Coming October 25: PeerSpot Awards will be announced! Learn more

Check Point CloudGuard Posture Management Room for Improvement

KW
Advisory Information Security Analyst at a financial services firm with 501-1,000 employees

The biggest thing is the documentation aspect of Dome9 is a little lacking. They were purchased by Check Point about a year and a half to two years ago. When they integrated into Check Point's support system, a lot of the documentation that they had previously got mangled in the transition, e.g., linking to stuff on the Dome9 website that no longer exists. There are still a lot of spaces with incomplete links and stuff that is not as fully explained as it could be. However, the product itself is really easy to use, so there is not too much of an issue with that. Also, it's not too hard to get on with the actual Check Point support to go over this stuff.

View full review »
Schillebeeks Bart - PeerSpot reviewer
Owner at AD Internet Consulting

The false positives can be annoying at times.

View full review »
RR
Senior Security Engineer at a insurance company with 10,001+ employees

The accuracy of its remediation is a 7.5 out of 10. Before, I would have given it a ten but now, to handle remediation for fully qualified domain names, it's not working as it did in the past. We're finding some difficulties there.

Also, as soon as Check Point took over the solution, the feature that identifies and creates security groups based on fully qualified domain names, instead of IP addresses, was degraded.

View full review »
Buyer's Guide
Check Point CloudGuard Posture Management
September 2022
Learn what your peers think about Check Point CloudGuard Posture Management. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
633,184 professionals have used our research since 2012.
Mantu Shaw - PeerSpot reviewer
Sr. Technology Architect at Incedo Inc.

Almost all features are good, however, they still require improvements to the code security portion on which integration with the major source code repository is required.

Integration with CI/CD is an important aspect as it is needed to secure the environment. Having it will help a lot.

Integration with Docker is also a key feature that needs some improvements.

Integration with other third parties and with SIEM is an important aspect that should be addressed.

Currently, it provides integration with Tenable, but it would be good if it had support other VAPT software as well.

View full review »
Adriamcam - PeerSpot reviewer
Consultant at ITQS

The service is very complete for the functionality that it was created for, however, they can make a couple of improvements such as the validation of policies that must be available before they are implemented in the production environment. It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published. They do not update as they should and the new rules are not applied. They can also try to reduce the false positives generated by the tool.

View full review »
Chris Dagal - PeerSpot reviewer
Senior Consultant at a tech services company with 11-50 employees

I would be great to have additional features when it comes to vulnerability assessments in terms of how the solution discovers vulnerabilities or compromised workloads and not just on security configurations with customizable reports would be nice. 

View full review »
Basil Dange - PeerSpot reviewer
Senior Manager at a financial services firm with 10,001+ employees

There are several things in need of improvement, including:

  1. Policy validation should be available before it is deployed in a production environment using a cloud template.
  2. Auto remediation requires read/write access. As providing read/write access to third-party applications can add risk, it should have some option of triggering API calls to the cloud platform, which in turn makes the required changes.
  3. A number of security rules need to be added in order to identify more issues.
  4. Reporting should have more options.
  5. It should support all container platforms for visibility of complete infrastructure using a single console such as PCF .
View full review »
JP
Cloud Solution Architect at Network Thinking Solutions
Today, globally, there are many companies of all sizes that do not understand the value of their data, but even with all the existing clouds, they also do not understand what the shared responsibility model is. They only assume that by having a cloud, the provider must ensure security, when the truth is that providers only protect their sites. Everything we do in the cloud and how we configure it is actually our responsibility, in this sense we can evaluate many solutions that help us protect our clouds, however, and after trying 5 different solutions, the checkpoint solution is by far The most complete View full review »
alvarado - PeerSpot reviewer
Cloud Support Leader at a tech company with 51-200 employees

I can't really imagine improvements for Check Point. They have been doing very well for years in modern security fields. Currently, Check Point is very well placed compared to its competitors - and this is not by chance. Check Point has taken security to a higher level.

