Check Point CloudGuard CNAPP Reviews

We are a VAR. We use posture management in various client environments for different assessments. 

We do not use it internally. We use it in multiple client environments. We have different types of client environments with different sizes.

It is great for identifying misconfigurations. That is the part that I love about it.  It is very good at finding that needle in the haystack. It gives you an overall posture for every little thing, and if you dive into it and look at some of the findings, you start seeing that you have one or two servers that are misconfigured, and you have an open BLOB, open storage instance, unsecured web portal, or something else that you did not know about. 

The effectiveness of its Cloud Security Posture Management for providing compliance rulesets and security best practices is great.

Its Cloud Security Posture Management helps identify the risks that are most critical to our clients relatively quickly. I cannot put a number on that, but not having to go through every little configuration on every asset would probably save a week's worth of effort for the smallest client. 

Its traffic monitoring capabilities are good. Helps visualize traffic flows and possibly exposed assets.

The actual setup is pretty manual. It takes about an hour or two, depending on the client you are working with.

The rulesets and the findings are valuable. The actual core functionality of it and the efficacy of events are great. There is some triaging, but in terms of findings, it does seem to find the needle in the haystack.

The dashboards specifically are great. By just logging in and going into the portal, we can see the high-level dashboard views. We are able to dive into whatever we want to see there, and that is fantastic.

The network mapping and the traffic flow map, where it shows you which VMs might be possibly exposed, are also very valuable. It shows which systems might have direct access to the Internet and which systems do not. It shows you overall how the network flow is set up based on your security groups, routing, and everything. I have got a good use out of that.

The setup can be better. With every other Check Point SaaS product, the setup is scripted. You just approve deployment scripts,  and then you are off. The setup for this solution is still very much manual. I would like to see that transition to more of a scripted setup. That has been an issue when I set up a client because every client has different skill sets.

The general reporting also needs improvement. It is very cumbersome to pull the reports for big environments. I had a client environment with 50 tenants, and I had to manually run a CIS report for each tenant and download it. There were 50 different reports. I wish there was a way to get the reports for all 50 tenants in one report and not 50 different reports.

I have been working with posture management for 3 to 4 years.

I never had stability-related issues. That has always been fine.

It is scalable. You can do it, but you need to redo the setup for each and every additional account and visibility. It is scalable. It is just not quickly scalable.

I would rate their support for CloudGuard CNAPP a eight out of ten.

I have not used a posture management solution before.

Its setup is very manual. I would like to see that transition to more of a scripted setup. It is a very manual process. For the most part it is fine however I have definitely had issues with it. Sometimes, it just does not work, and I have had to open tickets.

I am an integrator and consultant.

Its price is very fair.

N/A

To the new users of this solution, I would advise not following the built-in guide while setting it up. Always open the admin guide for the most up-to-date information.

Overall, I would rate this solution an eight out of ten. Even with all the issues, what you do get out of it is very valuable. The reporting and the setup are holding it back from a ten. That is where it can be improved greatly.

We use it to protect our applications in the cloud. We are doing a lot more cloud migration. We are moving all our applications into the cloud and our servers into the cloud. We need to protect our servers in the cloud.

By implementing CloudGuard CNAPP, we wanted to make sure we get alerts so that we can react much faster.

We use CloudGuard CNAPP's Cloud Security Posture Management capabilities. It knows all the accounts that were spun up. When we create an account in the cloud, it is onboarded automatically. We pull it into automation. Whenever someone changes any settings on the infrastructure side, the posture management will flag it. Sometimes, there is a way to automate a change. If we put some settings, it can make changes right away to shut that down.

Cloud Security Posture Management has a lot of compliances. It helps us to make sure our cloud configuration is up to a certain standard. If we have to be compliant, we have a good start on where we are.

Cloud Security Posture Management identifies the risks that are most critical to our business. It gives a risk score for what is being discovered. After we have that score, it is up to us how fast we want to remediate an issue. Sometimes, we might think that it is not crucial, and we might not take immediate action on it. 

