Amazon GuardDuty vs Check Point CloudGuard Posture Management comparison

You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Amazon GuardDuty and Check Point CloudGuard Posture Management based on real PeerSpot user reviews.

Find out in this report how the two CWPP (Cloud Workload Protection Platforms) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Amazon GuardDuty vs. Check Point CloudGuard Posture Management Report (Updated: November 2022).
655,711 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"The most valuable features are the single system for data collection and the alert mechanisms.""Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing.""Deployment is great, and we didn't face any big challenges.""What we found most valuable in Amazon GuardDuty is its threat detection feature, especially because we were monitoring a huge number of AWS accounts, so we needed a solution that would monitor for any kind of malicious activity. The monitoring aspect of the solution was great because it gave us timely notifications if and when anything happened, and Amazon GuardDuty helped keep us on our toes to make sure we took action right away.""The correlation back end is the solution's most valuable feature.""What I like most about Amazon GuardDuty is that you can monitor your AWS accounts across, but you don't have to pay the additional cost. You can get all your CloudTrail VPC flow logs and DNS logs all in one, and then you get the monitoring with that. A lot of times, if you had a separate tool on-premise, you would have to set up your DNS logs, so usually, Amazon GuardDuty helps with all your additional networking requirements, so I utilize it for continuous monitoring because you can't detect anything if you're not monitoring, and the solution fills that gap. If you don't do anything else first, you can deploy your firewall, and then you've got your Route 53 DNS and DNSSEC, but then Amazon GuardDuty fills that, and then you have audit requirements in AU that says, "Hey, what are your additional logs?", so you can just say, "Hey, we utilize Amazon GuardDuty." You're getting your CloudTrail, your VPC flow logs, and all your DNS logs, and those are your additional logs right there, so the solution meets a lot of requirements. Now, everything comes with a cost, but I also like that the solution also provides threat response and remediation. It's a pretty good product. I've just used it more for log analysis and that's where the value is at, the niche value. Once you do threat detection, it goes into a lot of other integrations you need to implement, so threat detection is only good as the integration, as the user that knows the tools itself, and the architecture and how it's all set up and the rules that you set within that."

More Amazon GuardDuty Pros →

"We really liked its ease of implementation against our Microsoft Azure environment.""The most valuable feature is the CloudBots for auto-remediation of security findings.""This solution has saved the company from unnecessary data loss that occurs due to cyber attacks.""Its easy implementation against Microsoft Azure was quite satisfactory.""Alerts of cloud activity happening across all accounts is helpful.""We like the ability to investigate, analyze, and generate reports.""The product allows us to enhance the security of the implementations we have.""The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring."

More Check Point CloudGuard Posture Management Pros →

"An improvement would be to have a mobile version where remote workers can log in and monitor and fix issues.""While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved.""Amazon GuardDuty could be better enriched in threat intelligence data.""Improvement-wise, Amazon GuardDuty should have an overall dashboard analytics function so we could see what's in the current environment, and then in addition to that, provide best practices and recommendations, particularly to provide some type of observability, and then figure out the login side of it, based on our current environment, in terms of what we're not monitoring and what we should monitor. The solution should also give us a sample code configuration to implement that added feature or feature request. What I'd like to see in the next release of Amazon GuardDuty are more security analytics, reporting, and monitoring. They should provide recommendations and additional options that answer questions such as "Hey, what can we see in our environment?", "What should we implement within the environment?", What's recommended?" We know that cost will always be associated with that, but Amazon GuardDuty should show us the increased costs or decreased costs if we implement it or don't implement it, and that would be a good feature request, particularly with all products within AWS, just for cloud products in general because there are times features are implemented, but once they're deployed, they don't tell you about costs that would be generated along with those features. After features are deployed, there should a summary of the costs that would be generated, and projected based on current usage, so they would give us the option to figure out how long we're going to use those features and the option to keep those on or turn those off. If more services were like that, a lot more people would use those on the cloud.""Some of the pain points in Amazon GuardDuty was the cost. When compared to some of the other services, depending on how many we had to monitor, if we had a huge range of accounts, as our accounts increased, we had a cost factor that came into play. Sometimes there were issues, for example, with findings that came up, we wanted to add notes and there were issues back then where notes couldn't be entered properly. If we wanted to leave a note such as "Okay, we have assessed this and this is how we feel", or "This is a false positive", Amazon GuardDuty wasn't allowing us to do that. Even with the suppression of certain findings, there was some issue that we had faced at one time. Those were some of the pain points of the solution.""The solution has to be integrated with new services that AWS adds like QuickSight, Managed Airflow, AppFlow and MWAA."

