No more typing reviews! Try our Samantha, our new voice AI agent.

Check Point WAF (formerly CloudGuard WAF) vs Mend.io comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 16, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
6.4
Check Point WAF yields cost savings, enhanced security, and efficiency, with up to 90% ROI and reduced breach risks.
Sentiment score
6.4
Mend.io boosts security, automates processes, and enhances efficiency, leading to significant ROI through improved code quality and faster issue resolution.
When we are attacked, we can understand how important the solution is.
Cyber security manager at a government with 1,001-5,000 employees
When you migrate to the cloud, it feels like saving 90% of your time.
Manager, Managed Security Services at a tech vendor with 51-200 employees
Most of the operations happen in the background, so I do not spend much time on it.
Principal Cybersecurity Specialist at Unitel S.A.
Mend.io has provided a good return on investment by significantly reducing vulnerabilities.
CEO at a computer software company with 10,001+ employees
 

Customer Service

Sentiment score
6.5
Check Point WAF is praised for support, with quick response times and skilled personnel, but needs improved non-business hours coverage.
Sentiment score
6.7
Mend.io's support is rated highly for responsiveness and knowledge, with recent concerns about response speed and reseller-related issues.
They need to increase the number of people for 24/7 support.
Principal Cybersecurity Specialist at Unitel S.A.
They were responsive even before we committed to buying their solution.
Infrastructure Manager at FPMH
I also received full technical support, especially during the implementation.
Cyber security manager at a government with 1,001-5,000 employees
Critical tickets are responded to within an hour.
Product Security Architect at a computer software company with 10,001+ employees
They prioritize providing the best experience to large organizations like ours, belonging to the Fortune 100.
CEO at a computer software company with 10,001+ employees
I have noticed that the speed to respond has decreased over time.
VP at a tech vendor with 5,001-10,000 employees
 

Scalability Issues

Sentiment score
7.4
Check Point WAF is praised for scalability, seamless cloud integration, and traffic-based licensing, with excellent support and easy expansion.
Sentiment score
7.5
Mend.io excels in scalability, supporting diverse enterprise needs, seamless integration, and stable performance, making it ideal for growing demands.
If I need to scale, I open a Whatsapp group with the director and the team, and we quickly proceed to do so.
Cyber security manager at a government with 1,001-5,000 employees
They have sufficient resources, and there are no challenges from a scalability perspective.
Project Manager at a outsourcing company with 1,001-5,000 employees
Check Point CloudGuard WAF's scalability is very good.
Sr. VP of Creative & Development at a non-tech company with 51-200 employees
Regarding scalability, I would also rate it a ten because in some cases, I have 500 projects inside a single product, so I think it is quite scalable.
Product Security Architect at a computer software company with 10,001+ employees
 

Stability Issues

Sentiment score
8.2
Check Point WAF is highly reliable, stable, and efficient, with users praising minimal downtime and smooth operations.
Sentiment score
7.8
Mend.io is praised for its high stability and reliability, ensuring seamless workflows and consistently earning high stability ratings.
It is very stable.
Team Leader, Cloudops & Cloud Architect at a consultancy with 501-1,000 employees
It is very stable, never crashing or giving me an error that I can see.
Sysadmin at a government with 501-1,000 employees
I did not have any issues in the last three years during which I had more than ten critical services running on CloudGuard.
Information Technology - Infrastructure and Security at Cyprus Development Bank
Mend.io is very stable; we did not have any issues.
CEO at a computer software company with 10,001+ employees
AI integration in code security tools like Mend.io is still in its early stages and relatively immature.
CEO at a computer software company with 10,001+ employees
 

