We use CloudGuard to secure apps we develop in the cloud.

Before Check Point, we didn't have a cloud solution. Having a CNAPP solution gives us confidence that our cloud apps are secure. From day one, we saw that the product was working and detecting issues in real-time. 

CloudGuard's best feature is real-time detection. We can detect incidents and vulnerabilities in our code with one click. I was amazed by CloudGuard's VM protection. It's easy to deploy, and I feel safe. I'm absolutely satisfied with it. 

I have used CloudGuard for about one year.

CloudGuard is stable. I haven't had any issues. 

CloudGuard is scalable. We've had no problems implementing it for our cloud infrastructure. 

I rate Check Point support 10 out of 10. Check Point's technical support is excellent. 

Positive

The implementation was fast and easy, and Check Point's professional services are highly effective and professional. We deployed it with an in-house team of two to three people. 

The cost-effectiveness of this investment was high. The money was well spent because I solved my security problems. 

I would like CloudGuard's pricing to be cheaper, but I think that's impossible. The pricing is the only thing I think they can improve.

I rate Check Point CloudGuard CNAPP nine out of 10. I recommend that complex corporations test CloudGuard before implementing it. When you see the solution in action, you can witness its security and power.

When a customer has a multi-cloud environment with AWS, Azure, GCP, or any other cloud, maintaining posture across the cloud environment is very difficult. They need a CNAPP solution for governance and centralized compliance. It gives centralized visibility where they can track each and every cloud account, compliance check, misconfigurations, risks, and vulnerabilities. Accordingly, they can take remediation action as well. That is the main purpose of a CNAPP solution.

CloudGuard CNAPP helps to be compliant across a multi-tenant environment. We can be sure of the compliance status with respect to different cloud tenants. There is visibility into each and every cloud tenant. It is very easy to get visibility from a single console. Centralized management gives good granular control where we can check the risks and vulnerabilities and also do remediation centrally.

Its benefits can be realized in four weeks. It is API integration, so it is very straightforward. You integrate with the client, and you start monitoring. You get the information in real-time. The overall implementation time frame is about four weeks. The first two weeks can be for the monitoring stage. In the third week, you can fine-tune your policies, and in the fourth week, you can start remediating.

Posture management is a part of CloudGuard CNAPP. CloudGuard CNAPP is a combination of three technologies: Cloud Security Posture Management, Cloud Workload Protection (CWP), and Cloud Infrastructure Entitlement Management (CIEM). It is a combination of technologies. When customers use CloudGuard CNAPP, they use all these three models.

Cloud Security Posture Management is very good for identifying misconfiguration. It is able to capture all misconfigurations.

They maintain different compliance standards. Apart from that, they are also very good with the alerts and notification part. Whenever they perform a scan and find a vulnerability, it is sent to different channels as an alert or notification. It is good. They only need to improve the impact analysis on CSPM.

Cloud Security Posture Management identifies the risks that are most critical to the business. In terms of time savings, it can identify a risk within 10 to 15 minutes instead of it being a day-long task. The scanning happens in almost real-time. It is a good feature they have given, and I appreciate their solution.

The scanning provided by CloudGuard Workload Protection helps to identify problems before they go live. It has good capability for that. It can perform a proactive analysis, and we can identify the risks or vulnerabilities before the exploit. This identification of problems is very important because knowing about a problematic scenario in advance and being able to address it can save us a huge business loss. A proactive analysis is very critical. In the cybersecurity domain, it is one of the critical features for every customer.

CloudGuard CNAPP gives us the severity score. When it identifies any risks or vulnerabilities, it assigns a severity score.

CloudGuard CNAPP gives good visibility across all the multi-cloud tenants. We have everything covered in one solution. It covers risks, vulnerabilities, misconfigurations, compliance, data security, data loss, etc. It gives good visibility. This visibility is important for customers.

The identification of misconfigurations, maintenance of compliance in a centralized way, and visibility across all the multi-cloud tenants are the key functionalities.

The first improvement area is the impact analysis. The impact analysis that they perform can be improved. It is currently lacking. It should be more detailed.

The second improvement area is that they should adopt more remediation on various resources.

The third improvement area is that they should introduce Gen-AI capability on their platform so that remediation can be very easy. They have the threat hunting and detection part, but they need to adapt more on the Gen-AI side so that the remediation can happen automatically. People should be able to do remediation with a click. It would be a very good feature to have for remediation.

These are three main improvement areas for them. I have already provided Check Point feedback about these through another channel.

With respect to Cloud Workload Protection, they should introduce more granular security control in terms of policy. I feel they should work on it and develop it more. They need to provide more granular security control in terms of various attacks, such as the MITRE ATT&CK framework. They need to give a different policy for each technique and tactic such as ransomware, exploitation, etc. I also work with CrowdStrike, so I know about different types of granular controls. From the Cloud Workload Protection perspective, they need to improve the policy framework.

I have been working with CloudGuard CNAPP for 2 years.

I have not seen any issues. It works in the passive mode, so it does not impact performance or anything like that.

It is a scalable solution. Every SaaS solution is scalable, so CloudGuard CNAPP is also a scalable solution.

I have not contacted them much, which is a good thing. CloudGuard CNAPP works in a passive mode. If anything needs to be done, it has to be done in your cloud tenant. There are very few times when you or an admin is required to communicate with the support team.

