Share your experience using VMware Tanzu Build Service

The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.

Use our online form to submit your review. It's quick and you can post anonymously.

Your review helps others learn about this solution
The PeerSpot community is built upon trust and sharing with peers.
It's good for your career
In today's digital world, your review shows you have valuable expertise.
You can influence the market
Vendors read their reviews and make improvements based on your feedback.
Examples of the 83,000+ reviews on PeerSpot:

Ilaria Buonagurio - PeerSpot reviewer
Head of Corporate Information Security Prevention at Luxottica Group
User
Top 20
Good monitoring, compliance, and reporting of remediation actions
Pros and Cons
  • "The feature that I value the most about Check Point CloudGuard CNAPP is the possibility of checking compliance with different standards. This compliance check can be performed for each subscription or service that we have on all the different cloud providers that we use."
  • "One feature of the product that I would like to enhance is the possibility to connect to vulnerability management platforms so that the issues that emerge from the scans can then be ingested directly into the vulnerability management process."

What is our primary use case?

We use it as a CSPM (cloud security posture management) solution. In particular, the main use case it to identify misconfigurations in our cloud environments. 

We have different cloud providers, and it monitors all of them: Google Cloud Platform, Amazon Web Services, and Microsoft Azure. For each workload or subscription, Check Point Cloud Guard checks whether the configuration is in line with the sector standards and guidelines or not. 

It also checks for each subscription to see if it is compliant with a given policy. It has multiple policies for Europe, the USA, and even Australia.

How has it helped my organization?

With Check Point CloudGuard CNAPP, we are able to monitor the security of all of our cloud environments. Moving to a more and more cloud-centric environment is vital for us to ensure security. 

In addition, we have to comply with some standards that require us to guarantee compliance and overall data security and safety in the cloud environments that host our exposed applications, databases, servers, and virtual machines. 

With Check Point CloudGuard CNAPP, we are able to identify which remediation actions need to be taken in order for us to be compliant with the standards and to secure our environments better.

What is most valuable?

The feature that I value the most about Check Point CloudGuard CNAPP is the possibility of checking compliance with different standards. This compliance check can be performed for each subscription or service that we have on all the different cloud providers that we use. The result of the compliance check is having a list of issues, misconfiguration, or vulnerabilities that need to be fixed and addressed. The list is detailed with severity, description of the issue, risk, and how to mitigate it. It also points out the exact bit that needs to be addressed, so there is no guessing game, and when we address the issue to the technical team, they already know what needs to be done

What needs improvement?

The service is already top-notch; both on the commercial side and on the technical side. I had the luck to be put in contact with a very talented and skilled technical after-sales team that guided us step by step through the configurations. Also, the commercial team was very comprehensive with our situation and allowed us to create a package that best fit our needs.

One feature of the product that I would like to enhance is the possibility to connect to vulnerability management platforms so that the issues that emerge from the scans can then be ingested directly into the vulnerability management process. It would be very nice to provide, on top of API connections, built-in plugins for the major ticketing systems.

For how long have I used the solution?

I've used the solution for three years.

Which solution did I use previously and why did I switch?

No, we have not used any solution before.

What's my experience with pricing, setup cost, and licensing?

The setup cost is really low compared to the license cost. However, it's a good investment if you want to secure the cloud ecosystem.

Which other solutions did I evaluate?

We evaluated other options, among which Prisma Cloud and Orca Security.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Software Development Manager- Cybersecurity at a retailer with 10,001+ employees
Real User
Offers comprehensive reporting capabilities and delivers efficient cloud security management
Pros and Cons
  • "The most valuable features of CloudGuard CNAPP are its reporting capabilities for aggregating vulnerability information and scoring."
  • "Scalability, particularly in workload protection, is an area that needs improvement."

What is our primary use case?

I use CloudGuard CNAPP to protect and gain visibility into vulnerabilities across our cloud workloads in a multi-cloud environment spanning AWS, GCP, and Azure. By implementing CNAPP, we have successfully reduced vulnerabilities in our cloud infrastructure by 70-80% over the past two years.

How has it helped my organization?

