Check Point CloudGuard CNAPP Reviews

We use it to protect our applications in the cloud. We are doing a lot more cloud migration. We are moving all our applications into the cloud and our servers into the cloud. We need to protect our servers in the cloud.

By implementing CloudGuard CNAPP, we wanted to make sure we get alerts so that we can react much faster.

We use CloudGuard CNAPP's Cloud Security Posture Management capabilities. It knows all the accounts that were spun up. When we create an account in the cloud, it is onboarded automatically. We pull it into automation. Whenever someone changes any settings on the infrastructure side, the posture management will flag it. Sometimes, there is a way to automate a change. If we put some settings, it can make changes right away to shut that down.

Cloud Security Posture Management has a lot of compliances. It helps us to make sure our cloud configuration is up to a certain standard. If we have to be compliant, we have a good start on where we are.

Cloud Security Posture Management identifies the risks that are most critical to our business. It gives a risk score for what is being discovered. After we have that score, it is up to us how fast we want to remediate an issue. Sometimes, we might think that it is not crucial, and we might not take immediate action on it. 

We send every finding to our backend SIEM and work with our SOC to remediate those findings. Our SOC environment has that visibility of the logs so that we can react.

We know the vulnerability in advance, so we can take some action for that vulnerability. It is mostly all about how fast we can react to something.

We could see its benefits right away after we deployed the technology. However, getting visibility does not mean that we can react fast. For that, we have to work closely with all the app guys or server guys to patch all the things after we get the visibility.

Down the road, we would like to see automation. That is probably a feature that most people want. If they can automate patching a vulnerability, it will be much easier.

I have been using CloudGuard CNAPP for about four years.

I am not aware of any problems.

So far, so good. We have plans to increase its usage, but it depends on the collaboration with multiple groups.

We have been using it with a small group in our organization. We want to make sure that this group benefits from it, and then we can use that use case and expand that use case throughout the organization. Currently, it is being used for a small group, and there is an ongoing effort to make it more visible.

They are good and responsive. We have a dedicated engineer, which is good. We have a certain person to go to for any questions or any problems. It has been good so far. Sometimes, we do experience slowness in responding, but overall, it has been pretty good.

We have been using CloudGuard from day one. It used to be known by another name. We have been using it before the name change. We are long-time customers.

Currently, we are just dealing with the public cloud. We have AWS and Azure clouds. 

Its deployment needs a lot more collaboration. From the cybersecurity side, we can only do certain things to protect our environment. From the app side, it also needs collaboration with whoever is managing that application or server. A lot of collaboration is needed rather than just having the security person.

When we get all the permission to do the deployment, it is a lot easier. The security team does not hold the key to the kingdom, so we do not have access to all environments. Once we get that access, it can be deployed a lot easily.

We have definitely seen an ROI. We have not quantified it, but the notifications about misconfiguration or vulnerabilities by CloudGuard CNAPP are helping us to improve our site. Our risk is much lower. It lowers our risk on how we do things, and sometimes, it is hard to quantify that into money.

The licensing part still needs some work. The issue that I have is that we do not use all the services in the cloud, but sometimes, CloudGuard identifies them as an asset. 

We did not explore other options. We are just leveraging what CloudGuard has.

To those evaluating this solution, I would recommend trying it. You never know what you will see until you try.

It is a good product. We definitely want to see more features. We constantly try to see the new features being integrated into the product so that we can leverage them.

We are not yet using CloudGuard CNAPP's CloudGuard Workload Protection capabilities. Because the workload side is hosted by a different group, it requires collaboration. We need to work closely with the workload group. We are looking at opportunities to see if we can collaborate.

We are not yet using CloudGuard Workload Protection for VMs, containers, and serverless, but we are interested in looking into it. If we have it, the scanning provided by CloudGuard Workload Protection will help us identify problems before they go live. I have seen a demo of it, and I am looking into whether we can deploy it for our environment. It will give our cybersecurity visibility. It will help us know what is going on, and then we can react to it.

We are also not using CloudGuard CNAPP's CloudGuard CDR (formerly Intelligence) and its intrusion detection and threat-hunting capabilities. I would love to use that and get some benefits out of it sometime in the future.

