What needs improvement with CloudGuard for Cloud Intelligence?

Improvements can be made to the user interface, performance and reliability, security and compliance, and customer support.

CloudGuard's reporting could be better. It's good now, but there is room for improvement. If you're looking for a centralized platform, there are a lot of features that can be appreciated. However, you want complete security integration with SaaS, DAST, secret scanning, etc., and a single platform for all these features. Check Point is known for its firewall. Six or seven years ago, it used to be a good thing because most businesses were on on-prem. If your business is on the cloud, you do not need a firewall because most of the cloud vendors already have that built into their cloud premises, and you can configure the rules there. You can do everything as a network security engineer. It depends on your business model. Some companies are segregated and most of their things are on-prem. They have physical outlets in multiple countries. Managing everything in these business environments and deploying the Check Point firewall would be a good investment. However, it doesn't make sense if your business is totally in the cloud. It depends on how Check Point sees things in the market. If they want to compete with all these vendors in terms of CNAPP, they need to first understand their audience. Once they have some visibility into who their audience is, they need to maintain their business.

Sometimes, the solution provides us with false alerts of vulnerabilities that are not present in our cloud environment. The solution should include an auto-remediation feature, which most tools currently provide.

The management and monitoring of security regulations and incidents might be made easier by improving the user interface, which could be made more intuitive and user-friendly. For businesses with varied IT ecosystems, increasing the integration capabilities with additional third-party products and services would also increase flexibility and user-friendliness. To further reduce the amount of manual work required by security teams, the future release could benefit from more sophisticated automation capabilities, such as automated incident response and remediation workflows. In order to facilitate better decision-making and strategic planning, improved analytics and reporting capabilities would also be beneficial. These would provide deeper insights into security occurrences and patterns.

One area where CloudGuard CNAPP could be improved is in its reporting capabilities. Customization options for building tailored reports would be beneficial, as it would allow for different views on vulnerabilities based on specific criteria such as tags or dimensions. Currently, the reporting features have some limitations in providing the level of customization we require.

CloudGuard CNAPP is a great tool that justifies its investment. Like any other tool, there are opportunities for improvement that can be addressed through a roadmap.

Having additional documentation on how to use CloudGuard CNAPP would be advantageous, especially if it were made more user-friendly. The application's structure seems to lead users down one path, then into another, making it difficult to backtrack or navigate seamlessly between different components. Streamlining the user interface would greatly improve the user experience.

Down the road, we would like to see automation. That is probably a feature that most people want. If they can automate patching a vulnerability, it will be much easier.

The reporting has a lot of opportunities to continuously improve so that we can continue to show value. I would love to see more ability to automate and integrate into even more systems for automatic remediation.

In a general sense, it is a tremendous solution. We have got good use out of it. From what I see, it is also well-positioned in the market. I understand that it is among the best solutions.

The costs are really high if you want the entire capabilities of the platform. However, it is really motivated by the great value of the product. Moreover, you can buy individual licenses for the different modules if you don't need some of them.

There are regulatory requirements. I would like to be able to pick the regulation I would like to scheck compliance with and it would tell you where you stand on that regulation and what you are missing to reach compliance. And it shouldn't matter which cloud we're dealing with; we would have these possibilities.

The user interface could be improved. Sometimes, the visibility is not immediately available for the environment. We have the native servers that come with the solutions, but we cannot see them in the Check Point log. Another issue is with the integrated file monitoring. It would make sense to have stuff like file integrity monitoring and malware scanning available within this module because we don't want to integrate another product. For example, let's say it's showing a process violation. It should be able to do some additional malware scanning in that particular bucket to get some additional information. I don't want to integrate with another third-party tool or go to the native server to check something. It would be helpful to have integrated monitoring and malware scanning for the file types. There are a few flaws with the security management portal where I have limited visibility into the workload protection features. There is no error visibility where I can see the communication and workflow between services. Some of the dashboards need to be fine-tuned if they are not customized. For example, I cannot customize anything on the effective risk management dashboard. Some of the information is not correct for my tenant. With respect to passwords and user management, there are no policies I can measure at the user level. If the user was created more than six months ago, you don't need to worry about that password or do anything like two-factor authentication associated with that user. They can still log in after six months or one year. It's also a challenge to use CloudGuard's agentless workload posture with AWS. An Azure storage is summed up with a CNAPP encryption by default. We tried onboarding this data, but the problem is the attachment is not done. After a few days, we identified that it was impossible to do the encryption detection. But CloudGuard's default rules say that this has to be encrypted. The AWS module says that we cannot access this volume with this encryption, so we cannot use an agentless workload posture with AWS because of this. It is a best practice to ensure that all the volumes are being encrypted. Without the encryption, how can I do this? It is a big challenge for CloudGuard.

Automation and advanced threat prevention have room for improvement. I would like the rules configuration which are manually reviewed to be automated according to the defined rules.

