I rate Check Point CloudGuard CNAPP nine out of 10. Any advice I could give to potential users would be completely based on their use cases. You must look at various criteria, like your environment and enrollment level, but my general advice for implementing a CNAPP solution is to get a cloud dev. 

If you are using AWS with multiple CNAPPs and you don't have a control tower or any other landings in the budget, you want to do policies at each enrollment level. But we're using this out that what we do is, like, we build guardrails where we can apply it at the enterprise level itself. 

For example, we'd want to allow any data to be researched outside the area. I'll create one policy and apply it at the organizational level. I set a policy so that any user in my enrollment could not create an SD bucket or any volumes outside using their agent. If you have multiple CSPs, AWS accounts, or Azure subscriptions, this is one solution where you can cover your entire organization's accounts.

Licensing should be based on workload and should have some option for smaller brackets its should not in starting from 100,200 etc.

To those considering this solution, I would say that it is pretty easy to get it started and get the evaluation going. Check Point has a whole cloud team that is there not to sell you anything but to help find where you are in the cloud journey and bring evaluation and other things forward.

CloudGuard CNAPP is definitely in the upper echelon. I would rate it a nine out of ten. It competes very well with other solutions such as Wiz. If you break it down, it competes very well with them. That puts it right up there at the top.

I would rate Check Point CloudGuard Posture Management eight out of ten.

I would rate Check Point CloudGuard Posture Management ten out of ten.

If an organization is in the market for a cloud security solution, then it needs a solution like CloudGuard Posture Management. Otherwise, if they are sticking to a specific platform or to a specific service provider like AWS, their tool sets and their solution will be focused on one platform. If they go to Azure, GCP, or any of the other cloud providers, they will be limited. Therefore, I believe that a solution should have flexibility and the ability to function across multiple clouds. Additionally, it should be a solution that grows and evolves. In the time that I have seen Check Point CloudGuard Posture Management, it has grown leaps and bounds and has always stayed ahead of its time. For example, even if an organization has a unique need, CloudGuard Posture Management likely has an academic solution built with the platform. I have not seen this kind of responsiveness from other products.

Our company is spread across four different cloud platforms, which are located in regions around the globe. All departments use these platforms, which include 550 employees.

I highly recommend Check Point CloudGuard Posture Management. It has been very helpful to our organization, and we have gained many benefits from it. We have had a positive experience with Check Point CloudGuard Posture Management.

I give Check Point CloudGuard Posture Management a seven out of ten.

The solution claims to provide a unified platform that integrates all security capabilities. However, there are on-premises issues, cloud issues, and hybrid issues that make this impossible. No tool can ever provide such capability.

We are not a small office. Therefore, I have no experience with how the solution helps small offices. However, for us, the solution only helps us with our cloud posture management. We still use different tools on-premises. And maybe in the future, we will go directly to the cloud.

I have doubts about the value of looking for the cheapest or fastest firewall. There is always someone who is coming out with a new product that is faster or cheaper than the current one. However, it is important to consider the overall security capabilities of a firewall, not just its speed or price. A firewall that is slower because it is doing more analytics may actually be more secure than a faster firewall that does not do as much analysis. The best firewall for you will depend on your specific needs and requirements.

This is my first time at an RSA conference, and I find it very confusing. There are too many vendors, too many products, and too much to see. I only had a few hours to visit today, and it was overwhelming. I think the conference would be better if it were split into two or three parts, with one part focused on the Asia Pacific and another part focused on North America. Most of the vendors here are focused on North America, so it would be helpful to have a dedicated space for vendors from Asia Pacific. I will try to visit the RSA conference in Singapore next year, and I hope it will be more manageable.

The RSA does not impact our cybersecurity solution purchases. The Indian government's procurement process is completely independent of vendors and their products. Our purchases are based on our needs and requirements, and the solutions must be supported in India.

To those evaluating this solution, I would recommend trying it. You never know what you will see until you try.

It is a good product. We definitely want to see more features. We constantly try to see the new features being integrated into the product so that we can leverage them.

We are not yet using CloudGuard CNAPP's CloudGuard Workload Protection capabilities. Because the workload side is hosted by a different group, it requires collaboration. We need to work closely with the workload group. We are looking at opportunities to see if we can collaborate.

