We performed a comparison between Check Point CloudGuard Posture Management and AWS GuardDuty based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Check Point CloudGuard Posture Management offers solid incident detection and detailed reporting. It also provides control over IAM roles and advanced compliance features. AWS GuardDuty stands out for its data collection, threat detection, and monitoring capabilities. Users say Check Point CloudGuard Posture Management should improve its false positives rate, vulnerability assessments, and integration. They also want greater customizability. AWS GuardDuty could benefit from a mobile version and more dashboard analytics. Users requested better threat intelligence and integration with new AWS services.
Service and Support: Experiences with Check Point customer service have been generally positive. Some users praised its quick response times. However, others found the technical support to be lacking. AWS GuardDuty customers have reported satisfactory and quick responses from the Amazon team.
Ease of Deployment: The setup process for Check Point CloudGuard Posture Management is fast and uncomplicated, although integrating it with cloud platforms may require additional time. In contrast, the AWS GuardDuty setup is straightforward and effortless, ensuring rapid and effective deployment.
Pricing: Check Point CloudGuard Posture Management to be cost-effective, but others found that the license cost was a barrier to scalability. AWS GuardDuty offers a competitive pricing structure based on a pay-as-you-use model, with costs that vary depending on the level of usage.
ROI: Check Point CloudGuard Posture Management provides comprehensive cloud management solutions, addressing compliance challenges and minimizing administrative workload. Users have experienced a significant return on investment and witnessed substantial growth in ROI. AWS GuardDuty primarily enhances overall security posture, fostering customer trust, and creating potential business prospects.
Comparison Results: Check Point CloudGuard Posture Management is preferred over AWS GuardDuty. Users praise CloudGuard Posture Management for its comprehensive data security and protection. It offers complete coverage of users' entire cloud infrastructure. CloudGuar is commended for its granular reporting, rule customization, IAM role, and embedded machine learning for real-time attack prevention. Users said AWS GuardDuty has limitations in analytics, reporting, and monitoring.
"The UI is responsive and user-friendly."
"It's positively affected the communication between cloud security, application developers, and AppSec teams."
"PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us."
"Cloud Native Security has helped us with our risk posture and securing our agenda. It has been tremendous in terms of supporting growth."
"Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks."
"All the features we use are equal and get the job done."
"Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."
"The most valuable feature of the solution is its storyline, which helps trace an event back to its source, like an email or someone clicking on a link."
"The solution provides AWS GuardDuty S3 protection, EKS runtime protection, and malware protection."
"The solution is easy to use."
"One of the advantages of cloud services is the ability to use them on demand. There's minimal installation involved; you can check the latest offerings and make new deployments while dismantling the previous ones. This approach keeps you ahead of potential services, showcasing the agility of AWS."
"Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing."
"We have over 1,000 employees, and we monitor their activity through AWS GuardDuty."
"The most valuable features are the single system for data collection and the alert mechanisms."
"It kinda just gives us another layer of security. So it does provide some sort of comfort that we do have something that is monitoring for abnormal behavior."
"What I like most about Amazon GuardDuty is that you can monitor your AWS accounts across, but you don't have to pay the additional cost. You can get all your CloudTrail VPC flow logs and DNS logs all in one, and then you get the monitoring with that. A lot of times, if you had a separate tool on-premise, you would have to set up your DNS logs, so usually, Amazon GuardDuty helps with all your additional networking requirements, so I utilize it for continuous monitoring because you can't detect anything if you're not monitoring, and the solution fills that gap. If you don't do anything else first, you can deploy your firewall, and then you've got your Route 53 DNS and DNSSEC, but then Amazon GuardDuty fills that, and then you have audit requirements in AU that says, "Hey, what are your additional logs?", so you can just say, "Hey, we utilize Amazon GuardDuty." You're getting your CloudTrail, your VPC flow logs, and all your DNS logs, and those are your additional logs right there, so the solution meets a lot of requirements. Now, everything comes with a cost, but I also like that the solution also provides threat response and remediation. It's a pretty good product. I've just used it more for log analysis and that's where the value is at, the niche value. Once you do threat detection, it goes into a lot of other integrations you need to implement, so threat detection is only good as the integration, as the user that knows the tools itself, and the architecture and how it's all set up and the rules that you set within that."
