Check Point CloudGuard CNAPP vs CloudPassage comparison

Check Point Software Technologies and CloudPassage are both solutions in the Cloud Workload Protection Platforms (CWPP) category. Check Point Software Technologies is ranked #6 with an average rating of 8.6, while CloudPassage is ranked #43. Additionally, 94% of Check Point Software Technologies users are willing to recommend the solution, compared to 100% of CloudPassage users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 9, 2024

CloudPassage and Check Point CloudGuard CNAPP are two significant contenders in the cloud security domain. Check Point CloudGuard CNAPP often has the upper hand due to its comprehensive feature offerings, though it comes with higher pricing.

Features: CloudPassage offers robust workload security, deployment flexibility, and cost-effectiveness, appealing to users focused on efficient budget management. Check Point CloudGuard CNAPP provides an extensive security suite, advanced threat detection, and seamless integration with various cloud services, which suites large-scale environments and enhances overall protection.

Room for Improvement: CloudPassage requires improvements in reporting, analytics, and interface design for more detailed insights, whereas Check Point CloudGuard CNAPP deals with configuration complexity, outdated legacy system integration, and setup procedures that may overwhelm users unaccustomed to intricate tech environments.

Ease of Deployment and Customer Service: CloudPassage is known for its simple setup process and responsive customer service, ideal for businesses wanting a quick deployment path. Check Point CloudGuard CNAPP is marked by powerful features yet encounters criticism for deployment complexities, despite having positively rated customer service.

Pricing and ROI: CloudPassage is commended for a competitive pricing strategy, providing a cost-effective solution and desirable return on investment. Check Point CloudGuard CNAPP involves a higher upfront setup cost but offers compelling ROI through its advanced features, where users recognize the value despite initial financial obstacles.

To learn more, read our detailed Check Point CloudGuard CNAPP vs. CloudPassage Report (Updated: November 2024).

Buyer's Guide

Check Point CloudGuard CNAPP vs. CloudPassage

November 2024

Download the complete report

Helped 823,795 peers since 2012

Categories and Ranking

SentinelOne Singularity Clo...

Featured Reviews

Andrew W

VP - Information Technology at a financial services firm with 201-500 employees

Tells us about vulnerabilities as well as their impact and helps to focus on real issues

Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.

Read full review

Yokesh Mani

Deputy Manager at Computer Age Management Services Pvt. Ltd.

Easy to write custom rules and policies in the UI with limited coding knowledge

The user interface could be improved. Sometimes, the visibility is not immediately available for the environment. We have the native servers that come with the solutions, but we cannot see them in the Check Point log. Another issue is with the integrated file monitoring. It would make sense to have stuff like file integrity monitoring and malware scanning available within this module because we don't want to integrate another product. For example, let's say it's showing a process violation. It should be able to do some additional malware scanning in that particular bucket to get some additional information. I don't want to integrate with another third-party tool or go to the native server to check something. It would be helpful to have integrated monitoring and malware scanning for the file types. There are a few flaws with the security management portal where I have limited visibility into the workload protection features. There is no error visibility where I can see the communication and workflow between services. Some of the dashboards need to be fine-tuned if they are not customized. For example, I cannot customize anything on the effective risk management dashboard. Some of the information is not correct for my tenant. With respect to passwords and user management, there are no policies I can measure at the user level. If the user was created more than six months ago, you don't need to worry about that password or do anything like two-factor authentication associated with that user. They can still log in after six months or one year. It's also a challenge to use CloudGuard's agentless workload posture with AWS. An Azure storage is summed up with a CNAPP encryption by default. We tried onboarding this data, but the problem is the attachment is not done. After a few days, we identified that it was impossible to do the encryption detection. But CloudGuard's default rules say that this has to be encrypted. The AWS module says that we cannot access this volume with this encryption, so we cannot use an agentless workload posture with AWS because of this. It is a best practice to ensure that all the volumes are being encrypted. Without the encryption, how can I do this? It is a big challenge for CloudGuard.

Read full review

Alysson Almeida

Information Security Analyst at a transportation company with 1,001-5,000 employees

CloudPassage has a bunch of features. Be sure you understand all of them and how to extract value to your organization.

Policies are very easy to manage on a day-to-day basis. With few clicks in their cloud management portal, you can implement and change security policies in thousand of servers. This feature allowed us to implement changes in our environment much faster Before CloudPassage, the management of…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"PingSafe has a dashboard that can detect the criticality of a particular problem, whether it falls under critical, medium, or low vulnerability."

"PingSafe offers an intuitive user interface that lets us navigate quickly and easily."

