Try our new research platform with insights from 80,000+ expert users
Check Point CloudGuard CNAPP Logo

Check Point CloudGuard CNAPP pros and cons

Vendor: Check Point Software Technologies
4.3 out of 5
1,101 followers
Start review

Pros & Cons summary

Check Point CloudGuard CNAPP enhances cloud security with real-time compliance monitoring, helping organizations adhere to standards while offering visibility of cloud assets. Automation, including auto-remediation, boosts efficiency. Centralized application views aid in managing security but need better third-party integrations and support for hybrid deployments. Documentation gaps and limited scalability pose challenges, and remediation requires more flexibility to ensure minimal security risks, enhancing utility for tech buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Check Point CloudGuard CNAPP enhances cloud security with compliance and auto-remediation features.
It offers comprehensive posture management with insights into vulnerabilities and security audit compliance.
Centralized firewall management and threat detection across environments improve visibility and control.
The tool integrates with existing security operations, helping identify and mitigate risks efficiently.
Users benefit from streamlined reporting and automation, enhancing security protocol adherence.

CONS

Check Point CloudGuard CNAPP could benefit from tighter integration with third-party tools like Chef Compliance and ServiceNow for improved management of security incidents and changes.
The incorporation of AI for backend analysis and recommendations could enhance the effectiveness of Check Point CloudGuard CNAPP.
Check Point CloudGuard CNAPP should extend support to on-premises and hybrid cloud deployments to maximize flexibility.
A reduction in the pricing of Check Point CloudGuard CNAPP would make scaling more affordable.
Better integration capabilities with additional third-party products and services would enhance flexibility and user-friendliness for businesses with varied IT ecosystems.
 

Check Point CloudGuard CNAPP Pros review quotes

reviewer1459770 - PeerSpot reviewer
Nov 24, 2020
I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better. The different cloud platforms all have their own way that they handle a lot of the stuff that Dome9 handles. Even within their platform, they are in a lot of disparate places, e.g., in AWS, there are five different tools. You have to jump between them to get the same information that you can just pull in automatically on Dome9, which is just one platform. We are using multiple platforms, so that makes it even more complicated and time consuming if you had to just rely on them to get all of your information. Whereas, it's all just summarized and put together on the Dome9 end.
Read full review
reviewer2085951 - PeerSpot reviewer
Jul 29, 2024
It saves time because I can look across the organization. Instead of checking 50 different accounts atomically and spending 15 minutes investigating each, I can spend 15 minutes exploring all 50 accounts. It allows me to quickly look across the org for similar problems when one comes up. That's a huge time saver.
Read full review
BD
Aug 3, 2020
It helps us to analyze vulnerabilities way before they get installed in production and the web. It gives us more security in the production environment.
Read full review
Buyer's Guide
Check Point CloudGuard CNAPP
May 2025
Free Report: Check Point CloudGuard CNAPP Reviews and More
Learn what your peers think about Check Point CloudGuard CNAPP. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
DOWNLOAD NOW
850,760 professionals have used our research since 2012.
Yokesh Mani - PeerSpot reviewer
Jan 23, 2024
We like the GSL Builder feature. When you're running a security operations center, you spend a lot of time monitoring endpoint activity to ensure there is no malicious traffic or anonymous access in the environment. The GSL Builder is helpful for deep investigations of a particular reason for an incident. You can use it to get more information.
Read full review
SK
Oct 18, 2023
I can take proactive actions based on an alert without having to interact with the platform directly.
Read full review
reviewer2054484 - PeerSpot reviewer
Jan 13, 2023
The posture management and remediation features are the most valuable. We use GSL Builder to build custom rules in alignment with our organization's policies. CloudGuard has canned rules using multiple standard frameworks, but we also have additional rules.
Read full review
reviewer1098015 - PeerSpot reviewer
Sep 16, 2020
On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures.
Read full review
SB
Jun 17, 2022
The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring.
Read full review
reviewer2244411 - PeerSpot reviewer
Jul 19, 2024
Most of the features are pretty valuable, whether that's a description of the attacks or the attack graph showing the vulnerabilities. If a single tool does all this work, the value is centralizing all these functions on a single tool. These are the cloud-native applications we talk about — containers, Kubernetes, and cloud infrastructure — and all those things are the primary focus of the CNAPP solution.
Read full review
Samir-Paul - PeerSpot reviewer
Apr 26, 2024
The identification of misconfigurations, maintenance of compliance in a centralized way, and visibility across all the multi-cloud tenants are the key functionalities.
Read full review
Show 10 more reviews (out of 91)
 

