Check Point CloudGuard CNAPP pros and cons

Vendor: Check Point Software Technologies

4.3 out of 5

60 reviews
93% willing to recommend

1,242 followers

Check Point CloudGuard CNAPP Pros review quotes

KW

reviewer1459770

Advisory Information Security Analyst at a financial services firm with 501-1,000 employees

Nov 24, 2020

I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better. The different cloud platforms all have their own way that they handle a lot of the stuff that Dome9 handles. Even within their platform, they are in a lot of disparate places, e.g., in AWS, there are five different tools. You have to jump between them to get the same information that you can just pull in automatically on Dome9, which is just one platform. We are using multiple platforms, so that makes it even more complicated and time consuming if you had to just rely on them to get all of your information. Whereas, it's all just summarized and put together on the Dome9 end.

Read full review

TG

reviewer2085951

Cloud Security Architect with 51-200 employees

Jan 27, 2023

It saves time because I can look across the organization. Instead of checking 50 different accounts atomically and spending 15 minutes investigating each, I can spend 15 minutes exploring all 50 accounts. It allows me to quickly look across the org for similar problems when one comes up. That's a huge time saver.

Read full review

BD

Sr Manager IT Security at a financial services firm with 10,001+ employees

Aug 3, 2020

It helps us to analyze vulnerabilities way before they get installed in production and the web. It gives us more security in the production environment.

Read full review

Check Point CloudGuard CNAPP

Free Report: Check Point CloudGuard CNAPP Reviews and More

Learn what your peers think about Check Point CloudGuard CNAPP. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.

768,740 professionals have used our research since 2012.

Deputy Manager at Computer Age Management Services Pvt. Ltd.

Jan 23, 2024

We like the GSL Builder feature. When you're running a security operations center, you spend a lot of time monitoring endpoint activity to ensure there is no malicious traffic or anonymous access in the environment. The GSL Builder is helpful for deep investigations of a particular reason for an incident. You can use it to get more information.

Read full review

SK

Associate Director at Virtusa Global

Oct 18, 2023

I can take proactive actions based on an alert without having to interact with the platform directly.

Read full review

reviewer2054484

Principal Cybersecurity Architect at a manufacturing company with 10,001+ employees

Jan 13, 2023

The posture management and remediation features are the most valuable. We use GSL Builder to build custom rules in alignment with our organization's policies. CloudGuard has canned rules using multiple standard frameworks, but we also have additional rules.

Read full review

JM

Network Security Engineer/Architect at Euronext Technologies SAS

Sep 16, 2020

On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures.

Read full review

SB

Schillebeeks Bart

Owner at AD Internet Consulting

Jun 17, 2022

The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring.

Read full review

VD

CIFO at Crisp System India Pvt Ltd

May 1, 2023

This solution helps to keep everything visible, and it also alerts us if something is wrong, such as if someone opened extra ports or services that they are not supposed to. This is a valuable tool for monitoring and maintaining our cloud environment.

Read full review

RR

reviewer1440831

Senior Security Engineer at a insurance company with 10,001+ employees

Oct 22, 2020

The audit feature is the most valuable for compliance reasons. It gives you a full view of the whole environment, no matter how many accounts you have in AWS or Azure. You have it all under one umbrella.

Read full review

Show 10 more reviews (out of 80)

Check Point CloudGuard CNAPP Cons review quotes

KW

reviewer1459770

Advisory Information Security Analyst at a financial services firm with 501-1,000 employees

Nov 24, 2020

The biggest thing is the documentation aspect of Dome9 is a little lacking. They were purchased by Check Point about a year and a half to two years ago. When they integrated into Check Point's support system, a lot of the documentation that they had previously got mangled in the transition, e.g., linking to stuff on the Dome9 website that no longer exists. There are still a lot of spaces with incomplete links and stuff that is not as fully explained as it could be.

Read full review

TG

reviewer2085951

Cloud Security Architect with 51-200 employees

Jan 27, 2023

Making basic rules is easy, but it's complex if you want to do something a little more nuanced. I've been unable to make some rules that I wanted. I couldn't evaluate some values or parameters of the components I look for. I haven't always been able to assess them.

Read full review

BD

Sr Manager IT Security at a financial services firm with 10,001+ employees

Aug 3, 2020

Automatic remediation requires read/write access. When providing read/write access to third-party applications, this can add risk. It should have some options of triggering API calls to the cloud platform, which in turn, can make the required changes.

Read full review

Check Point CloudGuard CNAPP

Free Report: Check Point CloudGuard CNAPP Reviews and More

Learn what your peers think about Check Point CloudGuard CNAPP. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.

768,740 professionals have used our research since 2012.

Deputy Manager at Computer Age Management Services Pvt. Ltd.

