Check Point CloudGuard Posture Management is utilized to monitor our various cloud-related portals on AWS, Google Cloud, Azure, and other platforms. This solution offers a unified console to manage all the servers and provide us with comprehensive details.
Security Consultant at a consultancy with 501-1,000 employees
Real User
Top 5
2023-06-26T14:21:00Z
Jun 26, 2023
We utilize Check Point CloudGuard Posture Management to gain visibility into our cloud environments and their configurations. The cloud services we employ include AWS, Azure, and GCP.
We use the solution to protect workloads and users on the cloud, including both internal and external users. The solution must monitor user roles, the overall posture of the cloud application, and database and web servers that are exposed to the internet. It is an improvement over the default Amazon AWS security posture because it is sensitive to the context in which the application is being used, such as whether it is being used by a public user or an internal user who is managing the system on the cloud.
Director of Information Security at a tech vendor with 51-200 employees
Real User
Top 10
2023-01-27T15:56:00Z
Jan 27, 2023
CloudGuard is a tool for evaluating the health and configuration of an account. We primarily use it for AWS, but we also use it for Azure. I also use it for inventory and historical reporting. We work with 50 AWS accounts. Four teams across a couple of time zones use CloudGuard. Our security and DevOps teams are the primary users, but the support team occasionally uses it. Management consumes the output and the reports. I think it makes them feel good, so that's nice. I haven't dipped into CloudGuard's agentless or shift-left capabilities, but I'm interested. Unfortunately, I'm strapped for resources and time and haven't been able to get more value out of my tooling. I'd like to, but I haven't had a good chance to look at that yet.
Cloud Engineer at IT Quest Solutions|interglobalmsp
User
Top 5
2022-12-27T14:33:00Z
Dec 27, 2022
Most of the infrastructure we have is in the Azure cloud. We have another on-premise. Since we were migrating to a cloud infrastructure, we needed a tool that would provide a certain degree of policy compliance and security throughout the environment and thus be able to have the monitored environment and out of vulnerabilities. With this tool, we can add different authentication methods to our systems, have a record of where they connect from, and cover all vulnerable security points, providing complete security.
Learn what your peers think about Check Point CloudGuard CNAPP. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
We needed to establish a security posture under certain requirements. We needed to protect infrastructure as a service and our software as a service platform in each of our environments for the development and implementation of the cloud. We needed to provision instantaneous computing infrastructure and administration through the Internet. Management and security was the initial requirement, with more requirements being established. We were seeking a baseline that was provided to us by a security expert that would allow us to identify and remediate security risks and evaluate monitoring automation. We needed a solution that could prevent the company from being violated when implementing and managing a new configuration.
This software protects cloud data from security malpractices and enhances policy compliance. It provides full data visualization of saved workloads and workflows that runs across the organization. Posture Management provides data analytics from network security, enabling departments to monitor work processes effectively. It has deployed automatic security models across the cloud computing infrastructure to enhance best data protection practices. The database management team has fully benefited since we secured this product due to increased efficiency.
This tool provides organizations with full security visualization data. It enables each department to discover the best security practices to protect data from ransomware attacks. It detects any security misconfigurations with an automated alert response to the IT team to take quick action. It has fully deployed reliable data protection tools to our cloud servers that detect any form of data theft in advance. The provision of advanced data analytics helps teams in the organization to deploy awareness to all sectors to ensure each team is fully equipped with data protection knowledge.
We required a centralized, modern, and easy-to-use tool. After validating the technology of the available security applications, we found the correct tool in Check Point CloudGuard. It helped us with the security posture to follow best practices. The recommendations and the automated implementations are through a multi-cloud portal that was easily linked with the cloud that we manage. All those previous virtues plus an effective dashboard full of graphs have helped us with decision making. It's been very helpful for the company's security requirements. We have been able to comply with the recommendations and improvements in our cloud infrastructure using this product.
In recent years, in search of a new strategy, we have tried to strengthen our security and infrastructure posture, being one of the fundamental pillars of a large organization. As a result of this situation, we have begun to adapt using solutions that support us at the cloud and on-premise. Posture Management is the solution that supports us in this search for a healthy, strong infrastructure and, above all, is aligned with the legal and regulatory frameworks at an international level.