We send every finding to our backend SIEM and work with our SOC to remediate those findings. Our SOC environment has that visibility of the logs so that we can react.

We know the vulnerability in advance, so we can take some action for that vulnerability. It is mostly all about how fast we can react to something.

We could see its benefits right away after we deployed the technology. However, getting visibility does not mean that we can react fast. For that, we have to work closely with all the app guys or server guys to patch all the things after we get the visibility.

Down the road, we would like to see automation. That is probably a feature that most people want. If they can automate patching a vulnerability, it will be much easier.

I have been using CloudGuard CNAPP for about four years.

I am not aware of any problems.

So far, so good. We have plans to increase its usage, but it depends on the collaboration with multiple groups.

We have been using it with a small group in our organization. We want to make sure that this group benefits from it, and then we can use that use case and expand that use case throughout the organization. Currently, it is being used for a small group, and there is an ongoing effort to make it more visible.

They are good and responsive. We have a dedicated engineer, which is good. We have a certain person to go to for any questions or any problems. It has been good so far. Sometimes, we do experience slowness in responding, but overall, it has been pretty good.

We have been using CloudGuard from day one. It used to be known by another name. We have been using it before the name change. We are long-time customers.

Currently, we are just dealing with the public cloud. We have AWS and Azure clouds. 

Its deployment needs a lot more collaboration. From the cybersecurity side, we can only do certain things to protect our environment. From the app side, it also needs collaboration with whoever is managing that application or server. A lot of collaboration is needed rather than just having the security person.

When we get all the permission to do the deployment, it is a lot easier. The security team does not hold the key to the kingdom, so we do not have access to all environments. Once we get that access, it can be deployed a lot easily.

We have definitely seen an ROI. We have not quantified it, but the notifications about misconfiguration or vulnerabilities by CloudGuard CNAPP are helping us to improve our site. Our risk is much lower. It lowers our risk on how we do things, and sometimes, it is hard to quantify that into money.

The licensing part still needs some work. The issue that I have is that we do not use all the services in the cloud, but sometimes, CloudGuard identifies them as an asset. 

We did not explore other options. We are just leveraging what CloudGuard has.

To those evaluating this solution, I would recommend trying it. You never know what you will see until you try.

It is a good product. We definitely want to see more features. We constantly try to see the new features being integrated into the product so that we can leverage them.

We are not yet using CloudGuard CNAPP's CloudGuard Workload Protection capabilities. Because the workload side is hosted by a different group, it requires collaboration. We need to work closely with the workload group. We are looking at opportunities to see if we can collaborate.

We are not yet using CloudGuard Workload Protection for VMs, containers, and serverless, but we are interested in looking into it. If we have it, the scanning provided by CloudGuard Workload Protection will help us identify problems before they go live. I have seen a demo of it, and I am looking into whether we can deploy it for our environment. It will give our cybersecurity visibility. It will help us know what is going on, and then we can react to it.

We are also not using CloudGuard CNAPP's CloudGuard CDR (formerly Intelligence) and its intrusion detection and threat-hunting capabilities. I would love to use that and get some benefits out of it sometime in the future.

I would rate CloudGuard CNAPP an eight out of ten. Automation is what we are looking for because we do not have enough time and people to handle all the events and findings.

We use it as a CSPM (cloud security posture management) solution. In particular, the main use case it to identify misconfigurations in our cloud environments. 

We have different cloud providers, and it monitors all of them: Google Cloud Platform, Amazon Web Services, and Microsoft Azure. For each workload or subscription, Check Point Cloud Guard checks whether the configuration is in line with the sector standards and guidelines or not. 

It also checks for each subscription to see if it is compliant with a given policy. It has multiple policies for Europe, the USA, and even Australia.

With Check Point CloudGuard CNAPP, we are able to monitor the security of all of our cloud environments. Moving to a more and more cloud-centric environment is vital for us to ensure security. 

In addition, we have to comply with some standards that require us to guarantee compliance and overall data security and safety in the cloud environments that host our exposed applications, databases, servers, and virtual machines. 