CloudGuard has significantly improved our organization's security posture over the past few years by reducing critical vulnerabilities by up to 80-90% across various workloads. This enhancement has led to lower security costs and enabled us to effectively communicate our improved security stance to stakeholders, putting us in a much stronger position than before.

What is most valuable?

The most valuable features of CloudGuard CNAPP are its reporting capabilities for aggregating vulnerability information and scoring, as well as its CloudBot feature, which automates remediation deployment across our diverse workloads in various accounts and regions.

What needs improvement?

One area where CloudGuard CNAPP could be improved is in its reporting capabilities. Customization options for building tailored reports would be beneficial, as it would allow for different views on vulnerabilities based on specific criteria such as tags or dimensions. Currently, the reporting features have some limitations in providing the level of customization we require.

For how long have I used the solution?

I have been using Check Point CloudGuard CNAPP for about three years.

What do I think about the stability of the solution?

We haven't had any stability issues with the solution so far.

What do I think about the scalability of the solution?

Scalability, particularly in workload protection, is an area that needs improvement. It is challenging to roll out workload protection to different teams, and there is room for enhancement in this aspect.

How are customer service and support?

I would rate Check Point's service and technical support as an eight out of ten. The pre-sales team was excellent, providing expert assistance, and our experience with the technical team has been good so far. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?



How was the initial setup?

The initial deployment of CloudGuard CNAPP was extremely straightforward since it is agentless and seamlessly integrates with public cloud tools. We began with a POC, then gradually rolled out the solution across all our cloud accounts, starting with AWS and expanding to GCP and Azure.

What was our ROI?

We have seen a return on investment in terms of reduced vulnerabilities.

What's my experience with pricing, setup cost, and licensing?

I find CloudGuard CNAPP's pricing and licensing to be flexible, allowing us to explore new features without hard limits. Currently, we operate under an enterprise agreement with the flexibility to utilize the tools we need effectively.

Which other solutions did I evaluate?

We initially evaluated Palo Alto's cloud security posture management solution but ultimately chose CloudGuard CNAPP due to its faster implementation process and cohesive reporting capabilities. CloudGuard CNAPP's simplicity and comprehensive reporting aligned better with our need for efficient deployment and intuitive data analysis, making it the preferred solution for our cloud security requirements.

What other advice do I have?

The benefits of using CloudGuard CNAPP were realized very quickly, almost immediately after deployment. The implementation process was straightforward and seamless, leveraging agentless integration with existing cloud security tools. The positive results were clear from the start.

We use CloudGuard CNAPP's CSPM capabilities extensively. We assess CSPM for identifying misconfigurations by running automated processes to scan all our cloud accounts. We prioritize risks, work with technical teams to explain vulnerabilities, and initiate fixing processes, deploying available solutions or performing manual/automated remediations. We then report progress to our teams and iterate on the process as needed.

The effectiveness of CloudGuard CNAPP's CSPM for providing compliance rules and security best practices is high. Its policies align well with common standards like NIST or CIS frameworks, enabling effective assessment against known vulnerabilities. This alignment facilitates communication and understanding between teams, streamlining the resolution process for identified vulnerabilities.

CloudGuard CNAPP's CSPM effectively identifies risks critical to our business, particularly focusing on exposure and availability ratings. It saves us significant time, likely reducing the resolution process for critical risks by around 30-40%, as it provides pre-configured assessments and clearer insights compared to starting from scratch.

The CloudGuard CNAPP team provides excellent visibility into incident investigations by simplifying access to cloud workload configuration logs and integrating with tools like SIEM platforms. This enables the incident response team to ingest data from CloudGuard CNAPP and correlate it with internal indicators, streamlining the investigation process.

We use CloudGuard CNAPP across eight countries in South America and North America, with around 130,000 employees and approximately 5,000 engineers. We manage over 100 AWS accounts and support various applications, including e-commerce tools, generating over 10,000 notifications.

My advice for someone evaluating CloudGuard CNAPP would be to start with a hands-on exploration of the dashboards and data provided by the solution, then focus on internal selling and localized deployments. The biggest lesson I have learned from using CNAPP is that while it is easy to start with, achieving full adoption and maximizing its potential requires thorough preparation and dedicated effort from the team.

Overall, I would rate CloudGuard CNAPP as an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate