• Home
  • AWS GuardDuty vs. Check Point CloudGuard CNAPP

AWS GuardDuty vs Check Point CloudGuard CNAPP comparison

Cancel
You must select at least 2 products to compare!
Amazon Web Services (AWS) Logo

AWS GuardDuty

Read 19 AWS GuardDuty reviews
8,899 views|7,503 comparisons
90% willing to recommend
Check Point Software Technologies Logo

Check Point CloudGuard CNAPP

Read 60 Check Point CloudGuard CNAPP reviews
4,416 views|2,643 comparisons
93% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AWS GuardDuty vs. Check Point CloudGuard CNAPP
March 2024
Executive Summary
Updated on Jul 2, 2023

We performed a comparison between Check Point CloudGuard Posture Management and AWS GuardDuty based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: Check Point CloudGuard Posture Management offers solid incident detection and detailed reporting. It also provides control over IAM roles and advanced compliance features. AWS GuardDuty stands out for its data collection, threat detection, and monitoring capabilities. Users say Check Point CloudGuard Posture Management should improve its false positives rate, vulnerability assessments, and integration. They also want greater customizability. AWS GuardDuty could benefit from a mobile version and more dashboard analytics. Users requested better threat intelligence and integration with new AWS services.

  • Service and Support: Experiences with Check Point customer service have been generally positive. Some users praised its quick response times. However, others found the technical support to be lacking. AWS GuardDuty customers have reported satisfactory and quick responses from the Amazon team.

  • Ease of Deployment: The setup process for Check Point CloudGuard Posture Management is fast and uncomplicated, although integrating it with cloud platforms may require additional time. In contrast, the AWS GuardDuty setup is straightforward and effortless, ensuring rapid and effective deployment.

  • Pricing: Check Point CloudGuard Posture Management to be cost-effective, but others found that the license cost was a barrier to scalability. AWS GuardDuty offers a competitive pricing structure based on a pay-as-you-use model, with costs that vary depending on the level of usage.

  • ROI: Check Point CloudGuard Posture Management provides comprehensive cloud management solutions, addressing compliance challenges and minimizing administrative workload. Users have experienced a significant return on investment and witnessed substantial growth in ROI.  AWS GuardDuty primarily enhances overall security posture, fostering customer trust, and creating potential business prospects.

Comparison Results: Check Point CloudGuard Posture Management is preferred over AWS GuardDuty. Users praise CloudGuard Posture Management for its comprehensive data security and protection. It offers complete coverage of users' entire cloud infrastructure. CloudGuar is commended for its granular reporting, rule customization, IAM role, and embedded machine learning for real-time attack prevention. Users said AWS GuardDuty has limitations in analytics, reporting, and monitoring.

To learn more, read our detailed AWS GuardDuty vs. Check Point CloudGuard CNAPP Report (Updated: March 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Agron Demiraj
Has a simple setup process and a valuable intrusion detection feature
The product detects 100% brute force attacks using all legitimate testing methods. It gives the exact source IP of the attacks.
RonnieNunn
Ensures robust detection capabilities and comprehensive security features, although it may require some expertise to...
It assists our visibility team in monitoring configurations, enabling us to proactively address issues before they arise. I find the product to... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution provides AWS GuardDuty S3 protection, EKS runtime protection, and malware protection.""The solution is easy to use.""What we found most valuable in Amazon GuardDuty is its threat detection feature, especially because we were monitoring a huge number of AWS accounts, so we needed a solution that would monitor for any kind of malicious activity. The monitoring aspect of the solution was great because it gave us timely notifications if and when anything happened, and Amazon GuardDuty helped keep us on our toes to make sure we took action right away.""With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavior or traffic patterns right away, which is great for staying on top of potential security risks.""The solution will detect abnormalities in the AWS workload and alert us so that we can monitor and take action.""Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing.""It helps us detect brute-force attacks based on machine learning.""The most valuable features are the single system for data collection and the alert mechanisms."

More AWS GuardDuty Pros →

"The way they offer container security is a big highlight that I have noticed. The solution is also agentless, so the scanning, runtime, really everything is offered directly by CloudGuard.""The product enables us to check the information that goes out of the company.""It offers a range of features tailored to address the unique security challenges.""The various CNAPP modules have granted more visibility of our cloud applications to our system engineers and developers.""It is able to bring visibility into that cloudy space where the security departments do not really see what is happening on the DevOps side. It brings visibility, security control, and standardization.""The tool is also very intuitive; its dashboards are very complete and provide a lot of valuable information for decision-making to improve security.""It offers advanced detection of threats that can harm data from the cloud database.""The most valuable feature is posture management, which gives you complete visibility of all your assets in the cloud and allows you to do governance and compliance."