I would rate CloudGuard CNAPP an eight out of ten. Automation is what we are looking for because we do not have enough time and people to handle all the events and findings.

We use Check Point CloudGuard for full visibility across our workloads in the cloud and on-premises.

The GSL builder's graphical interface makes writing custom rules and policies easy, but some knowledge and training are still required. The training required takes around two weeks to complete.

The GSL builder helps reduce human errors by almost 80 percent because it provides compliance rules and performs intelligence queries on our behalf.

The GSL builder saves us time creating custom rules. Initially, defining the rules takes time, but once that is downloaded, it becomes an automated process. We save around ten hours per week.

Our organization requires the use of Check Point's auto-remediation feature. This feature automatically analyzes and remediates threats, enabling us to perform forensic analysis on detected events. By implementing this feature, we benefit from several detection capabilities, including anti-ransomware and behavioral analysis, which ensure comprehensive threat detection and analysis. Additionally, the auto-remediation feature automatically quarantines and remediates malicious files, preventing data breaches. As a result, we can leverage the forensic report to enhance our endpoint security posture and effectively protect our internet connectivity.

The auto-remediation feature stands out for its ability to prioritize alerts. It focuses on high-risk issues first and then remediates them accordingly.

The unified security management console, a component of the monitoring tool, offers a comprehensive overview of our platform's security posture. This holistic view enables us to promptly identify emerging environmental threats and conduct thorough investigations, ensuring swift and effective responses.

The evaluation of the application depends on its criticality. For example, in an airport scenario, an AODV application is used for critical operations. This means that the AODV application is of high importance and requires a more thorough investigation or a faster response in case of issues.

Check Point CloudGuard has significantly improved my cloud threat handling. It has been a great asset in increasing my security posture score due to its automated remediation capabilities. Additionally, its threat intelligence provides valuable insights, making it a comprehensive security solution. Furthermore, CloudGuard offers comprehensive lifecycle security for all my applications, including new deployments. It also addresses complex security needs within my cloud environment, ensuring compliance with all relevant regulations and governance requirements.

CloudGuard provides good performance for automating our organization's security across assets, workloads, and multiple clouds.

The agentless workload posture plays a crucial role in determining our organization's security posture. This includes security and posture management, threat prevention, and high-availability posture management. All these aspects are highly important, and they also help automate my DevOps multi-cloud security threat level.

Network security helps us reduce the amount of compliance and audit activities we need to perform. It provides advanced threat protection, allowing us to inspect all traffic entering and leaving our private subnets within our entire virtual network. This comprehensive approach ensures robust network security and ongoing time savings.

CloudGuard can help free up around six hours of our staff time because it can be integrated with different applications and systems. 

CloudGuard's unified platform can free up an average of six hours per day, a feat impossible for any human worker. However, the system's automated configurations can function around the clock, achieving this level of efficiency.

The most valuable features are the ability to create pipeline rules, the enhanced NetOps security, and the deep visibility across our entire infrastructure. 

Check Point CloudGuard also helps us adhere to the compliance and regulatory requirements, I can ensure best practices are implemented, prioritize risk management, and prevent critical attacks.

Automation and advanced threat prevention have room for improvement. I would like the rules configuration which are manually reviewed to be automated according to the defined rules.

I have been using Check Point CloudGuard for two years.

Check Point CloudGuard is stable.

Check Point CloudGuard is scalable.

The technical support is good.

Positive

The initial deployment required knowledgeable people. We had already planned the required configuration type, the necessary posture management approach, and the rules that needed to be defined. We had discussed these requirements with the CloudGuard team member and implemented them together. Four people were involved in the deployment.

A person from CloudGuard helped with the implementation.

We have the enterprise-level license and we renew it annually because it is worth the cost.

I would rate Check Point CloudGuard an eight out of ten.

Check Point offers a bundled solution that includes cloud threat hunting, cloud migration security, DevSecOps, and cloud security compliance. This comprehensive package is a superior choice as it provides a unified approach to cloud security.

We have Check Point CloudGuard deployed in one location with 400 users.

A team of four admins performs maintenance on CloudGuard every quarter.