More Amazon GuardDuty Cons →

"In general, for the product to be successful, they need to improve security, and configuration detection.""Integration could be improved.""The reporting dashboard responds slowly, which leads to late report compilation.""I would like to see improvements in the vulnerability assessments in terms of how the solution discovers vulnerabilities or compromised workloads. Also, customizable reports would be nice.""It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published.""The entire system is complicated, and the setup process may not cater to the company's demands.""Currently, worldwide, there are many companies of all sizes that do not understand the value that their data has, but even with all existing clouds, they also do not understand what the shared responsibility model is. They only assume that by having a cloud, the provider must ensure safety, when the truth is that the providers only secure their sites. Everything we do in the cloud and how we configure it is actually our responsibility.""The security of Check Point CloudGuard Posture Management could improve. There are always new security issues coming out."

More Check Point CloudGuard Posture Management Cons →

Pricing and Cost Advice
  • "We use a pay-as-you-use license, which is competitively priced in the market."
  • "I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it."
  • "In terms of the costs associated with Amazon GuardDuty, it was $1 per GB from what I recall. Pricing was based on per gigabyte. For example, for the first five hundred gigabytes per month, it'll be $1 per GB, so it'll be $500. If your usage was greater, there's another bracket, for example, the next two thousand GB, then there's an add-on cost of 50 cents per GB. That's how Amazon GuardDuty pricing slowly goes up. I can't remember if there was any kind of additional cost apart from standard licensing for the solution. Nothing else that at least comes to mind. What the service was charging was worth it. That was one good thing when using Amazon GuardDuty because my company could be in a certain tier for a certain period. My company wasn't under a licensing model where it could overestimate its usage and under-utilize its usage and pay much more. This was what made the pricing model for Amazon GuardDuty better."
  • "Pricing is determined by the number of events sent."
  • "The pricing model is pay as you go and is based on the number of events per month."
  • More Amazon GuardDuty Pricing and Cost Advice →

  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."
  • "The license for CloudGuard Posture Management is about $80 a year, and it's based on your cloud footprint, not the number of users. So you could have a million users, and it doesn't matter."
  • "From a pricing perspective, they are pretty expensive."
  • "In the beginning, the price of Dome9 was cheap, whereas now it is not."
  • "Check Point CloudGuard Posture Management is always known as a good solution but an expensive one. When you're using Cisco, Check Point, or Palo Alto, you know that you will pay more, but you know that it will work."
  • More Check Point CloudGuard Posture Management Pricing and Cost Advice →

    Use our free recommendation engine to learn which CWPP (Cloud Workload Protection Platforms) solutions are best for your needs.
    655,711 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing.
    Top Answer:Licensing of GuardDuty is part of the AWS license. The pricing model is pay as you go and is based on the number of events per month. When you first look at the price it seems reasonable but if you… more »
    Top Answer:Amazon GuardDuty is limited to certain services. The solution has to be integrated with new services that AWS adds like QuickSight, Managed Airflow, AppFlow and MWAA. By being integrated with these… more »
    Top Answer:This solution has saved the company from unnecessary data loss that occurs due to cyber attacks.
    Top Answer:The setup cost is high, however, the pricing terms vary based on the size of an organization.
    Top Answer:There is no full support for bot management, and the company can work on that to enhance faster service delivery and enhance reliable security checkups. The reporting dashboard responds slowly, which… more »
    Average Words per Review
    Average Words per Review
    Also Known As
    Learn More

    Amazon Guard Duty is a continuous cloud security monitoring service that consistently monitors and administers several data sources. These include AWS CloudTrail data events for EKS (Elastic Kubernetes Service) audit logs, VPC (Virtual Private Cloud) flow logs, DNS (Domain Name System) logs, S3 (Simple Cloud Storage), and AWS CloudTrail event logs.

