Try our new research platform with insights from 80,000+ expert users

Check Point SandBlast Network vs Morphisec comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 1, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Check Point SandBlast Network
Ranking in Advanced Threat Protection (ATP)
7th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
40
Ranking in other categories
No ranking in other categories
Morphisec
Ranking in Advanced Threat Protection (ATP)
34th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (64th), Endpoint Protection Platform (EPP) (54th), Endpoint Detection and Response (EDR) (61st), Cloud Workload Protection Platforms (CWPP) (31st), Threat Deception Platforms (15th)
 

Mindshare comparison

As of October 2025, in the Advanced Threat Protection (ATP) category, the mindshare of Check Point SandBlast Network is 4.0%, down from 6.0% compared to the previous year. The mindshare of Morphisec is 1.2%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP) Market Share Distribution
ProductMarket Share (%)
Check Point SandBlast Network4.0%
Morphisec1.2%
Other94.8%
Advanced Threat Protection (ATP)
 

Featured Reviews

Abnet Tsegaye Belay - PeerSpot reviewer
Has prevented zero-day attacks by analyzing and disarming suspicious files before delivery
Check Point SandBlast Network offers wide protocol coverage. It inspects emails through SMTP, POP3, and IMAP, web downloads through HTTP and HTTPS, and file transfers. Original files are analyzed in the sandbox while users get clean copies instantly to their inbox. It detects zero-day exploits in suspicious and normal files, and includes forensic and reporting features that provide detailed incident analysis, malware behavior reports, and indicators of compromise. The wide protocol coverage is particularly valuable because suspicious activities happen across different protocols. With Check Point SandBlast Network supporting multiple protocols, there is strong protection for our networks. Since implementing Check Point SandBlast Network, we have gained enhancement in our email and web security. It protects our files, complies with different standards, and reduces lateral movement in our networks.
Rick Schibler - PeerSpot reviewer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox."
"Very few false positives are detected, which gives the confidence to raise flags when needed, ensuring the IT department is aware of threats and acting fast."
"SandBlast Network enhances security by providing advanced threat prevention."
"SandBlast updates the threat signatures frequently."
"The sandbox is able to scan files without adding a delay or compromising productivity."
"It is a stable solution."
"One of its characteristics that we liked the most was its analysis and emulation of activities in the emails since it manages to review them and inspect them if they have an infected attachment."
"It looks out for new cyber ​​threats and generates predictions based on behaviors that are already detected on a daily basis."
"Morphisec also provides full visibility into security events for Microsoft Defender and Morphisec in one dashboard... in the single pane of glass provided by Morphisec, it's all right there at your fingertips: easy to access and easy to understand. And if you choose to go down further to know everything from the process to the hash behind it, you can."
"Morphisec has absolutely helped save money on our security stack. The ransomware at the end of the day can cost organizations millions upon millions of dollars. Investing in tools like Morphisec is a great reduction in that cost. If I can spend $10,000 in a year to protect assets that could be ransomed for $20,000,000, that's definitely a bet that one should pursue. Morphisec absolutely it's worth the investment."
"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."
"Morphisec is a straightforward solution that is efficient and very stable."
"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
"We don't have to do anything as a user or as an admin. It does everything by default with its coding and inbuilt AI-based intelligence. We don't have to instruct it about what to do. It automatically takes corrective actions and quarantines or deletes a virus, malware, etc. That is the best part that I like about it."
"Morphisec stops attacks without needing to know what type of threat it is, just that it is foreign. It is based on injections, so it would know when a software launches. If a software launches and something else also launches, then it would count that as anomalous and block it. Because the software looks at the code, and if it executes something else that is not related, then Morphisec would block it. That is how it works."
 

Cons

"I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it."
"The response times were slower, and getting support personnel on the call was more difficult."
"The management of alerts could improve them a bit - especially in event management."
"Check Point SandBlast Network can improve the integration with third-party vendors, such as EDR or CRM products. For example, IBM Curator."
"I would like for them to improve the visibility in the product."
"Most of the time stability is okay, but sometimes, we're not able to contact the cloud. It won't last for long. The product could be faster."
"The cost is a little bit high-end, and you need to get precise performance metrics in order to get the correct size. Improvements are required in both areas of the tool."
"The customer support for Check Point SandBlast Network could be improved as they are sometimes late with their responses."
"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."
"The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not."
"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."
"We wanted to have multi-tenants in their cloud platform, so every entity can look into their own systems and not see other systems in other entities. I have a beta version on that now. I would like them to incorporate that in the cloud solution."
"Right now, it's just their auto-update feature. I know they are currently working on that. When they release a new version of the threat prevention platform, I do have to update that, rolling out to every computer. They have said, "From version 5, you would be able to do an auto-update." While this is very minor, that is the only thing that I would say needs to be upgraded. It would just make life a lot easier for other IT teams. However, I have simplified the process, so all I need to do is just download one file."
"The only area that really needs improvement is the reporting functionality. Gathering the detailed information that is in the system for an executive, or for me as a director, could be better. Some of the interface and reporting aspects are a little bit dated. They're working on it."
"It might be a bit much to ask, but we are now beginning to use Morphisec Scout, which provides vulnerability information. At this time, it's recognizing vulnerabilities and reporting them to us, but it's not necessarily resolving them. There's still a separate manual process to resolve those vulnerabilities, primarily through upgrades. We have to do that outside of Morphisec. If Morphisec could somehow have that capability built into it, that would be very effective."
"It would be nice if they could integrate Morphisec with other traditional antivirus solutions beyond Microsoft Defender. That is probably my biggest gripe."
 

Pricing and Cost Advice

"The product's cost is high."
"The cost of Check Point SandBlast Network is annually, and there is only a standard license."
"The pricing is quite effective, not excessively high. On a scale of one to ten, where ten is the highest price, I rate the pricing a nine."
"We have seen ROI."
"The cost is not significantly high and it can be negotiated during any purchase of NGFW."
"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."
"We would like to try the Threat Extraction blade, but you need to buy a license. Check Point is expensive. I would like to buy things, but I would need the funding."
"I think the overall cost for introducing Check Point with SandBlast was reasonable and competitive in the market."
"The pricing is definitely fair for what it does."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
report
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
869,566 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Energy/Utilities Company
8%
Manufacturing Company
6%
Outsourcing Company
16%
Manufacturing Company
12%
Computer Software Company
9%
Financial Services Firm
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business27
Midsize Enterprise8
Large Enterprise13
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
 

Questions from the Community

What do you like most about Check Point SandBlast Network?
The solution can detect and prevent attacks that may be encrypted.
What is your experience regarding pricing and costs for Check Point SandBlast Network?
I'm not in charge of costing regarding Check Point SandBlast Network, so I cannot comment on the pricing, setup cost, and licensing.
What needs improvement with Check Point SandBlast Network?
Check Point SandBlast Network could be improved as sometimes the cost can be limiting even if the feature is very nice, and the UI can be optimized. The customer support for Check Point SandBlast N...
Ask a question
Earn 20 points
 

Also Known As

No data available
Morphisec, Morphisec Moving Target Defense
 

Overview

 

Sample Customers

Edenred, State Transport Leasing Company (STLC), Edel AG, Laurenty, Conseil Départemental du Val de Marne, Koch Media
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Find out what your peers are saying about Check Point SandBlast Network vs. Morphisec and other solutions. Updated: September 2025.
869,566 professionals have used our research since 2012.