In the company I work for, it was implemented to be able to have governance in addition to good practices in our Microsoft Azure environment. It's a somewhat expensive tool, however, it is worth it to be able to solve all those improvements and avoid so many modern vulnerabilities, which have their point in cloud attacks. It helped us a lot in improving the regulations and security of our cloud environments. We still manage an on-premise environment, however, many companies at the beginning believe that the cloud is invulnerable or that the manufacturer must ensure everything, which is not correct. With this implementation, it is possible to improve all current cloud security.
Cloud Support at a tech company with 51-200 employees
User
2022-06-01T04:31:00Z
Jun 1, 2022
Our company manages hybrid environments in which we also have a Microsoft Azure Cloud and a hybrid approach, however, you have to navigate between them and carry out separate implementations. Instead, we were looking for a unified validation. We found it with the Check Point Dome9 solution, an incredible evaluation of our environments with a simple implementation was what the company was looking for to cover the security flaws that existed, in the face of any modern threat that could harm our services.
Chief Technical Officer at a government with 1,001-5,000 employees
Real User
2021-10-11T15:39:00Z
Oct 11, 2021
We use CloudGuard for compliance and auditing. About 20 people in our company use it, including our cloud administrators use it and security personnel. And now even our managers, our scrum masters are using it.
Senior Consultant at a tech services company with 11-50 employees
Consultant
2021-09-10T15:00:00Z
Sep 10, 2021
It is a good tool for a large enterprise operating across multiple cloud environments, like AWS, Azure, or a hybrid infrastructure. Check Point posture management gives you visibility across your entire cloud infrastructure, so it helps you with management, maintenance, and compliance. With visibility across all these cloud platforms, you can protect against compromised credentials or identity theft.
Security Engineer at a tech company with 1,001-5,000 employees
User
2021-09-01T16:28:00Z
Sep 1, 2021
We primarily use this solution for: * Posture management and compliance for the complete cloud environment (AWS). * Centralized visibility of our cloud assets across multiple accounts in our cloud environment. * Monitoring and alerting of cloud activity (API calls) happening across all the accounts. * Reviewing security configuration (network configuration of security groups). * Scanning serverless functions for existing vulnerabilities. * The baseline for security policy as per workload based on services such as S3, EC2, et cetera.
Cloud Solution Architect at Network Thinking Solutions
User
2021-07-30T14:32:00Z
Jul 30, 2021
I have been using it in my AWS-Azure multi-cloud schema in order to monitor and protect transactions and data from all escalations - not only what we have at the database level. It helps us protect the data of our big data. It has been the complete solution to help cover our lack of security at the infrastructure level. Not only does it cover the servers, but at the workstation level, it is monitoring what users are doing. It identifies actions and can make automatic remediation at a user level.
Managing Director at a tech services company with 5,001-10,000 employees
Reseller
2021-04-09T16:13:19Z
Apr 9, 2021
Our primary use case of this solution is for compliance on the cloud and Check Point is very good for tracking that. We are resellers of Check Point CloudGuard and I'm the managing director of the company.
We currently have hybrid cloud environments, so different cloud platforms are being used by the business for different use cases and systems are being deployed at a very fast pace. It's very challenging to enforce security and have eyes on everything that exists in the cloud unless you have centralized tools helping you accomplish this goal. Today Dome9 is helping us analyze what we have out there and what our priorities should be from a remediation perspective. We do have multiple accounts today with the different cloud providers, so it's imperative to use a tool like Dome9.
CheckPoint Dome9 is a cloud security management solution for our Azure cloud environment, and we have Azure for our cloud services. With this solution, we manage our network security policy management and automation for our cloud environment across providers, accounts, and regions. Dome9 provides us policy compliance based on our requirements. If we request SOX or HIPPA, based on that we will enable the policy and we will get the reports as well. We also create users and set policies and we can monitor the logs.
Dome9 is a SaaS security solution that handles compliance and security for cloud. There are two major functions, and the first is to operate as a central firewall monitoring and management system in the cloud. We have more than 100 firewalls in the cloud, and Dome9 allows us to manage them. The second function is its role as a compliance suite that helps you in keeping your cloud platforms compliant with PCI or ISO 27001. For the most part, this is what I used it for. In the beginning, Dome9 did not have many features. There were only these two.
