• Home
  • Check Point CloudGuard CNAPP vs. Skybox Security Suite

Check Point CloudGuard CNAPP vs Skybox Security Suite comparison

Cancel
You must select at least 2 products to compare!
Check Point Software Technologies Logo
Check Point CloudGuard CNAPP
Read 63 Check Point CloudGuard CNAPP reviews
1,461 views|869 comparisons
94% willing to recommend
Skybox Security Logo
Skybox Security Suite
Read 34 Skybox Security Suite reviews
591 views|437 comparisons
85% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Check Point CloudGuard CNAPP vs. Skybox Security Suite
March 2024
Executive Summary

We performed a comparison between Check Point CloudGuard CNAPP and Skybox Security Suite based on real PeerSpot user reviews.

Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Check Point CloudGuard CNAPP vs. Skybox Security Suite Report (Updated: March 2024).
Download the complete report
769,662 professionals have used our research since 2012.
Featured Review
Jai Agarwal
Robust security, competitive price, and easy to deploy and administer
We are using CloudGuard CNAPP for cloud-native application protection, real-time threat detection, and unified security across multi-cloud... Read more →
NenadMijatovic
Efficient in vulnerability management, stable and easy to use
When you import all the assets that you have, like desktops, servers, networks, devices, routers, and then firewalls, and other products, then... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better. The different cloud platforms all have their own way that they handle a lot of the stuff that Dome9 handles. Even within their platform, they are in a lot of disparate places, e.g., in AWS, there are five different tools. You have to jump between them to get the same information that you can just pull in automatically on Dome9, which is just one platform. We are using multiple platforms, so that makes it even more complicated and time consuming if you had to just rely on them to get all of your information. Whereas, it's all just summarized and put together on the Dome9 end.""This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc.""It has an analytics service that does research for us.""It is able to bring visibility into that cloudy space where the security departments do not really see what is happening on the DevOps side. It brings visibility, security control, and standardization.""It provides complete visibility of workload hosted on different cloud platforms including AWS and Azure, along with multiple tenants.""This solution has saved the company from unnecessary data loss that occurs due to cyber attacks.""The visibility in our cloud environment is the most valuable feature.""Gives us centralized firewall management for both Windows and Linux distros. Also provides a clear view of the security configurations and connections across environments (DMZ, external and internal networks)."

More Check Point CloudGuard CNAPP Pros →

"It shows me a client's or an organization's entire network. I can see everything.""When you import all the assets that you have, like desktops, servers, networks, devices, routers, and then firewalls, and other products, then Skybox makes like, a model of the network, but with context. So, it is not just a model in VIZIO. Or something like it like that. You get the model with context, and, like, it looks like a real network in a real-time. So you can check your network and the security of your network on that model.""Skybox allows organizations to reprioritize the vulnerability they attempt to patch and mitigate, based on the contextual awareness of the network.""The most valuable features are Firewall Assurance and Vulnerability Control.""Security review is the most important feature, because it offers a single pane of glass to analyze multiple firewalls.""Key features for us include the firewall change audit every week. Also, being able to track firewall ACL usage, so that we can produce semiannual reports on ACL usage and shadowed and redundant rules on the firewall.""Change Manager is most important because of the impact on each other of a network change or a firewall change. We want to understand this and to know, beforehand, what the impact of a change will be. We are a large network so that is a very important tool.""instead of asking for firewall rules which may or may not be relevant, or could already be there, or could be over-permissioned, Skybox can be used to map out the resources that that application is going to use and provide the exact rules that an application would require to function correctly. If the traffic isn't able to flow for the application, if it's erring out, Skybox can be used to troubleshoot that and say, "All right, where is the traffic being stopped and why, and how do I fix that.""

More Skybox Security Suite Pros →

Cons
"I'd like to see more advanced encryption for local features, which is not present right now.""We have had some issues with the performance. In some cases, the performance of CloudGuard CNAPP is impacted. Particularly during the intensive security scans in high-traffic environments, there has been a performance impact.""Automation and advanced threat prevention have room for improvement.""When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug.""Compliance checks on cloud resources against various industry standards and compliance framework templates need to be improved.""Integration could be improved.""There are opportunities for improvement that can be addressed through a roadmap.""I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes."