Check Point CloudGuard CNAPP Cons review quotes

reviewer1459770 - PeerSpot reviewer
Nov 24, 2020
The biggest thing is the documentation aspect of Dome9 is a little lacking. They were purchased by Check Point about a year and a half to two years ago. When they integrated into Check Point's support system, a lot of the documentation that they had previously got mangled in the transition, e.g., linking to stuff on the Dome9 website that no longer exists. There are still a lot of spaces with incomplete links and stuff that is not as fully explained as it could be.
Read full review
reviewer2085951 - PeerSpot reviewer
Jul 29, 2024
Making basic rules is easy, but it's complex if you want to do something a little more nuanced. I've been unable to make some rules that I wanted. I couldn't evaluate some values or parameters of the components I look for. I haven't always been able to assess them.
Read full review
BD
Aug 3, 2020
Automatic remediation requires read/write access. When providing read/write access to third-party applications, this can add risk. It should have some options of triggering API calls to the cloud platform, which in turn, can make the required changes.
Read full review
Buyer's Guide
Check Point CloudGuard CNAPP
May 2025
Free Report: Check Point CloudGuard CNAPP Reviews and More
Learn what your peers think about Check Point CloudGuard CNAPP. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
DOWNLOAD NOW
850,760 professionals have used our research since 2012.
Yokesh Mani - PeerSpot reviewer
Jan 23, 2024
The user interface could be improved. Sometimes, the visibility is not immediately available for the environment. We have the native servers that come with the solutions, but we cannot see them in the Check Point log. Another issue is with the integrated file monitoring. It would make sense to have stuff like file integrity monitoring and malware scanning available within this module because we don't want to integrate another product.
Read full review
SK
Oct 18, 2023
Adding a feature that allows me to easily identify the changes that have been made to the CIS benchmark and update my own policy accordingly would be a valuable addition to Check Point CloudGuard Posture Management.
Read full review
reviewer2054484 - PeerSpot reviewer
Jan 13, 2023
When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug.
Read full review
reviewer1098015 - PeerSpot reviewer
Sep 16, 2020
The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point.
Read full review
SB
Jun 17, 2022
The false positives can be annoying at times.
Read full review
reviewer2244411 - PeerSpot reviewer
Jul 19, 2024
CloudGuard's reporting could be better. It's good now, but there is room for improvement. If you're looking for a centralized platform, there are a lot of features that can be appreciated. However, you want complete security integration with SaaS, DAST, secret scanning, etc., and a single platform for all these features.
Read full review
Samir-Paul - PeerSpot reviewer
Apr 26, 2024
The impact analysis that they perform can be improved. It is currently lacking. It should be more detailed.
Read full review
Show 10 more reviews (out of 89)

Product Categories

Product Categories
Vulnerability Management
Cloud and Data Center Security
Container Security
Cloud Workload Protection Platforms (CWPP)
Cloud Security Posture Management (CSPM)
Cloud-Native Application Protection Platforms (CNAPP)
Data Security Posture Management (DSPM)
Compliance Management