CloudGuard boasts advanced threat prevention for network security, seamlessly securing public, private, and hybrid cloud environments. It also provides unified security management and simplifies complaint handling.

We use CloudGuard to monitor the cloud IaaS, AWS, and Azure security postures, including cloud assets' configurations. Based on the framework in the rulesets, it will give us failing, passing, or partially compliant scores. It allows us to implement auto-remediation and guardrails. 

If a user exposes storage on the public internet accidentally or purposefully, a daily report is sent to the account owner. CloudGuard will automatically fix the issue if auto-remediation is appropriate. We have GCP, AWS, and Azure accounts. CloudGuard is a SaaS solution, and we onboard all our AWS accounts, whether public, private, or hybrid.

In our sandbox environment, auto-remediation kicks in, and everything is fixed. Users try to do it themselves but often don't know how because they're not trained to provide cloud support. We don't currently use complete remediation, which will break their production environment, but we're getting better by nagging the cloud account users. Our cybersecurity team can use the shared response score to encourage cloud account owners to fix the problem.

CloudGuard has specific instructions for how users should fix issues, but it's like pulling teeth sometimes. Users often don't respond, and we get to the point where we need to tell them that it's going through change management and we can't renew it. We will auto-remediate in production environments if they don't respond by that date. 

It helped some cloud deployment users understand how to improve security posture, but not all of them. It depends on whether they are reading the CloudGuard reports daily. Many don't want to manage that part, and we believe our cybersecurity will help fix that for them.

We automated account onboarding. When a user wants a new cloud account, the automation scripts kick in after the request is approved to create the cloud account. After the provisioning is completed, the account is onboarded into CloudGuard. It enables us to have full coverage because CloudGuard monitors all our organization's cloud accounts.

I wouldn't say that CloudGuard has freed up staff for other projects. I have two or three dedicated SecOps people to monitor and follow up with remediation when auto-remediation isn't possible. We also deal with CloudGuard account requests and just-in-time user account access. It's difficult to assign a specific user to view the cloud accounts only they can see. 

I'm an SME for the product and train people annually because SecOps folks come and go. So far, we have had this software for three years. A lot of other organizations will switch solutions after two or three years. Training is essential because it's a high learning curve for people unfamiliar with the cloud. I don't think CloudGuard has made it more accessible. While it has decreased the resources, we still need at least one full-time admin dealing with CloudGuard, especially with the bugs.

We saved some time. We always go for a Unified Enterprise Platform. In terms of Cloud Security Posture Management, we wanted an enterprise solution with GCP, AWS, and Azure support, so we chose CloudGuard.

The posture management and remediation features are the most valuable. We use GSL Builder to build custom rules in alignment with our organization's policies. CloudGuard has canned rules using multiple standard frameworks, but we also have additional rules. Building custom rules with GSL Builder is medium difficulty. They have several examples of other compliance rules you can use. The GSL documentation is decent. A non-technical person can learn to use GSL Builder in about a week. GSL Builder saved us time and reduced human error. 

The auto-remediation works when it works. It does its job and is based on the rule instead of the alert's severity. In our company, we say, "Okay, this rule is a high severity. We don't want the data to be exposed on the internet." For example, if someone puts a public IP on our database, we will set a rule to shut it down immediately. That's how we define remediation. 

It isn't based on the severity or the level of work. Some rules may be defined as lower severity by default, but they might be higher depending on the organization's policy. It kicks in when there's an alert matching the remediation rule. The effectiveness of the remediation is 50%. Some of their bots used to fix issues automatically need to be updated. We had to make a few custom changes to some bots because they don't wake up.

CloudGuard's effective risk management only scans accounts every hour. We have more than 150 AWS accounts and 20 Azure accounts. We sent Check Point a request asking them to increase the frequency to five to fifteen minutes. I want the flexibility to scan it as often as possible based on the account's importance. That part is lacking. 

When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug. We must spend extra time reapplying the rule when they periodically update the compliance presets. Auto-remediation breaks if you're using that particular out-of-the-box rule. I haven't experienced this recently, so maybe they fixed that part. However, that's what it did in the past.

