Check Point CloudGuard CNAPP vs Red Hat Advanced Cluster Security for Kubernetes comparison

Check Point CloudGuard CNAPP vs. Red Hat Advanced Cluster Security for Kubernetes

Download the complete report

Helped 846,617 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

SentinelOne Singularity Clo...

Mindshare comparison

As of April 2025, in the Container Security category, the mindshare of SentinelOne Singularity Cloud Security is 2.1%, up from 1.0% compared to the previous year. The mindshare of Check Point CloudGuard CNAPP is 2.1%, down from 2.2% compared to the previous year. The mindshare of Red Hat Advanced Cluster Security for Kubernetes is 2.4%, down from 3.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Container Security

Featured Reviews

Andrew W

VP - Information Technology at a financial services firm with 201-500 employees

Tells us about vulnerabilities as well as their impact and helps to focus on real issues

Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.

Read full review

Bart Coddens

Cloud Engineer at Cloudar

Evolved cloud security with active monitoring but needs interface consistency

The user interface needs work. Sometimes, it is a transition from the old tool to the new CNAPP Two that I currently have, and remnants of the old environment can still be detected. I require consistency in the user interface to ensure everything is streamlined into the same look and feel. More work is needed in fine-tuning the threat data towards your CSPM and activity logs, aligning them with business intelligence, which requires a cohesive console interface. My assessment of CloudGuard CDRs in intrusion detection and threat hunting capabilities is that it still needs some work. All the threat data that comes in, you need to fine tune it a bit.

Read full review

Daniel Stevens

Software Engineer at Galley

Offers easy management and container connection with HTTPS, but the support needs to improve

I have experience with the solution's setup in Rio de Janeiro, Brazil and our company has assisted in the development of a cluster in a research department, but we didn't start from scratch because we have IT professionals who have installed Kubernetes across 12 nodes of a cluster and a new environment can be created for a new platform. I also had another setup experience of Red Hat Advanced Cluster Security for Kubernetes in Portugal where I had to implement the solution in a cluster of 22 computer servers, which was completed with assistance from the IT department of the company. The initial setup process of the solution can be considered as difficult. The setup process involves using the permissions, subnets and range of IPs, which makes it complex. Deploying Red Hat Advanced Cluster Security for Kubernetes takes around eight to ten hours for new clusters. The solution's deployment can be divided into three parts. The first part involves OpenStack, where the cluster's resources need to be identified. The second part involves virtualizing assets and identifying other physical assets, for which OpenStack, Kubernetes, or OpenShift are used. The third part of the deployment involves dividing the networks into subnetworks and implementing automation to deploy the microservices using Helm. The number of professionals required for the solution's deployment depends upon the presence of automated scripts. Ideally, two or three professionals are required to set up Red Hat Advanced Cluster Security for Kubernetes.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Cloud Security has provided a single view to observe all workloads, prioritization for handling cloud assets, and reduced noise by distinguishing false positives effectively."

"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."

"The multi-cloud support is valuable. They are expanding to different clouds. It is not restricted to only AWS. It allows us to have different clouds on one platform."

"SentinelOne is far superior to our previous solution, Accops, due to its seamless updates, effortless maintenance, and user-friendly interface and dashboard."

"The dashboard is intuitive in terms of design and functionality. Additionally, it gives me an email for all the findings that are open."

"The most valuable features are automated threat response, AI detection, and static and dynamic detection."

"It is advantageous in terms of time-saving and cost reduction."

"The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features."

More SentinelOne Singularity Cloud Security pros

"The cloud security posture management identify the risks that are the most critical to our business. We can define certain key assets that are your crown jewels. And whenever something hits on these crown jewels, you get a very high score. So you can really fine tune towards protecting your risk based assets in the cloud."

"Helps identify and correct misconfigurations in cloud environments, ensuring that infrastructure and applications are secure and optimized."

"The most valuable feature is posture management, which gives you complete visibility of all your assets in the cloud and allows you to do governance and compliance."

"The ability to integrate it with Microsoft Azure Sentinel allows us to validate the logs in an even more complex and meaningful way."

"The Compliance engine has helped put our auditors and senior executives at ease, as we can quickly and accurately measure ourselves against hundreds of compliance checks to include CIS benchmarks, PCI, and other best practices."

"The feature that I find most valuable is the blocking feature."

"It provides complete visibility of workload hosted on different cloud platforms including AWS and Azure, along with multiple tenants."

"Customer service is very good."

More Check Point CloudGuard CNAPP pros

"Scalability-wise, I rate the solution a nine out of ten."

"The most beneficial security feature of the product revolves around the areas of vulnerability and configuration."

"Segmentation is the most powerful feature."

"Offers easy management with authentication and authorization features"

"The most valuable feature is the ability to share resources."

"One of the most valuable features I found was the ability of this solution to map the network and show you the communication between your containers and your different nodes."