More Check Point CloudGuard CNAPP Pros →

Cons
"AWS GuardDuty sometimes shows false positives and should have better detection accuracy.""Some of the pain points in Amazon GuardDuty was the cost. When compared to some of the other services, depending on how many we had to monitor, if we had a huge range of accounts, as our accounts increased, we had a cost factor that came into play. Sometimes there were issues, for example, with findings that came up, we wanted to add notes and there were issues back then where notes couldn't be entered properly. If we wanted to leave a note such as "Okay, we have assessed this and this is how we feel", or "This is a false positive", Amazon GuardDuty wasn't allowing us to do that. Even with the suppression of certain findings, there was some issue that we had faced at one time. Those were some of the pain points of the solution.""The solution's user interface could be improved because it will help users to understand multiple options.""Cost changes. It's very expensive. If you turn on every feature, it's more than most commercial vendors. For smaller orgs, that doesn't make sense.""The solution has to be integrated with new services that AWS adds like QuickSight, Managed Airflow, AppFlow and MWAA.""It would be great if the solution had some automation capabilities.""There is currently no consolidated dashboard for AWS GuardDuty. It would be helpful if they could provide a dashboard based on severity levels (high, medium, low) and offer insights account-wise, especially for users utilizing automation structures.""For the next release, they could provide IPS features as well."

More AWS GuardDuty Cons →

"The security of Check Point CloudGuard Posture Management could improve. There are always new security issues coming out.""Addressing the large amount of compliance information and benchmarks we need to observe, the tools are becoming our goto dashboards.""Reporting should have more options.""There are opportunities for improvement that can be addressed through a roadmap.""The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure.""Adding a feature that allows me to easily identify the changes that have been made to the CIS benchmark and update my own policy accordingly would be a valuable addition to Check Point CloudGuard Posture Management.""CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards.""We have concerns regarding the pricing and would appreciate seeing some improvements."

More Check Point CloudGuard CNAPP Cons →

Pricing and Cost Advice
  • "We use a pay-as-you-use license, which is competitively priced in the market."
  • "I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it."
  • "In terms of the costs associated with Amazon GuardDuty, it was $1 per GB from what I recall. Pricing was based on per gigabyte. For example, for the first five hundred gigabytes per month, it'll be $1 per GB, so it'll be $500. If your usage was greater, there's another bracket, for example, the next two thousand GB, then there's an add-on cost of 50 cents per GB. That's how Amazon GuardDuty pricing slowly goes up. I can't remember if there was any kind of additional cost apart from standard licensing for the solution. Nothing else that at least comes to mind. What the service was charging was worth it. That was one good thing when using Amazon GuardDuty because my company could be in a certain tier for a certain period. My company wasn't under a licensing model where it could overestimate its usage and under-utilize its usage and pay much more. This was what made the pricing model for Amazon GuardDuty better."
  • "Pricing is determined by the number of events sent."
  • "The pricing model is pay as you go and is based on the number of events per month."
  • "On a scale of one to ten, where one is a high price, and ten is a low price, I rate the pricing a four or five, which is somewhere in the middle."
  • "GuardDuty only enables accounts in regions where you have an active workload. If there are places where you don't have an active workload, you wouldn't even enable them. That's one area where they could allow you to cut down your cost."
  • "The tool has no subscription charges."

    • More AWS GuardDuty Pricing and Cost Advice →

  • "​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
  • "I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
  • "It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
  • "The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
  • "I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
  • "Right now, we have licenses on 500 machines, and they are not cheap."
  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."

    • More Check Point CloudGuard CNAPP Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Amazon GuardDuty?
    Top Answer:With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavior or traffic patterns right away, which is great for staying on top of potential… more »
    Read all 11 answers   →
    What is your experience regarding pricing and costs for Amazon GuardDuty?
    Top Answer:80 percent of the customers are using AWS GuardDuty, and we recommend it due to its low cost, especially for small customers, ranging from five to ten dollars a month. In our policies, we enforce the… more »
    Read all 10 answers   →
    What needs improvement with Amazon GuardDuty?
    Top Answer:One improvement I would suggest for AWS GuardDuty is the ability to assign findings to specific users or groups, facilitating better communication and follow-up actions. It would be beneficial to have… more »
    Read all 11 answers   →
    What do you like most about Check Point CloudGuard Posture Management?
    Top Answer:The visibility in our cloud environment is the most valuable feature.
    Read all 33 answers   →
    What is your experience regarding pricing and costs for Check Point Cloud...
    Top Answer:The price is on the higher end.
    Read all 27 answers   →
    What needs improvement with Check Point CloudGuard Posture Management?
    Top Answer:We have concerns regarding the pricing and would appreciate seeing some improvements.
    Read all 32 answers   →
    Ranking
    4th
    out of 59 in Cloud Workload Protection Platforms (CWPP)
    Views
    8,899
    Comparisons
    7,503
    Reviews
    19
    Average Words per Review
    644
    Rating
    8.1
    5th
    out of 59 in Cloud Workload Protection Platforms (CWPP)
    Views
    4,416
    Comparisons
    2,643
    Reviews
    48
    Average Words per Review
    651
    Rating
    8.5
    Comparisons
    Also Known As
    Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
    Learn More
    Amazon Web Services (AWS)
    Check Point Software Technologies
    Overview

    Amazon Guard Duty is a continuous cloud security monitoring service that consistently monitors and administers several data sources. These include AWS CloudTrail data events for EKS (Elastic Kubernetes Service) audit logs, VPC (Virtual Private Cloud) flow logs, DNS (Domain Name System) logs, S3 (Simple Cloud Storage), and AWS CloudTrail event logs.

