We performed a comparison between Check Point CloudGuard CNAPP and Microsoft Defender for Cloud Apps based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."It offers security insights and recommendations to assist organizations in acting and remediating issues swiftly."
"Check Point CloudGuard CNAPP's initial configuration is very easy. It is plug-and-play. It also gives regular updates."
"The various CNAPP modules have granted more visibility of our cloud applications to our system engineers and developers."
"Dome9 has improved our organization; we have a centralized view of all of our assets, our visible assets our ECs, our inventories. And then all the policies are centralized, and it is easier to manage because everything is one component console."
"The ability to drill down to individual hosts on an account and see which ones are affected is valuable."
"This solution helps to keep everything visible, and it also alerts us if something is wrong, such as if someone opened extra ports or services that they are not supposed to. This is a valuable tool for monitoring and maintaining our cloud environment."
"Its monitoring and alerts are triggered by a failure or non-compliance with policies. It helps us to be able to act effectively and quickly."
"The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring."
"On-demand scanning is the most valuable feature. In addition, it's a fairly fluid product. It syncs back to the cloud and provides metrics. It's pretty intelligent."
"The solution does not affect a user's workflow."
"The most valuable feature of this solution is its monitoring."
"If your business requirements are relatively simple, it can get the job done."
"We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."
"One of the most valuable features is auditing. Some of the other protection services have issues with auditing. Microsoft Defender for Cloud has an excellent auditing technique that helps us avoid the risk of filtering or information loss. You can use different tools to guarantee these things. It allows you to conduct an in-depth exploration of applications, users, and files that are harmful or suspicious. You can also enhance your security setup by creating personalized rules or policies that help you better control traffic in the cloud."
"The product helps us with privileged identity management to control who has access to what and for how long."
"Shadow IT discovery is the feature I like the most."
"The software configurations theory is complicated, and without proper planning and a well-skilled technical team, it cannot perform its tasks properly."
"Addressing the large amount of compliance information and benchmarks we need to observe, the tools are becoming our goto dashboards."
"I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes."
"Compliance checks on cloud resources against various industry standards and compliance framework templates need to be improved."
"Automation and advanced threat prevention have room for improvement."
"In Dome9, there should be a policy validation option where we can validate the policy before we push it into production."
"Especially with cloud security, there's too much clutter on the screen and too many things going on."
"There are opportunities for improvement that can be addressed through a roadmap."
"It doesn't actually decrease the time to respond. This has been an issue with Microsoft recently. Sometimes, there is a delay when it comes to getting an alert policy email... Sometimes it takes two or three hours for that email to be sent."
"They need to improve the attack surface reduction (ASR) rules. In the latest version, you can implement ASR rules, which are quite useful, but you have to enable those because if they're not enabled, they flag false positives. In the Defender portal, it logs a block for WMI processes and PowerShell. Apparently, it's because ASR rules are not configured. So, you generally have to enable them to exclude, for example, WMI queries or PowerShell because they have a habit of blocking your security scanners. It's a bit weird that they have to be enabled to be configured, and it's not the other way around."
"I would like to see them include more features in the older licenses. There are some features that are not available, such as preventing or analyzing cloud attacks."
"This service would be better if it had a separate license, only for this service, that could be used to track usage."
"I would prefer to have filtering options incorporated within the policies, enabling the solution to perform tasks beyond mere blocking or allowing."
"I would like for it to be available on Mac and for it to support all of the features of Microsoft financing products. It is really for Windows."
"There could be more granular roles that are out of the box included in the product."
"The interface needs to be more user-friendly."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 60 reviews while Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.