The integration process could be enhanced by enabling integration at the organizational level rather than requiring the manual setup of individual accounts. The current workflow of creating and linking each role is time-consuming and labor-intensive. Streamlining account onboarding by allowing CloudGuard to identify and integrate at the organizational level would significantly simplify the process.

The ability to help organizations modify their own policies is essential. For example, consider the CIS benchmark 1.5 for AWS. In the past, I would have added the CIS rulesets to my custom policy, along with my own rules for Internet requirements. This created a custom policy that was tailored to my specific needs. However, the CIS benchmark is constantly changing, and it can be difficult to keep my custom policy up-to-date. As a result, I now have to recreate my entire policy whenever the CIS benchmark is updated. This is a time-consuming and manual process. Adding a feature that allows me to easily identify the changes that have been made to the CIS benchmark and update my own policy accordingly would be a valuable addition to Check Point CloudGuard Posture Management. This would save me a significant amount of time and effort.

Their service needs improvement. Their vendor doesn't provide good support. Also, there is no way to escalate it to Check Point so that Check Point can take action against their partner. I don't have direct support with Check Point. We have collaborative support with one of the Check Point partners who do not provide good support. When we reached out to Check Point to escalate; they denied taking any action against the vendor.

The product must provide different features like antivirus.

The solution needs to improve remediation. We need to reduce risk by remediating gaps in security. You do need to pay extra in order to get better support.

We want to optimize the tool in the future. They should allow us to have greater integration with other security solutions and third-party tools so that the organization can take advantage of and improve the protection of all the company infrastructure. We would like to optimize and improve its high demand for customization, which allows us to adapt to specific necessary security solutions. We want to be able to customize the solution more in order to meet the needs of our company. Currently, the solution is quite rigid and complies only with standards.

No improvements are needed. The current version has great and powerful features that take care of most sets of demands. The cloud-integrated network system can be upgraded to meet company requirements on intelligence information and for customization purposes. The set features have stable performance capability with the modern threat management network infrastructure. This system has a capable data orchestration system that can access data from various centers. The customer support channels are reliable, with great services when contacted.

Effects on the network can slow down performance and lead to data leakages that can expose confidential information to cyber attacks. The UI can be upgraded to be more presentable and solve most challenges that affect users when there are inefficiencies. It does not support on-premise deployments such as VMware Tanzu, and this has been a major drawback when it comes to integrations with some applications. The majority of the features have been performing efficiently, and we are happy. The development can keep on updating the platform to meet daily changes and organizational demands.

The tool works perfectly and improvements should be made, if any, in various technical and administrative aspects.

One of the parts of the tool that should be improved is the latency that it causes when entering the main panel. Apart from the tool, the rest works very well with the characteristics it has. That said, they must provide a little more to users when they purchase the product. For example, we need a more detailed and ordered knowledge base in order to learn more about the tool. They must improve the support that the partners that sell the service provide. We have had several problems with the resolution of cases that we have executed.

I'd like to see more advanced encryption for local features, which is not present right now. We'd like to have more defined control when implementing intelligent analysis on the cloud. We'd like to extend analysis not just to crowds but to local teams for more granular analysis and advanced searchability.

The software configurations theory is complicated, and without proper planning and a well-skilled technical team, it cannot perform its tasks properly. Without effective mapping of critical areas, the platform cannot provide very good results. The maintenance cost is high after deployment, and it requires close monitoring for effective results. This version performs effectively when it is channeled to the right network infrastructure. It has created a centralized operation system that can comprehensively monitor and manage security for all connecting systems.

I would like an interface more adapted to cell phones or tablets. In its web version, it is quite efficient, however, I would like this improvement and the possibility of action to be able to enjoy and manage even the identity and administration under applications optimized in said function - whether they are iOS or Android. Another feature that I would like is being able to carry out more frequent assessments on the solution with direct Check Point teams.

Check Point tools need to improve the latency in the portal since they take a long time to load. They also need to improve the support a little or hire more staff since the response time is slow or the solutions take a long time to implement. Check Point should give added value to all those customers who purchase their product by providing training so that they can certify in the tool. That way, the customer stops depending so much on support and can solve incidents themselves.

Some possibilities of improvements for Check Point include: 1- Improving or creating best practices that can be generated publicly so that customers can have a package of policies, for example, that the manufacturer provides in addition to easy access to this material. 2- Improvement at the support level for management, handling and solution of cases in a better, faster, and more effective way. Sometimes the cases take a long time to be able to schedule a session and solve together with the client and support. 3- The costs are high. They could provide better costs for the client to make a simpler decision and not be affected by this issue.

Sometimes the portal is a bit slow. We have also noticed that the documentation is very changeable. They should have a repository in Check Point to see the best practices and thus be able to implement everything in the best way. In the future, Check Point could implement a SIEM to be able to carry out further analysis in its own portal and not have to validate or seek the integration of third parties. As for support, it can be improved a lot. Both the SLA and the ease of being able to resolve existing problems should be simpler.