More Check Point CloudGuard CNAPP Cons →

"Change Manager can be improved. If they can improve Change Manager so that whatever we want to do on a firewall, we are able to do it through Change Manager, it will be helpful for us. Whenever we are doing a change, it only does them at an L3 and L4 level, but all the firewalls are at the application layer. So, whatever needs to be done on the firewall, we aren't able to get it done through Change Manager. Currently, this functionality is not there because of which we are sometimes losing customers. I can create a role on Layer 3, Layer 4, but when it comes to the application layer, such as configuring and defining URLs or other things at the application level, it can't be done through Change Manager. Customers demand that they should be able to do everything through Change Manager. They don't want to do it through some other mechanism to accomplish their complete change management policy. They don't want to use a firewall manager because sometimes, they don't have any manager. They ask if they can use our solution so that a manager is not required. If Change Manager can do all the management automatically without involving any other manager, it will be great. They can also provide better integration with other managers so that everything can be done through a central point.""The price could be cheaper.""They are not satisfied with the complexity of the solution and the price.""There is room for improvement in the technical support.""The stability is something that is questionable. I don't know whether it is because of the kind of infrastructure we have or because of the product in itself. We're running it on a virtual machine right now. Maybe once a month, or once in every 45 days, it requires a restart because the application fails to connect. So I have to restart the whole Skybox Manager itself, the Skybox server itself, and then connect to it from our Skybox Manager.""Reporting. A lot of the reports, out of the box, are limited to a certain number of either configuration violations or access rule violations. So when you first set up a new firewall to be monitored by Skybox, you don't get a real full report. You have to really tweak it to get everything.""The solution needs improvement in firewall configuration checks. I would also like to see more configuration checks for Forcepoint and for other non-supported firewalls.""The cloud site could be better. They should provide some use cases to help users."

More Skybox Security Suite Cons →

Pricing and Cost Advice
  • "​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
  • "I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
  • "It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
  • "The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
  • "I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
  • "Right now, we have licenses on 500 machines, and they are not cheap."
  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."

    • More Check Point CloudGuard CNAPP Pricing and Cost Advice →

  • "I think for the cost, what we got definitely is worth it. The only caution I would give is that whenever you license for Firewall Assurance at the same time, for some weird reason, you have to get one Network Assurance license, just to manage one firewall. That's a little bit of overkill. But otherwise, in general, the pricing is fairly okay."
  • "The pricing is high, and the licensing model needs more flexibility."
  • "The product's pricing is excellent value. In terms of licensing, make sure you understand your network components, all your hops through your network, thoroughly, before you decide on the total cost. If you want to do point-to-point flow analysis and such, you need to have the configuration of all the devices in between point A and point B. A lot of people don't realize all their network components until they start using this product."
  • "I've seen the pricing of every solution on the market. When you compare apples to apples, where Skybox becomes exceedingly expensive is if you look at it compared to something like FireMon that only does a fraction of what Skybox does. But if you include everything that Skybox does, it becomes way more expensive than the competition, but you're also not comparing apples to apples. If you look at FireMon, and you look at like just the firewall assurance piece, they are fairly comparable and, actually, Skybox comes in a little bit cheaper in some cases, depending on which product you're looking at."
  • "The pricing has increased exorbitantly in the last few years, so now it is questionable. Now, it makes me want to review other products."
  • "With licensing, the number of network nodes becomes very expensive to the point where you have to rationalize if the tools are warranted anymore."
  • "Fully understand the total cost of ownership. They have gone to a new model where you have to replace the hardware every X amount of years at a very substantial cost and fully understand your intended number of nodes. To operate a firewall, you have to pay two licenses, a firewall node and a network node. If you are a reasonable-sized organization, this gets expensive very quickly."
  • "Pricing is on the higher side. In terms of licensing, you should buy the complete suite rather than buying only the Change Manager. I think Change Manager with Vulnerability Control is something that would be interesting to look at."