Check Point is slow to respond to bugs. They resolve bugs maybe once every two weeks, and their R&D is slow. They're in Israel, and it's not just the Israeli holidays. I would probably pick a large US company if we did this over again. 

They don't give us continuous feedback. I want live feedback when they change something. Stop breaking things. The company should let us know what they're doing when they add new features. They don't have an official beta program, so you can't test the new features. 

That's the other bad thing about this product, but I don't know about other Check Point products. They're a firewall company but not a software company. If you put out a beta, customers should have the option to test it and give feedback. I've been putting a lot of work into CloudGuard to fix all the bugs. They should have paid me to fix their bugs for them.

They need to decrease their bug resolution time. Anything longer than two weeks is problematic. It's why we don't jump into the deep end with all these other features they've added. Our primary feature is the CSPM cloud part. The solution is useless if the reporting or remediation breaks, as it has in the past. It requires an SME for CloudGuard to dig in deeper, which takes time away from our SecOps folks.

We've been using CloudGuard for three years.

CloudGuard is pretty stable.

CloudGuard is scalable. I don't need to worry about it.

I rate Check Point's support a seven out of ten. They respond within a day. 

Neutral

Setting up CloudGuard is straightforward, and it takes a few days. We handled the deployment in-house with two full-time employees. It's a SaaS solution, so the only maintenance required is backups. 

We implemented this solution in-house.

The pricing of CloudGuard increases annually, and we don't see the value because we don't use all the features. We're primarily using CSPM and maybe Workload Protection. We did the Kubernetes part and used Network Explorer as a one-off. We only used Network Explorer for diagnostics. 

We use the Intelligence module for CSPM but don't analyze network traffic with CloudGuard. It's an expensive subscription, so we don't use the intelligence part.

We evaluated Palo Alto Prisma Cloud and Twistlock. Back then, the solution was owned by an independent company called Dome9, and Check Point acquired them. It had the best rule set out there. We chose it because it had all the rule sets out of the box and supported GCP, Azure, and AWS. 

I rate Check Point CloudGard Posture Management a seven out of ten. CloudGuard does its job, but the remediation is not perfect. Other CSPM tools do a better job of using remediation exclusion rules, especially scanning and putting out reports at a custom frequency versus every hour.

If the price isn't an issue and you don't care about using all the features, it's an okay product for enterprises to use to cover all cloud IaaS. If you're thinking about implementing CloudGuard, you should consider two things. First, the price is marked up every year by 10-plus percent, whether you use a particular feature or not. It's an annual subscription model, so you can always cancel at any time. 

Second, you should think about the modules. Workload Protection is okay if you use Kubernetes. You can use intelligence if you need to analyze traffic within your cloud environment for regulation-specific reasons, but it will cost you extra. CloudGuard's strong suit is that they support a lot of the features and AWS cloud assets.

We are using CloudGuard CNAPP for safeguarding our cloud-native applications. We are using it because it has robust security features and proactive threat detection capabilities, which help us secure our cloud-native applications in a better way. We have multiple cloud-native applications in Azure and AWS.

We are using CloudGuard CNAPP for cloud-native application protection, real-time threat detection, and unified security across multi-cloud environments. Our organization is dependent on this solution for any kind of threat detection and security vulnerabilities in our cloud-based environment.

CloudGuard CNAPP's Cloud Security Posture Management capabilities work fine. I have not found any issues with them. They help in identifying misconfiguration, but there can be advanced configuration and features, automation of security traces, and more user-friendly reports.

Cloud Security Posture Management is effective for providing compliance rulesets and security best practices. It works fine. It is fully capable. It is a Check Point product.

Cloud Security Posture Management identifies the risks that are most critical to our business. It also helps to mitigate those risks. It is very capable of identifying challenges, vulnerabilities, and security threats. Reports are very user-friendly, but in some cases, the reports cannot be fully analyzed by our technical team due to some complexities. Overall, the solution is good. I would rate it a nine out of ten. The time savings in identifying the most critical risks vary. If a security threat is of high severity, it can take 24 to 48 hours. In some cases, it can be resolved on a real-time basis.

