We performed a comparison between Check Point CloudGuard Posture Management and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Microsoft Defender for Cloud includes regulatory compliance, ransomware protection, and UEBA, while Check Point CloudGuard Posture Management provides granular level reports, governance and administration portal panel, and comprehensive security features for data governance. Microsoft Defender for Cloud has room for improvement in consistency, customization, automation, and integration, while Check Point CloudGuard Posture Management needs expanded reporting options, reduced price, and better integration with third-party software.
Service and Support: Both Microsoft Defender for Cloud and Check Point CloudGuard Posture Management have received mixed reviews for their customer service, with some users reporting positive experiences and others facing frustration or stating that technical support needs improvement.
Ease of Deployment: Microsoft Defender for Cloud is easy to set up and does not require infrastructure deployment, while Check Point CloudGuard Posture Management may be more complicated and require vendor support or multiple administrators. Both solutions are user-friendly.
Pricing: Microsoft Defender for Cloud offers a range of license options with varying metrics, while Check Point CloudGuard Posture Management's pricing is based on the size of the cloud infrastructure. Check Point's setup cost is affordable and easy, but some reviewers express concern that Microsoft Defender for Cloud may be too costly for small or startup businesses.
ROI: Microsoft Defender for Cloud provides basic security features that may or may not provide a good ROI depending on the company's needs. On the other hand, Check Point CloudGuard Posture Management offers a high ROI growth rate along with essential compliance and asset protection.
Comparison Results: Users prefer Microsoft Defender for Cloud over Check Point CloudGuard Posture Management due to its valuable features such as regulatory compliance, ransomware protection, and access controls. Microsoft Defender for Cloud is also more automated and easier to use, with incident alerts and collaborative services.
"The security baseline and vulnerability assessments is the valuable feature."
"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"The solution is very user-friendly."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring."
"Checkpoint posture management gives you visibility across your entire cloud infrastructure, so it helps you with management, maintenance, and compliance. With visibility across all these cloud platforms, you can protect against compromised credentials or identity theft."
"It offers advanced detection of threats that can harm data from the cloud database."
"The posture management and remediation features are the most valuable. We use GSL Builder to build custom rules in alignment with our organization's policies. CloudGuard has canned rules using multiple standard frameworks, but we also have additional rules."
"The system has deployed security tools to enhance effective investigations in the entire company networking system."
"We really liked its ease of implementation against our Microsoft Azure environment."
"The most valuable features of CloudGuard CNAPP are its compliance engine and auto-remediation features."
"It saves time because I can look across the organization. Instead of checking 50 different accounts atomically and spending 15 minutes investigating each, I can spend 15 minutes exploring all 50 accounts. It allows me to quickly look across the org for similar problems when one comes up. That's a huge time saver."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."
"The most valuable feature is that it's intuitive. It's very intuitive."
"The entire Defender Suite is tightly coupled, integrated, and collaborative."
"Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"The solution's robust security posture is the most valuable feature."
"The technical support is very good."
"The remediation workflow within the Wiz could be improved."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"The solution's container security could be improved."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"It does not support on-premise deployments such as VMware Tanzu, and this has been a major drawback when it comes to integrations with some applications."
"In general, for the product to be successful, they need to improve security, and configuration detection."
"CloudGuard could be more customizable. It has built-in standards for things like GDPR compliance. But depending on your business lane, you might want to build your own controls based on your own standards."
"Check Point tools need to improve the latency in the portal since they take a long time to load."
"I would like to see tighter integration with other compliance tools, like Chef Compliance, in addition to Inspector."
"We have concerns regarding the pricing and would appreciate seeing some improvements."
"Reporting should have more options."
"The costs are high."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"The product must improve its UI."
"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."
"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"Pricing could be improved. There are limited options based on pricing for the government."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
"The solution's portal is very easy to use, but there's one key component that is missing when it comes to managing policies. For example, if I've onboarded my server and I need to specify antivirus policies, there's no option to do that on the portal. I will have to go to Intune to deploy them. That is one main aspect that is missing and it's worrisome."
Check Point CloudGuard CNAPP is ranked 3rd in Compliance Management with 60 reviews while Microsoft Defender for Cloud is ranked 2nd in Compliance Management with 46 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Qualys VMDR, Prisma Access by Palo Alto Networks and Orca Security, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR and Microsoft Defender for Endpoint. See our Check Point CloudGuard CNAPP vs. Microsoft Defender for Cloud report.
See our list of best Vulnerability Management vendors, best Container Management vendors, and best Cloud Security Posture Management (CSPM) vendors.
We monitor all Compliance Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.