Check Point CloudGuard CNAPP Reviews

This product detects cloud anomalies and immediately quarantines threats to minimize further data damage. 

It enables our team to have full visibility of the security situation surrounding our hosted applications and workloads. Check Point CloudGuard Intelligence has a comprehensive risk assessment system that provides an advanced report on any business engagements. 

The product provides detection and security analysis recommendations that can safeguard cloud infrastructure in case of ransomware attacks. It monitors data flow closely to ascertain and block insecure content.

This platform has improved the cloud security situation in the organization. It provides reliable information that can be used for advanced planning and efficient decision-making. 

The cost of maintaining secure cloud infrastructure has been reduced due to regulated pricing from Check Point CloudGuard Intelligence team. The unified cloud infrastructure monitoring system can monitor data centers with limited resources. 

It provides critical insights that enable the IT team to plan and launch smart investigations when there are security breaches.

Comprehensive data visualization helps each team to track data and identify threats that can affect the entire workflow. 

Integration with third parties has been successful, and this has saved us costs and time for problem-solving. 

Anomaly detection is highly efficient and more productive with excellent threat prevention tools. 

The customer support staff responds quickly and positively when reached to address any issue affecting operations. 

The UI is user-friendly, and new users can easily learn how it works.

Effects on the network can slow down performance and lead to data leakages that can expose confidential information to cyber attacks. 

The UI can be upgraded to be more presentable and solve most challenges that affect users when there are inefficiencies. 

It does not support on-premise deployments such as VMware Tanzu, and this has been a major drawback when it comes to integrations with some applications. 

The majority of the features have been performing efficiently, and we are happy. The development can keep on updating the platform to meet daily changes and organizational demands.

I've used the solution for nine months.

The performance has been stable.

The scalability has been smart, and I am really impressed.

Customer support services are efficient.

This is the most effective platform I have worked with.

The setup was straightforward.

We implemented it through the vendor team.

There has been increased ROI since we deployed this platform.

The cost and setup are relatively good for most enterprises.

The other options are not as powerful as this solution.

Check Point CloudGuard Intelligence offers excellent cloud network security.

We wanted to protect, analyze, and detect issues within the infrastructure that we have taken to the cloud. We were looking for ways that we can analyze and introduce a more complete internal forensic analysis so that if an intrusion did not happen, we could have a visualization in which we could be constantly learning how to detect and ee anomalies and provide analysis for detection in real-time. 

We needed a solution that could handle analysis and offer automated detection with process intelligence. We were interested in threat prevention in real-time to help us detect anomalies, attempts, and atypical actions in any of the activities of the teams or users. The goal was to take advantage of that learning and detection. Machine learning supervises and analyzes in an advanced way everything that is happening in the cloud. It works within any type of cloud and can be integrated more so if we want to migrate or scale tomorrow, we can carry out this detection automatically.

The solution learns day by day. It learns from behavior, attacks, management, detections, captures packets, real-time analysis, et cetera. It's generating knowledge from a variety of sources for an excellent analysis. 

This allows us to move faster and have more efficient responses to incidents. It provides alerts for all these types of activities, achieving more objective management for packet capture and a combination of activities within the cloud environment.

I'd like to see more advanced encryption for local features, which is not present right now. We'd like to have more defined control when implementing intelligent analysis on the cloud. We'd like to extend analysis not just to crowds but to local teams for more granular analysis and advanced searchability.

I've used the solution for about a year and a bit.

We needed to establish a security posture under certain requirements. We needed to protect infrastructure as a service and our software as a service platform in each of our environments for the development and implementation of the cloud. 

We needed to provision instantaneous computing infrastructure and administration through the Internet. Management and security was the initial requirement, with more requirements being established. We were seeking a baseline that was provided to us by a security expert that would allow us to identify and remediate security risks and evaluate monitoring automation. We needed a solution that could prevent the company from being violated when implementing and managing a new configuration.

The solution give us compliance and offered continuous evaluation of the policies that were established. We managed to automatically generate tools for the detection and resolution of compliance and managed to establish supervision of the operations, including the management of each incident which involves identifying risks and qualifying in order to be able to share any news or updates. This allowed us to be more proactive, complete, and precise. 

The product allows us to enhance the security of the implementations we have. It has helped resolve several security incidents that we previously had, and we could not see since previously we did not have a solution that allowed us to quickly and safely manage each one of the activities. With Check Point, we can now map incidents and see how the security teams work to verify the integrity of the systems.  