We use CloudGuard CNAPP's CloudGuard Workload Protection capabilities. We have VMs. We have containers. We have BLOBs. CloudGuard CNAPP is fully capable because it focuses on cloud-native applications. It is capable of identifying all the vulnerabilities.

The scanning provided by CloudGuard Workload Protection helps us identify problems before they go live. This identification is very important. It helps us identify threats that are already there. It helps in getting more clarity about security threats and vulnerabilities before they go into production.

There are many features. It is easy to administer and easy to deploy. It has automated or pre-configured templates, security features, and proactive threat detection.

We have had some issues with the performance. In some cases, the performance of CloudGuard CNAPP is impacted. Particularly during the intensive security scans in high-traffic environments, there has been a performance impact.

We have also had some challenges with the documentation and the support of the CloudGuard CNAPP solution. Customer support is a major area where it can be improved.

The user interface is not very user-friendly. The user interface is about 75% good.

There should be automation of tasks, better performance and reports, and improvement in the UI interface.

In my company, we have been using CloudGuard CNAPP for more than 2 years.

It is now stable. It is fully mature. I would rate it a ten out of ten for stability, but there can always be improvements.

It is scalable. I would rate it a 10 out of 10 for scalability.

Vendor support might be the weakest point of CloudGuard CNAPP. The vendor support mechanism should be improved. I would rate them an eight out of ten. Their support agents should have a high level of knowledge about this solution to be able to provide better support to the end customers.

When we are facing any issues and we raise a ticket, they take 24 hours to 48 hours, and sometimes more than that, to resolve the ticket. We need to provide customer support to our end users in a very efficient way and within certain hours, but sometimes, it takes more than 24 hours. It is, at times, a very depressing condition.

Positive

The deployment took us a week. After we finalized our requirements and the environments, it hardly took us seven days.

Its deployment was straightforward. It is a managed service by Check Point.

We deployed it with the help of the Check Point solution architect from the consulting team. They were helpful. I would rate them a ten out of ten.

We have seen an ROI. 

Its pricing is competitive. We have a certain budget for IT, security, and digital transformation.

We evaluated Cisco and Symantec solutions. We went with Check Point because we were already using Check Point products. It was better to go with a single vendor rather than different vendors. They provide some kind of offerings and discounts on a yearly and monthly subscription basis.

The overall pricing model, the features, and the offerings of Check Point were good. There was also overall compatibility with the cloud environment we have.

You can go ahead with the solution without any thought. If you are looking for a cloud-native security solution, CloudGuard CNAPP is the right solution.

We are using different solutions from the Check Point company. We are not only dependent on CloudGuard CNAPP because there are use cases where CloudGuard CNAPP is not feasible, but Check Point Harmony or Endpoint is more feasible. CloudGuard CNAPP is developing rapidly, and it fulfills the business requirements.

Overall, I would rate CloudGuard CNAPP a nine out of ten. The user interface, reports, automation, and support require some improvements.

We are using CloudGuard CNAPP to safeguard our cloud-native applications.

We are using it for threat detection and protection from potential cyber threats.

Previously, we did not have a cloud-native security solution. After implementing Check Point CloudGuard CNAPP, we found that our cloud-native applications are running very well. It is reliable, and all unwanted security threats are now blocked. We have complete peace of mind about our cloud-native applications. It took us seven to eight months to realize its benefits.

We use CloudGuard CNAPP's Cloud Security Posture Management capabilities. They are very helpful. There is run-time protection. Actionable security is one of the main features.

If we already have policy configurations within our applications, it does not affect our existing policies. We can easily configure the settings and the related functionalities. It provides flexibility.

Cloud Security Posture Management identifies the risks that are most critical to our business. We have identified high risks, medium risks, and low risks. It can provide risk management for all three categories. We generally have high-risk and medium-risk vulnerabilities with us. The time savings vary from risk to risk. It typically gets resolved within a day or at the most within two days.

We use CloudGuard CNAPP's CloudGuard Workload Protection capabilities. It has full integration capabilities with all the containers within the file systems. It is fully capable of integrating with any medium and providing the best security solutions.

