No more typing reviews! Try our Samantha, our new voice AI agent.

Check Point WAF (formerly CloudGuard WAF) vs GitHub Advanced Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 16, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Check Point WAF (formerly C...
Ranking in Application Security Tools
5th
Average Rating
8.8
Reviews Sentiment
7.2
Number of Reviews
60
Ranking in other categories
Web Application Firewall (WAF) (5th)
GitHub Advanced Security
Ranking in Application Security Tools
12th
Average Rating
8.6
Reviews Sentiment
6.5
Number of Reviews
12
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Application Security Tools category, the mindshare of Check Point WAF (formerly CloudGuard WAF) is 0.7%, up from 0.1% compared to the previous year. The mindshare of GitHub Advanced Security is 2.4%, down from 8.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools Mindshare Distribution
ProductMindshare (%)
Check Point WAF (formerly CloudGuard WAF)0.7%
GitHub Advanced Security2.4%
Other96.9%
Application Security Tools
 

Featured Reviews

Mohan Janarthanan - PeerSpot reviewer
Associate Vice President at Novac Technology Solutions
Integrated web protection has reduced breaches and now prevents attacks across critical apps
I have been using it for six months, and the biggest advantages for me are that Check Point WAF (formerly CloudGuard WAF) offers more than other F5 firewalls, which have only application protection called ASM (Application Security Monitoring). In contrast, Check Point WAF (formerly CloudGuard WAF) provides protection on IPS along with application protection. Check Point WAF (formerly CloudGuard WAF) itself provides an IPS function where I can protect against my Layer 7 traffic, which is not available in other vendors. The traditional WAF does not have the capacity of IPS functions. The intrusion prevention capability, I can only see in Layer 3 functions and stateful functions, which is the traditional firewall capability. Other vendors are keeping this in their Web Application Firewall, but Check Point WAF (formerly CloudGuard WAF) has integrated it differently. False positives are significantly less here compared to traditional Web Application Firewalls because they are more focused on the AI front. Check Point WAF (formerly CloudGuard WAF) integrates an AI platform within the Web Application itself using API protection with AI and what they call GenAI protection. They excel at creating the profile itself, which is the basic functionality of WAF. Normally, I deploy in preventive mode, which takes some time for learning, but I prefer to operate in preventing mode only.
Devendiran Kandan - PeerSpot reviewer
DevOps Engineer at a tech vendor with 1,001-5,000 employees
Security scanning has protected our pipelines but currently needs clearer dashboards and controls
We used additional third-party solutions, but we replaced them with GitHub Advanced Security, even though I do not have a very good opinion about GitHub Advanced Security. Even though it is an inline product, I'm not seeing user-friendly things in GitHub Advanced Security. Dependent bots and the secret detection are good compared to others. However, code scanning is not finding very good results based on pipeline where it will scan and do code scanning. While build, before building and deploying the code, we want to block or do an advanced model, but it is not supporting. During deployment, code scanning is not good. It is a little complicated. It is not a straightforward method we can complete. We need expertise to get the full benefit, and troubleshooting sometimes requires going through that. The security overview dashboard is not really clear. It's not showing centralized information; each repo is showing, but if you compare it with competitors, it is not that great. Mainly in the centralized dashboard, enterprise level needs to improve. A centralized way where we can get that overall view is needed, and we want that code scanning and blocking deployments based on security. There are AI improvements, but however, it is not so easy to configure. It is multiple windows we need to go through and make changes or configure that. A few things we need to enable going into settings, and a few things we can find out in security. One product where security means the security dashboard should cover everything, but it is going here and there in many places.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Machine learning is a valuable tool for this assessment because it allows for a two-phase approach: secure and non-secure."
"Check Point CloudGuard WAF has been especially helpful here, automatically learning and adjusting protection without requiring constant manual tuning."
"With CloudGuard WAF, I have peace of mind, because most of the features are AI-based, and there is not much configuration that needs to be done on my side."
"They offer free trials, which is quite appreciative and grabs more attention from new users and businesses."
"The integration with other Microsoft products, especially Visual Studio, is seamless."
"The DirectStorage gives me a vision that I did not have of the check that occurs on the web servers."
"The solution offers sophisticated security techniques with unique characteristics that can be particularly valuable for the financial sector, which is where we develop apps."
"Check Point CloudGuard WAF has really reduced the headache of IT engineers and has helped me in security through machine learning."
"The most valuable is the developer experience and the extensibility of the overall ecosystem."
"GitHub Advanced Security is a very developer-friendly solution that is integrated within my development environment."
"It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part."
"GitHub Advanced Security is ten out of ten scalable."
"It ensures user passwords or sensitive information are not accidentally exposed in code or reports."
"The best features of GitHub Advanced Security are its flexibility and the multiple options it has compared to other tools."
"GitHub Advanced Security uses artificial intelligence in the backend, specifically CodeQL, to analyze code and provide fewer but more reliable findings, so there are less false positives."
"GitHub provides advanced security, which is why the customers choose this tool; it allows them to rely solely on GitHub as one platform for everything they need."
 

