We performed a comparison between Check Point CloudGuard CNAPP and CloudPassage based on real PeerSpot user reviews.
Find out in this report how the two Cloud Workload Protection Platforms (CWPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"PingSafe released a new security graph tool that helps us identify the root issue. Other tools give you a pass/fail type of profile on all misconfigurations, and those will run into the thousands. PingSafe's graphing algorithm connects various components together and tries to identify what is severe and what is not. It can correlate various vulnerabilities and datasets to test them on the back end to pinpoint the real issue."
"We've seen a reduction in resources devoted to vulnerability monitoring. Before PingSafe we spent a lot of time monitoring and fixing these issues. PingSafe enabled us to divert more resources to the production environment."
"The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software."
"It's positively affected the communication between cloud security, application developers, and AppSec teams."
"We like PingSafe's vulnerability assessment and management features, and its vulnerability databases."
"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"The solution's most valuable features are its ability to detect vulnerabilities inside AWS resources and its ability to rescan after a specific duration set by the administrator."
"The most valuable features of PingSafe are the asset inventory and issue indexing."
"It presents great visibility of the traffic flow of our cloud, providing information on what data and users are circulating and in the event of a threat, it immediately identifies them by providing detailed and granular information from our entire environment."
"The Compliance engine has helped put our auditors and senior executives at ease, as we can quickly and accurately measure ourselves against hundreds of compliance checks to include CIS benchmarks, PCI, and other best practices."
"The product enables us to check the information that goes out of the company."
"The feature that I find most valuable is the blocking feature."
"The CloudGuard for Cloud Intelligence tool has several significant features that provide security to our company."
"The rulesets and the findings are valuable. The actual core functionality of it and the efficacy of events are great."
"The most valuable features of CloudGuard CNAPP are its reporting capabilities for aggregating vulnerability information and scoring."
"I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better. The different cloud platforms all have their own way that they handle a lot of the stuff that Dome9 handles. Even within their platform, they are in a lot of disparate places, e.g., in AWS, there are five different tools. You have to jump between them to get the same information that you can just pull in automatically on Dome9, which is just one platform. We are using multiple platforms, so that makes it even more complicated and time consuming if you had to just rely on them to get all of your information. Whereas, it's all just summarized and put together on the Dome9 end."
"Key features are the Software Vulnerability Assessment and the CSM, which is the configuration check."
"Policies are very easy to manage on a day-to-day basis."
"We recently adopted a new ticket management solution, so we've asked them to include a connector to integrate that tool with Cloud Native Security directly. We'd also like to see Cloud Native Security add a scan for personally identifying information. We're looking at other tools for this capability, but having that functionality built into Cloud Native Security would be nice. Monitoring PII data is critical to us as an organization."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"The cost has the potential for improvement."
"There is a bit of a learning curve for new users."
"The categorization of the results from the vulnerability assessment could be improved."
"PingSafe can improve by eliminating 100 percent of the false positives."
"We'd like to have better notifications. We'd like them to happen faster."
"Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."
"The entire system is complicated, and the setup process may not cater to the company's demands."
"It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published."
"I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes."
"Currently, I would like this solution extended to cellular devices or tablets."
"Currently, worldwide, there are many companies of all sizes that do not understand the value that their data has, but even with all existing clouds, they also do not understand what the shared responsibility model is. They only assume that by having a cloud, the provider must ensure safety, when the truth is that the providers only secure their sites. Everything we do in the cloud and how we configure it is actually our responsibility."
"Addressing the large amount of compliance information and benchmarks we need to observe, the tools are becoming our goto dashboards."
"The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure."
"They take time to respond or coordinate a meeting since they maintain a schedule that does not fit Latin America very well."
"Of all the advertised functions, I only find two things that really work in my environment, even though I wanted to use all of them. They're not flexible enough to be used."
"Anything outside of the software vulnerability management and the CSM, things like the GhostPort, need some improvement. The dashboard is in beta. It looks really good, I wish it would come out of beta."
"In the CSM module the policies are really hard to work with it. It is not very flexible at all. I would suggest that they change that. Right now, the scan is based on the group that the server is in. What happens if the server is in multiple groups?"
"The reports and graphs are unintuitive."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Earn 20 points
Check Point CloudGuard CNAPP is ranked 5th in Cloud Workload Protection Platforms (CWPP) with 64 reviews while CloudPassage is ranked 41st in Cloud Workload Protection Platforms (CWPP). Check Point CloudGuard CNAPP is rated 8.6, while CloudPassage is rated 8.0. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of CloudPassage writes "CloudPassage has a bunch of features. Be sure you understand all of them and how to extract value to your organization". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, Wiz, AWS GuardDuty, Microsoft Defender for Cloud and Qualys VMDR, whereas CloudPassage is most compared with . See our Check Point CloudGuard CNAPP vs. CloudPassage report.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors and best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
