Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard WAF vs Prisma Cloud by Palo Alto Networks comparison

Check Point Software Technologies and Palo Alto Networks are both solutions in the Web Application Firewall (WAF) category. Check Point Software Technologies is ranked #14 with an average rating of 8.9, while Palo Alto Networks is ranked #5 with an average rating of 8.4. Additionally, 100% of Check Point Software Technologies users are willing to recommend the solution, compared to 97% of Palo Alto Networks users who would recommend it.
Check Point CloudGuard WAF
Read 32 Check Point CloudGuard WAF reviews
  • 331 Views
  • 98 Comparison Views
100% willing to recommend
Prisma Cloud by Palo Alto N...
Read 102 Prisma Cloud by Palo Alto Networks reviews
  • 3,399 Views
  • 1,893 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Check Point CloudGuard WAF and Prisma Cloud by Palo Alto Networks based on real PeerSpot user reviews.

Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Check Point CloudGuard WAF vs. Prisma Cloud by Palo Alto Networks Report (Updated: September 2024).
Buyer's Guide
Check Point CloudGuard WAF vs. Prisma Cloud by Palo Alto Networks
September 2024
Download the complete report
Helped 805,335 peers since 2012
 

Categories and Ranking

Check Point CloudGuard WAF
Ranking in Web Application Firewall (WAF)
14th
Average Rating
8.8
Number of Reviews
32
Ranking in other categories
Application Security Tools (9th)
Prisma Cloud by Palo Alto N...
Ranking in Web Application Firewall (WAF)
5th
Average Rating
8.4
Number of Reviews
102
Ranking in other categories
Container Security (1st), Cloud Workload Protection Platforms (CWPP) (1st), Cloud Security Posture Management (CSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (1st)
 

Featured Reviews

SP
Jul 12, 2024
If a zero-day attack originates in Europe, Check Point CloudGuard can detect it within minutes and distribute a new signature globally
When we activate the WAF, our security signatures and all the latest threat intelligence are immediately updated. Our protection is automatically refreshed every few hours to address emerging threats. For example, if a zero-day attack originates in Europe, Check Point CloudGuard can detect it within minutes and distribute a new signature globally. This ensures that when the attack reaches Australia, it is already blocked by our up-to-date WAF. Although the WAF still produces false positives because of the signatures, we can apply a rule to exclude them easily. Automated threat intelligence is crucial because a ransomware attack can compromise a network in minutes. Imagine an attack occurring at 3 AM when staff is unavailable; the damage may already be done when someone investigates. Ransomware can infiltrate and complete its task within just a few sessions. Once inside, attackers can lay dormant for months, covertly sending data using internal IP addresses. These addresses are often whitelisted, making it difficult to detect whether the outbound traffic is authorized or malicious. Automated threat intelligence can rapidly detect and respond to attacks, unlike manual processes that take 15 to 20 minutes, often too late to prevent significant damage like a completed ransomware attack. Systems like OCSP, utilizing best practices from multiple vendors such as Azure, Microsoft, CheckPoint, Palo Alto, and CloudStrike, provide an open platform for sharing and updating threat signatures. This enables organizations to tailor their security measures based on specific application needs and behaviors, effectively mitigating risks without unnecessary restrictions. Cloud-based WAF solutions, such as Check Point's, offer significant advantages compared to traditional on-premises WAFs like Cisco or Palo Alto. On-premises WAFs require substantial upfront costs for hardware, expensive licenses, and frequent, costly upgrades as technology evolves. Cloud-based alternatives eliminate these expenses by providing the latest features and capabilities without hardware or software management. This flexibility and cost-efficiency make cloud WAFs appealing to many organizations. However, cloud solutions can be more expensive for high-throughput applications like Instagram or Facebook due to data transfer costs. At the same time, on-premises options might be more economical in these cases. Ultimately, the best choice depends on specific network size, criticality, and application requirements.
Read full review
VISHWJEET GAIKWAD - PeerSpot reviewer
Aug 21, 2024
Works very well for multi-cloud environments and is more cost-effective than cloud-native tools
Some of the clients onboard individual cloud accounts into Prisma Cloud. When any new service comes into the AWS, Azure, or any other cloud, Prisma Cloud generates a warning about the new service and any missing permissions to be able to ingest the logs. We then manually run a Terraform template for Azure or a CFT template for AWS. It is a manual task that we have to do as and when needed. It is a repetitive and manual task. They should find a way to automatically update the role with the CFT or Terraform template. It would be best if this task is automated. When an account is onboarded, if it is missing any permission, it should automatically be updated with the required permissions and policies. If they can do something from the AI security perspective, it will be helpful. I am not sure if it has any AI capabilities, but it would be helpful to have AI integration for finding out issues and remediating alerts.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"User attitude reviews help us keep all online users compliant with company regulations and policies."
"The tool's most valuable feature is AI, which makes operations easier. Moreover, it is easy to deploy."
"They offer free trials, which is quite appreciative and grabs more attention from new users and businesses."
"Its ability to adapt to our applications and ensure our security policies are followed is a big plus."
"The tool performs device health checkups and updates us. It helps us to be compliant with regulatory policies."
"Machine learning is a valuable tool for this assessment because it allows for a two-phase approach: secure and non-secure."
"It provides advanced analytics that gives each team time to prepare for any threat that might occur in the future."
"By using a cloud application security solution, our company can save costs by reducing the need for additional security hardware and software and improving operational efficiency."
More Check Point CloudGuard WAF pros
"Through Prisma Cloud, we can write Lambda functions, configure policies to check the security posture, and get reports. We can do a lot more."
"We haven't had an issue with the product for over a year."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"What I found most valuable in Prisma Cloud by Palo Alto Networks is the VAS, such as the web application and API security. I feel that VAS adds a lot of value, mainly because it gives visibility through the application layer and threat detection features."
"The solution will streamline and minimize manual efforts."
"The solution's dashboard looks very user-friendly."
"Prisma Cloud's real-time detection and monitoring of our entire system is the most useful."
"The support is excellent."
More Prisma Cloud by Palo Alto Networks pros
 