We are not yet using CloudGuard Workload Protection for VMs, containers, and serverless, but we are interested in looking into it. If we have it, the scanning provided by CloudGuard Workload Protection will help us identify problems before they go live. I have seen a demo of it, and I am looking into whether we can deploy it for our environment. It will give our cybersecurity visibility. It will help us know what is going on, and then we can react to it.

We are also not using CloudGuard CNAPP's CloudGuard CDR (formerly Intelligence) and its intrusion detection and threat-hunting capabilities. I would love to use that and get some benefits out of it sometime in the future.

I would rate CloudGuard CNAPP an eight out of ten. Automation is what we are looking for because we do not have enough time and people to handle all the events and findings.

I would rate Check Point CloudGuard an eight out of ten.

Check Point offers a bundled solution that includes cloud threat hunting, cloud migration security, DevSecOps, and cloud security compliance. This comprehensive package is a superior choice as it provides a unified approach to cloud security.

We have Check Point CloudGuard deployed in one location with 400 users.

A team of four admins performs maintenance on CloudGuard every quarter.

CloudGuard boasts advanced threat prevention for network security, seamlessly securing public, private, and hybrid cloud environments. It also provides unified security management and simplifies complaint handling.

I rate Check Point CloudGard Posture Management a seven out of ten. CloudGuard does its job, but the remediation is not perfect. Other CSPM tools do a better job of using remediation exclusion rules, especially scanning and putting out reports at a custom frequency versus every hour.

If the price isn't an issue and you don't care about using all the features, it's an okay product for enterprises to use to cover all cloud IaaS. If you're thinking about implementing CloudGuard, you should consider two things. First, the price is marked up every year by 10-plus percent, whether you use a particular feature or not. It's an annual subscription model, so you can always cancel at any time. 

Second, you should think about the modules. Workload Protection is okay if you use Kubernetes. You can use intelligence if you need to analyze traffic within your cloud environment for regulation-specific reasons, but it will cost you extra. CloudGuard's strong suit is that they support a lot of the features and AWS cloud assets.

With the time that I have used this tool, we have noticed that it is a very good solution and that it has excellent features. It provides very secure connections.

The benefits of using CloudGuard CNAPP were realized very quickly, almost immediately after deployment. The implementation process was straightforward and seamless, leveraging agentless integration with existing cloud security tools. The positive results were clear from the start.

We use CloudGuard CNAPP's CSPM capabilities extensively. We assess CSPM for identifying misconfigurations by running automated processes to scan all our cloud accounts. We prioritize risks, work with technical teams to explain vulnerabilities, and initiate fixing processes, deploying available solutions or performing manual/automated remediations. We then report progress to our teams and iterate on the process as needed.

The effectiveness of CloudGuard CNAPP's CSPM for providing compliance rules and security best practices is high. Its policies align well with common standards like NIST or CIS frameworks, enabling effective assessment against known vulnerabilities. This alignment facilitates communication and understanding between teams, streamlining the resolution process for identified vulnerabilities.

CloudGuard CNAPP's CSPM effectively identifies risks critical to our business, particularly focusing on exposure and availability ratings. It saves us significant time, likely reducing the resolution process for critical risks by around 30-40%, as it provides pre-configured assessments and clearer insights compared to starting from scratch.

The CloudGuard CNAPP team provides excellent visibility into incident investigations by simplifying access to cloud workload configuration logs and integrating with tools like SIEM platforms. This enables the incident response team to ingest data from CloudGuard CNAPP and correlate it with internal indicators, streamlining the investigation process.

We use CloudGuard CNAPP across eight countries in South America and North America, with around 130,000 employees and approximately 5,000 engineers. We manage over 100 AWS accounts and support various applications, including e-commerce tools, generating over 10,000 notifications.

My advice for someone evaluating CloudGuard CNAPP would be to start with a hands-on exploration of the dashboards and data provided by the solution, then focus on internal selling and localized deployments. The biggest lesson I have learned from using CNAPP is that while it is easy to start with, achieving full adoption and maximizing its potential requires thorough preparation and dedicated effort from the team.

Overall, I would rate CloudGuard CNAPP as an eight out of ten.

To the new users of this solution, I would advise not following the built-in guide while setting it up. Always open the admin guide for the most up-to-date information.

