We performed a comparison between Check Point CloudGuard CNAPP and Microsoft Defender for Cloud Apps based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, SentinelOne and others in Vulnerability Management."All of the features are very useful in today's market."
"The solution has intelligence that integrates with a range of threat intelligence feeds, including Check Point's ThreatCloud, to provide real-time intelligence on emerging threats."
"The various CNAPP modules have granted more visibility of our cloud applications to our system engineers and developers."
"Checkpoint posture management gives you visibility across your entire cloud infrastructure, so it helps you with management, maintenance, and compliance. With visibility across all these cloud platforms, you can protect against compromised credentials or identity theft."
"We can monitor each activity from our mobile devices, so there is complete visibility of our cloud traffic flows, with threat intelligence provided by Check Point."
"It provides complete visibility of workload hosted on different cloud platforms including AWS and Azure, along with multiple tenants."
"Helps identify and correct misconfigurations in cloud environments, ensuring that infrastructure and applications are secure and optimized."
"The tool is also very intuitive; its dashboards are very complete and provide a lot of valuable information for decision-making to improve security."
"In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."
"It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications are pretty good."
"Shadow IT discovery is the feature I like the most."
"All of the features are valuable because all of the features are related."
"The most valuable feature of this solution is its monitoring."
"The most valuable feature is the alerting system."
"Better logging allows us to find problems and take appropriate steps to lock them out."
"On-demand scanning is the most valuable feature. In addition, it's a fairly fluid product. It syncs back to the cloud and provides metrics. It's pretty intelligent."
"We have had some issues with the performance. In some cases, the performance of CloudGuard CNAPP is impacted. Particularly during the intensive security scans in high-traffic environments, there has been a performance impact."
"The dashboard customization has room for improvement."
"The guidelines to implement or to link with the clouds are not complete."
"I would like to see improvements in the vulnerability assessments in terms of how the solution discovers vulnerabilities or compromised workloads. Also, customizable reports would be nice."
"The product must provide different features like antivirus."
"The integration process could be enhanced by enabling integration at the organizational level rather than requiring the manual setup of individual accounts."
"In Dome9, there should be a policy validation option where we can validate the policy before we push it into production."
"The impact analysis that they perform can be improved. It is currently lacking. It should be more detailed."
"In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis."
"Currently, reporting is not very straightforward and it needs to be enhanced. Specific reports are not included and you need to run a query, drill down, and then export it and share it. I would love to have reports with more fine-tuning or granularity, and more predefined reports."
"They need to improve the attack surface reduction (ASR) rules. In the latest version, you can implement ASR rules, which are quite useful, but you have to enable those because if they're not enabled, they flag false positives. In the Defender portal, it logs a block for WMI processes and PowerShell. Apparently, it's because ASR rules are not configured. So, you generally have to enable them to exclude, for example, WMI queries or PowerShell because they have a habit of blocking your security scanners. It's a bit weird that they have to be enabled to be configured, and it's not the other way around."
"I want them to enhance in-session policy."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"The interface needs to be more user-friendly."
"The technical support team has room for improvement."
"I would like to see them include more features in the older licenses. There are some features that are not available, such as preventing or analyzing cloud attacks."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Check Point CloudGuard CNAPP is ranked 6th in Vulnerability Management with 63 reviews while Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.