When it comes to validating the power, security, implementation, and management, I would like to also have the capacity more easily on-premise as well as the cloud. Some problems have been found in analysis at the time of execution, and local install revision agents have generated management incompatibility. It is important to evaluate the applications that are on-site since they are needed in the organization. We're looking for a solution that can incorporate legacy infrastructure for some of our business needs.

I've used the solution for approximately nine months.

CloudGuard is a SaaS security solution that handles compliance and security for cloud.

There are two major functions, and the first is to operate as a central firewall monitoring and management system in the cloud. We have more than 100 firewalls in the cloud, and CloudGuard allows us to manage them.

The second function is its role as a compliance suite that helps you in keeping your cloud platforms compliant with PCI or ISO 27001.

For the most part, this is what I used it for. In the beginning, CloudGuard did not have many features. There were only these two.

Using CloudGuard, I was able to manage a multi-cloud platform based on AWS, Azure, and Google for a multinational company in Europe with only three engineers.

CloudGuard enables customizable governance using simple, readable language. The biggest advantage is that when there are things to be changed because of compliance problems, the engineers receive a plain-language text that instructs them on what to do. This also means that you don't have to have as many cloud specialists available.

The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring. The vendor has been building on these features, but they are the two that are most important for us.

With respect to how the compliance frameworks affect our security and compliance operations, it is important to consider that first of all, in the cloud, anybody can change a firewall. We wanted to have a central firewall administrator, with our more than 100 firewalls, so that we could make sure that our platform would stay secure. CloudGuard alerts if somebody replaces something and puts it back, which is the biggest feature that we wanted.

Then, as an added feature, they have a real-time audit platform where you constantly have audits of your clouds to see that engineers don't forget to put all of the compliance in place.

CloudGuard's accuracy when it comes to compliance checking is very good, and it is done in real-time. I would rate it a nine out of ten. It is not perfect because sometimes you have false positives, although I don't think that you can get rid of them entirely. Overall, for compliance and diverse compliance methodologies, I would rate it a nine.

On the topic of accuracy, I would rate remediation a nine out of ten as well. It is easy to do because it is written in plain language, and also because there is a manual on how to remediate.

The false positives can be annoying at times.

We have been using CloudGuardfor five years.

My experience with CloudGuard began about five and a half years ago when I was working with a company that was building a multi-cloud platform. I was one of the first customers for CloudGuard, before the Check Point acquisition, and I was using it to manage my multi-cloud platform.

I would rate the stability a nine out of ten. It has always worked and I've never had a bad thing happen with it. In the beginning, when they introduced new features during beta testing, there were issues. However, it was always stable.

CloudGuard is a SaaS solution, so it scales with your cloud. When you get hundreds of firewalls, perhaps 200 or 300 of one, then the complexity becomes the same in CloudGuard as the thing that you want to solve in the cloud, so I don't think that they can extend to that.

I have a deployment that is European-wide, multi-cloud, with approximately 480 virtual machines. There were a lot of other components as well, so it was a really huge use case.

The technical support from CloudGuard is really good. In fact, for me at the time, it was really good because I had direct access to the American team, so I just had to call if there was an issue. I also had monthly meetings with them to discuss things to improve and see if their service was okay for us.

Positive

Initially, we used another solution but that was not for firewall security. Rather, it was for compliance.

The initial setup is really easy. Just submit the cloud key. It takes between an hour and two hours to deploy. When I installed it, the process did not take longer than an hour.

My implementation strategy fits into the way I design secure private clouds or multi-clouds, based on public cloud providers. It's almost a necessity. You can do it in other ways by using the local ACLs, etc, but then it becomes cumbersome. CloudGuard takes a lot of the work out of it and gives you a single point to manage all of your security firewalls.

I deployed CloudGuard myself. In my previous role, I was the head of cloud development and I directed two out of the three engineers in the team.

In the beginning, the price of CloudGuard was cheap, whereas now it is not.

I haven't gotten the latest pricing, but my advice is that you need to balance it out with your cloud business cases. It all depends on how many machines, servers, and the size of the cloud that you have. It's probably not useful if you have only a few machines and some network security groups to manage them. In this case, it's not something that you need.

I did evaluate another tool initially. I cannot recall the name but it had ".io" after it. Ultimately, we decided not to use it because it only had the compliance component and it was more expensive.

The native cloud security controls provided by the cloud vendors, when it comes to features like transparency and customization, are very weak. That's why you need CloudGuard. On their own, I would rate the native cloud security controls a four out of ten. They are complex, and the biggest issue is that it's difficult to secure if you want to centralize your security operation.

