We performed a comparison between Check Point CloudGuard CNAPP and Microsoft Defender for Cloud Apps based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."The most valuable features are the ability to create pipeline rules, the enhanced NetOps security, and the deep visibility across our entire infrastructure."
"The rulesets and the findings are valuable. The actual core functionality of it and the efficacy of events are great."
"It offers advanced detection of threats that can harm data from the cloud database."
"Helps identify and correct misconfigurations in cloud environments, ensuring that infrastructure and applications are secure and optimized."
"The initial setup is easy and not complex at all."
"It provides the most useful tools for protecting our financial account records from hackers."
"I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better. The different cloud platforms all have their own way that they handle a lot of the stuff that Dome9 handles. Even within their platform, they are in a lot of disparate places, e.g., in AWS, there are five different tools. You have to jump between them to get the same information that you can just pull in automatically on Dome9, which is just one platform. We are using multiple platforms, so that makes it even more complicated and time consuming if you had to just rely on them to get all of your information. Whereas, it's all just summarized and put together on the Dome9 end."
"It provides complete visibility of workload hosted on different cloud platforms including AWS and Azure, along with multiple tenants."
"The general usability of the solution is very straightforward."
"The most valuable feature is its policy implementation."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"The product’s most valuable feature is SQL database."
"The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly."
"If your business requirements are relatively simple, it can get the job done."
"In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."
"The product helps us with privileged identity management to control who has access to what and for how long."
"You do need to pay extra in order to get better support."
"The false positives can be annoying at times."
"Compliance checks on cloud resources against various industry standards and compliance framework templates need to be improved."
"The security of Check Point CloudGuard Posture Management could improve. There are always new security issues coming out."
"I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes."
"Especially with cloud security, there's too much clutter on the screen and too many things going on."
"The entire system is complicated, and the setup process may not cater to the company's demands."
"It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published."
"It takes some time to scan and apply the policies when there is some sensitive information. After it applies the policies, it works, but there is a delay. This is something for which we are working with Microsoft."
"I would prefer to have filtering options incorporated within the policies, enabling the solution to perform tasks beyond mere blocking or allowing."
"I would like more customization of notifications. Currently, you either get everything or you get limited information. I would like to have something in between where we can customize the data that is included in notifications."
"They need to improve the attack surface reduction (ASR) rules. In the latest version, you can implement ASR rules, which are quite useful, but you have to enable those because if they're not enabled, they flag false positives. In the Defender portal, it logs a block for WMI processes and PowerShell. Apparently, it's because ASR rules are not configured. So, you generally have to enable them to exclude, for example, WMI queries or PowerShell because they have a habit of blocking your security scanners. It's a bit weird that they have to be enabled to be configured, and it's not the other way around."
"I would like to see them include more features in the older licenses. There are some features that are not available, such as preventing or analyzing cloud attacks."
"In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis."
"The integration with macOS operating systems needs to be better."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 60 reviews while Microsoft Defender for Cloud Apps is ranked 2nd in Cloud Access Security Brokers (CASB) with 30 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Qualys VMDR, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.