Sign in
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

CloudGuard Intelligence

Check Point Software Technologies | 1

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

36 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Ammagari U.

Recommending cloud guard

  • February 11, 2022
  • Review provided by G2

What do you like best about the product?
Superior Automation and SIM Integration
• Precise and smooth integration with third party SIEM
solutions.
• Comprehensive visibility of contextualized logs into
ephemeral assets and security posture awareness.
• CloudGuard feeds critical insights to SIEM solutions for
further investigation.
What do you dislike about the product?
compared to other vendors. I cant see my on premise...
deployments like Vmware Tanzu, this is a main drawback
Cloudguard does not support on premise cloud
Product Details - G2
CloudGuard Intelligence Reviews &
What problems is the product solving and how is that benefiting you?
CloudGuard Cloud Intelligence and
Threat Hunting, part of the CloudGuard
Cloud Native Security platform,
provides cloud native threat security
forensics through rich, machine
learning visualization, giving real-time
context of threats and anomalies
across your multi-cloud environment.


    Umar B.

CloudGaurd is one of the best in the market!!

  • February 09, 2022
  • Review provided by G2

What do you like best about the product?
It's industry leading and provides solutions to complex issues.
What do you dislike about the product?
Nothing as of now as I think it is a very good player in its segment.
What problems is the product solving and how is that benefiting you?
It is used in hunting threats in cloud using it's intelligent detection and mitigation.


    Banking

A reliable, comprehensive intelligence source

  • January 17, 2022
  • Review provided by G2

What do you like best about the product?
Leveraging feeds from all the Check Point devices worldwide, CloudGuard Intelligence is an excellent intelligence source.
What do you dislike about the product?
You need an additional license for CloudGuard Intelligence.
What problems is the product solving and how is that benefiting you?
CloudGuard Intelligence helps us enrich our detections, and we can triage events more effectively.


    Banking

Must have for cloud visibility and intelligence

  • December 20, 2021
  • Review verified by G2

What do you like best about the product?
It's a part of checkpoint cloudguard solution. Cloudguard intelligence supports most cloud platforms including, AWS, Azure, Google. Integration is very simple. Results are seen in a couple of minutes. After the integration we don’t see any downtime or connection problem. I guess it has a recovery mechanism inside the SAAS application. Fot traffic log it uses the flow data. Intelligence not only runs at network layer, it’s also integrated with account activity. Traffic logs are enriched with cloudguard intelligence. It has a direct reference with Mitre Att&ck framework where the SOC analyst likes to make analyze within. Policies and rulesets within the Intelligence are meaningful and low FP rate. It also supports K8s –AKS environment. The most important problem with the K8s is the visibility, CG intelligence enriches the visibility in K8s.
What do you dislike about the product?
Even it’s a checkpoint application running on SAAS, the solution does not understand the Checkpoint deployments. I would like to see the Checkpoint GWs/appsec/workload solutions on the Cloudguard intelligence natively. Intelligence has many rulesets but they are not automatically assigned, you should assign the rulesets within the policy to the onboarded subscriptions. Cloudguard does not support on premise cloud deployments like Vmware Tanzu, this is a main drawback compared to other vendors. I can’t see my on premise cloud network deployment on the dashboard it’s a huge operational burden. There’s no plugin or a dashboard for hybrid networks like you have the traditional network connected to cloud networks. It’s a drawback for SOC and cloud security team to analyze the incidents. You should use 2 different platforms or enrich SIEM solution. There's no native DLP or DLP support within the cloudguard intelligence,
What problems is the product solving and how is that benefiting you?
Cloudguard intelligence enriches the cloud vpc flows and activity logs to a more security centric view where the SOC team and cloud security team focuses. Without cloudguard intelligence you only rely on posture findings event where it may have lots of events and that’s based on generally compliance items. Threat and security events are mainly derived from the cloudguard intelligence. Threat events are much smaller and needs immediate action where we can focus and directly solve throughout the Cloudguard dashboard. Therefore it’s really helping us to prioritize the events and incidents. Intelligence within the Account activity shows more detailed information and visibility. That’s much better than to use the cloud provider logs. As the cloudguard intelligence is supporting multiple cloud vendors, you can set consistent security policy and rulesets throughout different cloud vendors. We have specific regulations and compliance items referring the threat hunting and threat analytics on the cloud; cloudguard intelligence helps us to demonstrate the related outputs to the audit teams and assist us to pass these audits.
Recommendations to others considering the product:
If you’re a security team member, you need to work closely with cloud administrators and double-check what they do. Especially, they need to enable logging and VPC flow logs. Many times cloud admins ignore these logging even they enable logging they do not store due to the cost. Logging and vpc flow logs are must for cloudguard intelligence. Don’t forget to assign the rulesets to the policy for the onboarded organizations, otherwise they don’t produce output. The most important item is setup the roles for the cloudguard deployments, otherwise nobody gets the ownership of the outputs.


    Abraham M.

CloudGuard intelligence help us to threat prevent, intelligence and auto remidiation

  • December 08, 2021
  • Review provided by G2

What do you like best about the product?
CloudGuard Intelligence has capabilities to prevent all threats using MI, and it has auto-remediation on that detection and forensic intelligence.
What do you dislike about the product?
Dashboard view should be more informative.
What problems is the product solving and how is that benefiting you?
It has real-time intrusion detection policy violation alerts


    Kirtikumar P.

analyze the traffic using CloudGaurd

  • October 12, 2020
  • Review provided by G2

What do you like best about the product?
It is very easy to monitor and analyze traffic
What do you dislike about the product?
As of now we havent found any dislike on CLoudGaurd Log.ic
What problems is the product solving and how is that benefiting you?
This is very helpful for cloud service log monitor
Recommendations to others considering the product:
If you are using Cloud Services then this is help you to visualize and analyze the traffic.