    Amazon GuardDuty intuitively uses threat intelligence data - such as lists of malicious domains and IP addresses - and ML (machine learning) to quickly discover suspicious and problematic activity in a user's AWS ecosystem. Activities may include concerns such as interactions with malicious IP addresses or domains, exposed credentials usage, or changes and/or escalation of privileges.

    GuardDuty is able to easily determine problematic AWS EC2 (Elastic Compute Cloud) instances delivering malware or mining bitcoin. It is also able to trace AWS account access history for evidence of destabilization. such as suspicious API calls resulting in changing password policies to minimize password strength or anomalous infrastructure deployments in new or different never-used regions.

    GuardDuty will continually alert users regarding their AWS environment status and will send the security discoveries to the GuardDuty dashboard or Amazon CloudWatch events for users to view.

    Users can access GuardDuty via:

    • AWS SDKs: Amazon provides users with several software development kits (SDKs) that are made up of libraries and sample code of numerous popular programming languages and platforms, such as Android, iOS, Java, .Net, Python, and Ruby. The SDKs make it easier to develop programmatic access to GuardDuty.

    • GuardDuty HTTPS API: This allows users to issue HTTPS requests directly to the service.

    • GuardDuty Console: This is a browser-based intuitive dashboard interface where users can access and use GuardDuty.

    Amazon Elastic Kubernetes Service (Amazon EKS)

    Kubernetes protection is an optional add-on in Amazon GuardDuty. This tool is able to discover malicious behavior and possible destabilization of an organization's Kubernetes clusters inside of Amazon Elastic Kubernetes Service (Amazon EKS).

    When Amazon EKS is activated, GuardDuty will actively use various data sources to discover potential risks against Kubernetes API. When Kubernetes protection is enabled, GuardDuty uses optional data sources to detect threats against Kubernetes API.

    Kubernetes audit logs are a Kubernetes feature that captures historical API activity from applications, the control plane, users, and endpoints. GuardDuty collates these logs from Amazon EKS to create Kubernetes discoveries for the organization's Amazon EKS assets; there is no need to store or turn on the logs.

    As long as Kubernetes protection remains activated, GuardDuty will continuously dissect Kubernetes data sources from the Amazon EKS clusters to ensure no suspicious or anomalous behavior is taking place.

    Amazon Simple Cloud Storage (S3) Protection

    Amazon S3 allows Amazon GuardDuty to actively audit object-level API processes to discover possible security threats to data inside an organization's S3 buckets. GuardDuty continually audits risk to the organization’s S3 assets by carefully dissecting AWS CloudTrail management events and AWS CloudTrail S3 data events. These tools are continually auditing various CloudTrail management events for potential suspicious activities that affect S3 buckets, such as PutBucketReplication, DeleteBucket, ListBucket, and data events for S3 object-level API processes, such as PutObject, GetObject, ListObject, and DeleteObject.

    Reviews from Real Users

    The most valuable features are the single system for data collection and the alert mechanisms. Prior to using GuardDuty, we had multiple systems to collect data and put it in a centralized location so we could look into it. Now we don't need to do that anymore as GuardDuty does it for us.” - Arunkumar A., Information Security Manager at Tata Consultancy Services

    Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.

    Sample Customers
    autodesk, mapbox, fico, webroot
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Top Industries
    REVIEWERS
    Financial Services Firm43%
    Computer Software Company14%
    Media Company7%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company16%
    Manufacturing Company8%
    Healthcare Company5%
    REVIEWERS
    Security Firm22%
    Financial Services Firm18%
    Computer Software Company11%
    Cloud Provider8%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Security Firm8%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise14%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise67%
    REVIEWERS
    Small Business44%
    Midsize Enterprise13%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise11%
    Large Enterprise62%
    Buyer's Guide
    AWS GuardDuty vs. Check Point CloudGuard CNAPP
    March 2024
    Free Report: AWS GuardDuty vs. Check Point CloudGuard CNAPP
    Find out what your peers are saying about AWS GuardDuty vs. Check Point CloudGuard CNAPP and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    AWS GuardDuty is ranked 4th in Cloud Workload Protection Platforms (CWPP) with 19 reviews while Check Point CloudGuard CNAPP is ranked 5th in Cloud Workload Protection Platforms (CWPP) with 60 reviews. AWS GuardDuty is rated 8.2, while Check Point CloudGuard CNAPP is rated 8.6. The top reviewer of AWS GuardDuty writes "A stellar threat-detection service that has helped bolster security against malicious threats". On the other hand, the top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". AWS GuardDuty is most compared with Microsoft Defender for Cloud, Prisma Cloud by Palo Alto Networks, CrowdStrike Falcon Cloud Security, Wiz and Lacework, whereas Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Qualys VMDR and Prisma Access by Palo Alto Networks. See our AWS GuardDuty vs. Check Point CloudGuard CNAPP report.

    See our list of best Cloud Workload Protection Platforms (CWPP) vendors.

    We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.