Cons

"The creation of security profiles for each application takes a lot of time."
"CloudGuard could improve in areas such as ease of integration with Fortinet and reducing costs associated with deployment in cloud environments like Azure."
"Cost reduction and trial period extension should be considered with some lucrative discount offerings in buying standard versions."
"The documentation of each of the tools that they offer needs to be better."
"In terms of features, I do not have any negatives. Their integration is extremely quick. It is better than others I have been involved with in the past. Their pricing model, however, can be better."
"It was costlier than other solutions."
"We would like to have a solution of this type for the administration of applications from mobile devices."
"I do not know if it is already there, but I would like to have complete visibility between the posture management and firewall as a service."
More Check Point CloudGuard WAF cons
"The automation capabilities are growing each day, but the problem is that the updates are not that frequent. There are some services on Amazon that have come out with updates, and Azure is also getting up to date. But Prisma takes some time to follow. There's a time gap that Prisma inherits from these clouds. I understand why it takes some time, but that time should be reduced."
"While Prisma provides a lot of visibility, it also creates a ton of work. Most customers that implement Prisma Cloud have thousands of alerts that are urgent."
"While the documentation continually improves, it still has limitations compared to the extensive resources available for older products like hardware firewalls, which have been around for approximately 20 years."
"The Fargate security microservice that's running doesn't support blocking features, which would be helpful. Another issue is the lifecycle. It isn't easy to upgrade if we have a console in Fargate."
"The Palo Alto support needs to improve."
"The cloud integration is too complex. It should be simple to integrate Prisma Cloud with any cloud environment. Policy management could also be simpler."
"Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into."
"The regional cost of Prisma Cloud in South Africa is high and could be improved."
More Prisma Cloud by Palo Alto Networks cons
 