"The most valuable feature of the solution is its monitoring feature."

"The benefit of working with the solution is the fact that it's very straightforward...It is a perfectly stable product since the details are very accurate."

More Red Hat Advanced Cluster Security for Kubernetes pros

Cons

"A two-month grace period for extended searches would be a valuable improvement."

"There is room for improvement in the current active licensing model for PingSafe."

"We wanted it to provide us with something like Claroty Hub in AWS for lateral movement. For example, if an EC2 instance or a virtual machine is compromised in a public subnet based on a particular vulnerability, such as Log4j, we want it to not be able to reach some of our databases. This kind of feature is not supported in PingSafe."

"PingSafe can improve by eliminating 100 percent of the false positives."

"The reporting works well, but sometimes the severity classifications are inaccurate. Sometimes, it flags an issue as high-impact, but it should be a lower severity."

"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."

"We've found a lot of false positives."

"They need more experienced support personnel."

More SentinelOne Singularity Cloud Security cons

"Their service needs improvement."

"The entire system is complicated, and the setup process may not cater to the company's demands."

"CloudGuard could be improved by including integration with vendors other than AWS, especially Azure, especially in permissions."

"The costs are high."

"The reporting has a lot of opportunities to continuously improve so that we can continue to show value."

"The solution could be improved with a greater analysis of its Microsoft Security score."

"The license cost is expensive and has room for improvement."

"Down the road, we would like to see automation. That is probably a feature that most people want. If they can automate patching a vulnerability, it will be much easier."

More Check Point CloudGuard CNAPP cons

"The support and specifications need to be up to date for the cluster technologies"

"The solution's visibility and vulnerability prevention should be improved."

"The solution's price could be better."

"Red Hat is somewhat expensive."

"The solution lacks features when compared to some of the competitors such as Prisma Cloud by Palo Alto Networks and has room for improvement."

"They're trying to convert it to the platform as a source. They are moving in the direction of Cloud Foundry so it can be easier for a developer to deploy it."

"The testing process could be improved."

"The deprecation of APIs is a concern since the deprecation of APIs will cause issues for us every time we upgrade."

More Red Hat Advanced Cluster Security for Kubernetes cons

Pricing and Cost Advice

"Pricing is based on modules, which was ideal for us."

"Its pricing was a little less than other providers."

"It is a little expensive. I would rate it a four out of ten for pricing."

"The tool is cost-effective."

"The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"

"It is cheap."

"SentinelOne offers excellent pricing and licensing options."

"It is not that expensive. There are some tools that are double the cost of PingSafe. It is good on the pricing side."

More SentinelOne Singularity Cloud Security pricing and cost advice

"CloudGuard is fairly priced."

"The solution’s pricing is a little bit high."

"Right now, we have licenses on 500 machines, and they are not cheap."

"Check Point CloudGuard Posture Management is always known as a good solution but an expensive one. When you're using Cisco, Check Point, or Palo Alto, you know that you will pay more, but you know that it will work."

"The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."

"I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."

"Everything in this field is very expensive."

"We have the enterprise-level license and we renew it annually because it is worth the cost."

More Check Point CloudGuard CNAPP pricing and cost advice

"It's a costly solution"

"The price of Red Hat Advanced Cluster Security for Kubernetes is better than Palo Alto Prisma."

"Red Hat offers two pricing options for their solution: a separate price, and a bundled price under the OpenShift Platform Plus."

"The pricing model is moderate, meaning it is not very expensive."

"We purchase a yearly basis license for the solution."

See which vendors are best for you

Use our free recommendation engine to learn which Container Security solutions are best for your needs.

See recommendations

846,617 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

15%

Manufacturing Company

Government

Computer Software Company

16%

Financial Services Firm

14%

Manufacturing Company

University

Financial Services Firm

25%

Computer Software Company

14%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...

What is your experience regarding pricing and costs for PingSafe?

It is cost-effective compared to other solutions in the market.

What needs improvement with PingSafe?

The documentation could be better. Besides improving the documentation, obtaining a professional or partner specializ...

What do you like most about Check Point CloudGuard Posture Management?

The visibility in our cloud environment is the most valuable feature.

What is your experience regarding pricing and costs for Check Point CloudGuard Posture Management?

The price is on the higher end.

What needs improvement with Check Point CloudGuard Posture Management?

We have concerns regarding the pricing and would appreciate seeing some improvements.

What do you like most about Red Hat Advanced Cluster Security for Kubernetes?

I like virtualization and all those tools that come with OpenShift. I also like Advanced Cluster Management and the b...

What needs improvement with Red Hat Advanced Cluster Security for Kubernetes?

From an improvement perspective, I would like to create new policies in the tool, especially if it is deployed for th...

What is your primary use case for Red Hat Advanced Cluster Security for Kubernetes?