When maintaining and scaling security services and configurations across multiple public clouds using CloudGuard, versus using native cloud security controls, I find that it is much better. It's the same interface in CloudGuard, regardless of the cloud. Of course, your firewall administrator still needs to have knowledge of what he's doing. That doesn't change. The important point is that the interface is much better and it doesn't change between cloud environments.

I would rate the accuracy of the security visibility slightly lower than nine out of ten because it's still complex to do, even with CloudGuard. The biggest feature of CloudGuard is that it rolls back the changes when somebody has changed it in the cloud without authorization, yet the complexity of managing a lot of firewalls is still there. I would rate the accuracy of security visibility a seven and a half or eight out of ten.

I would rate the solution's comprehensiveness for cloud compliance and governance an eight out of ten. The false positives are a little bit annoying at times.

CloudGuard helps to minimize the attack surface and manage dynamic access, although I didn't use the dynamic access in my setup. For my use case, it was primarily minimizing the internal attack surface because I didn't use it for external connections. I had a different role there. When you only have three engineers, you need to trust them. The reason that we used CloudGuard was to be able to do it with a few engineers.

CloudGuard provides a unified security solution across AWS, Azure, and Google, but not for anything else. To that end, I don't think that any other cloud provider would be a market contender at this point, and Google will probably even disappear after a while.

My advice for anybody who is considering CloudGuard is to try it. If you're looking to manage a large security defense platform, in-depth, with a lot of firewalls, try it and you'll be surprised.

One of the things that I learned from using CloudGuard was that it offered support for compliance. I was originally just looking for a way to manage all of these firewalls, and that came as a pleasant surprise. It helped us a lot with our ISO 27000 and PCI certification.

Overall, in terms of functionality, CloudGuard is fairly well made.

I would rate this solution a nine out of ten.

Primarily, we use this solution to detect security configurations in AWS environments.

The reporting is quite good. It is the most powerful aspect of this solution.

It's user-friendly.

In general, we abandoned this solution this year.

Each component of this solution, in my opinion, could be improved.

Integration with ticketing systems, as well as the most important noise and completeness over findings, are definitely in need of improvement. They didn't take into account some additional context.

The UI is very slow.

There is room for improvement. Consider the entire context of the findings and try to avoid making a comparison between the rule and the entity's state. In general, for the product to be successful, they need to improve security, and configuration detection.

I have been working with Check Point CloudGuard Posture Management for two years.

It generates a large number of false positives.

We haven't attempted to scale the product because there are no additional plug-ins or add-ons.

We have contacted technical support but were not satisfied. Technical support needs improvement.

The initial setup was straightforward.

Licensing fees are paid on a yearly basis.

From a pricing perspective, they are pretty expensive. You can find better offerings on the market.

I would not recommend this solution to other users.

I would rate Check Point CloudGuard Posture Management a seven out of ten.

We use CloudGuard for compliance and auditing. About 20 people in our company use it, including our cloud administrators use it and security personnel. And now even our managers, our scrum masters are using it.

CloudGuard makes the management of our security controls in AWS more transparent. 

The dashboard is intuitive. You know if you're compliant or not, and then it gives you a remediation plan.

CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards. 

I've been using CloudGuard Posture Management for at least six months.

CloudGuard is pretty stable. It's rock-solid.

In terms of scalability, CloudGuard requires a little bit of work. Sometimes it does take longer for the checks to come through, but it depends on how busy you are in the cloud. 

Check Point tech support in North America is pretty good.

We really liked this other solution offered by a smaller company, and then a larger company bought it. I forgot the company's name, but the roadmap just went to pieces when it was bought out. All the tech people left the company then the chief technical officer resigned. It was terrible.

Setting up CloudGuard is pretty straightforward. The initial setup only took a few minutes. It's essentially turnkey. However, the total deployment took about half a day. For maintenance, we have two cloud administrators. That's two in case one goes on vacation, resigns, or gets sick. So you need backup.

The license for CloudGuard Posture Management is about $80 a year, and it's based on your cloud footprint, not the number of users. So you could have a million users, and it doesn't matter. 

I rate CloudGuard Posture Management seven out of 10. I would rate it higher, but I think the price point is pretty high for what it does. However, I know it's a burgeoning market. So I think the price point and some of the other features that I already mentioned, like customization, are pretty lacking. Still, if you want some cover for an internal or external audit, this is a tool for you. 

The product provides complete visibility of our cloud security posture. It supports servers and Cloud-Native Services. It provides a centralized solution for Cloud Security with risk and compliance management. 

