David AntlitzManager Firewall and Security at W.R. Grace & Co.
Anonymous UserSr. Manager IT Operations at a tech vendor
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"It seems quite scalable. We don't anticipate any scaling issues. We have it deployed in the cloud."
"The most valuable features would be its ability to intercept phishing emails and emails laden with malware, viruses, false links, etc."
"The program has a nice interface and it is easy to use."
"The feature I find to be most valuable is very much the zero-touch provisioning. I was able to be up, operational, and 100 percent functional in less than a half an hour."
"We need the phishing detection and email quarantine. Once an email is considered malicious, it stays in the quarantine where we can interrogate it. We can check out why it was quarantined and see if it should be delivered to the individual."
"As with most of the other Check Point products, the CloudGuard SaaS has the advanced visibility of the events and alerts."
"It is very intuitive. It is a point and click type of deal."
"It provides visibility of events, what's going on with the environment, what we're missing with our other solution, and the user behavior."
"The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them."
"The product is quite good for providing multi-clouds or cross-cloud security from a single-pane -of-glass."
"I would say Twistlock is a fairly sophisticated tool."
"One of the most valuable features is the compliance of RedLock, which we are using for any issues with security. It flags them and that's the primary objective of that feature."
"I was looking for a vulnerability scanner and I was looking for one place in which I could find everything. This tool not only does vulnerability scanning, but it also gives me an asset management tool."
"It scans our containers in real time. Also, as they're built, it's looking into the container repository where the images are built, telling us ahead of time, "You have vulnerabilities here, and you should update this code before you deploy." And once it's deployed, it's scanning for vulnerabilities that are in production as the container is running."
"The policies that come prepackaged in the tool have been very valuable to us. They're accurate and they provide good guidance as to why the policy was created, as well as how to remediate anything that violates the policy."
"You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums."
"Stability has been a pain point. I was going back and forth with my product engineer and project manager for a couple of months. I had the product in a demonstration mode and wasn't satisfied with the results initially. After a few alterations and a few revisions later, it is fine."
"At this time, the two-factor authentication does not work for Active Directory."
"if a phishing email were to get through and bypass the product — which very few do — it would be nice if, when a user clicked on that phishing email, they got a second-chance opportunity, a chance to double-check that they really wanted to proceed to that website."
"We still get some false positives. There are times when legitimate stuff gets flagged and it could be that somebody is expecting a very important email but they don't end up getting it. On the flip side, when we alert Check Point about stuff like this, it is corrected, so they are improving. That's a plus."
"From time to time, the system's administrators notice the increase in the false-positive alerts being reported by CloudGuard SaaS."
"The NAVEX metrics that I have been using on the CloudGuard dashboard cannot be exported. If they were to add report exporting capabilities on each of metric objects on the dashboard, that would be awesome."
"Other vendor support teams go after fixing the issue the moment that they join the remote session. The problem that I have faced with Check Point support is that they share the case number with me, then it takes at least two days for them to join a remote session with us, even though we have asked for this timeframe to change. Even though we have already explained the problems that we are facing or the business pain points in our network on the call or email, we have to repeat the problem statements again in the console. It can take four or five days to resolve the issue from the moment they understand the problem. This includes the time to teach their R&D or internal team whatever the issue is. I have faced timeframes as long as seven to 10 days for fixing some issues."
"We are unable to export the reports from the dashboard, and if it is possible to do then it is not intuitive."
"The innovation side of the solution could be more efficient and more detailed."
"Palo Alto should work on ease-of-use and the user-friendliness to be more competitive with some competing products."
"In terms of improvement, there are some small things like hardening and making sure the Linux resources are deployed well but that's more at an operational level."
"The feedback that we have given to the Palo Alto team is that the UI can be improved. When you press the "back" button on your browser from the Investigate tab, the query that you're working on just disappears. It won't keep the query on the "back" button."
"We would like it to have more features from the risk and compliance perspectives."
"The challenge that Palo Alto and Prisma have is that, at times, the instructions in an event are a little bit dated and they're not usable. That doesn't apply to all the instructions, but there are times where, for example, the Microsoft or the Amazon side has made some changes and Palo Alto or Prisma was not aware of them. So as we try to remediate an alert in such a case, the instructions absolutely do not work. Then we open up a ticket and they'll reply, "Oh yeah, the API for so-and-so vendor changed and we'll have to work with them on that." That area could be done a little better."