The scanning provided by CloudGuard Workload Protection helps us identify problems before they go live. It helps with pre-analysis. It gives us a pre-analysis report before running things in production. It is important because it saves time and costs. The costs are higher once you deploy the solution. It provides visibility before the deployment.

We use CloudGuard CNAPP's CloudGuard CDR capabilities. It is their intelligence security threat system. It is very helpful for any kind of incident management and resolution. We can analyze the logs and try to provide the best possible solution.

CloudGuard CDR's intrusion detection and threat-hunting capabilities work fine.

CloudGuard CDR helps to detect anomalous behavior and respond to threats before they become an issue. Anomalous behavior detection is fast, but automation with AI and ML is required.

Almost all the features are valuable, but the most important is proactive threat detection. The overall administration, seamless integration, and being able to have one platform for monitoring our applications for suspicious activities and any potential security threats are also valuable.

The performance can be better. Sometimes, the performance is not up to the mark. There is also integration complexity with third-party software and tools.

There is also some complexity for non-technical people. The user manual instructions are not very user-friendly.

The AI/ML capabilities are not there. I highly advise the company to include these features in the solution so that the customer can benefit more. There should be predictive analysis as well. There should be AI/ML integration.

They should also improve the customer support services, UI, advanced features such as the reporting mechanism, and the overall pricing model.

I have been working with CloudGuard CNAPP for 2 years.

It is stable. It is a fully-released software. I would rate it a nine out of ten for stability.

It is scalable as per the requirement.

We have 75 people using this solution, and we have 3 administrators. We might increase its usage.

Their support is quite good. It is not too bad and not too good. I would rate them a nine out of ten.

Their response time should be faster because they usually take more than 72 hours to resolve any query.

Positive

We have used Barracuda and Cisco solutions.

It was straightforward. It took 15 days. 

We worked with the vendor. We did it ourselves, but we took some help initially from the vendor.

We have a team of eight to ten people. They are from the network security, DevOps, and product engineering team.

We have seen 15% to 20% ROI. We could see the ROI within six months.

The pricing of Check Point is very reasonable. Cisco is a very big brand, so the pricing is quite high. We want a solution that fits into our pocket and has all the features.

They can improve the licensing model for small and mid-sized organizations. It suits large companies but not small and mid-sized organizations.

We evaluated other solutions, but we found Check Point CloudGuard CNAPP to be better. Its user interface does not have many unwanted features. It is good in terms of functionalities and integrations.

You can go ahead with the solution if you have similar requirements and you are looking for a cloud-native security solution. Check Point is the best option in such a case.

I would not recommend it for small companies where there are budget constraints. Otherwise, it is a fully scalable and reliable solution.

Overall, I would rate CloudGuard CNAPP a 9 out of 10.

Check Point CloudGuard Intelligence Security is one of the most robust tools on the market. That's why we decided to implement it in our company when all our operations were migrated to the Azure cloud area. 

We needed a tool that would provide security in the network and help analyze any vulnerabilities that we might face in these new environments. We wanted to be able to attack all the weak points that we have in the cloud in order to guarantee effective and stable security. We also have some applications in our systems that deserve excellent security.

Check Point CloudGuard Intelligence came to strengthen our security and has helped the IT department achieve excellent network security. 

In addition to that, it has helped us centralize all the security infrastructure in this tool and helped us a lot to counteract vulnerabilities that were present. With this product, we were able to reduce the rate of attacks that we had. The database that they have is in real-time and updated instantaneously. All these factors helped a lot to reduce vulnerabilities.

Check Point's CloudGuard Intelligence tool presents some features that should be highlighted. For example:

It presents a real-time database that is always updated.

The environment can be centralized within Check Point Infinity, and thus we can have several security tools.

It also presents a forensic analysis that helped us to determine the root of several issues. 

Integration with Sentinel can be made, which allows us to obtain more security data and analyze it.

It presents a portal that is relatively easy to use and configure.

The tool works perfectly and improvements should be made, if any, in various technical and administrative aspects.

It was implemented approximately one year ago.

Check Point CloudGuard Intelligence has good stability. We have not presented performance problems or any other that would lead to a forced restart of the tool.

The tool presents very good and functional scalability. To this day, we have not presented any problems.