"The posture management and remediation features are the most valuable. We use GSL Builder to build custom rules in alignment with our organization's policies. CloudGuard has canned rules using multiple standard frameworks, but we also have additional rules."
"I can take proactive actions based on an alert without having to interact with the platform directly."
"Dome9 wraps our FTP infrastructure with its network security configurations, and this also gives us the ability to monitor FTP activity."
"Gives us centralized firewall management for both Windows and Linux distros. Also provides a clear view of the security configurations and connections across environments (DMZ, external and internal networks)."
"The reporting against compliance is an important feature that helps you comply with policies and standards within your organization."
"The product enables us to check the information that goes out of the company."
"It is able to bring visibility into that cloudy space where the security departments do not really see what is happening on the DevOps side. It brings visibility, security control, and standardization."
"Almost all the features are valuable, but the most important is proactive threat detection. The overall administration, seamless integration, and being able to have one platform for monitoring our applications for suspicious activities and any potential security threats are also valuable."
"The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud."
"PingSafe takes four to five hours to detect and highlight an issue, and that time should be reduced."
"The alerting system of the product is an area that I look at and sometimes get confused about. I feel the alerting feature needs improvement."
"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."
"We are experiencing problems with Cloud Native Security reporting."
"After closing an alert in Cloud Native Security, it still shows as unresolved."
"One of our use cases was setting up a firewall for our endpoints, specifically for our remote users... We were hoping to utilize SentinelOne's firewall capabilities, but there were limitations on how many URLs we could implement. Because of those limitations on the number of URLs, we weren't able to utilize that feature in the way we had hoped to."
"While it is good, I think the solution's console could be improved."
"While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved."
"We currently find Lacework to be much better at detecting vulnerabilities than AWS GuardDuty. The engines of AWS GuardDuty have to be improved."
"It is evolving, and at the moment, I will just need it on a larger scale. Then, it will satisfy my demand, initially."
"An improvement would be to have a mobile version where remote workers can log in and monitor and fix issues."
"Some of the pain points in Amazon GuardDuty was the cost. When compared to some of the other services, depending on how many we had to monitor, if we had a huge range of accounts, as our accounts increased, we had a cost factor that came into play. Sometimes there were issues, for example, with findings that came up, we wanted to add notes and there were issues back then where notes couldn't be entered properly. If we wanted to leave a note such as "Okay, we have assessed this and this is how we feel", or "This is a false positive", Amazon GuardDuty wasn't allowing us to do that. Even with the suppression of certain findings, there was some issue that we had faced at one time. Those were some of the pain points of the solution."
"I work in a bank, and it would be good if AWS GuardDuty could be integrated with other monitoring and detection tools we use."
"AWS GuardDuty sometimes shows false positives and should have better detection accuracy."
"The product needs to improve its cost-efficiency since it is expensive."
"CloudGuard could be improved by including integration with vendors other than AWS, especially Azure, especially in permissions."
"It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues."
"The costs are really high if you want the entire capabilities of the platform."
"The guidelines to implement or to link with the clouds are not complete."
"Addressing the large amount of compliance information and benchmarks we need to observe, the tools are becoming our goto dashboards."
"The false positives can be annoying at times."
"Automation and advanced threat prevention have room for improvement."
"Adding a feature that allows me to easily identify the changes that have been made to the CIS benchmark and update my own policy accordingly would be a valuable addition to Check Point CloudGuard Posture Management."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
AWS GuardDuty is ranked 4th in Cloud Workload Protection Platforms (CWPP) with 20 reviews while Check Point CloudGuard CNAPP is ranked 5th in Cloud Workload Protection Platforms (CWPP) with 64 reviews. AWS GuardDuty is rated 8.2, while Check Point CloudGuard CNAPP is rated 8.6. The top reviewer of AWS GuardDuty writes "A stellar threat-detection service that has helped bolster security against malicious threats". On the other hand, the top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". AWS GuardDuty is most compared with Microsoft Defender for Cloud, Prisma Cloud by Palo Alto Networks, CrowdStrike Falcon Cloud Security, Wiz and Threat Stack Cloud Security Platform, whereas Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Qualys VMDR and Orca Security. See our AWS GuardDuty vs. Check Point CloudGuard CNAPP report.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.