Sold by: Check Point Software Technologies
Deployed on AWS
As organizations scale their SaaS ecosystems, securing sensitive data, identity access, and cross platform integrations becomes increasingly challenging. Check Point SaaS Security is an AI-powered SaaS protection and CASB solution that delivers API-level protection across your entire SaaS environment, providing real-time threat prevention, continuous posture management, identity-risk detection, and full SaaS discovery through a simple, cloud-native deployment.
4.5
Overview
Check Point SaaS Security delivers:
Proactive Threat Prevention (API-Based): Threats targeting SaaS applications including malware, phishing, data theft, compromised identities, and GenAI powered attacks can expose critical business data. SaaS Security provides API based scanning to detect and block known and unknown threats across uploads, downloads, stored files, and shared content. It uses ThreatCloud AI and behavioral analytics to identify anomalous identity activity, risky SaaS integrations, and unauthorized data access without disrupting users.
Continuous Attack Surface Reduction: Misconfigurations, excessive permissions, unsecured OAuth connections, and weak identity policies increase SaaS risk. SaaS Security continuously monitors configurations, identity exposures, and SaaS to SaaS connections, providing prioritized alerts and one click remediation aligned with NIST based best practices.
Comprehensive SaaS Discovery: Shadow SaaS, third party integrations, and unmanaged plugins create hidden exposure. SaaS Security automatically discovers all SaaS applications including OAuth connected apps across your environment, giving teams complete visibility into sanctioned and unsanctioned services. This allows organizations to eliminate unnecessary integrations and strengthen governance.
API Based DLP & Threat Prevention with AI Powered Accuracy: SaaS Security connects directly to apps like Google Workspace, Microsoft 365, Slack, Jira, Salesforce, Dropbox, Box, and GitHub to scan data at rest for sensitive content, oversharing, and malware - remediating issues automatically without disrupting users. Backed by a multilayer AI/ML engine using private LLMs, NLP, NER, and neural classifiers, it identifies sensitive data with high precision, enabling highly accurate DLP across all API based scanning activities.
Safeguard SaaS Connections to AWS: SaaS Security automatically discovers SaaS services connected to AWS resources and identifies risky API integrations, misconfigured access paths, and identity exposures. It provides actionable recommendations for tightening IAM permissions and remediating third party integrations that could expose AWS hosted data.
SaaS Security Posture Management (SSPM): SaaS Security maps your entire SaaS ecosystem and continuously evaluates:
Shadow SaaS usage
Misconfigurations and compliance violations
Identity anomalies and account takeover attempts
SaaS-to-SaaS (OAuth) risks
Configuration policies aligned to standards like GDPR, SOC 2, ISO 27001, NIST
With continuous monitoring, alerts, and automated remediation, organizations maintain an audit ready posture.
Rapid Deployment & Zero Maintenance: SaaS Security is fully cloud native and deploys in minutes - no agents, proxies, or network changes required. It scales automatically as new SaaS apps and users are added, and provides intuitive dashboards and guided onboarding, enabling teams to secure their SaaS environment without specialized expertise.
Why AWS Customers Choose SaaS Security?
Automate SaaS security and reduce manual investigation
Gain full visibility into SaaS usage and SaaS connections touching AWS
Improve compliance with one-click remediation and continuous posture checks
Strengthen protection with AI-driven threat and identity-risk detection
Integrate seamlessly with the broader Check Point SASE platform
Customer Case Study Global Retail Enterprise A global retail organization adopted Check Point SaaS Security to regain visibility and control across a rapidly growing SaaS ecosystem, including Google Workspace, Salesforce, and internal retail systems. They needed to eliminate shadow apps, risky plugins, and misconfigurations that could expose sensitive customer and operational data, and introduce compliance risk. SaaS Security helped them:
Discover all SaaS apps, APIs, and third party integrations with continuous monitoring
Protect sensitive data using AI driven DLP and Threat Prevention
Stop risky SaaS connections and anomalous behavior in real time
Strengthen compliance with continuous posture assessment
Highlights
- AI powered threat and data protection - Detect anomalous activity, identify sensitive data across 800+ types, and prevent oversharing in AWS and other SaaS environments.