The support it provides is not very good. They should improve it since we have had several setbacks due to support issues.

Positive

Previously, there was no tool in the company's infrastructure. We needed the solution when we moved to the cloud and decided to improve security.

The implementation of the tool is very easy. There are several steps in the wizard where it gets complicated around the configuration, however. If you do not have extensive knowledge of the tool, it becomes complicated.

The implementation was done through the vendor, who gave us a support engineer to help us with the implementation and configuration of the tool. We also received some training.

By making an investment in security tools, we are doing ourselves a great favor. With this tool, we are protecting our information while maintaining operations. It is always a great investment to acquire these tools. Also, afterward, there is a noticeable economic return.

Whenever an investment is made in a security tool, it is high due to many factors. that said, investing in security will provide economic returns in the short or long term since it will greatly lighten workloads and provide security.

We evaluated many options on the market, such as Fortinet, Sophos, and Cisco NGFW. However, Check Point had better features.

With the time that I have used this tool, we have noticed that it is a very good solution and that it has excellent features. It provides very secure connections.

I use CloudGuard CNAPP to protect and gain visibility into vulnerabilities across our cloud workloads in a multi-cloud environment spanning AWS, GCP, and Azure. By implementing CNAPP, we have successfully reduced vulnerabilities in our cloud infrastructure by 70-80% over the past two years.

CloudGuard has significantly improved our organization's security posture over the past few years by reducing critical vulnerabilities by up to 80-90% across various workloads. This enhancement has led to lower security costs and enabled us to effectively communicate our improved security stance to stakeholders, putting us in a much stronger position than before.

The most valuable features of CloudGuard CNAPP are its reporting capabilities for aggregating vulnerability information and scoring, as well as its CloudBot feature, which automates remediation deployment across our diverse workloads in various accounts and regions.

One area where CloudGuard CNAPP could be improved is in its reporting capabilities. Customization options for building tailored reports would be beneficial, as it would allow for different views on vulnerabilities based on specific criteria such as tags or dimensions. Currently, the reporting features have some limitations in providing the level of customization we require.

I have been using Check Point CloudGuard CNAPP for about three years.

We haven't had any stability issues with the solution so far.

Scalability, particularly in workload protection, is an area that needs improvement. It is challenging to roll out workload protection to different teams, and there is room for enhancement in this aspect.

I would rate Check Point's service and technical support as an eight out of ten. The pre-sales team was excellent, providing expert assistance, and our experience with the technical team has been good so far. 

Positive

The initial deployment of CloudGuard CNAPP was extremely straightforward since it is agentless and seamlessly integrates with public cloud tools. We began with a POC, then gradually rolled out the solution across all our cloud accounts, starting with AWS and expanding to GCP and Azure.

We have seen a return on investment in terms of reduced vulnerabilities.

I find CloudGuard CNAPP's pricing and licensing to be flexible, allowing us to explore new features without hard limits. Currently, we operate under an enterprise agreement with the flexibility to utilize the tools we need effectively.

We initially evaluated Palo Alto's cloud security posture management solution but ultimately chose CloudGuard CNAPP due to its faster implementation process and cohesive reporting capabilities. CloudGuard CNAPP's simplicity and comprehensive reporting aligned better with our need for efficient deployment and intuitive data analysis, making it the preferred solution for our cloud security requirements.

The benefits of using CloudGuard CNAPP were realized very quickly, almost immediately after deployment. The implementation process was straightforward and seamless, leveraging agentless integration with existing cloud security tools. The positive results were clear from the start.

We use CloudGuard CNAPP's CSPM capabilities extensively. We assess CSPM for identifying misconfigurations by running automated processes to scan all our cloud accounts. We prioritize risks, work with technical teams to explain vulnerabilities, and initiate fixing processes, deploying available solutions or performing manual/automated remediations. We then report progress to our teams and iterate on the process as needed.

The effectiveness of CloudGuard CNAPP's CSPM for providing compliance rules and security best practices is high. Its policies align well with common standards like NIST or CIS frameworks, enabling effective assessment against known vulnerabilities. This alignment facilitates communication and understanding between teams, streamlining the resolution process for identified vulnerabilities.