"The integration of the Compute function into the cloud monitoring function—because those are two different tools that are being combined together—could use some more work. It still feels a little bit disjointed."
"It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat."
"Being able to keep the phishing campaigns out of my company has been ROI for me."
"Do a full feature evaluation (interactive) with a support person. That is what I did."
"The price is very good, based on what they deliver."
"One of the nice features is that the licensing model is elastic, so if you go over your license count, you can add users during your billing cycle and true-up later."
"There are absolutely no additional costs to the standard licensing fees. One of the wonderful pieces is that CloudGuard SaaS is all-inclusive in its licensing. There's no a-la-carte functionality. You're getting 100 percent of the product for the licensing that you're paying."
"The difference between [Check Point and its competitors] boiled down to money. Price-wise, Check Point was very good, it was very competitive."
"The pricing and licensing are always negotiable."
"You can get CloudGuard as part of Infinity. When you do the solution through Infinity, it's a per user type of license cost."
"One thing we're very pleased about is how the licensing model for Prisma is based on work resources. You buy a certain amount of work resources and then, as they enable new capabilities within Prisma, it just takes those work resource units and applies them to new features. This enables us to test and use the new features without having to go back and ask for and procure a whole new product, which could require going through weeks, and maybe months, of a procurement process."
"The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
"From my exposure so far, they have been really flexible on whatever your current state is, with a view to what the future state might be. There's no hard sell. They "get" the journey that you're on, and they're trying to help you embrace cloud security, governance, and compliance as you go."
"If a competitor came along and said, "We'll give you half the price," that doesn't necessarily mean that's the right answer, at all. We wouldn't necessarily entertain it that way. Does it do what we need it to do? Does it work with the things that we want it to work with? That is the important part for us. Pricing wasn't the big consideration it might be in some organizations. We spend millions on public cloud. In that context, it would not make sense to worry about the small price differences that you get between the products."
"The pricing and licensing are expensive compared to the other offerings that we considered."
"I don't know a better way to do it, but their licensing is a little confusing. That's due to the breadth of different types of technologies they are trying to cover. The way you license depends on where you're securing. When they were Twistlock it was a simple licensing scheme and you could tell what you were doing. Now that they've changed that scheme with Palo Alto, it is quite confusing. It's very difficult to predict what your costs are going to be as you try to expand coverage."
"The pricing is good. They gave us some good discounts right at the end of the year based on the value that it brings, visibility, and the ability to build in cloud, compliance, and security within one dashboard."
"The licensing cost is a bit high on the compute side."
Phishing emails become more sophisticated by the day and can be the start of lateral attacks across organizations, leading to huge losses.
Harmony Email & Office detects and blocks the most advanced phishing attacks across inbound and internal communications in real time – before they reach users.
The move to the cloud has changed all aspects of the application development lifecycle – security being foremost among them. Security and DevOps teams face a growing number of entities to secure as organizations adopt cloud native approaches. Ever-changing environments challenge developers to build and deploy at a frantic pace, while security teams remain responsible for the protection and compliance of the entire lifecycle. Prisma™ Cloud by Palo Alto Networks delivers complete security across the development lifecycle on any cloud, enabling you to develop cloud native applications with confidence.
Check Point Harmony Email & Office is ranked 4th in Cloud Workload Security with 10 reviews while Prisma Cloud by Palo Alto Networks is ranked 1st in Cloud Workload Security with 15 reviews. Check Point Harmony Email & Office is rated 8.8, while Prisma Cloud by Palo Alto Networks is rated 8.2. The top reviewer of Check Point Harmony Email & Office writes "Daily phishing attacks are no longer negatively impacting us, and we no longer have data exfiltration". On the other hand, the top reviewer of Prisma Cloud by Palo Alto Networks writes "Gives me a holistic view of cloud security across multiple clouds or multiple cloud workloads within one cloud provider". Check Point Harmony Email & Office is most compared with Check Point CloudGuard Posture Management, Cisco Secure Workload, Azure Security Center, Amazon GuardDuty and Symantec Cloud Workload Protection, whereas Prisma Cloud by Palo Alto Networks is most compared with Aqua Security, Check Point CloudGuard Posture Management, Azure Security Center, Amazon GuardDuty and Snyk. See our Check Point Harmony Email & Office vs. Prisma Cloud by Palo Alto Networks report.
See our list of best Cloud Workload Security vendors.
We monitor all Cloud Workload Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.