With Check Point CloudGuard CNAPP, we are able to identify which remediation actions need to be taken in order for us to be compliant with the standards and to secure our environments better.

The feature that I value the most about Check Point CloudGuard CNAPP is the possibility of checking compliance with different standards. This compliance check can be performed for each subscription or service that we have on all the different cloud providers that we use. The result of the compliance check is having a list of issues, misconfiguration, or vulnerabilities that need to be fixed and addressed. The list is detailed with severity, description of the issue, risk, and how to mitigate it. It also points out the exact bit that needs to be addressed, so there is no guessing game, and when we address the issue to the technical team, they already know what needs to be done

The service is already top-notch; both on the commercial side and on the technical side. I had the luck to be put in contact with a very talented and skilled technical after-sales team that guided us step by step through the configurations. Also, the commercial team was very comprehensive with our situation and allowed us to create a package that best fit our needs.

One feature of the product that I would like to enhance is the possibility to connect to vulnerability management platforms so that the issues that emerge from the scans can then be ingested directly into the vulnerability management process. It would be very nice to provide, on top of API connections, built-in plugins for the major ticketing systems.

I've used the solution for three years.

No, we have not used any solution before.

The setup cost is really low compared to the license cost. However, it's a good investment if you want to secure the cloud ecosystem.

We evaluated other options, among which Prisma Cloud and Orca Security.

When a customer has a multi-cloud environment with AWS, Azure, GCP, or any other cloud, maintaining posture across the cloud environment is very difficult. They need a CNAPP solution for governance and centralized compliance. It gives centralized visibility where they can track each and every cloud account, compliance check, misconfigurations, risks, and vulnerabilities. Accordingly, they can take remediation action as well. That is the main purpose of a CNAPP solution.

CloudGuard CNAPP helps to be compliant across a multi-tenant environment. We can be sure of the compliance status with respect to different cloud tenants. There is visibility into each and every cloud tenant. It is very easy to get visibility from a single console. Centralized management gives good granular control where we can check the risks and vulnerabilities and also do remediation centrally.

Its benefits can be realized in four weeks. It is API integration, so it is very straightforward. You integrate with the client, and you start monitoring. You get the information in real-time. The overall implementation time frame is about four weeks. The first two weeks can be for the monitoring stage. In the third week, you can fine-tune your policies, and in the fourth week, you can start remediating.

Posture management is a part of CloudGuard CNAPP. CloudGuard CNAPP is a combination of three technologies: Cloud Security Posture Management, Cloud Workload Protection (CWP), and Cloud Infrastructure Entitlement Management (CIEM). It is a combination of technologies. When customers use CloudGuard CNAPP, they use all these three models.

Cloud Security Posture Management is very good for identifying misconfiguration. It is able to capture all misconfigurations.

They maintain different compliance standards. Apart from that, they are also very good with the alerts and notification part. Whenever they perform a scan and find a vulnerability, it is sent to different channels as an alert or notification. It is good. They only need to improve the impact analysis on CSPM.

Cloud Security Posture Management identifies the risks that are most critical to the business. In terms of time savings, it can identify a risk within 10 to 15 minutes instead of it being a day-long task. The scanning happens in almost real-time. It is a good feature they have given, and I appreciate their solution.

The scanning provided by CloudGuard Workload Protection helps to identify problems before they go live. It has good capability for that. It can perform a proactive analysis, and we can identify the risks or vulnerabilities before the exploit. This identification of problems is very important because knowing about a problematic scenario in advance and being able to address it can save us a huge business loss. A proactive analysis is very critical. In the cybersecurity domain, it is one of the critical features for every customer.

CloudGuard CNAPP gives us the severity score. When it identifies any risks or vulnerabilities, it assigns a severity score.

CloudGuard CNAPP gives good visibility across all the multi-cloud tenants. We have everything covered in one solution. It covers risks, vulnerabilities, misconfigurations, compliance, data security, data loss, etc. It gives good visibility. This visibility is important for customers.

The identification of misconfigurations, maintenance of compliance in a centralized way, and visibility across all the multi-cloud tenants are the key functionalities.

