We performed a comparison between Check Point CloudGuard CNAPP and Microsoft Defender for Cloud Apps based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."It learns from behavior, attacks, management, detections, captures packets, real-time analysis, et cetera. It's generating knowledge from a variety of sources for an excellent analysis."
"The various CNAPP modules have granted more visibility of our cloud applications to our system engineers and developers."
"The initial setup is easy and not complex at all."
"The rulesets and the findings are valuable. The actual core functionality of it and the efficacy of events are great."
"We like the ability to investigate, analyze, and generate reports."
"The solution has intelligence that integrates with a range of threat intelligence feeds, including Check Point's ThreatCloud, to provide real-time intelligence on emerging threats."
"Its monitoring and alerts are triggered by a failure or non-compliance with policies. It helps us to be able to act effectively and quickly."
"The visibility in our cloud environment is the most valuable feature."
"The most valuable feature is the alerting system."
"I like the alert policies because they are quite robust. It has some built-in templates that we can easily pick up. One of them is the alert for mass downloads, when a particular user is running a massive download on your SharePoint site."
"Shadow IT discovery is the feature I like the most."
"In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."
"Defender helps us control which applications are being used and gain more security insight into remote and hybrid users based on user identity and log in location. You can also integrate Defender for Cloud Apps with Defender for Endpoint to extend its capabilities."
"The solution does not affect a user's workflow."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"The product’s most valuable feature is SQL database."
"The user interface could be improved. Sometimes, the visibility is not immediately available for the environment. We have the native servers that come with the solutions, but we cannot see them in the Check Point log. Another issue is with the integrated file monitoring. It would make sense to have stuff like file integrity monitoring and malware scanning available within this module because we don't want to integrate another product."
"Adding a feature that allows me to easily identify the changes that have been made to the CIS benchmark and update my own policy accordingly would be a valuable addition to Check Point CloudGuard Posture Management."
"I would like to see improvements in the vulnerability assessments in terms of how the solution discovers vulnerabilities or compromised workloads. Also, customizable reports would be nice."
"The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point."
"I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes."
"No improvements are needed."
"The setup can be better. With every other Check Point product, the setup is scripted. You just approve versions, and then you are off. The setup for this solution is still very much manual. I would like to see that transition to more of a scripted setup."
"I am not a technical person, but generically, the user interface can be a little more intuitive. Our staff has trained network security and cloud security professionals, and they get it, but when you are trying to get to the customers to be able to pick it up and maintain it, it can be a bit difficult."
"This service would be better if it had a separate license, only for this service, that could be used to track usage."
"There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default."
"Sometimes the support is actually lacking."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"I want them to enhance in-session policy."
"Microsoft Defender for Cloud Apps’s technical support services needs improvement."
"The response time could be better. It will be helpful if the alerts are even more proactive and we can see more data. Currently, the data is a little bit weak. It is not complete. I can't just see it and completely know which user or which device it is. It takes some effort and time on my part to investigate and isolate a user. It would be great if it is more user-friendly or easy for people to understand."
"We sometimes get errors when we create policies, which is somewhat annoying because some policies stop working due to misconfigurations. We find this challenging because it limits our options for troubleshooting an issue."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 60 reviews while Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.