We performed a comparison between Check Point CloudGuard CNAPP and Microsoft Defender for Cloud Apps based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc."
"People implementing this solution are concerned with addressing a significant risk, and within the AWS realm, this tool does de-risk substantially."
"It is able to bring visibility into that cloudy space where the security departments do not really see what is happening on the DevOps side. It brings visibility, security control, and standardization."
"We really liked its ease of implementation against our Microsoft Azure environment."
"It is easy to administer and easy to deploy. It has automated or pre-configured templates, security features, and proactive threat detection."
"The reporting against compliance is an important feature that helps you comply with policies and standards within your organization."
"It saves time because I can look across the organization. Instead of checking 50 different accounts atomically and spending 15 minutes investigating each, I can spend 15 minutes exploring all 50 accounts. It allows me to quickly look across the org for similar problems when one comes up. That's a huge time saver."
"The initial setup is easy and not complex at all."
"There are a lot of features with benefits, including discovery, investigation, and putting controls around things. You can't say that you like the investigation part but not the discovery. Everything is correlated; that's how the tool works."
"The most valuable feature is the ease of management. It's important."
"The most valuable feature is the seamless integration across different clouds."
"The most valuable feature of this solution is its monitoring."
"The most valuable feature is its policy implementation."
"The ability to prevent users from using certain applications is one of the most valuable features. It doesn't require any configuration for implementation from the client perspective. It just works right away and gives you the information you need."
"We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."
"Shadow IT discovery is the feature I like the most."
"The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point."
"The impact analysis that they perform can be improved. It is currently lacking. It should be more detailed."
"The false positives can be annoying at times."
"The license cost is expensive and has room for improvement."
"When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug."
"Automatic remediation requires read/write access. When providing read/write access to third-party applications, this can add risk. It should have some options of triggering API calls to the cloud platform, which in turn, can make the required changes."
"I am not a technical person, but generically, the user interface can be a little more intuitive. Our staff has trained network security and cloud security professionals, and they get it, but when you are trying to get to the customers to be able to pick it up and maintain it, it can be a bit difficult."
"Streamlining the user interface would greatly improve the user experience."
"I would like for it to be available on Mac and for it to support all of the features of Microsoft financing products. It is really for Windows."
"The technical support team has room for improvement."
"We sometimes get errors when we create policies, which is somewhat annoying because some policies stop working due to misconfigurations. We find this challenging because it limits our options for troubleshooting an issue."
"The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand."
"The interface needs to be more user-friendly."
"Microsoft Defender for Cloud Apps' initial setup was quite technical but we were prepared. The time of the implementation depends on the job and how many users are being set up."
"I would like to see them include more features in the older licenses. There are some features that are not available, such as preventing or analyzing cloud attacks."
"I believe it's only set to be integrated with Microsoft Defender for identity and identity protection. I would like to see it available for use with something like Office 365 Defender. I don't think it's integrated with that yet."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 63 reviews while Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
