Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard CNAPP vs Wiz comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Vulnerability Management
6th
Ranking in Container Security
3rd
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Ranking in Cloud Security Posture Management (CSPM)
4th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
3rd
Ranking in Compliance Management
3rd
Average Rating
8.6
Reviews Sentiment
7.8
Number of Reviews
103
Ranking in other categories
Cloud and Data Center Security (5th)
Check Point CloudGuard CNAPP
Ranking in Vulnerability Management
8th
Ranking in Container Security
6th
Ranking in Cloud Workload Protection Platforms (CWPP)
6th
Ranking in Cloud Security Posture Management (CSPM)
5th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
5th
Ranking in Compliance Management
6th
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
67
Ranking in other categories
Cloud and Data Center Security (9th), Data Security Posture Management (DSPM) (4th)
Wiz
Ranking in Vulnerability Management
3rd
Ranking in Container Security
2nd
Ranking in Cloud Workload Protection Platforms (CWPP)
2nd
Ranking in Cloud Security Posture Management (CSPM)
1st
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
2nd
Ranking in Compliance Management
1st
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
20
Ranking in other categories
Data Security Posture Management (DSPM) (2nd), Cloud Detection and Response (CDR) (1st)
 

Mindshare comparison

As of January 2025, in the Cloud-Native Application Protection Platforms (CNAPP) category, the mindshare of SentinelOne Singularity Cloud Security is 2.9%, up from 1.1% compared to the previous year. The mindshare of Check Point CloudGuard CNAPP is 3.4%, down from 3.6% compared to the previous year. The mindshare of Wiz is 26.4%, up from 21.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Yokesh Mani - PeerSpot reviewer
Easy to write custom rules and policies in the UI with limited coding knowledge
The user interface could be improved. Sometimes, the visibility is not immediately available for the environment. We have the native servers that come with the solutions, but we cannot see them in the Check Point log. Another issue is with the integrated file monitoring. It would make sense to have stuff like file integrity monitoring and malware scanning available within this module because we don't want to integrate another product. For example, let's say it's showing a process violation. It should be able to do some additional malware scanning in that particular bucket to get some additional information. I don't want to integrate with another third-party tool or go to the native server to check something. It would be helpful to have integrated monitoring and malware scanning for the file types. There are a few flaws with the security management portal where I have limited visibility into the workload protection features. There is no error visibility where I can see the communication and workflow between services. Some of the dashboards need to be fine-tuned if they are not customized. For example, I cannot customize anything on the effective risk management dashboard. Some of the information is not correct for my tenant. With respect to passwords and user management, there are no policies I can measure at the user level. If the user was created more than six months ago, you don't need to worry about that password or do anything like two-factor authentication associated with that user. They can still log in after six months or one year. It's also a challenge to use CloudGuard's agentless workload posture with AWS. An Azure storage is summed up with a CNAPP encryption by default. We tried onboarding this data, but the problem is the attachment is not done. After a few days, we identified that it was impossible to do the encryption detection. But CloudGuard's default rules say that this has to be encrypted. The AWS module says that we cannot access this volume with this encryption, so we cannot use an agentless workload posture with AWS because of this. It is a best practice to ensure that all the volumes are being encrypted. Without the encryption, how can I do this? It is a big challenge for CloudGuard.
Pietro Villivà - PeerSpot reviewer
Useful for security assessment and maintaining correct security posture
The tool keeps improving on a weekly basis. Wiz enters into a lot of partnerships with other technologies. I don't have any idea about the improvements needed in the tool at the moment. For me, Wiz is a very complete product, but it is not the perfect one. Other technologies are better for our customers' specific use cases. A possible way to grow the tool is by introducing new functionality or features. In the future, the tool can introduce an on-prem infrastructure or platform. Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment. The onboarding can be done in five minutes or five to ten minutes. Then, there is the configuration, and it depends on the type of the use case of the customer. There is a customer that has simple use cases for whom the onboarding can be done in four to eight hours a day. If there are some customers with a lot of use cases and a lot of different cloud providers, more time is needed. In general, we don't need more than five days to deploy the tool, even in the case of a very complex architecture and hybrid cloud environment. To deploy the tool, we need to have access to the account of the customer, and Wiz is a stuff that we need to make with the customer. We do the onboarding together. The customer creates the correct authorization in the cloud platform and gives us the key to connect to the platform, and then the platform connector starts and begins to collect information.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We use the infrastructure as code scanning, which is good."
"The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features."
"We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues."
"The most valuable features of PingSafe are the asset inventory and issue indexing."
"With PingSafe, it's easy to onboard new accounts."
"Cloud Native Security's best feature is its ability to identify hard-coded secrets during pull request reviews."
"PingSafe's graph explorer is a valuable tool that lets us visualize all connected services."
"SentinelOne Singularity Cloud Security has improved our security posture."
"The new scanning function is a valuable feature that wasn't available until recently."
"The feature that I find most valuable is the blocking feature."
"This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc."
"The posture management and remediation features are the most valuable. We use GSL Builder to build custom rules in alignment with our organization's policies. CloudGuard has canned rules using multiple standard frameworks, but we also have additional rules."
"The rulesets and the findings are valuable. The actual core functionality of it and the efficacy of events are great."
"The audit feature is the most valuable for compliance reasons. It gives you a full view of the whole environment, no matter how many accounts you have in AWS or Azure. You have it all under one umbrella."
"Dome9 has improved our organization; we have a centralized view of all of our assets, our visible assets our ECs, our inventories. And then all the policies are centralized, and it is easier to manage because everything is one component console."
"The tool is also very intuitive; its dashboards are very complete and provide a lot of valuable information for decision-making to improve security."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"The tool's most valuable feature is its attack path analysis."
"The most valuable feature of Wiz is that it keeps information up to date without needing to perform scans or schedule maintenance windows. It provides a fresh snapshot of our vulnerability metrics."
"The solution is very user-friendly."
"Wiz saves time by validating a network misconfiguration by not only looking at the cloud asset configuration but also by testing if a port that is stated to be open is actually open."
"The product's most valuable feature combines different contexts and attributes to produce highly confident alerts."
 