Overall, I would rate this solution an eight out of ten. Even with all the issues, what you do get out of it is very valuable. The reporting and the setup are holding it back from a ten. That is where it can be improved greatly.

I would rate Check Point CloudGuard CNAPP a nine out of ten. It is a pretty awesome product, but there is always room for improvement. I would have rated everything else we tested a six out of ten.

I'd advise potential users to go for the CloudGuard Intelligence solution and strengthen their IT security. It is the best available solution in the market with strong tech support and wider acceptability globally.

It's a very strong solution for cloud security posture management and very effective for large and mid-size environments. Any organization moving towards the cloud would benefit from this.  

The cloud and on-prem environments are completely two different networks.

They should offer the cloud in India. Soon, there will be GDPR and India will have its own data protection laws. This might create some issues in the case of the data residing outside India. Because we are collecting metadata from the internal networks for the cloud environment, this is the reason that I suggest that they should have some plans to have the cloud in India. However, neither Prisma nor Trend Micro have cloud in India.

I would rate this solution as an eight out of 10.

This is a great and powerful platform for securing organizations from cyber attacks.

If they could reduce the price and provide more capabilities, it would be better.

I give Check Point CloudGuard Posture Management a ten out of ten.

Check Point CloudGuard Posture Management is a good solution and I recommend it.

I would give Check Point CloudGuard Posture Management a rating of seven out of ten. Consolidating additional capabilities into CloudGuard, along with Fusion, would create a comprehensive package offering for customers. This, along with maintaining compatibility with the evolving AWS service, would help to avoid complicating any integration issues.

While developing our tools, there is always a need for ongoing review and updates. However, compared to AWS, the maintenance required for CloudGuard is minimal.

Users can fully rely on Check Point products as they are robustly designed for security.

It is a very complete tool for workflows. It provides excellent security.

The solution is very effective. It fulfills perfectly for what it was made to do.

I rate Check Point CloudGuard Posture Management an eight out of ten. I advise new users to start with a defined list of goals or problems and implement the solution in a way that initially prioritizes their most significant issues or primary goals. Don't try to boil the ocean. In other words, don't enable all the features and do everything at once. They will be overloaded unless they know what they're doing. Go feature by feature, function by function, and area by area. Determine where your critical risks are and implement the solution based on that knowledge.

I think there are some benefits to using a third-party tool. For example, these tools might simplify and enrich features or offer focus. You're adding another view or pane of glass to your security world, but once you start to look across clouds, it becomes interesting. I have to write all my own rules for Azure and AWS. At the same time, I can get the same report delivered to my inbox that I can then feed to my executives, showing them the health of these cloud properties. 

It looks cohesive and coherent instead of using separate native tools for AWS, GCP, Alibaba, and Azure and trying to compile all those reports and metrics. At least I can distill my posture into a commonsense readable score and transmit that to the executives. I can tell them, "Our posture's at 98% compliance." They can comprehend that and compare the scores from week to week. It helps me from a reporting angle.

We have achieved the set objectives with Check Point CloudGuard Posture Management.

I would rate the accuracy of the security visibility slightly lower than nine out of ten because it's still complex to do, even with CloudGuard. The biggest feature of CloudGuard is that it rolls back the changes when somebody has changed it in the cloud without authorization, yet the complexity of managing a lot of firewalls is still there. I would rate the accuracy of security visibility a seven and a half or eight out of ten.

I would rate the solution's comprehensiveness for cloud compliance and governance an eight out of ten. The false positives are a little bit annoying at times.

CloudGuard helps to minimize the attack surface and manage dynamic access, although I didn't use the dynamic access in my setup. For my use case, it was primarily minimizing the internal attack surface because I didn't use it for external connections. I had a different role there. When you only have three engineers, you need to trust them. The reason that we used CloudGuard was to be able to do it with a few engineers.

CloudGuard provides a unified security solution across AWS, Azure, and Google, but not for anything else. To that end, I don't think that any other cloud provider would be a market contender at this point, and Google will probably even disappear after a while.

My advice for anybody who is considering CloudGuard is to try it. If you're looking to manage a large security defense platform, in-depth, with a lot of firewalls, try it and you'll be surprised.

One of the things that I learned from using CloudGuard was that it offered support for compliance. I was originally just looking for a way to manage all of these firewalls, and that came as a pleasant surprise. It helped us a lot with our ISO 27000 and PCI certification.