"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."

"The ease of use of the platform is very nice."

"Singularity Cloud Workload Security provides us with better security detection and more visibility. It is another resource that we can use to detect vulnerabilities in our company's systems. For example, it can help us detect new file processes that we are not familiar with, which could be used by attackers to exploit our systems. Singularity Cloud Workload Security can also help us diagnose and analyze data to determine whether it is malicious or not. Singularity Cloud Workload Security is like another pair of eyes that can help us protect our systems from cyberattacks."

"The most valuable feature is the ability to gain deep visibility into the workloads inside containers."

"It has a user-friendly dashboard that I can access without any difficulty."

"SentinelOne Singularity Cloud Security has saved up to 50 percent in engineering time."

More SentinelOne Singularity Cloud Security pros

"The platform's full visibility and control across many cloud environments allows us to effectively monitor the security posture, uncover vulnerabilities, and consistently enforce security standards."

"The solution's main benefit is that it automates all the patching and reporting parts and generates an automated report."

"The most valuable feature is the ability to work with the APIs to integrate into our own backend systems."

"The most valuable feature of Check Point CloudGuard Posture Management is the training."

"Auto remediation is a very effective feature that helps ensure less manual intervention."

"It is able to bring visibility into that cloudy space where the security departments do not really see what is happening on the DevOps side. It brings visibility, security control, and standardization."

"The most valuable feature is the ability to apply common tools across all accounts."

"The audit feature is the most valuable for compliance reasons. It gives you a full view of the whole environment, no matter how many accounts you have in AWS or Azure. You have it all under one umbrella."

More Check Point CloudGuard CNAPP pros

"Key features are the Software Vulnerability Assessment and the CSM, which is the configuration check."

"Policies are very easy to manage on a day-to-day basis."

Cons

"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."

"It would be really helpful if the solution improves its agent deployment process."

"With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case."

"There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature."

"One potential drawback is the cost of SentinelOne Singularity Cloud Security, which may be prohibitive for smaller businesses or startups, particularly those in regions with lower average incomes, such as India."

"They can work on policies based on different compliance standards."

"We can customize security policies but lack auditing capabilities."

"The resolution suggestions could be better, and the compliance features could be more customizable for Indian regulations. Overall, the compliance aspects are good. It gives us a comprehensive list, and its feedback is enough to bring us into compliance with regulations, but it doesn't give us the specific objects."

More SentinelOne Singularity Cloud Security cons

"When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug."

"Making basic rules is easy, but it's complex if you want to do something a little more nuanced. I've been unable to make some rules that I wanted. I couldn't evaluate some values or parameters of the components I look for. I haven't always been able to assess them."

"Streamlining the user interface would greatly improve the user experience."

"Scalability, particularly in workload protection, is an area that needs improvement."

"It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues."

"I strongly advise that the multi-layered security system of Check Point often undergoes updates and new versions keep coming."

"The rules are not well-tuned, and many of them generate false positives or nonsensical results."

"I am not a technical person, but generically, the user interface can be a little more intuitive. Our staff has trained network security and cloud security professionals, and they get it, but when you are trying to get to the customers to be able to pick it up and maintain it, it can be a bit difficult."

More Check Point CloudGuard CNAPP cons

"The reports and graphs are unintuitive."

"Anything outside of the software vulnerability management and the CSM, things like the GhostPort, need some improvement. The dashboard is in beta. It looks really good, I wish it would come out of beta."

"In the CSM module the policies are really hard to work with it. It is not very flexible at all. I would suggest that they change that. Right now, the scan is based on the group that the server is in. What happens if the server is in multiple groups?"

"Of all the advertised functions, I only find two things that really work in my environment, even though I wanted to use all of them. They're not flexible enough to be used."

Pricing and Cost Advice

"SentinelOne offers excellent pricing and licensing options."

"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."

"Singularity Cloud Workload Security's licensing and price were cheaper than the other solutions we looked at."

"It's a fair price for what you get. We are happy with the price as it stands."

"I am personally not taking care of the pricing part, but when we moved from CrowdStrike to PingSafe, there were some savings. The price of CrowdStrike was quite high. Compared to that, the price of PingSafe was low. PingSafe is charging based on the subscription model. If I want to add an AWS subscription, I need to pay more. It should not be based on subscription. It should be based on the number of servers that I am scanning."

"The tool is cost-effective."

"It is not that expensive. There are some tools that are double the cost of PingSafe. It is good on the pricing side."

"PingSafe falls within the typical price range for cloud security platforms."

More SentinelOne Singularity Cloud Security pricing and cost advice

"The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."