- Full SaaS visibility - Automatically discover sanctioned, unsanctioned, and shadow SaaS apps and OAuth connections.
- Continuous SaaS posture management - Monitor misconfigurations, excessive permissions, and risky integrations with one click remediation aligned to NIST best practices.
Details
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Harmony SaaS - Complete package | Full visibility into SaaS Ecosystem, Complete SaaS Security Posture Management Support, Integration with existing Check Point Products, Access to Harmony SaaS Extensive Knowledgebase, Advanced SaaS Based Threat Prevention, Number of Platforms - Unlimited, Supported Platforms All, All Customization of Policies, Advanced Features (Slack and Teams Sentinal Multiple Instances Request Analyze) | $74.90 |
Vendor refund policy
No Refunds.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
https://www.checkpoint.com/support-services/contact-support/ This offer includes Premium Support. For the full list of included support services, visit: https://www.checkpoint.com/support-services/support-plans/
To open a support ticket, please have your Check Point user center account information available. If you do not have a user center account, sign up for one here:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
A single pane-of-glass security management console delivers consistent visibility, policy management, logging, reporting and control across all cloud environments and networks
Check Point Check Point Cloud Firewall is a cloud-native security gateway that delivers automated, advanced threat prevention and multi-layered network security for assets that customers migrate to or store on AWS. Try it free for 30 days.
A single security management console delivers consistent visibility, policy management, logging, reporting and control across all cloud environments and networks
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation, and with GWLB (starting with R81.20)
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation.
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
Customer reviews
abhishek G.
Reliable Endpoint Security with Centralized Management
Reviewed on Apr 30, 2026
Review provided by G2
What do you like best about the product?
It provides strong endpoint security with minimal impact on performance, along with an easy-to-use centralized management console that makes administration straightforward.
What do you dislike about the product?
The main downside is that some advanced features and policy settings can feel complicated to configure at first, and troubleshooting can occasionally require deeper Check Point expertise.
What problems is the product solving and how is that benefiting you?
Check Point Harmony Endpoint helps address threats like malware, ransomware, and zero-day attacks by delivering strong, centralized endpoint protection. For me, this means better security visibility, lower overall risk, and quicker detection and response, all with minimal impact on system performance.
Naresh Sonawane
Advanced threat visibility has strengthened user behavior monitoring and incident investigation
Reviewed on Feb 07, 2026
Review provided by PeerSpot
What is our primary use case?
I work with Check Point Harmony SaaS , as our customer has Check Point Harmony SaaS , and we work on monitoring as we are working as a SOC, that Security Operations Center . We do have that device for monitoring perspective.
We only monitor our customers. The logs that we receive from it are being monitored.
I want to clarify that for Check Point Harmony SaaS, we only monitor the logs for it. If any suspicious detection is detected, the alert triggers, and we monitor that. That part is what I am aware of because I work as a consultant engineer there, and I am not well aware of the implementation or onboarding part of it.
What is most valuable?
I have gone through the portal multiple times for investigation purposes, and the highlighted points I will say are the threat protection of Check Point Harmony SaaS, which provides excellent visibility along with centralized management reporting.
Identification of zero-day threats is a tough part, but when we have such features for random threat identification, it helps us strengthen the security posture. We have not highlighted any incidents with respect to this to the customer yet, but this is a really useful feature that all the next-generation SIEMs and EDRs have, and we are really impressed with that.
We track user behavior with Check Point Harmony SaaS's visibility features, including any unusual behavior detection along with location tracking. If a user has logged in from a different location or device type, that observation raises the risk threshold of that particular user account, and post that, detection will focus on user behavior analysis or user entity behavior analysis. All those features are important for us, and we are utilizing them to highlight critical users to the customer.