CloudGuard CNAPP's CSPM effectively identifies risks critical to our business, particularly focusing on exposure and availability ratings. It saves us significant time, likely reducing the resolution process for critical risks by around 30-40%, as it provides pre-configured assessments and clearer insights compared to starting from scratch.

The CloudGuard CNAPP team provides excellent visibility into incident investigations by simplifying access to cloud workload configuration logs and integrating with tools like SIEM platforms. This enables the incident response team to ingest data from CloudGuard CNAPP and correlate it with internal indicators, streamlining the investigation process.

We use CloudGuard CNAPP across eight countries in South America and North America, with around 130,000 employees and approximately 5,000 engineers. We manage over 100 AWS accounts and support various applications, including e-commerce tools, generating over 10,000 notifications.

My advice for someone evaluating CloudGuard CNAPP would be to start with a hands-on exploration of the dashboards and data provided by the solution, then focus on internal selling and localized deployments. The biggest lesson I have learned from using CNAPP is that while it is easy to start with, achieving full adoption and maximizing its potential requires thorough preparation and dedicated effort from the team.

Overall, I would rate CloudGuard CNAPP as an eight out of ten.

We are a VAR. We use posture management in various client environments for different assessments. 

We do not use it internally. We use it in multiple client environments. We have different types of client environments with different sizes.

It is great for identifying misconfigurations. That is the part that I love about it.  It is very good at finding that needle in the haystack. It gives you an overall posture for every little thing, and if you dive into it and look at some of the findings, you start seeing that you have one or two servers that are misconfigured, and you have an open BLOB, open storage instance, unsecured web portal, or something else that you did not know about. 

The effectiveness of its Cloud Security Posture Management for providing compliance rulesets and security best practices is great.

Its Cloud Security Posture Management helps identify the risks that are most critical to our clients relatively quickly. I cannot put a number on that, but not having to go through every little configuration on every asset would probably save a week's worth of effort for the smallest client. 

Its traffic monitoring capabilities are good. Helps visualize traffic flows and possibly exposed assets.

The actual setup is pretty manual. It takes about an hour or two, depending on the client you are working with.

The rulesets and the findings are valuable. The actual core functionality of it and the efficacy of events are great. There is some triaging, but in terms of findings, it does seem to find the needle in the haystack.

The dashboards specifically are great. By just logging in and going into the portal, we can see the high-level dashboard views. We are able to dive into whatever we want to see there, and that is fantastic.

The network mapping and the traffic flow map, where it shows you which VMs might be possibly exposed, are also very valuable. It shows which systems might have direct access to the Internet and which systems do not. It shows you overall how the network flow is set up based on your security groups, routing, and everything. I have got a good use out of that.

The setup can be better. With every other Check Point SaaS product, the setup is scripted. You just approve deployment scripts,  and then you are off. The setup for this solution is still very much manual. I would like to see that transition to more of a scripted setup. That has been an issue when I set up a client because every client has different skill sets.

The general reporting also needs improvement. It is very cumbersome to pull the reports for big environments. I had a client environment with 50 tenants, and I had to manually run a CIS report for each tenant and download it. There were 50 different reports. I wish there was a way to get the reports for all 50 tenants in one report and not 50 different reports.

I have been working with posture management for 3 to 4 years.

I never had stability-related issues. That has always been fine.

It is scalable. You can do it, but you need to redo the setup for each and every additional account and visibility. It is scalable. It is just not quickly scalable.

I would rate their support for CloudGuard CNAPP a eight out of ten.

Positive

I have not used a posture management solution before.

Its setup is very manual. I would like to see that transition to more of a scripted setup. It is a very manual process. For the most part it is fine however I have definitely had issues with it. Sometimes, it just does not work, and I have had to open tickets.

I am an integrator and consultant.

Its price is very fair.

N/A

To the new users of this solution, I would advise not following the built-in guide while setting it up. Always open the admin guide for the most up-to-date information.

Overall, I would rate this solution an eight out of ten. Even with all the issues, what you do get out of it is very valuable. The reporting and the setup are holding it back from a ten. That is where it can be improved greatly.