    Amazon GuardDuty intuitively uses threat intelligence data - such as lists of malicious domains and IP addresses - and ML (machine learning) to quickly discover suspicious and problematic activity in a user's AWS ecosystem. Activities may include concerns such as interactions with malicious IP addresses or domains, exposed credentials usage, or changes and/or escalation of privileges.

    GuardDuty is able to easily determine problematic AWS EC2 (Elastic Compute Cloud) instances delivering malware or mining bitcoin. It is also able to trace AWS account access history for evidence of destabilization. such as suspicious API calls resulting in changing password policies to minimize password strength or anomalous infrastructure deployments in new or different never-used regions.

    GuardDuty will continually alert users regarding their AWS environment status and will send the security discoveries to the GuardDuty dashboard or Amazon CloudWatch events for users to view.

    Users can access GuardDuty via:

    • AWS SDKs: Amazon provides users with several software development kits (SDKs) that are made up of libraries and sample code of numerous popular programming languages and platforms, such as Android, iOS, Java, .Net, Python, and Ruby. The SDKs make it easier to develop programmatic access to GuardDuty.

    • GuardDuty HTTPS API: This allows users to issue HTTPS requests directly to the service.

    • GuardDuty Console: This is a browser-based intuitive dashboard interface where users can access and use GuardDuty.

    Amazon Elastic Kubernetes Service (Amazon EKS)

    Kubernetes protection is an optional add-on in Amazon GuardDuty. This tool is able to discover malicious behavior and possible destabilization of an organization's Kubernetes clusters inside of Amazon Elastic Kubernetes Service (Amazon EKS).

    When Amazon EKS is activated, GuardDuty will actively use various data sources to discover potential risks against Kubernetes API. When Kubernetes protection is enabled, GuardDuty uses optional data sources to detect threats against Kubernetes API.

    Kubernetes audit logs are a Kubernetes feature that captures historical API activity from applications, the control plane, users, and endpoints. GuardDuty collates these logs from Amazon EKS to create Kubernetes discoveries for the organization's Amazon EKS assets; there is no need to store or turn on the logs.

    As long as Kubernetes protection remains activated, GuardDuty will continuously dissect Kubernetes data sources from the Amazon EKS clusters to ensure no suspicious or anomalous behavior is taking place.

    Amazon Simple Cloud Storage (S3) Protection

    Amazon S3 allows Amazon GuardDuty to actively audit object-level API processes to discover possible security threats to data inside an organization's S3 buckets. GuardDuty continually audits risk to the organization’s S3 assets by carefully dissecting AWS CloudTrail management events and AWS CloudTrail S3 data events. These tools are continually auditing various CloudTrail management events for potential suspicious activities that affect S3 buckets, such as PutBucketReplication, DeleteBucket, ListBucket, and data events for S3 object-level API processes, such as PutObject, GetObject, ListObject, and DeleteObject.

    Reviews from Real Users

    The most valuable features are the single system for data collection and the alert mechanisms. Prior to using GuardDuty, we had multiple systems to collect data and put it in a centralized location so we could look into it. Now we don't need to do that anymore as GuardDuty does it for us.” - Arunkumar A., Information Security Manager at Tata Consultancy Services

    Check Point CloudGuard Posture Management is a CWPP (Cloud Workload Protection Platform) tool that enables your organization to automate governance across multi-cloud assets and services. These services include visualization and assessment of security posture, misconfiguration detection, and enforcement of security best practices and compliance frameworks. This solution is one of the leading cloud native security solutions on the market and is suitable for companies of all sizes.

