricing is competitive, especially for education institutions. Licensing can be a little bit difficult to navigate, especially with resellers with Cisco, but for us it has been pretty easy."

"It would be nice if they had a different pricing model. Most of our budget for projects goes towards Cisco."

"Cisco SecureX is more expensive than Trend Micro. However, considering the integration capabilities with other solutions and the quality of technical support, I believe there's justification for the price difference."

"It comes free with all Cisco products. So, it is a good price."

"It is free. It can't get any better than that."

"You can spend less money for another solution, but if you really want to have a good solution you have to pay. We are happy that we are getting such a good solution for what we are spending."

"The pricing is the best part of this solution. It is free if you buy Umbrella or Duo Security. It is also a good solution."

"For the value you get, the pricing of the solution is excellent."

More Cisco SecureX [EOL] pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

801,525 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

22%

Security Firm

14%

Manufacturing Company

Computer Software Company

40%

Financial Services Firm

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about CloudGuard for Application Security?

The app control is very sensitive, and the threat detection and prevention is better than other Check Point solutions. There is a centralized management console for threat protection and self-inspe...

See all answers

What is your experience regarding pricing and costs for CloudGuard for Application Security?

Check Point CloudGuard WAF is expensive compared to Azure WAF. I would rate the cost of Check Point CloudGuard WAF as eight out of ten, with ten being the most costly.

See all answers

What needs improvement with CloudGuard for Application Security?

Check Point CloudGuard WAF's code could be improved. While the GUI allows configuration for application-related features, specific definitions cannot be modified through the code. Ideally, we would...

See all answers

Ask a question

Earn 20 points

Comparisons

Imperva Web Application Firewall vs Check Point CloudGuard WAF

Compared 26% of the time

SonarQube vs Check Point CloudGuard WAF

Compared 24% of the time

F5 Advanced WAF vs Check Point CloudGuard WAF

Compared 19% of the time

AWS WAF vs Check Point CloudGuard WAF

Compared 18% of the time

Fortinet FortiWeb vs Check Point CloudGuard WAF

Compared 14% of the time

More Check Point CloudGuard WAF Competitors

Microsoft Defender XDR vs Cisco SecureX [EOL]

Compared 25% of the time

Trend Vision One vs Cisco SecureX [EOL]

Compared 18% of the time

Cortex XDR by Palo Alto Networks vs Cisco SecureX [EOL]

Compared 13% of the time

Wazuh vs Cisco SecureX [EOL]

Compared 12% of the time

Cisco Secure Network Analytics vs Cisco SecureX [EOL]

Compared 10% of the time

More Cisco SecureX [EOL] Competitors

Product Reports

Buyer's Guide

Check Point CloudGuard WAF

September 2024

Download Check Point CloudGuard WAF product report

Buyer's Guide

Cisco SecureX [EOL]

September 2024

Download Cisco SecureX [EOL] product report

Also Known As

Check Point CloudGuard Application Security, CloudGuard Application Security, CloudGuard AppSec

Kenna.AppSec, Kenna.VI

Learn More

Video not available

Check Point Software Technologies

Cisco

Overview

Check Point CloudGuard WAF (Web Application Firewall) is a cloud-native security solution designed to protect web applications and APIs from known and unknown threats. It employs contextual AI and machine learning to prevent zero-day attacks without relying on traditional signature-based detection methods, ensuring that applications remain secure even as new threats emerge.

CloudGuard WAF offers preemptive protection against vulnerabilities by using machine learning to identify and block zero-day threats like Log4Shell and Spring4Shell. It provides precise detection capabilities, minimizing the need for constant fine-tuning and reducing false positives. Designed for cloud-native environments, CloudGuard WAF integrates seamlessly with CI/CD pipelines, supporting automated deployment and configuration through infrastructure as code (IaC) or APIs.

Key Features of CloudGuard WAF:

ML-Based Threat Prevention: Stops application-layer attacks, including those listed in the OWASP Top 10, with minimal tuning and no reliance on signature updates.
API Discovery and Security: Identifies and secures APIs, preventing misuse and enforcing API schemas to protect against unauthorized access.
Bot and DDoS Prevention: Detects and mitigates automated attacks that can disrupt services or degrade customer experiences.
Intrusion Prevention (IPS): Provides protection against over 2,800 web-related CVEs using Check Point’s award-winning IPS technology.