We required it to manage various compliance requirements including live ISO, SOC, PCI and it supports everything. Our Organization is in a hybrid structure and in it, we are using various AWS and Azure accounts. Earlier, we managed everything individually, however, after the implementation of it, we now manage everything from a single solution. The single solution helps with the system, network, and security administration.

The solution provides the complete visibility of Cloud Security, as well as a number of baseline policies and rules. This helps us to manage cloud posture with less effort. After implementation, it reduced administrative effort in terms of managed security over the cloud. Now, we are not dependent on individual tools for each account as well as cloud service providers. 

After implementation, the team can generate reports from a single console for all compliance needs.

Auto Remediation is a very effective feature and it improves the need for manual intervention from the security and cloud administrator.

The baseline policy and the integration with the public cloud are very easy.

The number of compliance rulesets along with the baseline policy, support of cloud-native services, and license management are easy. Support of the CI/CD pipeline security (Code Security), Kubernetes, et cetera, is useful. 

There are very helpful and various types of reports. Reporting features are very good and anyone from the compliance team can view/generate a report according to compliance support.

Auto remediation is a very effective feature that helps ensure less manual intervention.

Support of AWS Lamda and Azure Functions helps for any potential breaches.

Almost all features are good, however, they still require improvements to the code security portion on which integration with the major source code repository is required.

Integration with CI/CD is an important aspect as it is needed to secure the environment. Having it will help a lot.

Integration with Docker is also a key feature that needs some improvements.

Integration with other third parties and with SIEM is an important aspect that should be addressed.

Currently, it provides integration with Tenable, but it would be good if it had support other VAPT software as well.

We have been using Check Point CloudGuard Posture management for the last 8+ months.

The solution is very stable and we have not found any gaps. It provides seamless integration with the public cloud.

It's a highly scalable solution and integration with the public cloud is very good. The way you can centralize the dashboard of entire cloud infra is a very impressive.

Support has been good. We implement it with the help of OEM support and whenever we've required help we've received a good response.

Earlier, we tested other tools as well, however, the features which were available via Check Point are very good and the future roadmap is also very good in regards to cloud security.

The setup is straightforward and seamless.

We implemented it with help of Check Point support. The rest was managed by our internal team as it's easy to handle.

Security is very important and gives us ROI from security itself. We also get an ROI as we have less administrative effort. We can see an ROI with the compliance and risk management on offer too.

The setup cost is very affordable and very easy. Integration with the public cloud is very easy. The licensing calculation is also very good and no manual effort is required.

We evaluated other tools like Rapid7, Qualys, and AWS native security tools, as well as Azure native security tools.

It's a very strong solution for cloud security posture management and very effective for large and mid-size environments. Any organization moving towards the cloud would benefit from this.  

We primarily use this solution for:

1. Posture management and compliance for the complete cloud environment (AWS).
2. Centralized visibility of our cloud assets across multiple accounts in our cloud environment.
3. Monitoring and alerting of cloud activity (API calls) happening across all the accounts.
4. Reviewing security configuration (network configuration of security groups).
5. Scanning serverless functions for existing vulnerabilities.
6. The baseline for security policy as per workload based on services such as S3, EC2, et cetera.

This solution helped us improve by:

1. Improving the overall security posture of our cloud environment.
2. Maintaining Asset inventory for Cloud.
3. Continuously reporting and alerting for reactive approach.
4. Providing a best practice policy helping in strengthening security of workloads. 
5. The biggest lesson that I have learned from using this product is that organizations are very uninformed about their cloud presence, what assets they have, and what shape it's in which this solution is capable of and provides better visibility.

1. The queries for detecting any type of incident are great.
2. The solution provides a granular level of reports - along with issues based on compliance.
3. Alerts of cloud activity happening across all accounts is helpful.
4. Customization of rulesets as per our cloud security policy is useful and strengthens the security.
5. Reporting against compliance is an important feature that helps you comply with policies and standards within our organization.
6. Assets Management is excellent as it provides complete visibility of our workload in our EC2 instance. 

The following things can be improved:

1. Reporting should have more options.
2. Investigation of security events should be more comprehensive be it for cloud activity or traffic activity.
3. The false positives can be annoying at times.
4. We do not use remediation at the moment. We do the remediation manually, since we are still using Dome9 in read-only mode. I don't know if we will use the remediation in the future as we prefer to do it ourselves.
5. The price of this solution should be reduced so that it is more affordable to scale.

We have been using this solution for last year.

This was the first time we used any CSPM solution.

The price of this solution should be reduced so that it is more affordable to scale - specifically for features like Intelligence Pro.

We evaluated Prisma Cloud, however, we found many of the features that we won't be using we would still be paying for unnecessarily.