Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard CNAPP vs Microsoft Defender for Cloud Apps comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 1, 2024
 

Categories and Ranking

Check Point CloudGuard CNAPP
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
67
Ranking in other categories
Vulnerability Management (8th), Cloud and Data Center Security (9th), Container Security (6th), Cloud Workload Protection Platforms (CWPP) (6th), Cloud Security Posture Management (CSPM) (5th), Cloud-Native Application Protection Platforms (CNAPP) (5th), Data Security Posture Management (DSPM) (4th), Compliance Management (5th)
Microsoft Defender for Clou...
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
33
Ranking in other categories
Cloud Access Security Brokers (CASB) (4th), Advanced Threat Protection (ATP) (13th), Microsoft Security Suite (11th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Check Point CloudGuard CNAPP is designed for Vulnerability Management and holds a mindshare of 1.4%, up 1.2% compared to last year.
Microsoft Defender for Cloud Apps, on the other hand, focuses on Cloud Access Security Brokers (CASB), holds 18.0% mindshare, down 23.8% since last year.
Vulnerability Management
Cloud Access Security Brokers (CASB)
 

Featured Reviews

Yokesh Mani - PeerSpot reviewer
Easy to write custom rules and policies in the UI with limited coding knowledge
The user interface could be improved. Sometimes, the visibility is not immediately available for the environment. We have the native servers that come with the solutions, but we cannot see them in the Check Point log. Another issue is with the integrated file monitoring. It would make sense to have stuff like file integrity monitoring and malware scanning available within this module because we don't want to integrate another product. For example, let's say it's showing a process violation. It should be able to do some additional malware scanning in that particular bucket to get some additional information. I don't want to integrate with another third-party tool or go to the native server to check something. It would be helpful to have integrated monitoring and malware scanning for the file types. There are a few flaws with the security management portal where I have limited visibility into the workload protection features. There is no error visibility where I can see the communication and workflow between services. Some of the dashboards need to be fine-tuned if they are not customized. For example, I cannot customize anything on the effective risk management dashboard. Some of the information is not correct for my tenant. With respect to passwords and user management, there are no policies I can measure at the user level. If the user was created more than six months ago, you don't need to worry about that password or do anything like two-factor authentication associated with that user. They can still log in after six months or one year. It's also a challenge to use CloudGuard's agentless workload posture with AWS. An Azure storage is summed up with a CNAPP encryption by default. We tried onboarding this data, but the problem is the attachment is not done. After a few days, we identified that it was impossible to do the encryption detection. But CloudGuard's default rules say that this has to be encrypted. The AWS module says that we cannot access this volume with this encryption, so we cannot use an agentless workload posture with AWS because of this. It is a best practice to ensure that all the volumes are being encrypted. Without the encryption, how can I do this? It is a big challenge for CloudGuard.
Anthony Alvarico - PeerSpot reviewer
Provides discovery, data exfiltration, and sensitive data exposure at low cost
The deployment process is quick, taking two to three days. The implementation and customization require more time. We need to adjust the setup to fit the client's needs, which involves fine-tuning notifications and alerts to avoid overwhelming them. First, you need the appropriate licensing. Once you have that, go to security.microsoft.com and integrate with Defender for Endpoints to receive information. While you can ingest logs from different firewalls, such as Palo Alto or Cisco, we usually implement them with Defender for Endpoints. Once a laptop or desktop is set up in Defender for Endpoints, integrating Cloud Apps with the endpoints allows us to collect the data easily. I rate the initial setup a nine out of ten, where one is difficult and ten is easy.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The ability to drill down to individual hosts on an account and see which ones are affected is valuable."
"The solution has intelligence that integrates with a range of threat intelligence feeds, including Check Point's ThreatCloud, to provide real-time intelligence on emerging threats."
"Most of the features are pretty valuable, whether that's a description of the attacks or the attack graph showing the vulnerabilities. If a single tool does all this work, the value is centralizing all these functions on a single tool. These are the cloud-native applications we talk about — containers, Kubernetes, and cloud infrastructure — and all those things are the primary focus of the CNAPP solution."
"It has great scalability."
"The system has deployed security tools to enhance effective investigations in the entire company networking system."
"The CloudGuard for Cloud Intelligence tool has several significant features that provide security to our company."
"The tool is also very intuitive; its dashboards are very complete and provide a lot of valuable information for decision-making to improve security."
"It provides critical insights that enable the IT team to plan and launch smart investigations when there are security breaches."
"Defender for Cloud Apps has given us good visibility regarding what we've allowed into our environment until now."
"The product’s most valuable feature is SQL database."
"I like the alert policies because they are quite robust. It has some built-in templates that we can easily pick up. One of them is the alert for mass downloads, when a particular user is running a massive download on your SharePoint site."
"Everything from Microsoft is integrated. You receive regular reports on them all. You can push your reports, logs, and security alerts, which are all integrated. It is crucial that these solutions work natively together to deliver coordinated detection and response across our environment."
"The solution does not affect a user's workflow."
"Better logging allows us to find problems and take appropriate steps to lock them out."
"There are a lot of features with benefits, including discovery, investigation, and putting controls around things. You can't say that you like the investigation part but not the discovery. Everything is correlated; that's how the tool works."
"On-demand scanning is the most valuable feature. In addition, it's a fairly fluid product. It syncs back to the cloud and provides metrics. It's pretty intelligent."
 