Room For Improvement

Check Point WAF requires enhanced documentation, user interface, integration, support, security features, and improved scalability and pricing transparency.
Mend.io users seek improvements in notifications, setup, policies, reporting, UI, integration, language support, container scanning, and pricing.
The provider could improve by providing better guidance and support during the configuration process.
Infrastructure Manager at FPMH
Future releases should include better bot mitigation, behavioral anomaly detection, compliance templates, advanced threat intel integration, and streamlined multi-cloud support to boost protection and usability.
Senior Cyber Security Engineer at a computer software company with 501-1,000 employees
A machine learning-based adaptive mode could help the WAF learn over time and auto-tune policies.
Technical Support Executive at a computer software company with 501-1,000 employees
That's not a limitation of Mend.io; I think that's a general problem with any tool in the market because no tool in the market will actually know what portion of the code I'm actually using from that particular library if it is vulnerable or not.
CEO at a computer software company with 10,001+ employees
The actual challenge is how easy it is to integrate it in the early phase of the software development life cycle.
Principal Architect at a consultancy with 11-50 employees
I strongly recommend that they start working with AI for the reporting part.
VP at a tech vendor with 5,001-10,000 employees
 

Setup Cost

Check Point WAF pricing is seen as expensive but justified due to its robust features and flexible licensing.
Mend.io provides scalable enterprise pricing with low setup costs and flexible negotiations, offering significant features and value.
It is more expensive than f5, where we purchased everything as bundles, and Check Point costs more, but it is worth the money.
Cyber security manager at a government with 1,001-5,000 employees
It is less costly than Cloudflare, Fortinet, and other vendors.
Project Manager at a outsourcing company with 1,001-5,000 employees
I know that its price is relatively expensive compared to other products but it gives benefits that are worth it.
Ciso at a government with 1,001-5,000 employees
The cost of Mend.io is competitive, being quite low compared to others.
CEO at a computer software company with 10,001+ employees
 

Valuable Features

Check Point WAF provides AI-driven threat prevention, fast deployment, and ease of use, enhancing protection, scalability, and cost-efficiency.
Mend.io efficiently manages open-source vulnerabilities, integrates with workflows, supports languages, and automates risk management for enhanced security.
Upon implementation and evaluation with third-party penetration testing, it meets rigorous security standards required for dealing with financial institutions.
Infrastructure Manager at FPMH
It can protect against zero-day attacks and hidden anomalies.
Amministratore Della Sicurezza Di Rete at a government with 1,001-5,000 employees
The solution preemptively blocks zero-day attacks and detects hidden anomalies effectively.
Information Technology - Infrastructure and Security at Cyprus Development Bank
We find it 100% accurate in detecting vulnerabilities.
CEO at a computer software company with 10,001+ employees
It handles Application Security, performing SCA SAST and container scanning.
Principal Architect at a consultancy with 11-50 employees
The features I find most valuable in Mend.io are the ease of use; it is very easy to access and integrate.
VP at a tech vendor with 5,001-10,000 employees
 

Categories and Ranking

Check Point WAF (formerly C...
Ranking in Application Security Tools
5th
Average Rating
8.8
Reviews Sentiment
7.2
Number of Reviews
60
Ranking in other categories
Web Application Firewall (WAF) (5th)
Mend.io
Ranking in Application Security Tools
9th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
34
Ranking in other categories
Software Composition Analysis (SCA) (5th), Static Code Analysis (4th), Software Supply Chain Security (1st)
 

Mindshare comparison

As of July 2026, in the Application Security Tools category, the mindshare of Check Point WAF (formerly CloudGuard WAF) is 0.7%, up from 0.1% compared to the previous year. The mindshare of Mend.io is 2.5%, down from 3.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools Mindshare Distribution
ProductMindshare (%)
Check Point WAF (formerly CloudGuard WAF)0.7%
Mend.io2.5%
Other96.8%
Application Security Tools
 