Check Point's support, customer service, SLAs, and schedules can be improved a little. Among some of the qualities to improve, would be even to copy from other companies that have more highly polished services. For example, something important is that they always promptly include the official documentation of the manufacturer in order to carry out correct implementations.

View full review »
LA
Cloud Support - Security Admin at a tech company with 1-10 employees

Some general improvement characteristics can be made, including the following:

1- Cost improvement. Some tools are quite expensive, and some non-equal manufacturers offer more comfortable capabilities at the cost level.

2- The guidelines to implement or to link with the clouds are not complete. Following them sometimes the task of implementing under the best practices of the manufacturer is not achieved.

3- Many Check Point guides are only available to partners and not to the general public. They can make a better impression by having them public and thereby helping the client.

View full review »
DH
Support at a tech services company with 51-200 employees

Areas that can be improved are few. However, some can be mentioned, such as the costs for this solution going down a bit. Not all clients, despite the great power of the tool, can afford it.

The support must be more effective. Sometimes they take several days to resolve an issue. However, it must be mentioned, they always resolve it correctly.

Finally, I think that the solution meets all expectations but can also improve the performance of the administrator portal a little so that it does not sometimes stop.

View full review »
SJ
Chief Technical Officer at a government with 1,001-5,000 employees

CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards. 

View full review »
Kirtikumar Patel - PeerSpot reviewer
Network Engineer at LTTS

In Dome9, there should be a policy validation option where we can validate the policy before we push it into production. This option is very important, as we are working in a critical and complex environment. This option would give us more confidence in our activities or policy pushing.

We could see the option is available for on-premises devices. 

Automatic remediation requires read/write access.

Otherwise, overall this product is very good for our cloud environment, and we are satisfied with this.  

View full review »
HS
Security Engineer at a tech company with 1,001-5,000 employees

The following things can be improved:

  1. Reporting should have more options.
  2. Investigation of security events should be more comprehensive be it for cloud activity or traffic activity.
  3. The false positives can be annoying at times.
  4. We do not use remediation at the moment. We do the remediation manually, since we are still using Dome9 in read-only mode. I don't know if we will use the remediation in the future as we prefer to do it ourselves.
  5. The price of this solution should be reduced so that it is more affordable to scale.
View full review »
Basilio Alcantara - PeerSpot reviewer
IT Security Engineer at Bayview

The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure. This is one of the main cloud providers, so it's imperative to make this a priority in order to bring a lot of value to this tool.

The idea is to leverage Dome9 as the main central place for auto-remediation of all cloud environments so that customers don't have to spend a lot of time manually remediating. Manual remediation is very challenging once you have so many cloud accounts to support on a regular basis, and Dome9 can help do part of the job.

View full review »
Jonathan Ramos G. - PeerSpot reviewer
Cloud Engineer at ITQS

Currently, I would like this solution extended to cellular devices or tablets. This will be able to allow us to be more efficient.

View full review »
VV
Cloud Security Lead at a computer software company with 5,001-10,000 employees

In general, we abandoned this solution this year.

Each component of this solution, in my opinion, could be improved.

Integration with ticketing systems, as well as the most important noise and completeness over findings, are definitely in need of improvement. They didn't take into account some additional context.

The UI is very slow.

There is room for improvement. Consider the entire context of the findings and try to avoid making a comparison between the rule and the entity's state. In general, for the product to be successful, they need to improve security, and configuration detection.

View full review »
GD
Cloud Security Architect at Kontex

The security of Check Point CloudGuard Posture Management could improve. There are always new security issues coming out.

View full review »
DC
Managing Director at a tech services company with 5,001-10,000 employees

I'd like to see improvements with the configuration. 

View full review »
Buyer's Guide
Check Point CloudGuard Posture Management
September 2022
Learn what your peers think about Check Point CloudGuard Posture Management. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
633,184 professionals have used our research since 2012.