The first improvement area is the impact analysis. The impact analysis that they perform can be improved. It is currently lacking. It should be more detailed.

The second improvement area is that they should adopt more remediation on various resources.

The third improvement area is that they should introduce Gen-AI capability on their platform so that remediation can be very easy. They have the threat hunting and detection part, but they need to adapt more on the Gen-AI side so that the remediation can happen automatically. People should be able to do remediation with a click. It would be a very good feature to have for remediation.

These are three main improvement areas for them. I have already provided Check Point feedback about these through another channel.

With respect to Cloud Workload Protection, they should introduce more granular security control in terms of policy. I feel they should work on it and develop it more. They need to provide more granular security control in terms of various attacks, such as the MITRE ATT&CK framework. They need to give a different policy for each technique and tactic such as ransomware, exploitation, etc. I also work with CrowdStrike, so I know about different types of granular controls. From the Cloud Workload Protection perspective, they need to improve the policy framework.

I have been working with CloudGuard CNAPP for 2 years.

I have not seen any issues. It works in the passive mode, so it does not impact performance or anything like that.

It is a scalable solution. Every SaaS solution is scalable, so CloudGuard CNAPP is also a scalable solution.

I have not contacted them much, which is a good thing. CloudGuard CNAPP works in a passive mode. If anything needs to be done, it has to be done in your cloud tenant. There are very few times when you or an admin is required to communicate with the support team.

I also work with CrowdStrike and Palo Alto. CrowdStrike does not have the CNAPP capability. CrowdStrike is an EDR solution.

Palo Alto has the Prisma solution. Its capabilities are similar to Check Point. They are similar to me. I do not see much difference. There might be some difference in the cost, but technology-wise, they are the same.

CloudGuard CNAPP is a SaaS-based solution, and you need to integrate all your cloud accounts into that. That is it.

You need to integrate your cloud account or onboard your cloud account in the CloudGuard CNAPP solution by doing the API integration. After you onboard, you first put the cloud account in the monitoring mode. You monitor things for two weeks. After you validate your findings on CloudGuard CNAPP and you do not see any false positives, you can go for the block mode as well. That is the approach the industry should follow while onboarding any CNAPP solution.

You start to get an ROI from the day you deploy CloudGuard CNAPP or integrate it with your cloud account. 

It is like insurance. When something happens, only then you realize its value. CloudGuard CNAPP works in the same way. Without such a solution, it is very difficult to find vulnerabilities, misconfigurations, and data breaches on each and every cloud tenant. When you integrate CloudGuard CNAPP with your cloud account, you get a single view. It is very easy for your cloud administrator to take quick action. The ROI starts once you integrate or onboard a cloud account with CloudGuard CNAPP.

After you have subscribed to CloudGuard CNAPP, I would advise onboarding your cloud account and then monitoring your cloud account and the CloudGuard CNAPP findings for two weeks. After that, you can fine-tune the policies and then run the solution in block mode. That is the process.

A CNAPP product is mandatory for any organization that works in a multi-cloud environment.

Overall, I would rate CloudGuard CNAPP a nine out of ten.

We use Check Point CloudGuard Posture Management to maintain our organization's security posture.

With a bit of upscaling, it is possible to write custom rules and policies using the GSL Builder. We used the GSL Builder to build the rules for our playground environment and internet-facing environments.

It takes a couple of weeks for a nontechnical person to learn how to use GSL Builder.

The Unified Security Management console is helpful because it provides a single pane of glass. 

From a control plane perspective, the solution offers excellent visibility into our framework, enabling the identification of non-compliance.

CloudGuard provides good value for money in terms of automating our security across multiple clouds.

The agentless workload posture analysis, which primarily focuses on our cloud platform, provided valuable insights into our organization's overall security posture.

CloudGuard helped to eliminate some manual processes for a few teams, freeing up some of their time.

Our organization's security operations were able to save time by using CloudGuard's unified platform.

The most valuable feature is the ability to apply common tools across all accounts.