Advisory Information Security Analyst at a financial services firm with 501-1,000 employees
Real User
2020-11-24T07:57:00Z
Nov 24, 2020
We pull all of our cloud platforms into Dome9: AWS and Azure as well as our Kubernetes environment. We use it for a few things: * It provides policy compliance. If we wanted to use SOX compliance or HIPAA, then we can turn on rules for that. Then, if something is in violation of one of those rules, it will let us know and we can correct it. * We are able to set users, authentication, and powers, e.g., give users the ability to create networks. * We use it for log monitoring. We are able to pull in logs from cloud environments, review them, and take action.
Senior Security Engineer at a insurance company with 10,001+ employees
Real User
2020-10-22T05:36:00Z
Oct 22, 2020
We use Dome9 for security groups on the AWS/Azure side. We use it for inventory purposes, to gather all of the accounts into one single view. We do some governance and compliance in it as well.
The primary use case has been for auditing the cloud infrastructure in terms of security, because our company has been audited a lot of times. For the cloud, this is a tool that we use to audit the cloud environment. For example, all of the S3 buckets are encrypted to know if we don't have servers exposed to the Internet where they shouldn't be. This solution runs some compliance reports. That is why we use it. We use it the most to check if things are complaint, because the compliancy checking is accurate.
We use the Check Point CloudGuard IaaS within our company is for the protection of our cloud assets. It is deployed on Google Cloud Platform with the help of the Firewall, Application Control, and Intrusion Prevention System software blades. In addition, we rely heavily on the GeoIP module to restrict undesired countries from accessing our services, as for now, you can't achieve it with the GCP firewall. There are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project, there is one dedicated scalable instance group of the Check Point CloudGuard IaaS gateways. Dome9 is used as an additional compliance tool to improve the security of these environments and avoid any configuration errors.
Sr Manager IT Security at a financial services firm with 10,001+ employees
Real User
2020-08-03T06:11:00Z
Aug 3, 2020
* Visibility for cloud workloads, including server, serverless and Kubernetes. * Security configuration review along with automatic remediation. * Posture management and compliance for a complete cloud environment. * Centralize visibility for a complete cloud environment of the workload hosted on multiple cloud platforms (AWS and Azure). * Baseline for security policy as per the workload based on services, such as S3, EC2, etc. * Visibility of an API call within the environment. * IAM management providing access to the cloud network in a controlled manner. * Alerts and notifications for any security breach/changes in the cloud environment. * Flow visibility of traffic to and from the cloud environment. * Real-time alerting for any security incidents. They provide support for Azure, Amazon, GCP, and Alibaba. However, we just have AWS and Azure.
Senior Manager at a financial services firm with 10,001+ employees
Real User
2020-07-29T10:19:00Z
Jul 29, 2020
1) Visibility for Cloud Work Load for Server, Server Less & Container environment 2) Security configuration review along with auto-remediation 3) Posture management and Compliance for complete Cloud Environment 4) Centralize Visibility for Complete Cloud Environment of Workload hosted on Multiple Cloud Platform (AWS, Azure, and GCP) 5) The baseline for Security Policy as per Workload based on Services such as S3, EC2, etc 6) Visibility of API call within the environment 7) IAM management providing access to cloud network in a control manner 8) Alert and Notification for any Security breach/Changes in Cloud environment 9) Flow Visibility of traffic from and to Cloud Environment 10) Real-time alerting for any incident
Product Manager at a tech services company with 51-200 employees
Reseller
2020-06-04T09:41:24Z
Jun 4, 2020
We are a reseller of security solutions, and we also offer professional and managed services around them. We cover network security, web application firewalls, email, web security, security information and event management, privilege access management, and other such products. Dome9 is one of the solutions that we implement for our customers, and they use it to help secure their cloud. It works on several cloud platforms, including Azure and AWS. It will handle security issues such as ensuring a proper configuration, that the credentials are set up correctly, and that the storage of sensitive data is appropriately configured. Some of our customers use Dome9 for discovery, to help them understand the different accounts that they have in the cloud. Very often, there can be a proliferation of cloud-based accounts and applications that the organization on a wider basis is not aware of. Dome9 is very good if you need to get an inventory and reporting on the current state of your environment.