What needs improvement?
The one improvement I would suggest is for reporting customization and alert tuning, so whatever the weekly charts I have to fetch for detection incidents, or particularly for host-specific alerts, I need to collect reports from post-detection on how many connections have been established. Such customization can be done on the report, and if that can be implemented, it will be a better hand for the security analyst.
I will rate the overall product as a nine. I will not rate it as a ten because of some customized reporting and the customizable dashboard issues. If those parts could be improved, it would be a ten out of ten.
For how long have I used the solution?
We are familiar with Check Point Harmony SaaS for almost one and a half years, like one year and eight months. We do have that finance customer with us who is using this one, and we are monitoring that device for one year and eight months.
How are customer service and support?
I will not be the right person to report technical support, but whenever we face glitches on the portal or anything, those issues get resolved within a shorter time. Once our admin team reaches out to the support team, they resolve it within almost two to three business hours. So that was really quick support, and I would rate it as a nine out of ten.
How was the initial setup?
For initial setup, it will be done in a few hours, but based on the organization or integrating that particular device on the agent, it will take almost one to two business days at most.
What about the implementation team?
In terms of implementation, our implementation team has not faced any issues or reported any issues while integrating it because we already have multiple Check Point Firewalls , and they are very familiar with all process documents or the documentation provided by Check Point itself. So there was not any issue for implementation.
I am not the person who implemented that one, so I work only on the SIEM console, and I am not sure exactly on what basis it is implemented.
What other advice do I have?
I have almost 6.7 years of experience in security. I currently work as a Security Operation Consultant, so I have almost six years of experience in cybersecurity.
Our team is a SOC admin team with almost eight people.
I currently work as a Security Operation Consultant, which was my job title before the promotion at SecureView.
It is not an issue, and I am glad we could have this conversation.
Thank you, and I wish you a good day. I will rate this review a nine out of ten overall.
Pedro L.
Solid endpoint protection that's effective without being heavy.
Reviewed on Dec 16, 2025
Review provided by G2
What do you like best about the product?
I like the strong prevention against malware, the fact that it doesn't slow devices down much, and how easy it is to manage from one place.
What do you dislike about the product?
I think that some alerts need a bit of tuning, the policy setup can take some time at first and the reporting could be more flexible.
What problems is the product solving and how is that benefiting you?
It helps us stop malware and suspicious activity before it spreads across user devices. The main benefit is fewer incidents to deal with and much better visibility when something does happen.
Naresh K.
Reliable Real-Time Protection That Runs Silently
Reviewed on Dec 09, 2025
Review provided by G2
What do you like best about the product?
it works in the background without slowing the system. It blocks threats in real time and gives clear alerts whenever something suspicious appears. The overall detection rate is very high, and it gives me confidence that all endpoints are protected.
What do you dislike about the product?
Nothing as of now, everything is working fine.
What problems is the product solving and how is that benefiting you?
Earlier we used to get random alerts and suspicious files on systems, but after moving to Check Point Antivirus, these problems have reduced a lot. It also helps me track infections immediately and fix them faster, which saves time and keeps the office network safe.
sharath k.
Real-Time Protection and Effortless Management and Solid Antivirus with Accurate Detection
Reviewed on Dec 07, 2025
Review provided by G2
What do you like best about the product?
It catches threats in real time, blocks malicious files immediately, and keeps the endpoints safe without creating extra work for users. The dashboard is also easy to use, so monitoring and managing alerts becomes very smooth for IT. Overall, it provides reliable security with fast detection and good stability.
What do you dislike about the product?
nothing as of now,everything is workinf fine.
What problems is the product solving and how is that benefiting you?
It helps by detecting threats early, blocking suspicious files before they spread, and reducing the overall risk in the environment. It also lowers manual effort for IT because alerts are accurate and easy to track, so we spend less time troubleshooting and more time focusing on other tasks. Overall, it keeps the systems stable, protected, and compliant without slowing down users.