    Check Point CloudGuard Posture Management Features

    Check Point CloudGuard Posture Management has many valuable key features. Some of the most useful ones include:

    • Network security
    • Application protection
    • Workload protection
    • Posture management
    • Cloud intelligence

    Check Point CloudGuard Posture Management Benefits

    There are many benefits to implementing Check Point CloudGuard Posture Management. Some of the biggest advantages the solution offers include:

    • Support cloud native environments: Check Point CloudGuard Posture Management provides cloud security and compliance posture management for cloud-native environments, including AWS, Azure, Google Cloud, Alibaba Cloud, and Kubernetes.
    • Visibility across your entire cloud infrastructure: The solution’s powerful network and asset visualization, including network topology and firewalls, allow you to discover any vulnerabilities, compromised workloads, open ports, or misconfigurations in real time.
    • Custom rules and restrictions: With Check Point CloudGuard Posture Management you can quickly create custom rules with unique restrictions and governance practices using the solution’s Governance Specification Language (GSL), which supports seamless auto deployment for all types of programming languages.
    • Protection against compromised credentials and identity theft in the Cloud: Check Point CloudGuard Posture Management offers better protection and control over IAM users and roles, allowing administrators to easily manage granular permissions across entire cloud environments.
    • Manage posture everywhere across multi-cloud environments: By implementing the solution, you can manage the security and compliance of your public cloud environments at any scale. Additionally, the solution requires no software installation and no agents to manage. All you need to do is specify policies once across multiple clouds, and the system uses underlying cloud controls to implement the policy on each cloud.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Check Point CloudGuard Posture Management solution.

    An Advisory Information Security Analyst at a financial services firm says, "Security visibility accuracy is tremendous, letting us see who is trying to access what. I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better.”

    PeerSpot user Schillebeeks B., Owner at AD Internet Consulting, mentions, "The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring."

    Another reviewer, a Senior Security Engineer at an insurance company, states, "The audit feature is the most valuable for compliance reasons. It gives you a full view of the whole environment, no matter how many accounts you have in AWS or Azure. You have it all under one umbrella."

    Mantu S., Sr. Technology Architect at Incedo Inc., comments, "Auto remediation is a very effective feature that helps ensure less manual intervention."

    Learn more about Amazon GuardDuty
    Learn more about Check Point CloudGuard Posture Management
    Sample Customers
    autodesk, mapbox, fico, webroot
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Top Industries
    Computer Software Company22%
    Financial Services Firm12%
    Comms Service Provider8%
    Manufacturing Company7%
    Financial Services Firm33%
    Security Firm14%
    Insurance Company10%
    Computer Software Company10%
    Computer Software Company27%
    Financial Services Firm14%
    Comms Service Provider12%
    Manufacturing Company4%
    Company Size
    Small Business16%
    Midsize Enterprise12%
    Large Enterprise71%
    Small Business36%
    Midsize Enterprise11%
    Large Enterprise52%
    Small Business19%
    Midsize Enterprise13%
    Large Enterprise68%
    Buyer's Guide
    Amazon GuardDuty vs. Check Point CloudGuard Posture Management
    November 2022
    Find out what your peers are saying about Amazon GuardDuty vs. Check Point CloudGuard Posture Management and other solutions. Updated: November 2022.
    655,711 professionals have used our research since 2012.

    Amazon GuardDuty is ranked 8th in CWPP (Cloud Workload Protection Platforms) with 6 reviews while Check Point CloudGuard Posture Management is ranked 4th in CWPP (Cloud Workload Protection Platforms) with 21 reviews. Amazon GuardDuty is rated 7.6, while Check Point CloudGuard Posture Management is rated 8.6. The top reviewer of Amazon GuardDuty writes "Helps with all your additional networking requirements, fills gaps, and can be used for log analysis, but needs more security analytics, reporting, and monitoring". On the other hand, the top reviewer of Check Point CloudGuard Posture Management writes "Security visibility accuracy is tremendous, letting us see who is trying to access what". Amazon GuardDuty is most compared with Microsoft Defender for Cloud, Prisma Cloud by Palo Alto Networks, Lacework, Orca Security and Wiz, whereas Check Point CloudGuard Posture Management is most compared with Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud, Qualys VM, Threat Stack Cloud Security Platform and Wiz. See our Amazon GuardDuty vs. Check Point CloudGuard Posture Management report.

    See our list of best CWPP (Cloud Workload Protection Platforms) vendors.

    We monitor all CWPP (Cloud Workload Protection Platforms) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.