Cons

"The license cost is expensive and has room for improvement."
"Check Point tools need to improve the latency in the portal since they take a long time to load."
"The support must be more effective."
"It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues."
"Integration could be improved."
"The integration process could be enhanced by enabling integration at the organizational level rather than requiring the manual setup of individual accounts."
"The costs are high."
"In general, for the product to be successful, they need to improve security, and configuration detection."
"Sometimes the support is actually lacking."
"The technical support team has room for improvement."
"The product is very good so far, however, it would be better if it could include more up-to-date threat protection."
"Generally, the pricing can always be improved along with the management system."
"Defender for Cloud Apps could come with more configured policies out of the box. Also, integration could be easier. Integration is moderately difficult because Microsoft hasn't developed a solution that unifies device onboarding and management. You have to use Intune to manage devices and Defender for Endpoint to enforce policies. They need to fix their integration, but I believe they will straighten it out by the end of the year."
"We are having trouble with our continuous reporting configuration and struggling with configuring the collector properly with our log parsing."
"I would prefer to have filtering options incorporated within the policies, enabling the solution to perform tasks beyond mere blocking or allowing."
"Defender could integrate better with multi-cloud and hybrid environments. It requires some additional configuration to ingest data from non-Azure environments and integrate it with Sentinel."
 

Pricing and Cost Advice

"Check Point CloudGuard Posture Management is always known as a good solution but an expensive one. When you're using Cisco, Check Point, or Palo Alto, you know that you will pay more, but you know that it will work."
"The licensing part still needs some work. The issue that I have is that we do not use all the services in the cloud, but sometimes, CloudGuard identifies them as an asset."
"The pricing is extremely competitive."
"​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
"Its price is very fair."
"The license for CloudGuard Posture Management is about $80 a year, and it's based on your cloud footprint, not the number of users. So you could have a million users, and it doesn't matter."
"It is difficult to contextualize the pricing because we are used to Indian pricing and licensing."
"Right now, we have licenses on 500 machines, and they are not cheap."
"The cost could be improved when you need to pay for anything. For example, refreshing files takes time to load, though it may be my Internet. To improve the refresh time, Microsoft says that we need to pay for a Premium license, and I don't like paying for things that help make a solution better."
"I'm not totally involved in the pricing part, but I think its pricing is quite aggressive, and its price is quite similar to Netskope. Netskope has separate licensing fees or additional charges if you want to monitor certain SaaS services, whereas, with MCAS, you get 5,000 applications with their Office 365. It is all bundled, and there's no cost for using that. You only have the operational costs. In the country I am in, it is a bit difficult to get people with the required skill sets."
"The product's pricing seems fair."
"It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive."
"It has fair pricing. You pay for what you get. As far as I know, there are no costs in addition to the standard licensing fee."
"The E5 license offers everything bundled. People are moving to Microsoft because you buy one license and it gives you everything."
"Its pricing is on the higher side. Its price is definitely very high for a small-scale company. As an enterprise client, we do get benefits from Microsoft. We get a discounted price because of the number of users we have in our company. We have a premier package, and with that, we do get a lot of discounts. There are no additional costs. It only comes in the top-tier packages. Generally, the top-tier license is the best license that you can get for your organization. If you want, you can buy it separately, but that's not a good idea."
"The pricing is in the middle. It isn't too cheap or expensive compared to other antivirus or security products. It is priced according to industry standards."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
823,875 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
9%
Security Firm
6%
Computer Software Company
16%
Financial Services Firm
12%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better security solution - Cisco Umbrella or Microsoft Cloud App Security?
Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-native solution, unifying multiple features like DNS-layer security, threat intelli...
What do you like most about Microsoft Cloud App Security?
It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications are pretty good.
What is your experience regarding pricing and costs for Microsoft Cloud App Security?
Honestly, it is expensive. I would rate the price as eight out of ten.
 

Also Known As

Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
MS Cloud App Security, Microsoft Cloud App Security
 

Overview

 

Sample Customers

Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.
Find out what your peers are saying about Tenable, Qualys, Wiz and others in Vulnerability Management. Updated: November 2024.
823,875 professionals have used our research since 2012.