Check Point CloudGuard CNAPP vs Morphisec comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Check Point CloudGuard CNAPP and Morphisec based on real PeerSpot user reviews.

Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Check Point CloudGuard CNAPP vs. Morphisec Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Helps identify and correct misconfigurations in cloud environments, ensuring that infrastructure and applications are secure and optimized.""The administration portal panel is very intuitive.""We like the GSL Builder feature. When you're running a security operations center, you spend a lot of time monitoring endpoint activity to ensure there is no malicious traffic or anonymous access in the environment. The GSL Builder is helpful for deep investigations of a particular reason for an incident. You can use it to get more information.""The ability to drill down to individual hosts on an account and see which ones are affected is valuable.""The ability to integrate it with Microsoft Azure Sentinel allows us to validate the logs in an even more complex and meaningful way.""The user interface is responsive and quite intuitive; when selecting an object it automatically shows the relevant actions.""The most valuable features of CloudGuard CNAPP are its reporting capabilities for aggregating vulnerability information and scoring.""Gives us centralized firewall management for both Windows and Linux distros. Also provides a clear view of the security configurations and connections across environments (DMZ, external and internal networks)."

More Check Point CloudGuard CNAPP Pros →

"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do.""Morphisec makes use of deterministic attack prevention that doesn’t require investigation of security alerts. It changes the memory locations of where certain applications run. If you think of Excel, opening a PDF, running an Excel macro, or opening a webpage and clicking on a link, all of those actions run in a certain area of memory. Morphisec changes the memory locations of where those run.""The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it.""We don't have to do anything as a user or as an admin. It does everything by default with its coding and inbuilt AI-based intelligence. We don't have to instruct it about what to do. It automatically takes corrective actions and quarantines or deletes a virus, malware, etc. That is the best part that I like about it.""Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure.""I really like the integration with Microsoft Defender. In addition to having third-party endpoint protection, we're also enabling Defender... I like the reporting that we get from Defender, when it comes in. I like that it's one console showing both Morphisec and Defender where it provides me with full visibility into security events from Defender and Morphisec.""Morphisec Guard enables us to see at a glance whether our users have device control and disk encryption enabled properly. This is important because we are a global company operating with multiple entities. Previously, we didn't have that visibility. Now, we have visibility so we can pinpoint some locations where there are machines that are not really protected, offline, etc. It gives us visibility, which is good.""Morphisec has absolutely helped save money on our security stack. The ransomware at the end of the day can cost organizations millions upon millions of dollars. Investing in tools like Morphisec is a great reduction in that cost. If I can spend $10,000 in a year to protect assets that could be ransomed for $20,000,000, that's definitely a bet that one should pursue. Morphisec absolutely it's worth the investment."

More Morphisec Pros →

Cons
"The rules are not well-tuned, and many of them generate false positives or nonsensical results.""When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug.""Check Point tools need to improve the latency in the portal since they take a long time to load.""One feature of the product that I would like to enhance is the possibility to connect to vulnerability management platforms so that the issues that emerge from the scans can then be ingested directly into the vulnerability management process.""Currently, worldwide, there are many companies of all sizes that do not understand the value that their data has, but even with all existing clouds, they also do not understand what the shared responsibility model is. They only assume that by having a cloud, the provider must ensure safety, when the truth is that the providers only secure their sites. Everything we do in the cloud and how we configure it is actually our responsibility.""We have concerns regarding the pricing and would appreciate seeing some improvements.""In general, for the product to be successful, they need to improve security, and configuration detection.""Addressing the large amount of compliance information and benchmarks we need to observe, the tools are becoming our goto dashboards."

More Check Point CloudGuard CNAPP Cons →

"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time.""In the Windows Defender integration, they have put in a report of computers that need Windows Defender updates. If those updates could be kicked off directly from the dashboard, instead of having to go to another system entirely, that would be good.""We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution.""Those are some of the features that I was looking for on my on-prem platform that they've already instituted in the cloud and that I'm sure will be instituting on their on-prem platform as well. Having to have an on-prem server required a lot of administration. Being able to push that to the cloud and have it managed up there for us is a real nice addition.""Sometimes it generates false positive alerts. They need to continue working on that. They have provided solutions for it and have fixed issues with updated versions. The service is quite good but they need to work on it more so that there are no false positive alerts.""The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not.""Automating reports needs improvement. I would like to have better reporting capabilities within it or automated reporting to be a little bit more dynamic. That's something I know they're working on. We literally are in the process. We started the process a week and a half ago of going to their latest version, so I've not seen their latest one up and running yet.""It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."