The integration process could be enhanced by enabling integration at the organizational level rather than requiring the manual setup of individual accounts. The current workflow of creating and linking each role is time-consuming and labor-intensive. Streamlining account onboarding by allowing CloudGuard to identify and integrate at the organizational level would significantly simplify the process.

I have been using Check Point CloudGuard Posture Management for one year.

Check Point CloudGuard Posture Management is stable.

CloudGuard Posture Management is scalable, as it is a SaaS product.

Before implementing Check Point CloudGuard Posture Management, we relied on the native CSPM of AWS Config.

For beginners in the field, AWS might be a good starting point due to its simplicity. However, for more experienced users who require more advanced features, CloudGuard offers a more mature and comprehensive solution.

I would give Check Point CloudGuard Posture Management a rating of seven out of ten. Consolidating additional capabilities into CloudGuard, along with Fusion, would create a comprehensive package offering for customers. This, along with maintaining compatibility with the evolving AWS service, would help to avoid complicating any integration issues.

While developing our tools, there is always a need for ongoing review and updates. However, compared to AWS, the maintenance required for CloudGuard is minimal.

Check Point CloudGuard Posture Management is utilized to monitor our various cloud-related portals on AWS, Google Cloud, Azure, and other platforms. This solution offers a unified console to manage all the servers and provide us with comprehensive details.

We can automate certain aspects of our security through Check Point CloudGuard Posture Management. However, complete automation is not possible due to the dependencies of the applications installed in the cloud VMs.

The agentless workload posture enhances the compatibility of our VMs since there's no requirement to install any agents or assign write permissions. This approach also simplifies management, reduces the need for multiple levels of approvals, and eliminates the necessity of installing anything on our servers.

Check Point CloudGuard Posture Management saves us time by enabling communication with all of our devices within a span of two days.

CloudGuard Posture Management's unified platform has saved our organization time when dealing with our cloud environment.

The visibility in our cloud environment is the most valuable feature.

We have concerns regarding the pricing and would appreciate seeing some improvements.

We are currently conducting a POC with Check Point CloudGuard Posture Management and have been testing it for one month.

I would give the stability an eight out of ten.

The technical support is good.

Positive

The price is on the higher end.

I would rate Check Point CloudGuard Posture Management eight out of ten.

As a manufacturing company, we always ensure our production and workloads are not being interrupted by anything. Therefore, we are making sure our automated processes are not hindered by any means. 

As we have many cloud-based applications, CloudGuard gives us prime support in terms of the security of the system. This includes securing cloud workloads, applications, and data by integrating threat prevention, detection, and response capabilities. 

It also ensures compliance and governance across multi-cloud environments.

It provides complete visibility and control over cloud-native applications and infrastructure, allowing our security teams to monitor and manage every part of their cloud environments. 

CloudGuard CNAPP also assures compliance with industry standards and regulatory requirements by automating governance and risk management procedures. This streamlines security management and lowers the operational strain on our IT teams, allowing them to focus on strategic goals. We are able to work freely by putting aside some additional stress.

The most useful element of Check Point CloudGuard CNAPP is its advanced threat prevention capabilities. This functionality is vital because it proactively addresses security issues before they affect cloud applications and notifies a real-time incident, ensuring the integrity and availability of critical services. 

Furthermore, the platform's full visibility and control across many cloud environments allows us to effectively monitor the security posture, uncover vulnerabilities, and consistently enforce security standards.

The management and monitoring of security regulations and incidents might be made easier by improving the user interface, which could be made more intuitive and user-friendly. 

For businesses with varied IT ecosystems, increasing the integration capabilities with additional third-party products and services would also increase flexibility and user-friendliness. 

To further reduce the amount of manual work required by security teams, the future release could benefit from more sophisticated automation capabilities, such as automated incident response and remediation workflows. 

In order to facilitate better decision-making and strategic planning, improved analytics and reporting capabilities would also be beneficial. These would provide deeper insights into security occurrences and patterns.

I've used the solution for two years. 

I'd rate stability nine out of ten.

I'd rate scalability nine out of ten.