    • More Skybox Security Suite Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    See Recommendations
    769,662 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Check Point CloudGuard Posture Management?
    Top Answer:The visibility in our cloud environment is the most valuable feature.
    Read all 33 answers   →
    What is your experience regarding pricing and costs for Check Point Cloud...
    Top Answer:The price is on the higher end.
    Read all 27 answers   →
    What needs improvement with Check Point CloudGuard Posture Management?
    Top Answer:We have concerns regarding the pricing and would appreciate seeing some improvements.
    Read all 32 answers   →
    What do you like most about Skybox Security Suite?
    Top Answer:When you import all the assets that you have, like desktops, servers, networks, devices, routers, and then firewalls, and other products, then Skybox makes like, a model of the network, but with… more »
    Read all 25 answers   →
    What is your experience regarding pricing and costs for Skybox Security S...
    Top Answer:You always negotiate a little bit when the price is in question. But, the price could be a little bit smaller. Maybe it could offer additional discounts when you buy all the modules. Because end users… more »
    Read all 20 answers   →
    What needs improvement with Skybox Security Suite?
    Top Answer:There is room for improvement in pricing. It would be better, especially if a customer bought all four modules.
    Read all 26 answers   →
    Ranking
    5th
    out of 112 in Vulnerability Management
    Views
    1,461
    Comparisons
    869
    Reviews
    55
    Average Words per Review
    662
    Rating
    8.6
    19th
    out of 112 in Vulnerability Management
    Views
    591
    Comparisons
    437
    Reviews
    8
    Average Words per Review
    459
    Rating
    7.5
    Comparisons
    Also Known As
    Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
    Learn More
    Check Point Software Technologies
    Skybox Security
    Overview

    Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.

    The Skybox Security Suite platform combines firewall and network device data with vulnerability and threat intelligence, prioritizing security issues in the context of your unique environment. Powerful attack vector analytics reduce response times and risks, bringing firewall, vulnerability and threat management processes for complex networks under control.

    Firewall Assurance brings all firewalls into one normalized view, continuously monitoring policy compliance, optimizing firewall rulesets and finding attack vectors that others miss. Skybox covers the most comprehensive list of firewall vendors, complex rulesets, even virtual and cloud-based firewalls. With proven scalability in 1,500+ firewall deployments, Firewall Assurance keeps rules optimized and ensures changes don’t introduce new risk. 

    Gain total visibility of the vulnerabilities in your attack surface without waiting for a scan. Leverage Skybox Research Lab's vulnerability and threat intelligence, and automatically correlate it to your unique environment. With network modeling and advanced simulations, pinpoint exposed vulnerabilities and other attack vectors. And use context to prioritize vulnerabilities in terms of actual risk and respond to threats with accuracy and efficiency.

    For more information or to view a demo, visit www.skyboxsecurity.com.

    Sample Customers
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    ADP, Blue Cross Blue Shield, BT, USAID, Delta Dental, EDF Energy, EMC, HSBC, Johnson & Johnson
    Top Industries
    REVIEWERS
    Security Firm22%
    Financial Services Firm18%
    Computer Software Company11%
    Cloud Solution Provider8%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Security Firm8%
    Manufacturing Company7%
    REVIEWERS
    Comms Service Provider16%
    Outsourcing Company16%
    Financial Services Firm16%
    Insurance Company11%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company17%
    Manufacturing Company9%
    Government6%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise13%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise11%
    Large Enterprise63%
    REVIEWERS
    Small Business50%
    Midsize Enterprise10%
    Large Enterprise40%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise69%
    Buyer's Guide
    Check Point CloudGuard CNAPP vs. Skybox Security Suite
    March 2024
    Free Report: Check Point CloudGuard CNAPP vs. Skybox Security Suite
    Find out what your peers are saying about Check Point CloudGuard CNAPP vs. Skybox Security Suite and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    769,662 professionals have used our research since 2012.

    Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 63 reviews while Skybox Security Suite is ranked 19th in Vulnerability Management with 34 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Skybox Security Suite is rated 7.8. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Skybox Security Suite writes "Efficient in vulnerability management, stable and easy to use ". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR, whereas Skybox Security Suite is most compared with AlgoSec, Tufin Orchestration Suite, FireMon Security Manager, Palo Alto Networks Panorama and RedSeal. See our Check Point CloudGuard CNAPP vs. Skybox Security Suite report.

    See our list of best Vulnerability Management vendors.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.