We are a solution provider and we are evaluating multiple tools for cloud workload security and vulnerability management. We are evaluating products such as Dome9 to figure out which one would be best for our customers. This solution is used to replace a variety of cloud security and management tools.
The primary use case for this solution is associated with a challenge whereby we have multiple cloud computing platforms. We have our past cloud platforms in AWS and ECP. Therefore, we can configure management and policy governance tools to deployment across all sites.
Check Point CloudGuard CNAPP is a cloud-native application protection platform designed to secure your cloud environments and applications. By combining CSPM, CWPP, CSNS, and WAF capabilities, it provides a comprehensive solution to protect your cloud environment from a wide range of threats.
CloudGuard CNAPP delivers end-to-end cloud security, including workload protection, vulnerability management, and identity management, all while maintaining continuous compliance. It uses advanced...
Check Point CloudGuard Posture Management is utilized to monitor our various cloud-related portals on AWS, Google Cloud, Azure, and other platforms. This solution offers a unified console to manage all the servers and provide us with comprehensive details.
We utilize Check Point CloudGuard Posture Management to gain visibility into our cloud environments and their configurations. The cloud services we employ include AWS, Azure, and GCP.
We use the solution to protect workloads and users on the cloud, including both internal and external users. The solution must monitor user roles, the overall posture of the cloud application, and database and web servers that are exposed to the internet. It is an improvement over the default Amazon AWS security posture because it is sensitive to the context in which the application is being used, such as whether it is being used by a public user or an internal user who is managing the system on the cloud.
We review CloudGuard results and generate tickets to contact the owners.
CloudGuard is a tool for evaluating the health and configuration of an account. We primarily use it for AWS, but we also use it for Azure. I also use it for inventory and historical reporting. We work with 50 AWS accounts. Four teams across a couple of time zones use CloudGuard. Our security and DevOps teams are the primary users, but the support team occasionally uses it. Management consumes the output and the reports. I think it makes them feel good, so that's nice. I haven't dipped into CloudGuard's agentless or shift-left capabilities, but I'm interested. Unfortunately, I'm strapped for resources and time and haven't been able to get more value out of my tooling. I'd like to, but I haven't had a good chance to look at that yet.
Most of the infrastructure we have is in the Azure cloud. We have another on-premise. Since we were migrating to a cloud infrastructure, we needed a tool that would provide a certain degree of policy compliance and security throughout the environment and thus be able to have the monitored environment and out of vulnerabilities. With this tool, we can add different authentication methods to our systems, have a record of where they connect from, and cover all vulnerable security points, providing complete security.
We needed to establish a security posture under certain requirements. We needed to protect infrastructure as a service and our software as a service platform in each of our environments for the development and implementation of the cloud. We needed to provision instantaneous computing infrastructure and administration through the Internet. Management and security was the initial requirement, with more requirements being established. We were seeking a baseline that was provided to us by a security expert that would allow us to identify and remediate security risks and evaluate monitoring automation. We needed a solution that could prevent the company from being violated when implementing and managing a new configuration.
This software protects cloud data from security malpractices and enhances policy compliance. It provides full data visualization of saved workloads and workflows that runs across the organization. Posture Management provides data analytics from network security, enabling departments to monitor work processes effectively. It has deployed automatic security models across the cloud computing infrastructure to enhance best data protection practices. The database management team has fully benefited since we secured this product due to increased efficiency.
This tool provides organizations with full security visualization data. It enables each department to discover the best security practices to protect data from ransomware attacks. It detects any security misconfigurations with an automated alert response to the IT team to take quick action. It has fully deployed reliable data protection tools to our cloud servers that detect any form of data theft in advance. The provision of advanced data analytics helps teams in the organization to deploy awareness to all sectors to ensure each team is fully equipped with data protection knowledge.