Overall, in terms of functionality, CloudGuard is fairly well made.

I would rate this solution a nine out of ten.

CloudGuard provides a comprehensive set of security solutions for cloud environments.

Scale it right the very first time and you will be happy. You need to have cloud knowledge to do so. If you don't, outsource that task to a vendor, to a contractor, or to Dome9. By getting it right the very first time, you are starting on a good basis. If you don't do it right, you're not going to take full advantage of the features being offered by Dome9.

The solution helps to improve security scores, which is important for auditing and compliance. I rate it a nine out of ten. 

The solution is very easy to use. We've used it for a long time. Our team is very familiar with it. Different people, even with different responsibilities, can share. It has helped us free up staff time. 

I'd rate the solution a ten out of ten. 

This solution is highly powerful in the management of enterprise security, and I totally recommend it to other companies.

My advice to anyone thinking about implementing it is to consider investing in professional services to handle the setup, as they possess a deeper understanding of the platform. Overall, I would rate it seven out of ten.

We're a Check Point partner. 

I'd rate the solution nine out of ten.

This is a great solution for any organization.

Even though the cost is somewhat expensive. I recommend this solution for users who use the public cloud.

It is an expensive solution. However, I recommend it.

Check Point CloudGuard Intelligence offers excellent cloud network security.

I would recommend people buy it. Design your environment with Dome9 in mind. From the ground up, let Dome9 analyze your environment and get you compliant with the rules that you need to be compliant with.

Its remediation works really well. Some of the more advanced remediation stuff can get more complicated because it involves spinning up, like Lambda functions in the cloud. That can be a more complicated procedure than some of the normal compliance remediation, but it's there and it's powerful.

We just use AWS and Azure, but they have Google Cloud Platform as well that you could use.

We are using it pretty extensively for what we are currently doing now, and we will expand that. My team manages all our cloud deployments, so we have everything that we are currently using integrated into Dome9, but we are also in the process of redoing our cloud deployment. So, instead of just building the cloud stuff, then putting Dome9 on top of it, we will be building it knowing that we will have Dome9 from the ground up.

I would rate this solution as a 10 out of 10. I love it.

It's an excellent tool that is a bit expensive yet worth it.

Evaluate this tool and also check the new Spectral Check Point tool, which can help complement this.

Both are recommended.

It is an excellent security tool for dev departments and the entire company.

I give Check Point CloudGuard Posture Management a six out of ten. It could be better once fully tuned and properly deployed.

My usage is rather difficult because the client has not spent much time tuning the solution, as they are planning to automate a lot of it. As a result, I am currently the manual.

The solution actually created more work for the staff because it made them aware of all the vulnerabilities. As a result, their priority is now to fix them, which created a lot of work and a lot of tickets.

I wish I had been involved in the deployment because I would have done it differently.

At the RSA conference, we receive a lot of promotional items.

The RSA conference does not impact our organization's cybersecurity purchases.

Try it in read-only mode. 

We do not use remediation at the moment. We do the remediation manually, since we are still using Dome9 in read-only mode. I don't know if we will use the remediation in the future because we prefer to do it ourselves. We don't know what will be the impact of doing it automatically from the tool. 

If you use the remediate mode, which we currently don't use, it will leave you with automation to help out with your call environment for compliance. However, if we wanted to use it, we do have the tool.

Biggest lesson learnt: Securing the cloud is more difficult than we originally thought.

I would rate this solution as an eight out of 10.

Request a free demo directly from Check Point and see whether Dome9 suits you.

I would rate Check Point CloudGuard CNAPP nine out of ten.

Check Point CloudGuard CNAPP is predominantly owned by and controlled by the central security organization within our company.

Details matter. When comparing features to other security solutions on the market, the ability to develop custom rules is important to us, along with security posture capabilities. The ability to scale flawlessly is also important to us. The direct and overwhelming support that we received from the Check Point account team, the support team, and the leadership team has been fantastic.

Integrating with the cloud through APIs offered by a SaaS platform has significantly reduced the burden on our organization by eliminating the need for all the complex backend work we previously had to handle. This experience highlights the importance of embracing new ways of doing things.

I give Check Point CloudGuard Posture Management a ten out of ten.

