We performed a comparison between Check Point CloudGuard CNAPP and Microsoft Defender for Cloud Apps based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, SentinelOne and others in Vulnerability Management."The system has deployed security tools to enhance effective investigations in the entire company networking system."
"The tool is also very intuitive; its dashboards are very complete and provide a lot of valuable information for decision-making to improve security."
"We have more visibility than ever before, appreciating the valuable and proactive insight that we receive from the platform."
"It offers security insights and recommendations to assist organizations in acting and remediating issues swiftly."
"It provides critical insights that enable the IT team to plan and launch smart investigations when there are security breaches."
"The way they offer container security is a big highlight that I have noticed. The solution is also agentless, so the scanning, runtime, really everything is offered directly by CloudGuard."
"The ability to drill down to individual hosts on an account and see which ones are affected is valuable."
"The identification of misconfigurations, maintenance of compliance in a centralized way, and visibility across all the multi-cloud tenants are the key functionalities."
"Shadow IT discovery is the feature I like the most."
"The most valuable feature of this solution is its monitoring."
"I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with."
"In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."
"The general usability of the solution is very straightforward."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"The most valuable feature is the alerting system."
"There are a lot of features with benefits, including discovery, investigation, and putting controls around things. You can't say that you like the investigation part but not the discovery. Everything is correlated; that's how the tool works."
"It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues."
"The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure."
"In general, for the product to be successful, they need to improve security, and configuration detection."
"The setup can be better. With every other Check Point product, the setup is scripted. You just approve versions, and then you are off. The setup for this solution is still very much manual. I would like to see that transition to more of a scripted setup."
"I am not a technical person, but generically, the user interface can be a little more intuitive. Our staff has trained network security and cloud security professionals, and they get it, but when you are trying to get to the customers to be able to pick it up and maintain it, it can be a bit difficult."
"I strongly advise that the multi-layered security system of Check Point often undergoes updates and new versions keep coming."
"The reporting has a lot of opportunities to continuously improve so that we can continue to show value."
"They take time to respond or coordinate a meeting since they maintain a schedule that does not fit Latin America very well."
"Microsoft Defender for Cloud Apps' initial setup was quite technical but we were prepared. The time of the implementation depends on the job and how many users are being set up."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis."
"I want them to enhance in-session policy."
"They need to improve the attack surface reduction (ASR) rules. In the latest version, you can implement ASR rules, which are quite useful, but you have to enable those because if they're not enabled, they flag false positives. In the Defender portal, it logs a block for WMI processes and PowerShell. Apparently, it's because ASR rules are not configured. So, you generally have to enable them to exclude, for example, WMI queries or PowerShell because they have a habit of blocking your security scanners. It's a bit weird that they have to be enabled to be configured, and it's not the other way around."
"There could be more granular roles that are out of the box included in the product."
"It takes some time to scan and apply the policies when there is some sensitive information. After it applies the policies, it works, but there is a delay. This is something for which we are working with Microsoft."
"There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Check Point CloudGuard CNAPP is ranked 6th in Vulnerability Management with 63 reviews while Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.