Cons

"Some of the navigation and some aspects of the portal may be a little bit confusing."
"There's room for improvement in the graphic explorer."
"There can be a specific type of alert showing that a new type of risk has been identified."
"It took us a while to configure the software to work well in this type of environment, as the support documents were not always clear."
"When you find a vulnerability and resolve it, the same issue will not occur again. I want PingSafe to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again."
"It does not bring much threat intel from the outside world. All it does is scan. If it can also correlate things, it will be better."
"PingSafe can be improved by developing a comprehensive set of features that allow for automated workflows."
"The reporting works well, but sometimes the severity classifications are inaccurate. Sometimes, it flags an issue as high-impact, but it should be a lower severity."
"The Check Point Infinity admin portal sometimes freezes."
"The platform would be significantly enhanced by incorporating data security management capabilities."
"Dome9 should also support deployments that are on-premises and in a hybrid cloud."
"Sometimes, the solution provides us with false alerts of vulnerabilities that are not present in our cloud environment."
"I would like them to include support for their products in languages other than English."
"The biggest thing is the documentation aspect of Dome9 is a little lacking. They were purchased by Check Point about a year and a half to two years ago. When they integrated into Check Point's support system, a lot of the documentation that they had previously got mangled in the transition, e.g., linking to stuff on the Dome9 website that no longer exists. There are still a lot of spaces with incomplete links and stuff that is not as fully explained as it could be."
"CloudGuard's reporting could be better. It's good now, but there is room for improvement. If you're looking for a centralized platform, there are a lot of features that can be appreciated. However, you want complete security integration with SaaS, DAST, secret scanning, etc., and a single platform for all these features."
"The guidelines to implement or to link with the clouds are not complete."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
"The remediation workflow within the Wiz could be improved."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"The reporting should be improved because until a few months ago, the reports were only in CSV format, which made it difficult to clean up. Wiz tried to improve the reporting process, but it's not as valuable as Tenable."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"The APIs are currently quite limited and not very mature, which makes integration with Splunk difficult."
"We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."
 

Pricing and Cost Advice

"PingSafe is affordable."
"It is cheap."
"Singularity Cloud Workload Security's pricing is good."
"SentinelOne offers excellent pricing and licensing options."
"For pricing, it currently seems to be in line with market rates."
"Singularity Cloud Security by SentinelOne is cost-efficient."
"SentinelOne is quite costly compared to other security platforms."
"The licensing is easy to understand and implement, with some flexibility to accommodate dynamic environments."
"It is difficult to contextualize the pricing because we are used to Indian pricing and licensing."
"In the beginning, the price of Dome9 was cheap, whereas now it is not."
"I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
"The tool's pricing is moderate. Its licensing costs are yearly."
"The pricing is extremely competitive."
"Check Point CloudGuard Posture Management is expensive."
"Everything in this field is very expensive."
"The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
"Wiz is a moderately priced solution, where it is neither cheap nor costly."
"The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
"The cost of the other solutions is comparable to Wiz."
"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
"If one is cheap and ten is expensive, I rate the tool's price as a five out of ten."
"I wish the pricing was more transparent."
"The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
"Based on the features and capabilities, the product pricing seems reasonable."
report
Use our free recommendation engine to learn which Cloud-Native Application Protection Platforms (CNAPP) solutions are best for your needs.
831,158 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
15%
Manufacturing Company
9%
Government
5%
Computer Software Company
14%
Financial Services Firm
13%
Manufacturing Company
9%
University
5%
Computer Software Company
15%
Financial Services Firm
15%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
SentinelOne is relatively cheap. If ten is the most expensive, I would rate it a seven.
What needs improvement with PingSafe?
The areas with room for improvement include the cost, which is higher compared to other security platforms. The dashb...
What do you like most about Wiz?
With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.
What is your experience regarding pricing and costs for Wiz?
This feedback is not based on much experience yet, as we have only conducted POV or POC.
What needs improvement with Wiz?
I have not measured certain abilities on a scale yet. The ultimate value depends on the requirements of your organiza...
 

Also Known As

PingSafe
Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
No data available
 

Overview

 

Sample Customers

Information Not Available
Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
Find out what your peers are saying about Check Point CloudGuard CNAPP vs. Wiz and other solutions. Updated: January 2025.
831,158 professionals have used our research since 2012.