Coming October 25: PeerSpot Awards will be announced! Learn more

Check Point CloudGuard Posture Management vs Lacework comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Check Point CloudGuard Posture Management and Lacework based on real PeerSpot user reviews.

Find out in this report how the two CWPP (Cloud Workload Protection Platforms) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Check Point CloudGuard Posture Management vs. Lacework report (Updated: September 2022).
635,513 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The technical support is very good.""Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription.""Good compliance policies.""Technical support is helpful.""This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot.""It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network.""One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things.""The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra."

More Microsoft Defender for Cloud Pros →

"Its easy implementation against Microsoft Azure was quite satisfactory.""Alerts of cloud activity happening across all accounts is helpful.""We really liked its ease of implementation against our Microsoft Azure environment.""We can monitor each activity from our mobile devices, so there is complete visibility of our cloud traffic flows, with threat intelligence provided by Check Point.""It presents great visibility of the traffic flow of our cloud, providing information on what data and users are circulating and in the event of a threat, it immediately identifies them by providing detailed and granular information from our entire environment.""We like the ability to investigate, analyze, and generate reports.""Checkpoint posture management gives you visibility across your entire cloud infrastructure, so it helps you with management, maintenance, and compliance. With visibility across all these cloud platforms, you can protect against compromised credentials or identity theft.""The administration portal panel is very intuitive."

More Check Point CloudGuard Posture Management Pros →

"The best feature, in my opinion, is the ease of use."

More Lacework Pros →

Cons
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view.""Pricing could be improved. There are limited options based on pricing for the government.""Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time.""Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark.""Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority.""If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented.""There is no perfect product in the world and there are always features that can be added.""As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."

More Microsoft Defender for Cloud Cons →

"The false positives can be annoying at times.""Reporting should have more options.""Currently, worldwide, there are many companies of all sizes that do not understand the value that their data has, but even with all existing clouds, they also do not understand what the shared responsibility model is. They only assume that by having a cloud, the provider must ensure safety, when the truth is that the providers only secure their sites. Everything we do in the cloud and how we configure it is actually our responsibility.""It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published.""The biggest thing is the documentation aspect of Dome9 is a little lacking. They were purchased by Check Point about a year and a half to two years ago. When they integrated into Check Point's support system, a lot of the documentation that they had previously got mangled in the transition, e.g., linking to stuff on the Dome9 website that no longer exists. There are still a lot of spaces with incomplete links and stuff that is not as fully explained as it could be.""CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards.""The guidelines to implement or to link with the clouds are not complete.""Check Point's support, customer service, SLAs, and schedules can be improved a little."

More Check Point CloudGuard Posture Management Cons →

"Visibility is lacking, and both compliance-related metrics and IAM security control could be improved."

More Lacework Cons →

Pricing and Cost Advice
  • "I'm not privy to that information, but I know it's probably close to a million dollars a year."
  • "We are using the free version of the Azure Security Center."
  • "Azure Defender is a bit pricey. The price could be lower."
  • "This is a worldwide service and depending on the country, there will be different prices."
  • "Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
  • "There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
  • "Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
  • "I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."
  • More Microsoft Defender for Cloud Pricing and Cost Advice →

  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."
  • "The license for CloudGuard Posture Management is about $80 a year, and it's based on your cloud footprint, not the number of users. So you could have a million users, and it doesn't matter."
  • "From a pricing perspective, they are pretty expensive."
  • "In the beginning, the price of Dome9 was cheap, whereas now it is not."
  • "Check Point CloudGuard Posture Management is always known as a good solution but an expensive one. When you're using Cisco, Check Point, or Palo Alto, you know that you will pay more, but you know that it will work."
  • More Check Point CloudGuard Posture Management Pricing and Cost Advice →

  • "The licensing fee was approximately $80,000 USD, per year."
  • More Lacework Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which CWPP (Cloud Workload Protection Platforms) solutions are best for your needs.
    635,513 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across… more »
    Top Answer:The integration with Logic Apps allows for automated responses to incidents.
    Top Answer:This is a worldwide service and depending on the country, there will be different prices. There is a price calculator… more »
    Top Answer:It's very important to have a reliable and good partner. The proactivity helps us to see the existing needs and check… more »
    Top Answer:Some general improvement characteristics can be made, including the following: 1- Cost improvement. Some tools are quite… more »
    Top Answer:The best feature, in my opinion, is the ease of use.
    Top Answer:We purchase the license here. The licensing fee was approximately $80,000 USD, per year. There may be some discounts… more »
    Top Answer:Visibility is lacking, and both compliance-related metrics and IAM security control could be improved. This is what… more »
    Comparisons
    Also Known As
    Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
    Dome9
    Polygraph
    Learn More
    Lacework
    Video Not Available
    Overview

    Microsoft Defender for Cloud protects your Azure and hybrid resources. Microsoft uses a wide variety of physical, infrastructure, and operational controls to help secure Azure—but there are additional actions you need to take to help safeguard your workloads. Turn on Azure Security Center to strengthen your cloud security posture. Within Azure Security Center, use Azure Defender to protect your hybrid cloud workloads. With Azure Security Center, you can:

    - Assess and visualize the security state of your resources in Azure, on-premises, and in other clouds with Azure Secure Score

    - Simplify enterprise compliance and view your compliance against regulatory requirements

    - Protect all your hybrid cloud workloads with Azure Defender, which is integrated with Security Center

    - Use AI and automation to cut through false alarms, quickly identify threats, and streamline threat investigation

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Check Point CloudGuard provides cloud native security for all your assets and workloads, across multi-clouds, allowing you to automate security everywhere, with unified threat prevention and posture management. The only solution that provides context to secure your cloud with confidence.