Technical support has to be improved.

Neutral

We have not used a different solution previously.

The initial setup is complex.

We implemented it through the vendor. I'd rate the services eight out of ten.

Our inhouse IT department's workload has reduced considerably since using the product. 

Setup cost and licensing are quite expensive. 

We did not evaluate other solutions. 

For two years the product has done its job perfectly. 

We use Check Point CloudGuard CNAPP for the application protection of our assets on Azure, AWS, and Google Cloud.

We implemented CloudGuard CNAPP to address data exposure, prevent exfiltration attempts, ensure compliance with frameworks like SOC 2 and PCI DSS, and gain improved oversight of our cloud environment.

We haven't had any cloud security incidents since implementing CloudGuard CNAPP in 2017. It's been a critical tool as we've grown our cloud usage, transitioning applications from data centers to the cloud. CloudGuard's scalability has kept pace with our growth. As the third-largest enterprise user of Azure, our cloud footprint is significant.

The benefits of CloudGuard CNAPP were immediately apparent upon deployment. Back in 2017, we found ourselves needing to catch up on securing our existing AWS assets. We required a solution that offered quick implementation and usability. CloudGuard was the first platform we considered, and we've continued to expand its use alongside Check Point's ongoing development of new capabilities.

We create custom rules to address our organization's unique security policies, in addition to leveraging the built-in rules within CloudGuard CNAPP's CSPM module. This flexibility is crucial for us.

While CloudGuard CNAPP's CSPM capabilities effectively provide compliance rule sets and security best practices, it's important to understand that this is just one aspect of achieving full alignment with security frameworks. To be fully compliant, additional measures outside of CloudGuard need to be addressed and implemented. However, CloudGuard CNAPP remains a valuable piece of the puzzle.

CSPM helps us identify the most critical business risks. It's a time-saver that translates into cost savings. CSPM provides insights from multiple perspectives. We can analyze what a breach would mean for the business, including brand reputation and the significant cost and time required for recovery. Even in terms of day-to-day operations, CSPM saves us employee hours by streamlining security tasks.

The security provided by the CWP for containers is good. We are extremely satisfied.

Our CI/CD environment utilizes some scanning capabilities offered by workload protection, but it's not fully integrated. This creates limitations in proactively identifying issues before deployment. When we do use the workload protection capabilities they are critical for us.

Cloud security posture management is the feature we've been using the longest. What we particularly like about it is the rule-based capability. This allows us to develop our own custom rules using the GSL language provided by the CloudGuard platform.

The platform would be significantly enhanced by incorporating data security management capabilities.

I'd like to see CloudGuard offer more agentless functionality beyond what's currently available.

I have been using Check Point CloudGuard CNAPP for over seven years.

Check Point CloudGuard CNAPP is extremely stable and if there is an issue, Check Point is on top of it.

Check Point CloudGuard CNAPP is scalable. We haven't run into any scale issues and we have scaled significantly over the last six years.

We plan on expanding it into some of the newer capabilities that Check Point is coming out with.

The technical support is good.

Positive

The initial deployment was straightforward. As a SaaS platform, it is extremely easy to deploy it into environments.

We can deploy CloudGuard CNAPP and use it out of the box within hours.

Our initial strategy was to implement a basic solution and then expand its capabilities over time. Check Point, frankly, has done an excellent job of keeping its platform up-to-date by continuously adding and improving features. This is why we're still using it even after six years.

I would rate Check Point CloudGuard CNAPP nine out of ten.

Check Point CloudGuard CNAPP is predominantly owned by and controlled by the central security organization within our company.

Details matter. When comparing features to other security solutions on the market, the ability to develop custom rules is important to us, along with security posture capabilities. The ability to scale flawlessly is also important to us. The direct and overwhelming support that we received from the Check Point account team, the support team, and the leadership team has been fantastic.

Integrating with the cloud through APIs offered by a SaaS platform has significantly reduced the burden on our organization by eliminating the need for all the complex backend work we previously had to handle. This experience highlights the importance of embracing new ways of doing things.