Check Point CloudGuard Posture Management is an important component of a cloud environment that enables us to gain visibility across all areas and configure easily. I highly recommend this solution.

CloudGuard CNAPP has been crucial in giving us visibility into our cloud setup and has significantly lowered our risks by enabling better control over our cloud security.

I find that CloudGuard CNAPP 's cloud security posture management is exceptional for addressing both physical and digital security concerns. It offers extensive coverage and provides a straightforward yet sophisticated method for creating and implementing new security queries.

My advice would be to define your use cases very well when considering this solution.

Overall, I would rate CloudGuard CNAPP as an eight out of ten.

I rate CloudGuard Posture Management seven out of 10. I would rate it higher, but I think the price point is pretty high for what it does. However, I know it's a burgeoning market. So I think the price point and some of the other features that I already mentioned, like customization, are pretty lacking. Still, if you want some cover for an internal or external audit, this is a tool for you. 

Start with read-only and move to full-control slowly. When you go to full control, there will need to be good communications with your AWS teams, so they know it is there. Do not do full-control on your lab environment.

They are a great partner to work with. Not only is the product solid, but we have loved having a good relationship with their leadership and seeing our feedback manifest into real product updates and features!

I would like to implement all the security solutions from Check Point in our company. Overall, I rate the product an eight out of ten.

If you are looking for a complete solution for your cloud or clouds, with Check Point you can have everything from one place.

I would not recommend this solution to other users.

I would rate Check Point CloudGuard Posture Management a seven out of ten.

The functionality that is used will vary depending on the use case. For example, in a recent use case that I worked on, the data packets had public access without exception. However, this should not have been allowed.

I definitely suggest that people use Dome9 because I have used it since last year and I really like the features. It is also stable. There is only one feature, DLP, that is not present and we have found in Prisma.

I would rate this solution a six out of ten.

I would rate Check Point CloudGuard CNAPP ten out of ten. Check Point CloudGuard CNAPP is a great solution.

We use the posture management capabilities of CloudGuard CNAPP and the workload protection capabilities.

My advice is to try to get the trial period first because this will allow them to see if this is a suitable solution or not for their environment. They have to remember that this solution can only be compared to Test B, but it's not Test B. The trial allows for appropriate compatibility and suitability evaluations.

On a scale from one to ten, ten being the best, I would gladly rate this product an eight out of ten.

My advice would be:

• Share your project goal(s) with the vendor to help you map the functionalities and modules needed, to be implemented in phases, during implementation.
• Map your existing security configurations and create a lab to test them with and without Dome9.
• Implement the solution progressively and look at the logs in the Dome9 application to learn about the network activity.

I rate CloudGuard a nine out of 10.

I recommend CloudGuard posture management for anyone who needs to take control of multiple cloud environments. It streamlines visibility, so this is the right tool if you are trying to meet a specific compliance standard or you're managing hundreds or thousands of servers within your cloud environment. It unifies your cloud environment. 

For those looking into implementing CloudGuard, I would suggest contacting SharePoint professional services to get the job done easily. I would give CloudGuard a score of ten out of ten.

My advice to anybody who is considering this product is to look at the free proof of concept that is available. This makes it very easy to try out at no cost. I suggest trying it out on a subset of the environment first, just to get everything working well. After establishing what reporting you want, and what policies you want to check your environment against, you can expand to cover a wider set of your environment.

The biggest lesson that I have learned from using this product is that organizations are very uninformed about their cloud presence, what assets they have, and what shape it's in. It's huge exposure for the organization to have all of these assets in the cloud but not have the visibility and traceability around them. Organizations that don't have a solution like this are often insecure because of what they have in the cloud.

Overall, Dome9 is a good product and I haven't received any negative feedback from our customers about it.

I would rate this solution a nine out of ten.

I rate Check Point CloudGuard Posture Management an eight out of ten.

If your company's environment is more developer-focused, meaning it has more containers and is running on Kubernetes, I would certainly recommend choosing Checkpoint.

This is a product that I would recommend because it does unique things that I'm not aware any other product can solve those issues. It is incredibly powerful and gives our customers a lot of assurance that we're taking AWS security seriously.

My advice for those implementing this product is to use every piece of it. Explore every option and feature and leverage it to the max.

I would rate this solution a nine out of ten.

I would recommend this product. 

I rate this solution a 10 out of 10.