Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard CNAPP vs Forcepoint CASB comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.6
Reviews Sentiment
8.2
Number of Reviews
6
Ranking in other categories
Vulnerability Management (18th), Continuous Threat Exposure Management (CTEM) (2nd)
Check Point CloudGuard CNAPP
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
71
Ranking in other categories
Vulnerability Management (9th), Cloud and Data Center Security (9th), Container Security (9th), Cloud Workload Protection Platforms (CWPP) (5th), Cloud Security Posture Management (CSPM) (5th), Cloud-Native Application Protection Platforms (CNAPP) (5th), Data Security Posture Management (DSPM) (6th), Compliance Management (6th)
Forcepoint CASB
Average Rating
7.2
Reviews Sentiment
6.8
Number of Reviews
7
Ranking in other categories
Cloud Access Security Brokers (CASB) (19th)
 

Mindshare comparison

Vulnerability Management
Cloud Access Security Brokers (CASB)
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Bart Coddens - PeerSpot reviewer
Evolved cloud security with active monitoring but needs interface consistency
The user interface needs work. Sometimes, it is a transition from the old tool to the new CNAPP Two that I currently have, and remnants of the old environment can still be detected. I require consistency in the user interface to ensure everything is streamlined into the same look and feel. More work is needed in fine-tuning the threat data towards your CSPM and activity logs, aligning them with business intelligence, which requires a cohesive console interface. My assessment of CloudGuard CDRs in intrusion detection and threat hunting capabilities is that it still needs some work. All the threat data that comes in, you need to fine tune it a bit.
Edwin Eze Osiago - PeerSpot reviewer
Reliable, easy to set up and offers good visibility
It could be more robust, especially around custom applications. We've not really seen value around our custom applications, most especially when these applications are hosted on-premise. If there's a way Forcepoint can do something to ensure that the CASB also protects applications that are hosted on-premise, that would be ideal. Currently, basically, cloud-hosted applications, that are internet-facing are protected. If we can also have a CASB sit in front of our on-prem hosted applications, it would be massive. Forcepoint removed the ability to scan for unsanctioned applications on the CASB. Initially, CASB used to have that feature where you can scan for the applications and be able to support unsanctioned applications being used by the user. They moved it to another product. If there is an opportunity to speak to the product managers and get some features back, that would be ideal.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We saw benefits from Zafran Security almost immediately after deploying it."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran is an excellent tool."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"It provides complete visibility of workload hosted on different cloud platforms including AWS and Azure, along with multiple tenants."
"The valuable features of Checkpoint CloudGuard CNAPP include its automation capabilities."
"Helps identify and correct misconfigurations in cloud environments, ensuring that infrastructure and applications are secure and optimized."
"The most valuable feature is the separate environment."
"Assets Management as it provide complete visibility of our workload inkling EC2 instance or Serverless"
"It has great scalability."
"We know the vulnerability in advance, so we can take some action for that vulnerability."
"We like the ability to investigate, analyze, and generate reports."
"As it is based on AWS, it is not a problem."
"Macro integration is a good feature."
"It gives you value for your investment."
"The product offers an easy initial setup."
"Generally, most of our customers are happy with it though."
"The tool's most valuable feature is its management ease."
"The most valuable aspect for us is the fact that the product seamlessly integrates with the Forcepoint DLP."
 

Cons

"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"Adding a feature that allows me to easily identify the changes that have been made to the CIS benchmark and update my own policy accordingly would be a valuable addition to Check Point CloudGuard Posture Management."
"For businesses with varied IT ecosystems, increasing the integration capabilities with additional third-party products and services would increase flexibility and user-friendliness."
"I would like to see tighter integration with other compliance tools, like Chef Compliance, in addition to Inspector."
"You do need to pay extra in order to get better support."
"Making basic rules is easy, but it's complex if you want to do something a little more nuanced. I've been unable to make some rules that I wanted. I couldn't evaluate some values or parameters of the components I look for. I haven't always been able to assess them."
"Addressing the large amount of compliance information and benchmarks we need to observe, the tools are becoming our goto dashboards."
"CloudGuard's reporting could be better. It's good now, but there is room for improvement. If you're looking for a centralized platform, there are a lot of features that can be appreciated. However, you want complete security integration with SaaS, DAST, secret scanning, etc., and a single platform for all these features."
"Integration could be improved."
"Forcepoint removed the ability to scan for unsanctioned applications on the CASB."
"The solution needs to be easier to install, and they need to clean up the backend, so stuff doesn't break."
"Integration is an area of the solution that needs to be improved."
"They should work on the possibility of consolidating all of the products with the group of agents."
"Lacks different ways to authenticate users."
"There are various modules to secure a public cloud, such as Cloud Security Posture Management. You might have seen these features available if you've reviewed solutions like Zscaler or Netskope. A full-fledged CASB should be manageable. However, the tool does not seem to offer complete public cloud visibility. While it provides some cloud visibility and can manage API traffic for Web 2.0, it lacks a specific module for securing public cloud environments."
"When using the Forcepoint CASB, and you are a remote worker, basically not in the office, you have to have an agent on your computer, a Forcepoint agent. However, with many other CASB solutions, they can integrate with MDM."
 

Pricing and Cost Advice

Information not available
"The licensing part still needs some work. The issue that I have is that we do not use all the services in the cloud, but sometimes, CloudGuard identifies them as an asset."
"We have the enterprise-level license and we renew it annually because it is worth the cost."
"From a pricing perspective, they are pretty expensive."
"I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
"The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
"Right now, we have licenses on 500 machines, and they are not cheap."
"In the beginning, the price of Dome9 was cheap, whereas now it is not."
"The pricing is extremely competitive."
"The pricing really depends on the size of the customer's business because it is price-relevant to the environment."
"The solution is not that expensive compared to Zscaler. Netskope is between Forcepoint CASB and Zscaler in terms of cost. Forcepoint CASB would be the first choice because it negotiates well and offers a perpetual license, though it may seem subscription-based. I rate its pricing a six out of ten."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
861,170 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
11%
Financial Services Firm
11%
Manufacturing Company
7%
Healthcare Company
6%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
8%
Educational Organization
5%
Financial Services Firm
17%
Computer Software Company
12%
Comms Service Provider
9%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
The current pricing of Zafran Security is fair overall. They were good to work with to accommodate our organization w...
What needs improvement with Zafran Security?
The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvement...
What is your primary use case for Zafran Security?
Zafran Security is helping reduce the amount of critical vulnerabilities in our environments that require prompt reme...
What is your experience regarding pricing and costs for Forcepoint CASB?
The solution is not that expensive compared to Zscaler. Netskope is between Forcepoint CASB and Zscaler in terms of c...
What needs improvement with Forcepoint CASB?
There are various modules to secure a public cloud, such as Cloud Security Posture Management. You might have seen th...
 

Also Known As

No data available
Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
Imperva Skyfence
 

Overview

 

Sample Customers

Information Not Available
Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
Zions Bank, GE Healthcare, HomeAway, Logitech, Universal, California National Resources Agency and many mor
Find out what your peers are saying about Qualys, Wiz, Tenable and others in Vulnerability Management. Updated: June 2025.
861,170 professionals have used our research since 2012.