Benefits of CloudGuard WAF:

Zero-Day Protection: Mitigates risks from newly discovered vulnerabilities without waiting for signature updates.
Reduced Operational Overhead: Eliminates the need for constant manual tuning and exception handling, simplifying security management.
Comprehensive API Security: Enhances control over your attack surface by discovering and securing all APIs, including shadow, rogue, and deprecated endpoints.
Fast and Easy Deployment: Deployable within minutes via WAF as a Service (WAFaaS), requiring only a one-time DNS configuration for immediate protection.

CloudGuard WAF is particularly suitable for organizations using modern, cloud-based architectures that require robust, automated security measures for both applications and APIs. Its capabilities are valuable for industries that handle sensitive data, such as finance or healthcare, where compliance and data protection are critical. Pricing and support are typically customized to the specific needs and scale of the deployment, with options for continuous updates and maintenance through Check Point's managed services.

CloudGuard WAF by Check Point provides advanced, AI-driven protection for web applications and APIs, offering automated, precise threat prevention and easy integration with cloud-native environments, ensuring robust security without the need for extensive manual configuration.

Cisco SecureX is an integrated security platform that connects the breadth of Cisco's integrated security portfolio and the customer's infrastructure to create a consistent experience. The solution unifies visibility, enables automation, and strengthens your security across network, endpoints, cloud, and applications. Cisco SecureX is embedded within every Cisco Security product and supports integrations with SIEM and SOAR, so customers will not need to replace any solution or worry about layering on new technology.

Cisco SecureX Features

Cisco SecureX has many valuable key features. Some of the most useful ones include:

Unified overview: Cisco SecureX offers key metrics on transactions and threats for network, endpoints, cloud and applications. In addition, the SecureX interface is integrated into all Cisco Security technologies.

Automation and an increase in operational efficiency: With Cisco SecureX, you gain better automation of workflows for products of the Cisco Security portfolio and third parties, allowing you to focus on other more important tasks. By eliminating manual work (through automatic identification of threats using analytical data of Cisco Talos and other sources), the solution helps your organization save a significant amount of time.

Security strengthening: Cisco SecureX makes it easy to compare analytical data from a set of various sources with the telemetry received from network, endpoints, e-mail, cloud, and third-party products.

Cisco SecureX Benefits

Some of the benefits of using Cisco SecureX include:

Secure every business endeavor with an open, integrated platform that has out-of-the-box interoperability and scales to meet security needs.

Advance your security maturity level using existing resources.

Turn security from a blocker into an enabler. Cisco SecureX allows you to add new security capabilities for the threat landscape.

Maximize your operational efficiency, helping you get the most from your security investments.

Reviews from Real Users

Below are some reviews and helpful feedback written by Cisco SecureX users.

PeerSpot user Wouter H., Technical Team Lead Network & Security at Missing Piece BV, shares several reasons why he thinks the solution is fantastic. In his opinion, “SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together. If an email is received on a machine and malware is being executed, it can be put into lockdown mode. The fact that you can have a single solution that combines endpoint intelligence with email intelligence, firewalls, and publicly available intelligence is really helpful. Also, SecureX provides us with contextual awareness throughout our security ecosystem. Before SecureX, things that were not possible, or that would take days, now literally take seconds to find out.

Michal S., Infrastructure Engineer at a media company, says, “SecureX provides many measurements and has a really good dashboard. Working with it you are able to see things very clearly and you have every detail on a single display. That saves us money and time.” He also adds, “It brings all our data into a central point. It also shows us many data connections between many of our environments. SecureX gives you really good information about potential risks. You are able to find the source of a risk, a potential risk from a user or a machine.”

Blair A., Technology Director at Shawnee Heights USD #450, explains, "One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."

Sample Customers

Orange España, Paschoalotto

NHS, Rackspace, UNC Pembroke, University of North Carolina at Charlotte, Missing Piece

Buyer's Guide

Application Security Tools

September 2024

Download Free Report

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: September 2024.

DOWNLOAD NOW

801,525 professionals have used our research since 2012.

See our list of best Application Security Tools vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.