More Morphisec Cons →

Pricing and Cost Advice
  • "​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
  • "I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
  • "It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
  • "The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
  • "I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
  • "Right now, we have licenses on 500 machines, and they are not cheap."
  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."
  • More Check Point CloudGuard CNAPP Pricing and Cost Advice →

  • "It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
  • "We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
  • "Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
  • "Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
  • "It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
  • "It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
  • "It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
  • "The pricing is definitely fair for what it does."
  • More Morphisec Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The visibility in our cloud environment is the most valuable feature.
    Top Answer:We have concerns regarding the pricing and would appreciate seeing some improvements.
    Top Answer:Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will… more »
    Top Answer:Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive… more »
    Top Answer:We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release.
    Ranking
    5th
    Views
    1,419
    Comparisons
    857
    Reviews
    43
    Average Words per Review
    649
    Rating
    8.6
    10th
    Views
    231
    Comparisons
    106
    Reviews
    5
    Average Words per Review
    1,401
    Rating
    9.2
    Comparisons
    Also Known As
    Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
    Morphisec, Morphisec Moving Target Defense
    Learn More
    Overview

    Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.

    Morphisec provides prevention-first security against the most advanced threats to stop the attacks that others don’t, from endpoint to the cloud. Morphisec's software is powered by Automated Moving Target Defense (AMTD) technology, the next evolution of cybersecurity. AMTD stops ransomware, supply chain attacks, zero-days, and other advanced attacks. Over 7,000 organizations trust Morphisec to protect nine million Windows and Linux servers, workloads, and endpoints. Morphisec stops thousands of advanced attacks daily at Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center, and many more. Learn more at www.morphisec.com.

    Morphisec’s key capabilities include:

    - Anti-ransomware: Advanced ransomware protection leveraging dedicated AMTD mechanisms for safeguarding against ransomware attacks, from early attack stages to the impact/encryption phase.

    - Credential theft protection: Advanced credential theft protection leveraging AMTD for safeguarding against Infostealer/credential stealing attacks

    - Enhanced cyber-resilience: Implementing AMTD to efficiently mitigate the costs associated with recovery from advanced, previously unknown evasive threats, thereby bolstering overall cyber defense strategy.

    - Prevention-first security: Prevents threats without prior knowledge: signatures, behavioral patterns, or indicators of attacks (IoAs).

    - Operational efficiency: Providing simple installation with negligible performance impact and no additional staffing requirements. 

    - Lower IT and security costs: Significantly reducing security analyst alert triage time and costs due to early prevention, exact threat classification and prioritization of high-risk alerts.

    - Risk-based vulnerability prioritization for exposure management: Empowering organizations with continuous business context and risk-driven remediation recommendations, enabling effective prioritization of patching processes and reduced exposure with patchless protection, powered by AMTD.  

    - Flexible deployment: Offering a SaaS-based, multi-tenant and API-driven platform. 

    - Incident Response Services: The Morphisec Incident Response Team works collaboratively with client organizations to triage critical security incidents and conduct forensic analysis to solve immediate cyberattacks as well as provide recommendations for reducing the organization's risk exposure. Morphisec's team helps to identify and resolve unknown threats to get organizations' networks restored quickly.
    Sample Customers
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
    Top Industries
    REVIEWERS
    Security Firm23%
    Financial Services Firm20%
    Computer Software Company10%
    Cloud Provider8%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Security Firm8%
    Manufacturing Company7%
    REVIEWERS
    Healthcare Company20%
    Financial Services Firm15%
    Educational Organization10%
    Transportation Company10%
    VISITORS READING REVIEWS
    Manufacturing Company17%
    Financial Services Firm17%
    Computer Software Company11%
    Retailer6%
    Company Size
    REVIEWERS
    Small Business46%
    Midsize Enterprise13%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise10%
    Large Enterprise63%
    REVIEWERS
    Small Business24%
    Midsize Enterprise38%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business33%
    Midsize Enterprise12%
    Large Enterprise55%
    Buyer's Guide
    Check Point CloudGuard CNAPP vs. Morphisec
    March 2024
    Find out what your peers are saying about Check Point CloudGuard CNAPP vs. Morphisec and other solutions. Updated: March 2024.
    765,386 professionals have used our research since 2012.

    Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 56 reviews while Morphisec is ranked 10th in Vulnerability Management with 21 reviews. Check Point CloudGuard CNAPP is rated 8.4, while Morphisec is rated 9.2. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Morphisec writes "Light on the endpoint and does not have any performance hindrance on the endpoint". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Microsoft Defender for Cloud, Wiz and Qualys VMDR, whereas Morphisec is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Code42 Incydr, Cortex XDR by Palo Alto Networks and Cisco Secure Endpoint. See our Check Point CloudGuard CNAPP vs. Morphisec report.

    See our list of best Vulnerability Management vendors and best CWPP (Cloud Workload Protection Platforms) vendors.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.