    Lacework is a cloud security platform whose Polygraph Data Platform automates cloud security at scale so customers can innovate with speed and safety. Lacework is the only security platform that can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. As a breach detection and investigation tool, Lacework provides information on when and how a breach happened, including the users, machines, and applications involved in the breach. By using machine learning and behavioral analytics, the solution can automatically learn what's normal for your environment and reveal any abnormal behavior. In addition, Lacework gives you continuous visibility to find vulnerabilities, misconfigurations, and malicious activity across your cloud environment.

    Lacework Features

    Lacework has many valuable key features. Some of the most useful ones include:

    • Dashboards
    • Reports
    • Workflow management
    • Administration console
    • Governance
    • Policy enforcement
    • Auditing
    • Access control
    • Workflow management
    • Compliance monitoring
    • Anomaly detection
    • Data loss prevention
    • Cloud gap analytics
    • Host compliance

    Lacework Benefits

    There are many benefits to implementing Lacework. Some of the biggest advantages the solution offers include:

    • Security visibility: Get deep observability into your cloud accounts, workloads, and microservices to give you tighter security control.
    • Threat detection: By using Lacework, your organization can identify common security events that target your cloud servers, containers, and infrastructure-as-a-service (IaaS) accounts so you can take action on them quickly.
    • Flexible deployment: With Lacework, you have the option to deploy the way you prefer - either agent or agentless - which provides the visibility needed to have maximum security for cloud accounts and systems. Because Lacework offers an easy-to-deploy layered approach, you gain quick time to value.
    • Configuration compliance: With the Lacework solution, you can easily spot IaaS account configurations that are non-compliant and identify opportunities to apply security best practices.
    • Synced teams: Lacework allows your teams to operate smarter and bridge the gap between security, Dev, and Ops regardless of your team's size or experience level.
    • Gain meaningful security insights: Lacework provides meaningful security insights, alerting you of issues before they reach production from your existing workflows. This way you can build apps quickly and confidently.
    • Increased revenue streams: Because the solution has built-in security from the first line of code early on, it helps users unlock higher revenue streams.
    • Helps avoid development delays: The Lacework solution helps you better prioritize security fixes by making security information accessible to DevOps and security teams for earlier risk mitigation that speeds innovation.
    • Increased productivity: Lacework provides alerts with all the context you need and eliminates data silos and costly investigations, enabling you to boost productivity.
    • Correlate and contextualize behaviors: Lacework can take attributes and data points from your unique environment and correlate them together into behaviors.
    • Simplified cloud security posture and compliance: With the Lacework platform, you can get comprehensive visibility and continuous tracking to reduce risks and meet compliance requirements so you can improve your bottom line.
    • Address vulnerabilities before it is too late: Lacework enables you to limit your attack surface so you can address the riskiest vulnerabilities early in the development cycle.
    Offer
    Learn more about Microsoft Defender for Cloud
    Learn more about Check Point CloudGuard Posture Management
    Learn more about Lacework
    Sample Customers
    Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    J.Crew, AdRoll, Snowflake, VMWare, Iterable, Pure Storage, TrueCar, NerdWallet, and more.
    Top Industries
    REVIEWERS
    Computer Software Company20%
    Consumer Goods Company13%
    Insurance Company7%
    Retailer7%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider10%
    Financial Services Firm10%
    Government6%
    REVIEWERS
    Financial Services Firm39%
    Computer Software Company22%
    Maritime Company11%
    Insurance Company11%
    VISITORS READING REVIEWS
    Computer Software Company27%
    Comms Service Provider16%
    Financial Services Firm11%
    Energy/Utilities Company5%
    VISITORS READING REVIEWS
    Computer Software Company25%
    Comms Service Provider9%
    Financial Services Firm6%
    Media Company5%
    Company Size
    REVIEWERS
    Small Business28%
    Midsize Enterprise9%
    Large Enterprise63%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise69%
    REVIEWERS
    Small Business38%
    Midsize Enterprise10%
    Large Enterprise53%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise16%
    Large Enterprise65%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise17%
    Large Enterprise53%
    Buyer's Guide
    CWPP (Cloud Workload Protection Platforms)
    September 2022
    Find out what your peers are saying about Palo Alto Networks, Microsoft, Morphisec and others in CWPP (Cloud Workload Protection Platforms). Updated: September 2022.
    635,513 professionals have used our research since 2012.

    Check Point CloudGuard Posture Management is ranked 4th in CWPP (Cloud Workload Protection Platforms) with 19 reviews while Lacework is ranked 11th in CWPP (Cloud Workload Protection Platforms) with 1 review. Check Point CloudGuard Posture Management is rated 8.6, while Lacework is rated 8.0. The top reviewer of Check Point CloudGuard Posture Management writes "Security visibility accuracy is tremendous, letting us see who is trying to access what". On the other hand, the top reviewer of Lacework writes "Detects pivotal anomalies faster, easy to install, and the technical support is helpful". Check Point CloudGuard Posture Management is most compared with Prisma Cloud by Palo Alto Networks, Amazon GuardDuty, Threat Stack Cloud Security Platform, Qualys VM and BMC Helix Cloud Security, whereas Lacework is most compared with Wiz, Prisma Cloud by Palo Alto Networks, Amazon GuardDuty, Orca Security and Zscaler Cloud Protection.

    See our list of best CWPP (Cloud Workload Protection Platforms) vendors, best Cloud Security Posture Management (CSPM) vendors, and best Cloud-Native Application Protection Platforms (CNAPP) vendors.

    We monitor all CWPP (Cloud Workload Protection Platforms) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.