We required a centralized, modern, and easy-to-use tool. After validating the technology of the available security applications, we found the correct tool in Check Point CloudGuard. It helped us with the security posture to follow best practices. The recommendations and the automated implementations are through a multi-cloud portal that was easily linked with the cloud that we manage. All those previous virtues plus an effective dashboard full of graphs have helped us with decision making. It's been very helpful for the company's security requirements. We have been able to comply with the recommendations and improvements in our cloud infrastructure using this product.
In recent years, in search of a new strategy, we have tried to strengthen our security and infrastructure posture, being one of the fundamental pillars of a large organization. As a result of this situation, we have begun to adapt using solutions that support us at the cloud and on-premise. Posture Management is the solution that supports us in this search for a healthy, strong infrastructure and, above all, is aligned with the legal and regulatory frameworks at an international level.
In the company I work for, it was implemented to be able to have governance in addition to good practices in our Microsoft Azure environment. It's a somewhat expensive tool, however, it is worth it to be able to solve all those improvements and avoid so many modern vulnerabilities, which have their point in cloud attacks. It helped us a lot in improving the regulations and security of our cloud environments. We still manage an on-premise environment, however, many companies at the beginning believe that the cloud is invulnerable or that the manufacturer must ensure everything, which is not correct. With this implementation, it is possible to improve all current cloud security.
Our company manages hybrid environments in which we also have a Microsoft Azure Cloud and a hybrid approach, however, you have to navigate between them and carry out separate implementations. Instead, we were looking for a unified validation. We found it with the Check Point Dome9 solution, an incredible evaluation of our environments with a simple implementation was what the company was looking for to cover the security flaws that existed, in the face of any modern threat that could harm our services.
Primarily, we use this solution to detect security configurations in AWS environments.
We use CloudGuard for compliance and auditing. About 20 people in our company use it, including our cloud administrators use it and security personnel. And now even our managers, our scrum masters are using it.
It is a good tool for a large enterprise operating across multiple cloud environments, like AWS, Azure, or a hybrid infrastructure. Check Point posture management gives you visibility across your entire cloud infrastructure, so it helps you with management, maintenance, and compliance. With visibility across all these cloud platforms, you can protect against compromised credentials or identity theft.
We primarily use this solution for: * Posture management and compliance for the complete cloud environment (AWS). * Centralized visibility of our cloud assets across multiple accounts in our cloud environment. * Monitoring and alerting of cloud activity (API calls) happening across all the accounts. * Reviewing security configuration (network configuration of security groups). * Scanning serverless functions for existing vulnerabilities. * The baseline for security policy as per workload based on services such as S3, EC2, et cetera.
I have been using it in my AWS-Azure multi-cloud schema in order to monitor and protect transactions and data from all escalations - not only what we have at the database level. It helps us protect the data of our big data. It has been the complete solution to help cover our lack of security at the infrastructure level. Not only does it cover the servers, but at the workstation level, it is monitoring what users are doing. It identifies actions and can make automatic remediation at a user level.
Our primary use case of this solution is for compliance on the cloud and Check Point is very good for tracking that. We are resellers of Check Point CloudGuard and I'm the managing director of the company.
We currently have hybrid cloud environments, so different cloud platforms are being used by the business for different use cases and systems are being deployed at a very fast pace. It's very challenging to enforce security and have eyes on everything that exists in the cloud unless you have centralized tools helping you accomplish this goal. Today Dome9 is helping us analyze what we have out there and what our priorities should be from a remediation perspective. We do have multiple accounts today with the different cloud providers, so it's imperative to use a tool like Dome9.
CheckPoint Dome9 is a cloud security management solution for our Azure cloud environment, and we have Azure for our cloud services. With this solution, we manage our network security policy management and automation for our cloud environment across providers, accounts, and regions. Dome9 provides us policy compliance based on our requirements. If we request SOX or HIPPA, based on that we will enable the policy and we will get the reports as well. We also create users and set policies and we can monitor the logs.
Dome9 is a SaaS security solution that handles compliance and security for cloud. There are two major functions, and the first is to operate as a central firewall monitoring and management system in the cloud. We have more than 100 firewalls in the cloud, and Dome9 allows us to manage them. The second function is its role as a compliance suite that helps you in keeping your cloud platforms compliant with PCI or ISO 27001. For the most part, this is what I used it for. In the beginning, Dome9 did not have many features. There were only these two.