Featured Reviews

Krishnakumar Mahadevan - PeerSpot reviewer
EA & CISO at a non-tech company with 10,001+ employees
Cloud security has strengthened risk posture and improved advanced threat visibility
There are some API gateway and API securities I mentioned. If these are incorporated with AI-related features, particularly those seven key vulnerabilities I mentioned—token theft and tool poisoning—that would be beneficial. AI-related features are not included yet in Check Point CloudGuard WAF. However, they are present in FortiGate. That is the advantage of FortiGate now. FortiGate is stopping all AI-related vulnerabilities now. FortiGate has this capability. It is unfortunate that even Palo Alto also lacks one or two of these features. Check Point Quantum is very good, without a doubt. However, their capabilities are not in comparison with Palo Alto. There are some features, but there are some gaps in comparison with Palo Alto.
meetharoon - PeerSpot reviewer
CEO at a computer software company with 10,001+ employees
Centralized security monitoring has reduced false positives and improves dependency governance
The only area for improvement I would say is that the false positives are nearly zero; everything is mostly like 99 to 99.99% or we can say 100% accurate. There were a few areas for improvement just from the last time I saw; I think the user experience had a little problem. We wanted to have certain reports based on our kind of scenario, but the tool did not allow us to create custom reports. We had asked for some facility and some ability for us to create some custom reports. That would be awesome if they allow us to create custom reports the way we wanted. There is one small area which I don't know whether we should call a tool limitation or a wish list; if I use a library and I don't use all the capabilities of the library but only a portion of it and that portion is not vulnerable, but there is a component which is outdated, that is a problem, even though I don't use that component. Mend.io will discover there is a problem in the whole library; that is correct. That's a valid discovery, but in my case, for example, if I don't use that particular portion, then it actually is not making sense for me, but that's not a limitation of Mend.io; I think that's a general problem with any tool in the market because no tool in the market will actually know what portion of the code I'm actually using from that particular library if it is vulnerable or not.
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
904,016 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Outsourcing Company
10%
Financial Services Firm
9%
Manufacturing Company
8%
Financial Services Firm
14%
Manufacturing Company
12%
Computer Software Company
11%
Construction Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business39
Midsize Enterprise21
Large Enterprise23
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise3
Large Enterprise21
 

Questions from the Community

What is your experience regarding pricing and costs for CloudGuard for Application Security?
All original equipment manufacturers mention zero-day attacks and the exploitation of previously unknown vulnerabilities, and Check Point WAF (formerly CloudGuard WAF) also includes this feature. A...
What needs improvement with CloudGuard for Application Security?
Check Point WAF (formerly CloudGuard WAF) needs to offer more competitive pricing. There are many other cloud WAF products available, and when comparing costs, other vendors have a significant cost...
What is your primary use case for CloudGuard for Application Security?
I typically use Check Point WAF (formerly CloudGuard WAF) for protecting cloud workspaces, which includes cloud applications and websites hosted on cloud platforms, especially Amazon or Azure. My c...
How does WhiteSource compare with SonarQube?
Red Hat Ceph does well in simplifying storage integration by replacing the need for numerous storage solutions. This solution allows for multiple copies of replicated and coded pools to be kept, ea...
How does WhiteSource compare with Black Duck?
We researched Black Duck but ultimately chose WhiteSource when looking for an application security tool. WhiteSource is a software solution that enables agile open source security and license compl...
What is your experience regarding pricing and costs for Mend.io?
Mend.io SCA offers a competitive pricing structure that is relatively affordable compared to similar solutions in the market. This makes it an attractive option for organizations looking to enhance...
 

Also Known As

Check Point CloudGuard Application Security, CloudGuard Application Security, CloudGuard AppSec
WhiteSource, Mend SCA, Mend.io Supply Chain Defender, Mend SAST
 

Overview

 

Sample Customers

Orange España, Paschoalotto
Microsoft, Autodesk, NCR, Target, IBM, vodafone, Siemens, GE digital, KPMG, LivePerson, Jack Henry and Associates
Find out what your peers are saying about Check Point WAF (formerly CloudGuard WAF) vs. Mend.io and other solutions. Updated: June 2026.
904,016 professionals have used our research since 2012.