I use the solution in my company for vulnerability management, configuration management, compliance, safety handling,...

Wiz vs SentinelOne Singularity Cloud Security

Comparisons

Compared 25% of the time

Prisma Cloud by Palo Alto Networks vs SentinelOne Singularity Cloud Security

Compared 19% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 8% of the time

Microsoft Defender for Cloud vs SentinelOne Singularity Cloud Security

Compared 7% of the time

Aqua Cloud Security Platform vs SentinelOne Singularity Cloud Security

Compared 3% of the time

More SentinelOne Singularity Cloud Security Competitors

Wiz vs Check Point CloudGuard CNAPP

Compared 22% of the time

Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP

Compared 19% of the time

AWS GuardDuty vs Check Point CloudGuard CNAPP

Compared 9% of the time

Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP

Compared 8% of the time

Orca Security vs Check Point CloudGuard CNAPP

Compared 4% of the time

More Check Point CloudGuard CNAPP Competitors

Prisma Cloud by Palo Alto Networks vs Red Hat Advanced Cluster Security for Kubernetes

Compared 25% of the time

SUSE NeuVector vs Red Hat Advanced Cluster Security for Kubernetes

Compared 13% of the time

CrowdStrike Falcon Cloud Security vs Red Hat Advanced Cluster Security for Kubernetes

Compared 11% of the time

Aqua Cloud Security Platform vs Red Hat Advanced Cluster Security for Kubernetes

Compared 10% of the time

Sysdig Secure vs Red Hat Advanced Cluster Security for Kubernetes

Compared 6% of the time

More Red Hat Advanced Cluster Security for Kubernetes Competitors

Product Reports

SentinelOne Singularity Cloud Security

Download SentinelOne Singularity Cloud Security product report

SentinelOne Singularity Cloud Security report

Check Point CloudGuard CNAPP

April 2025

Download Check Point CloudGuard CNAPP product report

Red Hat Advanced Cluster Security for Kubernetes

Download Red Hat Advanced Cluster Security for Kubernetes product report

Red Hat Advanced Cluster Security for Kubernetes report

Also Known As

PingSafe

Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence

StackRox

Overview

SentinelOne Singularity Cloud Security protects cloud workloads, offering advanced threat detection and automated response. It integrates seamlessly with cloud environments and secures containerized applications and virtual machines against vulnerabilities.

SentinelOne Singularity Cloud Security is renowned for its efficiency in mitigating threats in real-time. The platform integrates effortlessly with existing cloud environments, ensuring robust cloud security management with minimal manual intervention. Securing containerized applications and virtual machines, it excels in threat intelligence and endpoint protection. However, improvements are needed in performance during high workload periods, and more integrations with third-party tools and better documentation would be beneficial. Users often find the installation process complex, support response times slow, and the dashboard's navigation unintuitive.

What are the key features of SentinelOne Singularity Cloud Security?

Real-time Threat Detection: Identifies and mitigates threats as they occur.
Automated Response: Automatically responds to threats to minimize impact.
Ease of Deployment: Simple setup process with scalable options.
Machine Learning Insights: AI-driven insights enhance threat prevention.
Seamless Integration: Integrates with cloud environments for unified security management.

What are the primary benefits or ROI to expect from SentinelOne Singularity Cloud Security?

Enhanced Threat Mitigation: Improved security against real-time threats.
Reduced Manual Intervention: Automated processes save time and resources.
Scalability: Easily adapts to growing security requirements.
Centralized Management: Manage security across platforms from a single console.
Advanced Threat Intelligence: Provides in-depth analysis and protection.

In specific industries, SentinelOne Singularity Cloud Security is implemented to safeguard critical data and infrastructure. Organizations in finance, healthcare, and technology depend on its real-time threat detection and automated response to protect sensitive information. Its ability to secure containerized applications and virtual machines is particularly valuable in dynamic environments where rapid scaling is necessary.

SentinelOne

Check Point CloudGuard CNAPP is a cloud-native application protection platform designed to secure your cloud environments and applications. By combining CSPM, CWPP, CSNS, and WAF capabilities, it provides a comprehensive solution to protect your cloud environment from a wide range of threats.

CloudGuard CNAPP delivers end-to-end cloud security, including workload protection, vulnerability management, and identity management, all while maintaining continuous compliance. It uses advanced AI to detect and prevent threats, offering protection for containers, serverless applications, and APIs. CloudGuard CNAPP also emphasizes simplifying security management, integrating directly with cloud platforms like AWS, Azure, and GCP.

CloudGuard CNAPP provides customers with more context to drive actionable security and smarter prevention, from code-to-cloud, across the application lifecycle. More Context Means Actionable Security, Smarter Prevention. The primary components are:

Unified & Modular Platform - A single platform unifying SAST, CSPM, DSPM, CIEM, CWPP, WAF, and Cloud Detection and Response.
Continuous Cloud Security - Automatic enforcement of security requirements and internal policies from development to runtime.
Real-time Detection & Protection - Real-time incidents and vulnerability detection with a single-click or automated remediation.