"CloudGuard is fairly priced."

"We have the enterprise-level license and we renew it annually because it is worth the cost."

"Right now, we have licenses on 500 machines, and they are not cheap."

"The solution’s pricing is a little bit high."

"The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."

"It is difficult to contextualize the pricing because we are used to Indian pricing and licensing."

"The license fee is high."

More Check Point CloudGuard CNAPP pricing and cost advice

"We also evaluated VMware NSX, but the pricing and features available in a CloudPassage implementation were decisive in deciding to go with CP."

"CloudPassage is a little bit on the expensive side. So my suggestion is that the company lower its price point a wee bit or sell modules, separate them in modules, because I only find two things that are useful to me, yet I pay for four or five modules. It didn't seem like it was a fair deal."

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.

See recommendations

823,795 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

19%

Financial Services Firm

15%

Manufacturing Company

10%

Government

Financial Services Firm

15%

Computer Software Company

14%

Manufacturing Company

Security Firm

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...

See all answers

What is your experience regarding pricing and costs for PingSafe?

SentinelOne provided competitive pricing compared to other vendors, and we are satisfied with the deal.

See all answers

What needs improvement with PingSafe?

To enhance the notification system's efficiency, resolved issues should be promptly removed from the portal. Currentl...

See all answers

What do you like most about Check Point CloudGuard Posture Management?

The visibility in our cloud environment is the most valuable feature.

See all answers

What is your experience regarding pricing and costs for Check Point CloudGuard Posture Management?

The price is on the higher end.

See all answers

What needs improvement with Check Point CloudGuard Posture Management?

We have concerns regarding the pricing and would appreciate seeing some improvements.

See all answers

Ask a question

Earn 20 points

Comparisons

Wiz vs SentinelOne Singularity Cloud Security

Compared 31% of the time

Prisma Cloud by Palo Alto Networks vs SentinelOne Singularity Cloud Security

Compared 23% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 8% of the time

Orca Security vs SentinelOne Singularity Cloud Security

Compared 6% of the time

Aqua Cloud Security Platform vs SentinelOne Singularity Cloud Security

Compared 3% of the time

More SentinelOne Singularity Cloud Security Competitors

Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP

Compared 26% of the time

Wiz vs Check Point CloudGuard CNAPP

Compared 18% of the time

Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP

Compared 10% of the time

AWS GuardDuty vs Check Point CloudGuard CNAPP

Compared 9% of the time

Darktrace vs Check Point CloudGuard CNAPP

Compared 2% of the time

More Check Point CloudGuard CNAPP Competitors

No data available

Product Reports

Buyer's Guide

SentinelOne Singularity Cloud Security

October 2024

SentinelOne Singularity Cloud Security report

Download SentinelOne Singularity Cloud Security product report

Buyer's Guide

Check Point CloudGuard CNAPP

December 2024

Download Check Point CloudGuard CNAPP product report

Buyer's Guide

Cloud Workload Protection Platforms (CWPP)

December 2024

Download CloudPassage product report

Also Known As

PingSafe

Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence

CloudPassage Halo

Learn More

SentinelOne

Check Point Software Technologies

CloudPassage

Overview

SentinelOne Singularity Cloud Security protects cloud workloads, offering advanced threat detection and automated response. It integrates seamlessly with cloud environments and secures containerized applications and virtual machines against vulnerabilities.

SentinelOne Singularity Cloud Security is renowned for its efficiency in mitigating threats in real-time. The platform integrates effortlessly with existing cloud environments, ensuring robust cloud security management with minimal manual intervention. Securing containerized applications and virtual machines, it excels in threat intelligence and endpoint protection. However, improvements are needed in performance during high workload periods, and more integrations with third-party tools and better documentation would be beneficial. Users often find the installation process complex, support response times slow, and the dashboard's navigation unintuitive.

What are the key features of SentinelOne Singularity Cloud Security?

Real-time Threat Detection: Identifies and mitigates threats as they occur.
Automated Response: Automatically responds to threats to minimize impact.
Ease of Deployment: Simple setup process with scalable options.
Machine Learning Insights: AI-driven insights enhance threat prevention.
Seamless Integration: Integrates with cloud environments for unified security management.

What are the primary benefits or ROI to expect from SentinelOne Singularity Cloud Security?

Enhanced Threat Mitigation: Improved security against real-time threats.
Reduced Manual Intervention: Automated processes save time and resources.
Scalability: Easily adapts to growing security requirements.
Centralized Management: Manage security across platforms from a single console.
Advanced Threat Intelligence: Provides in-depth analysis and protection.