Popular Comparisons

Popular Comparisons
Cloudflare vs Check Point CloudGuard CNAPP Logo
Cloudflare vs Check Point CloudGuard CNAPP
Wiz vs Check Point CloudGuard CNAPP Logo
Wiz vs Check Point CloudGuard CNAPP
Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP Logo
Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP
Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP Logo
Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP
Darktrace vs Check Point CloudGuard CNAPP Logo
Darktrace vs Check Point CloudGuard CNAPP
SentinelOne Singularity Cloud Security vs Check Point CloudGuard CNAPP Logo
SentinelOne Singularity Cloud Security vs Check Point CloudGuard CNAPP
Qualys VMDR vs Check Point CloudGuard CNAPP Logo
Qualys VMDR vs Check Point CloudGuard CNAPP
Tenable Security Center vs Check Point CloudGuard CNAPP Logo
Tenable Security Center vs Check Point CloudGuard CNAPP
AWS Security Hub vs Check Point CloudGuard CNAPP Logo
AWS Security Hub vs Check Point CloudGuard CNAPP
AWS GuardDuty vs Check Point CloudGuard CNAPP Logo
AWS GuardDuty vs Check Point CloudGuard CNAPP
CrowdStrike Falcon Cloud Security vs Check Point CloudGuard CNAPP Logo
CrowdStrike Falcon Cloud Security vs Check Point CloudGuard CNAPP
Varonis Platform vs Check Point CloudGuard CNAPP Logo
Varonis Platform vs Check Point CloudGuard CNAPP
Illumio vs Check Point CloudGuard CNAPP Logo
Illumio vs Check Point CloudGuard CNAPP
Orca Security vs Check Point CloudGuard CNAPP Logo
Orca Security vs Check Point CloudGuard CNAPP
Akamai Guardicore Segmentation vs Check Point CloudGuard CNAPP Logo
Akamai Guardicore Segmentation vs Check Point CloudGuard CNAPP
See all alternatives

Product Categories

Product Categories
Vulnerability Management
Cloud and Data Center Security
Container Security
Cloud Workload Protection Platforms (CWPP)
Cloud Security Posture Management (CSPM)
Cloud-Native Application Protection Platforms (CNAPP)
Data Security Posture Management (DSPM)
Compliance Management

Popular Comparisons

Popular Comparisons
Cloudflare vs Check Point CloudGuard CNAPP Logo
Cloudflare vs Check Point CloudGuard CNAPP
Wiz vs Check Point CloudGuard CNAPP Logo
Wiz vs Check Point CloudGuard CNAPP
Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP Logo
Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP
Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP Logo
Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP
Darktrace vs Check Point CloudGuard CNAPP Logo
Darktrace vs Check Point CloudGuard CNAPP
SentinelOne Singularity Cloud Security vs Check Point CloudGuard CNAPP Logo
SentinelOne Singularity Cloud Security vs Check Point CloudGuard CNAPP
Qualys VMDR vs Check Point CloudGuard CNAPP Logo
Qualys VMDR vs Check Point CloudGuard CNAPP
Tenable Security Center vs Check Point CloudGuard CNAPP Logo
Tenable Security Center vs Check Point CloudGuard CNAPP
AWS Security Hub vs Check Point CloudGuard CNAPP Logo
AWS Security Hub vs Check Point CloudGuard CNAPP
AWS GuardDuty vs Check Point CloudGuard CNAPP Logo
AWS GuardDuty vs Check Point CloudGuard CNAPP
CrowdStrike Falcon Cloud Security vs Check Point CloudGuard CNAPP Logo
CrowdStrike Falcon Cloud Security vs Check Point CloudGuard CNAPP
Varonis Platform vs Check Point CloudGuard CNAPP Logo
Varonis Platform vs Check Point CloudGuard CNAPP
Illumio vs Check Point CloudGuard CNAPP Logo
Illumio vs Check Point CloudGuard CNAPP
Orca Security vs Check Point CloudGuard CNAPP Logo
Orca Security vs Check Point CloudGuard CNAPP
Akamai Guardicore Segmentation vs Check Point CloudGuard CNAPP Logo
Akamai Guardicore Segmentation vs Check Point CloudGuard CNAPP
See all alternatives
Related questions
  • 20
What is the pricing for Check Point software?
  • 58
How inadvisable is it to use a single vulnerability analysis tool?
  • 32
What are the benefits of continuous scanning for vulnerability management?
  • 21
When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
  • 15
What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
  • 207
What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
  • 100
Which is the best vulnerability scanner tool?
  • 68
What are your recommended automated penetration testing tools?
  • 85
How do you use the MITRE ATT&CK framework for improving enterprise security?
  • 98
Can you recommend API for Tenable Connector into ServiceNow