We performed a comparison between Check Point CloudGuard CNAPP and Microsoft Defender for Cloud Apps based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."The most valuable feature is the single dashboard that enables us to manage the entire cloud environment from one place."
"The most valuable feature is posture management, which gives you complete visibility of all your assets in the cloud and allows you to do governance and compliance."
"The new scanning function is a valuable feature that wasn't available until recently."
"The most valuable features are the ability to create pipeline rules, the enhanced NetOps security, and the deep visibility across our entire infrastructure."
"The product enables us to check the information that goes out of the company."
"The various CNAPP modules have granted more visibility of our cloud applications to our system engineers and developers."
"The reporting is quite good. It is the most powerful aspect of this solution."
"We like the GSL Builder feature. When you're running a security operations center, you spend a lot of time monitoring endpoint activity to ensure there is no malicious traffic or anonymous access in the environment. The GSL Builder is helpful for deep investigations of a particular reason for an incident. You can use it to get more information."
"It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications are pretty good."
"Defender helps us control which applications are being used and gain more security insight into remote and hybrid users based on user identity and log in location. You can also integrate Defender for Cloud Apps with Defender for Endpoint to extend its capabilities."
"In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."
"Defender's integration with our identity solutions is critical in our current setup."
"It's very easy to install and it includes the Intune portal from Microsoft where I can control all the devices from one place."
"It is very easy to use, which is what we look for in these types of solutions."
"The most valuable feature is the seamless integration across different clouds."
"I like the alert policies because they are quite robust. It has some built-in templates that we can easily pick up. One of them is the alert for mass downloads, when a particular user is running a massive download on your SharePoint site."
"I would like to see improvements in the vulnerability assessments in terms of how the solution discovers vulnerabilities or compromised workloads. Also, customizable reports would be nice."
"The reporting has a lot of opportunities to continuously improve so that we can continue to show value."
"Integration could be improved."
"No improvements are needed."
"The support it provides is not very good. They should improve it since we have had several setbacks due to support issues."
"There are opportunities for improvement that can be addressed through a roadmap."
"They take time to respond or coordinate a meeting since they maintain a schedule that does not fit Latin America very well."
"I would like an interface more adapted to cell phones or tablets."
"It takes some time to scan and apply the policies when there is some sensitive information. After it applies the policies, it works, but there is a delay. This is something for which we are working with Microsoft."
"There could be more granular roles that are out of the box included in the product."
"They need to improve the attack surface reduction (ASR) rules. In the latest version, you can implement ASR rules, which are quite useful, but you have to enable those because if they're not enabled, they flag false positives. In the Defender portal, it logs a block for WMI processes and PowerShell. Apparently, it's because ASR rules are not configured. So, you generally have to enable them to exclude, for example, WMI queries or PowerShell because they have a habit of blocking your security scanners. It's a bit weird that they have to be enabled to be configured, and it's not the other way around."
"The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand."
"There are challenges with detection and there are challenges with false-positive rates."
"Defender could integrate better with multi-cloud and hybrid environments. It requires some additional configuration to ingest data from non-Azure environments and integrate it with Sentinel."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"Microsoft Defender for Cloud Apps' initial setup was quite technical but we were prepared. The time of the implementation depends on the job and how many users are being set up."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 60 reviews while Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.