We pull all of our cloud platforms into Dome9: AWS and Azure as well as our Kubernetes environment. We use it for a few things: * It provides policy compliance. If we wanted to use SOX compliance or HIPAA, then we can turn on rules for that. Then, if something is in violation of one of those rules, it will let us know and we can correct it. * We are able to set users, authentication, and powers, e.g., give users the ability to create networks. * We use it for log monitoring. We are able to pull in logs from cloud environments, review them, and take action.
We use Dome9 for security groups on the AWS/Azure side. We use it for inventory purposes, to gather all of the accounts into one single view. We do some governance and compliance in it as well.
The primary use case has been for auditing the cloud infrastructure in terms of security, because our company has been audited a lot of times. For the cloud, this is a tool that we use to audit the cloud environment. For example, all of the S3 buckets are encrypted to know if we don't have servers exposed to the Internet where they shouldn't be. This solution runs some compliance reports. That is why we use it. We use it the most to check if things are complaint, because the compliancy checking is accurate.
We use the Check Point CloudGuard IaaS within our company is for the protection of our cloud assets. It is deployed on Google Cloud Platform with the help of the Firewall, Application Control, and Intrusion Prevention System software blades. In addition, we rely heavily on the GeoIP module to restrict undesired countries from accessing our services, as for now, you can't achieve it with the GCP firewall. There are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project, there is one dedicated scalable instance group of the Check Point CloudGuard IaaS gateways. Dome9 is used as an additional compliance tool to improve the security of these environments and avoid any configuration errors.
* Visibility for cloud workloads, including server, serverless and Kubernetes. * Security configuration review along with automatic remediation. * Posture management and compliance for a complete cloud environment. * Centralize visibility for a complete cloud environment of the workload hosted on multiple cloud platforms (AWS and Azure). * Baseline for security policy as per the workload based on services, such as S3, EC2, etc. * Visibility of an API call within the environment. * IAM management providing access to the cloud network in a controlled manner. * Alerts and notifications for any security breach/changes in the cloud environment. * Flow visibility of traffic to and from the cloud environment. * Real-time alerting for any security incidents. They provide support for Azure, Amazon, GCP, and Alibaba. However, we just have AWS and Azure.
1) Visibility for Cloud Work Load for Server, Server Less & Container environment 2) Security configuration review along with auto-remediation 3) Posture management and Compliance for complete Cloud Environment 4) Centralize Visibility for Complete Cloud Environment of Workload hosted on Multiple Cloud Platform (AWS, Azure, and GCP) 5) The baseline for Security Policy as per Workload based on Services such as S3, EC2, etc 6) Visibility of API call within the environment 7) IAM management providing access to cloud network in a control manner 8) Alert and Notification for any Security breach/Changes in Cloud environment 9) Flow Visibility of traffic from and to Cloud Environment 10) Real-time alerting for any incident
We are a reseller of security solutions, and we also offer professional and managed services around them. We cover network security, web application firewalls, email, web security, security information and event management, privilege access management, and other such products. Dome9 is one of the solutions that we implement for our customers, and they use it to help secure their cloud. It works on several cloud platforms, including Azure and AWS. It will handle security issues such as ensuring a proper configuration, that the credentials are set up correctly, and that the storage of sensitive data is appropriately configured. Some of our customers use Dome9 for discovery, to help them understand the different accounts that they have in the cloud. Very often, there can be a proliferation of cloud-based accounts and applications that the organization on a wider basis is not aware of. Dome9 is very good if you need to get an inventory and reporting on the current state of your environment.
We are a solution provider and we are evaluating multiple tools for cloud workload security and vulnerability management. We are evaluating products such as Dome9 to figure out which one would be best for our customers. This solution is used to replace a variety of cloud security and management tools.
We have been researching this solution as something to provide for clients who are interested in implementing a high-security AWS environment.
The primary use case for this solution is associated with a challenge whereby we have multiple cloud computing platforms. We have our past cloud platforms in AWS and ECP. Therefore, we can configure management and policy governance tools to deployment across all sites.