What are the key features of CloudGuard CNAPP?

Workload Protection: Secures cloud-based workloads, including VMs, containers, and serverless functions, from vulnerabilities and attacks.
Posture Management: Continuously monitors cloud configurations and assets to ensure compliance with security standards and policies.
Threat Prevention: Uses AI-driven threat detection to block malware, ransomware, and zero-day exploits in real-time.
Compliance Automation: Automates compliance checks and ensures adherence to industry regulations, such as GDPR, HIPAA, and PCI-DSS.
Identity and Access Management (IAM) Protection: Secures identities by managing access policies and detecting misconfigurations in permissions.

What are the key benefits to consider?

Improved Cloud Visibility: Provides clear insights into cloud environments, assets, and workloads, helping teams detect misconfigurations and vulnerabilities early.
Risk Reduction: Threat prevention features help reduce the risk of breaches by identifying and blocking potential attacks before they can exploit system weaknesses.
Operational Efficiency: Automated compliance and posture management reduce the manual work needed to maintain security standards.
Multi-cloud Support: CloudGuard CNAPP integrates across AWS, Azure, and Google Cloud, streamlining security operations for hybrid and multi-cloud deployments.

Check Point CloudGuard CNAPP simplifies cloud security management with integrated protection and automation.

Check Point Software Technologies

Red Hat Advanced Cluster Security for Kubernetes is a Kubernetes-native container security solution that enables your organization to more securely build, deploy, and run cloud-native applications from anywhere. With its built-in security across the entire software development life cycle, you can lower your operational costs, reduce operational risk, and increase developer productivity while improving your security posture immediately. In addition, Red Hat Advanced Cluster Security integrates with security tools and DevOps in an effort to help you mitigate threats and enforce security policies that minimize operational risk to your applications. It also enables you to provide developers with actionable, context-rich guidelines integrated into existing workflows, along with tooling to support developer productivity. The solution is suitable for small, medium, and large-sized companies.

Red Hat Advanced Cluster Security for Kubernetes Features

Red Hat Advanced Cluster Security for Kubernetes has many valuable key features. Some of the most useful ones include:

Vulnerability management: With the Red Hat Advanced Cluster Security for Kubernetes solution, you gain full visibility into your entire cloud-native landscape. The solution makes it possible for your organization to identify and remediate vulnerabilities in Kubernetes configurations and container images, as well as running applications. It also enables you to provide developers with clear and prioritized guidance on fixable vulnerabilities.

Configuration management: The solution makes configuration management easy. To identify missed best practices, you can understand how images, containers, and deployments are configured prior to running. It also allows you to leverage Kubernetes-native capabilities - like admission controllers - to prevent misconfigured workloads from deploying or running.

Compliance: Using Red Hat Advanced Cluster Security for Kubernetes helps you manage compliance with standard-specific checks across CIS Benchmarks, NIST, PCI, and HIPAA, with more than 300 controls and continuous compliance assessments and one-click audit reporting.

Network segmentation: The solution enables you to enforce network policies by using the native capabilities in Kubernetes. You can simulate new policies, visualize existing ones, generate updated YAML files, and apply them directly to Kubernetes.

Multifactor risk profiling: With Red Hat Advanced Cluster Security for Kubernetes, you can use risk rankings by combining vulnerability (CVE) details with rich Kubernetes context and artifact data. This allows you to assess and prioritize risk across your entire environment. In turn, you can accelerate remediation times and productivity.

Threat detection and incident response: By combining custom policies, process allow lists, application and network baselines, and behavioral modeling to identify anomalous behavior, the solution enables you to protect your applications at runtime. You can then leverage Kubernetes-native enforcement capabilities to respond.

Red Hat Advanced Cluster Security for Kubernetes Benefits

There are many benefits to implementing Red Hat Advanced Cluster Security for Kubernetes. Some of the biggest advantages the solution offers include:

Increases protection, scalability, and portability.
Eliminates blind spots.
Reduces time and costs.
Reduces the effort needed to implement security.
Streamlines security analysis, investigation, and remediation by using the rich context Kubernetes provides.
Provides scalability and resiliency native to Kubernetes

Reviews from Real Users

PeerSpot user Igor K., Owner/Full Stack Software Engineer at Maraphonic, Inc., says, “The solution allows teams to create their own virtual spaces and share resources. The most valuable feature is the ability to share resources.”

Red Hat

Sample Customers

Information Not Available

Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners

City National Bank, U.S. Department of Homeland Security

Check Point CloudGuard CNAPP vs. Red Hat Advanced Cluster Security for Kubernetes