Jan 23, 2024

The user interface could be improved. Sometimes, the visibility is not immediately available for the environment. We have the native servers that come with the solutions, but we cannot see them in the Check Point log. Another issue is with the integrated file monitoring. It would make sense to have stuff like file integrity monitoring and malware scanning available within this module because we don't want to integrate another product.

Read full review

SK

Associate Director at Virtusa Global

Oct 18, 2023

Adding a feature that allows me to easily identify the changes that have been made to the CIS benchmark and update my own policy accordingly would be a valuable addition to Check Point CloudGuard Posture Management.

Read full review

reviewer2054484

Principal Cybersecurity Architect at a manufacturing company with 10,001+ employees

Jan 13, 2023

When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug.

Read full review

JM

Network Security Engineer/Architect at Euronext Technologies SAS

Sep 16, 2020

The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point.

Read full review

SB

Schillebeeks Bart

Owner at AD Internet Consulting

Jun 17, 2022

The false positives can be annoying at times.

Read full review

VD

CIFO at Crisp System India Pvt Ltd

May 1, 2023

Check Point must provide a multi-cloud facility where AWS, Azure, and GCP can seamlessly work together and display posture in an integrated manner.

Read full review

RR

reviewer1440831

Senior Security Engineer at a insurance company with 10,001+ employees

Oct 22, 2020

The accuracy of its remediation is a 7.5 out of 10. Before, I would have given it a ten but now, to handle remediation for fully qualified domain names, it's not working as it did in the past. We're finding some difficulties there.

Read full review

Show 10 more reviews (out of 79)

Product Categories

Product Categories

Vulnerability Management

Cloud and Data Center Security

Container Management

Cloud Workload Protection Platforms (CWPP)

Cloud Security Posture Management (CSPM)

Cloud-Native Application Protection Platforms (CNAPP)

Data Security Posture Management (DSPM)

Compliance Management

Popular Comparisons

Popular Comparisons

Cisco Umbrella vs Check Point CloudGuard CNAPP

Darktrace vs Check Point CloudGuard CNAPP

Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP

Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP

Wiz vs Check Point CloudGuard CNAPP

Zscaler Internet Access vs Check Point CloudGuard CNAPP

Prisma Access by Palo Alto Networks vs Check Point CloudGuard CNAPP

Cloudflare vs Check Point CloudGuard CNAPP

Qualys VMDR vs Check Point CloudGuard CNAPP

Tenable Security Center vs Check Point CloudGuard CNAPP

Microsoft Defender for Cloud Apps vs Check Point CloudGuard CNAPP

Fortinet FortiWeb vs Check Point CloudGuard CNAPP

Netskope vs Check Point CloudGuard CNAPP

AWS Security Hub vs Check Point CloudGuard CNAPP

Cato SASE Cloud Platform vs Check Point CloudGuard CNAPP

See all alternatives

Product Categories

Product Categories

Vulnerability Management

Cloud and Data Center Security

Container Management

Cloud Workload Protection Platforms (CWPP)

Cloud Security Posture Management (CSPM)

Cloud-Native Application Protection Platforms (CNAPP)

Data Security Posture Management (DSPM)

Compliance Management

Popular Comparisons

Popular Comparisons

Cisco Umbrella vs Check Point CloudGuard CNAPP

Darktrace vs Check Point CloudGuard CNAPP

Prisma Cloud by Palo Alto Networks vs Check Point CloudGuard CNAPP

Microsoft Defender for Cloud vs Check Point CloudGuard CNAPP

Wiz vs Check Point CloudGuard CNAPP

Zscaler Internet Access vs Check Point CloudGuard CNAPP

Prisma Access by Palo Alto Networks vs Check Point CloudGuard CNAPP

Cloudflare vs Check Point CloudGuard CNAPP

Qualys VMDR vs Check Point CloudGuard CNAPP

Tenable Security Center vs Check Point CloudGuard CNAPP

Microsoft Defender for Cloud Apps vs Check Point CloudGuard CNAPP

Fortinet FortiWeb vs Check Point CloudGuard CNAPP

Netskope vs Check Point CloudGuard CNAPP

AWS Security Hub vs Check Point CloudGuard CNAPP

Cato SASE Cloud Platform vs Check Point CloudGuard CNAPP

See all alternatives

Related questions

17

What is the pricing for Check Point software?

79

How inadvisable is it to use a single vulnerability analysis tool?

94

What are the benefits of continuous scanning for vulnerability management?

33

What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?

41

When evaluating Vulnerability Management, what aspect do you think is the most important to look for?

61

What are the main KPIs that need to be implemented to have better posture in vulnerability projects?

209

How do you use the MITRE ATT&CK framework for improving enterprise security?

97

What are your recommended automated penetration testing tools?

213

Can you recommend API for Tenable Connector into ServiceNow

71

What penetration testing tool (or tools) do you recommend for SMB/SME?