Cons

"The User interface can be improved, especially for 1st time user."
"The coding configurations can be simplified to save time for IT teams and developers."
"The reporting can be improved."
"If the price could come down, I would be very happy with the product."
"The trial version should be extended further so that QA test engineers can actually test the utilities in a real sense and can provide the maximum amount of feedback for enhancements."
"The interface and deployment require qualified skills and a qualified engineer who knows this product very well."
"The negative side I see is that while most things about Check Point CloudGuard WAF are really good, there is some latency and performance issues, as it can be slow to log in, especially from different regions."
"Improving the process for handling licensing renewals would be a welcome enhancement."
"The report limitations are the main issue."
"Maybe make it compatible with more programming languages. Have a customized ruleset where the end-user can create their own rules for scanning."
"We used additional third-party solutions, but we replaced them with GitHub Advanced Security, even though I do not have a very good opinion about GitHub Advanced Security."
"GitHub Advanced Security should look into API security issues, which they currently do not. Additionally, open-source security vulnerabilities are not getting updated in a timely manner."
"An area of GitHub Advanced Security that has room for improvement is customization."
"The customizations are a little bit difficult."
"There could be DST features included in the product."
"The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective."
 

Pricing and Cost Advice

"Check Point CloudGuard Application Security's pricing is comparable to other products in the market."
"The tool's licensing costs are yearly and competitive."
"I work for an Indian banking client. In India, companies are on a budget. The company liked Check Point very much, but it was a little bit costly compared to FortiWeb. However, it had more features compared to FortiWeb."
"The sales team or account managers from Check Point are top-notch. As I am using other products as well, my pricing was competitive compared to others."
"Check Point CloudGuard Application Security's pricing is not friendly."
"If the pricing for the Infinity platform covers everything, it would be more straightforward. I had a hard time selling it to our CEO as a former CFO because of the differentials. There are different deltas year to year over a five-year period. It is very difficult to explain. It would be easier to digest for our executives if there was a flatter scale"
"I find the pricing to be reasonable."
"The base solution costs approximately 30,000 euros, with an additional 2,000 euros per year for licenses and support."
"The solution is expensive."
"The current licensing model, which relies on active commitments, poses challenges, particularly in predicting and managing growth."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Outsourcing Company
11%
Financial Services Firm
9%
Manufacturing Company
8%
Financial Services Firm
15%
Computer Software Company
10%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business38
Midsize Enterprise21
Large Enterprise24
By reviewers
Company SizeCount
Small Business1
Midsize Enterprise4
Large Enterprise7
 

Questions from the Community

What is your experience regarding pricing and costs for CloudGuard for Application Security?
The pricing is reasonable, and I believe it is acceptable. I am satisfied with the timing.
What needs improvement with CloudGuard for Application Security?
The negative aspect is that Check Point WAF (formerly CloudGuard WAF) uses Check Point Harmony in its management console, which sometimes creates latency when connecting to or opening the platform....
What is your primary use case for CloudGuard for Application Security?
I want to protect my application hosted in my cloud by preventing attacks against my top OWASP Top 10 threats. I am enabling Check Point WAF (formerly CloudGuard WAF) as my application firewall. Th...
What needs improvement with GitHub Advanced Security?
We used additional third-party solutions, but we replaced them with GitHub Advanced Security, even though I do not have a very good opinion about GitHub Advanced Security. Even though it is an inli...
What is your primary use case for GitHub Advanced Security?
I'm working with software development nowadays. As a process, we are using the dependent bot alerts and the code scanning for Java, and some of the code scanning is happening. Security secrets in c...
What advice do you have for others considering GitHub Advanced Security?
Dependent bots and the secret detection are good compared to others. However, code scanning is not finding very good results based on pipeline where it will scan and do code scanning. While build, ...
 

Also Known As

Check Point CloudGuard Application Security, CloudGuard Application Security, CloudGuard AppSec
No data available
 

Overview

 

Sample Customers

Orange España, Paschoalotto
Information Not Available
Find out what your peers are saying about Check Point WAF (formerly CloudGuard WAF) vs. GitHub Advanced Security and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.