In specific industries, SentinelOne Singularity Cloud Security is implemented to safeguard critical data and infrastructure. Organizations in finance, healthcare, and technology depend on its real-time threat detection and automated response to protect sensitive information. Its ability to secure containerized applications and virtual machines is particularly valuable in dynamic environments where rapid scaling is necessary.

Check Point CloudGuard CNAPP is a cloud-native application protection platform designed to secure your cloud environments and applications. By combining CSPM, CWPP, CSNS, and WAF capabilities, it provides a comprehensive solution to protect your cloud environment from a wide range of threats.

CloudGuard CNAPP delivers end-to-end cloud security, including workload protection, vulnerability management, and identity management, all while maintaining continuous compliance. It uses advanced AI to detect and prevent threats, offering protection for containers, serverless applications, and APIs. CloudGuard CNAPP also emphasizes simplifying security management, integrating directly with cloud platforms like AWS, Azure, and GCP.

CloudGuard CNAPP provides customers with more context to drive actionable security and smarter prevention, from code-to-cloud, across the application lifecycle. More Context Means Actionable Security, Smarter Prevention. The primary components are:

Unified & Modular Platform - A single platform unifying SAST, CSPM, DSPM, CIEM, CWPP, WAF, and Cloud Detection and Response.
Continuous Cloud Security - Automatic enforcement of security requirements and internal policies from development to runtime.
Real-time Detection & Protection - Real-time incidents and vulnerability detection with a single-click or automated remediation.

What are the key features of CloudGuard CNAPP?

Workload Protection: Secures cloud-based workloads, including VMs, containers, and serverless functions, from vulnerabilities and attacks.
Posture Management: Continuously monitors cloud configurations and assets to ensure compliance with security standards and policies.
Threat Prevention: Uses AI-driven threat detection to block malware, ransomware, and zero-day exploits in real-time.
Compliance Automation: Automates compliance checks and ensures adherence to industry regulations, such as GDPR, HIPAA, and PCI-DSS.
Identity and Access Management (IAM) Protection: Secures identities by managing access policies and detecting misconfigurations in permissions.

What are the key benefits to consider?

Improved Cloud Visibility: Provides clear insights into cloud environments, assets, and workloads, helping teams detect misconfigurations and vulnerabilities early.
Risk Reduction: Threat prevention features help reduce the risk of breaches by identifying and blocking potential attacks before they can exploit system weaknesses.
Operational Efficiency: Automated compliance and posture management reduce the manual work needed to maintain security standards.
Multi-cloud Support: CloudGuard CNAPP integrates across AWS, Azure, and Google Cloud, streamlining security operations for hybrid and multi-cloud deployments.

Check Point CloudGuard CNAPP simplifies cloud security management with integrated protection and automation.

CloudPassage Halo is an agile security and compliance platform that works in any cloud infrastructure: public, private or hybrid. The platform is unique because it provides continuous visibility and enforcement delivered as a service, so it’s on-demand, fast to deploy, fully automated and works at any scale.

The CloudPassage platform delivers a comprehensive set of security and compliance features, so you don’t have pay for and manage point solutions that often don’t integrate well with each other. Hundreds of companies use CloudPassage as a strategy to take full advantage of the business benefits of their cloud investments, with the confidence that critical business assets are protected. Using CloudPassage, security organizations achieve 6 critical control objectives with a platform that is flexible, fast and scalable:

Visibility: Immediate, consistent, continuous knowledge of what assets exist, where they reside, and what they’re doing.

Strong Access Control: Strong, layered controls enabling authorized access & denial of resources to unauthorized entities.

Vulnerability Management: Continuous detection & elimination of issues that create exploitable points of weakness.

Data Protection: Assurance that critical data is encrypted & used appropriately by authorized entities while in motion or at rest.

Compromise Management: Capabilities that enable detection & response to malicious or accidental compromise of resources.

Operational Automation: Day-to-day management of technologies & processes that ensure security & compliance.

Sample Customers

Information Not Available

Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners

Citrix

Buyer's Guide

Check Point CloudGuard CNAPP vs. CloudPassage

November 2024

Free Report: Check Point CloudGuard CNAPP vs. CloudPassage

Find out what your peers are saying about Check Point CloudGuard CNAPP vs. CloudPassage and other solutions. Updated: November 2024.

DOWNLOAD NOW

823,795 professionals have used our research since 2012.

See our Check Point CloudGuard CNAPP vs. CloudPassage report.

See our list of best Cloud Workload Protection Platforms (CWPP) vendors and best Cloud Security Posture Management (CSPM) vendors.

We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.