Pricing and Cost Advice

"It is reasonable as compared to the other solutions."
"It is not cheap, but it is worth it."
"Check Point CloudGuard WAF is expensive compared to Azure WAF."
"The tool's licensing costs are yearly and competitive."
"Check Point CloudGuard Application Security's pricing is not friendly."
"Considering all the benefits we've observed, we find the price to be satisfactory."
"If the pricing for the Infinity platform covers everything, it would be more straightforward. I had a hard time selling it to our CEO as a former CFO because of the differentials. There are different deltas year to year over a five-year period. It is very difficult to explain. It would be easier to digest for our executives if there was a flatter scale"
"Check Point CloudGuard Application Security's pricing is comparable to other products in the market."
More Check Point CloudGuard WAF pricing and cost advice
"Prisma Cloud by Palo Alto Networks has helped the company save some money. Cost-wise, it's okay."
"The product is very expensive, but the cost is a necessary evil; I don't know how we could have any kind of cloud presence without this type of monitoring. The pricing is calculated by module and resource usage. Ultimately, it saves us money in the amount of time we would spend uncovering what it uncovers, and we might not make the required discoveries without it anyway. Prisma offers incredible value, though I wish it were cheaper."
"I wouldn't mind if it were cheaper. We are spending a fair amount of money on Prisma Cloud."
"Prisma Cloud is affordable."
"The pricing is competitive. From what I have seen in the past, it is on par with the others."
"Prisma Cloud is remarkably expensive."
"If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
"The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
More Prisma Cloud by Palo Alto Networks pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
See recommendations
805,335 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
22%
Security Firm
14%
Manufacturing Company
9%
Computer Software Company
8%
Educational Organization
16%
Computer Software Company
13%
Financial Services Firm
13%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about CloudGuard for Application Security?
The app control is very sensitive, and the threat detection and prevention is better than other Check Point solutions. There is a centralized management console for threat protection and self-inspe...
See all answers
What is your experience regarding pricing and costs for CloudGuard for Application Security?
Check Point CloudGuard WAF is expensive compared to Azure WAF. I would rate the cost of Check Point CloudGuard WAF as eight out of ten, with ten being the most costly.
See all answers
What needs improvement with CloudGuard for Application Security?
Check Point CloudGuard WAF's code could be improved. While the GUI allows configuration for application-related features, specific definitions cannot be modified through the code. Ideally, we would...
See all answers
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
See all answers
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We are able to easily see where our container vulnerabilities lie and and where cl...
See all answers
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valuable feature and their speed of integration is very good. The initial setup was ...
See all answers
 

Comparisons

Imperva Web Application Firewall vs Check Point CloudGuard WAF Logo
Imperva Web Application Firewall vs Check Point CloudGuard WAF
Compared 26% of the time
SonarQube vs Check Point CloudGuard WAF Logo
SonarQube vs Check Point CloudGuard WAF
Compared 23% of the time
F5 Advanced WAF vs Check Point CloudGuard WAF Logo
F5 Advanced WAF vs Check Point CloudGuard WAF
Compared 21% of the time
AWS WAF vs Check Point CloudGuard WAF Logo
AWS WAF vs Check Point CloudGuard WAF
Compared 17% of the time
Fortinet FortiWeb vs Check Point CloudGuard WAF Logo
Fortinet FortiWeb vs Check Point CloudGuard WAF
Compared 13% of the time
More Check Point CloudGuard WAF Competitors
Wiz vs Prisma Cloud by Palo Alto Networks Logo
Wiz vs Prisma Cloud by Palo Alto Networks
Compared 20% of the time
Microsoft Defender for Cloud vs Prisma Cloud by Palo Alto Networks Logo
Microsoft Defender for Cloud vs Prisma Cloud by Palo Alto Networks
Compared 13% of the time
Aqua Cloud Security Platform vs Prisma Cloud by Palo Alto Networks Logo
Aqua Cloud Security Platform vs Prisma Cloud by Palo Alto Networks
Compared 6% of the time
CrowdStrike Falcon Cloud Security vs Prisma Cloud by Palo Alto Networks Logo
CrowdStrike Falcon Cloud Security vs Prisma Cloud by Palo Alto Networks
Compared 5% of the time
AWS Security Hub vs Prisma Cloud by Palo Alto Networks Logo
AWS Security Hub vs Prisma Cloud by Palo Alto Networks
Compared 5% of the time
More Prisma Cloud by Palo Alto Networks Competitors
 

Product Reports

Buyer's Guide
Check Point CloudGuard WAF
September 2024
Check Point CloudGuard WAF reportDownload Check Point CloudGuard WAF product report
Buyer's Guide
Prisma Cloud by Palo Alto Networks
August 2024
Prisma Cloud by Palo Alto Networks reportDownload Prisma Cloud by Palo Alto Networks product report
 

Also Known As

Check Point CloudGuard Application Security, CloudGuard Application Security, CloudGuard AppSec
Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Learn More

Video not available
Check Point Software Technologies
Palo Alto Networks
 

Overview

Check Point CloudGuard WAF (Web Application Firewall) is a cloud-native security solution designed to protect web applications and APIs from known and unknown threats. It employs contextual AI and machine learning to prevent zero-day attacks without relying on traditional signature-based detection methods, ensuring that applications remain secure even as new threats emerge.

CloudGuard WAF offers preemptive protection against vulnerabilities by using machine learning to identify and block zero-day threats like Log4Shell and Spring4Shell. It provides precise detection capabilities, minimizing the need for constant fine-tuning and reducing false positives. Designed for cloud-native environments, CloudGuard WAF integrates seamlessly with CI/CD pipelines, supporting automated deployment and configuration through infrastructure as code (IaC) or APIs.

Key Features of CloudGuard WAF:

  • ML-Based Threat Prevention: Stops application-layer attacks, including those listed in the OWASP Top 10, with minimal tuning and no reliance on signature updates.
  • API Discovery and Security: Identifies and secures APIs, preventing misuse and enforcing API schemas to protect against unauthorized access.
  • Bot and DDoS Prevention: Detects and mitigates automated attacks that can disrupt services or degrade customer experiences.
  • Intrusion Prevention (IPS): Provides protection against over 2,800 web-related CVEs using Check Point’s award-winning IPS technology.

Benefits of CloudGuard WAF:

  • Zero-Day Protection: Mitigates risks from newly discovered vulnerabilities without waiting for signature updates.
  • Reduced Operational Overhead: Eliminates the need for constant manual tuning and exception handling, simplifying security management.
  • Comprehensive API Security: Enhances control over your attack surface by discovering and securing all APIs, including shadow, rogue, and deprecated endpoints.
  • Fast and Easy Deployment: Deployable within minutes via WAF as a Service (WAFaaS), requiring only a one-time DNS configuration for immediate protection.

CloudGuard WAF is particularly suitable for organizations using modern, cloud-based architectures that require robust, automated security measures for both applications and APIs. Its capabilities are valuable for industries that handle sensitive data, such as finance or healthcare, where compliance and data protection are critical. Pricing and support are typically customized to the specific needs and scale of the deployment, with options for continuous updates and maintenance through Check Point's managed services.

CloudGuard WAF by Check Point provides advanced, AI-driven protection for web applications and APIs, offering automated, precise threat prevention and easy integration with cloud-native environments, ensuring robust security without the need for extensive manual configuration.

Prisma Cloud by Palo Alto Networks is a cloud security solution used for cloud security posture management, cloud workload protection, container security, and code security. It provides visibility, monitoring, and alerting for security issues in multi-cloud environments. 

The solution is user-friendly, easy to set up, and integrates with SIEM for generating alerts and reports. Its most valuable features include security features, monitoring capabilities, reporting, compliance monitoring, vulnerability dashboard, data security features, and multi-cloud capabilities. Prisma Cloud has helped organizations by providing comprehensive protection, automating workflows, simplifying troubleshooting, and improving collaboration between SecOps and DevOps.

Prisma Cloud Features

Prisma Cloud offers comprehensive security coverage in all areas of the cloud development lifecycle:

  • Code security: Protect configurations, scan code before it enters production, and integrate with other tools.

  • Security posture management: Monitor posture, identify and remove threats, and provide compliance across public clouds.

  • Workload protection: Secure hosts and containers across the application lifecycle.

  • Network security: Gain network visibility and enforce micro segmentation.

  • Identity security: Enforce permissions and secure identities across clouds.

Benefits of Prisma Cloud

  • Unified management: All users use the same dashboards built via shared onboarding, allowing cloud security to be addressed from a single agent framework.

  • High-speed onboarding: Multiple cloud accounts and users are onboarded within seconds, rapidly activating integrated security capabilities.

  • Multiple integration options: Prisma Cloud can integrate with widely used IDE, SCM, and CI/CD workflows early in development, enabling users to identify and fix vulnerabilities and compliance issues before they enter production. Prisma Cloud supports all major workflows, automation frameworks, and third-party tools.

Reviews from Real Users

Prisma Cloud stands out among its competitors for a number of reasons. Two major ones are its integration capabilities, as well as its visibility, which makes it very easy for users to get a full picture of the cloud environment.

Alex J., an information security manager at Cobalt.io, writes, “Prisma Cloud has enabled us to take a very strong preventive approach to cloud security. One of the hardest things with cloud is getting visibility into workloads. With Prisma Cloud, you can go in and get that visibility, then set up policies to alert on risky behavior, e.g., if there are security groups or firewall ports open up. So, it is very helpful in preventing configuration errors in the cloud by having visibility. If there are issues, then you can find them and fix them.”

Luke L., a cloud security specialist for a financial services firm, writes, “You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums.”

 

Sample Customers

Orange España, Paschoalotto
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Buyer's Guide
Check Point CloudGuard WAF vs. Prisma Cloud by Palo Alto Networks
September 2024
Free Report: Check Point CloudGuard WAF vs. Prisma Cloud by Palo Alto Networks
Find out what your peers are saying about Check Point CloudGuard WAF vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: September 2024.
DOWNLOAD NOW
805,335 professionals have used our research since 2012.
See our Check Point CloudGuard WAF vs. Prisma Cloud by Palo Alto Networks report.
See our list of best Web Application Firewall (WAF) vendors.

We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.