I also work with CrowdStrike and Palo Alto. CrowdStrike does not have the CNAPP capability. CrowdStrike is an EDR solution.

Palo Alto has the Prisma solution. Its capabilities are similar to Check Point. They are similar to me. I do not see much difference. There might be some difference in the cost, but technology-wise, they are the same.

CloudGuard CNAPP is a SaaS-based solution, and you need to integrate all your cloud accounts into that. That is it.

You need to integrate your cloud account or onboard your cloud account in the CloudGuard CNAPP solution by doing the API integration. After you onboard, you first put the cloud account in the monitoring mode. You monitor things for two weeks. After you validate your findings on CloudGuard CNAPP and you do not see any false positives, you can go for the block mode as well. That is the approach the industry should follow while onboarding any CNAPP solution.

You start to get an ROI from the day you deploy CloudGuard CNAPP or integrate it with your cloud account. 

It is like insurance. When something happens, only then you realize its value. CloudGuard CNAPP works in the same way. Without such a solution, it is very difficult to find vulnerabilities, misconfigurations, and data breaches on each and every cloud tenant. When you integrate CloudGuard CNAPP with your cloud account, you get a single view. It is very easy for your cloud administrator to take quick action. The ROI starts once you integrate or onboard a cloud account with CloudGuard CNAPP.

After you have subscribed to CloudGuard CNAPP, I would advise onboarding your cloud account and then monitoring your cloud account and the CloudGuard CNAPP findings for two weeks. After that, you can fine-tune the policies and then run the solution in block mode. That is the process.

A CNAPP product is mandatory for any organization that works in a multi-cloud environment.

Overall, I would rate CloudGuard CNAPP a nine out of ten.

When idle virtual machines hosting Azure Functions require protection and vulnerability scanning, we can leverage the Check Point CloudGuard CNAPP solution to gain a consolidated single pane of glass view and manage these workloads.

By utilizing Check Point CloudGuard for security, our clients can now protect both their cloud assets and on-premise assets. CloudGuard also provides a single pane of glass for multi-cloud management, including protection for their Azure resources.

The new scanning function is a valuable feature that wasn't available until recently. Importantly, it's enabled by default.

Another advantage of CloudGuard CNAPP is that it can be deployed as a SaaS solution on Check Point Standard, eliminating the need for a custom subscription. This flexibility is a significant improvement.

CloudGuard CNAPP could be enhanced by increasing the number of components that run natively on Azure. This would allow Check Point to offer a forward-looking security solution that caters to customers who require a purely Azure-based environment. Currently, the mixed architecture involving on-premises and AWS deployments might not meet all compliance and security needs.

I have been using Check Point CloudGuard CNAPP for one year.

Our clients can measure the return on investment of CloudGuard CNAPP in several ways. Firstly, it offers improved operational metrics compared to traditional methods. This eliminates the need for retraining staff on specific cloud vendors, as CloudGuard CNAPP provides a unified platform. Secondly, the ease of implementation contributes to a faster ROI. By considering factors like implementation speed, ongoing maintenance requirements, and reduced training needs, we can effectively measure the ROI of CloudGuard CNAPP.

We evaluated Azure Functions, but for existing Check Point customers, it might be more advantageous from a security standpoint for their operations team to maintain a single pane of glass for their existing on-premises and other cloud provider investments. This would allow them to adopt a multi-cloud approach.

I would rate Check Point CloudGuard CNAPP ten out of ten. Check Point CloudGuard CNAPP is a great solution.

We use the posture management capabilities of CloudGuard CNAPP and the workload protection capabilities.

We use Check Point CloudGuard CNAPP for the application protection of our assets on Azure, AWS, and Google Cloud.

We implemented CloudGuard CNAPP to address data exposure, prevent exfiltration attempts, ensure compliance with frameworks like SOC 2 and PCI DSS, and gain improved oversight of our cloud environment.

We haven't had any cloud security incidents since implementing CloudGuard CNAPP in 2017. It's been a critical tool as we've grown our cloud usage, transitioning applications from data centers to the cloud. CloudGuard's scalability has kept pace with our growth. As the third-largest enterprise user of Azure, our cloud footprint is significant.

The benefits of CloudGuard CNAPP were immediately apparent upon deployment. Back in 2017, we found ourselves needing to catch up on securing our existing AWS assets. We required a solution that offered quick implementation and usability. CloudGuard was the first platform we considered, and we've continued to expand its use alongside Check Point's ongoing development of new capabilities.

We create custom rules to address our organization's unique security policies, in addition to leveraging the built-in rules within CloudGuard CNAPP's CSPM module. This flexibility is crucial for us.

While CloudGuard CNAPP's CSPM capabilities effectively provide compliance rule sets and security best practices, it's important to understand that this is just one aspect of achieving full alignment with security frameworks. To be fully compliant, additional measures outside of CloudGuard need to be addressed and implemented. However, CloudGuard CNAPP remains a valuable piece of the puzzle.

CSPM helps us identify the most critical business risks. It's a time-saver that translates into cost savings. CSPM provides insights from multiple perspectives. We can analyze what a breach would mean for the business, including brand reputation and the significant cost and time required for recovery. Even in terms of day-to-day operations, CSPM saves us employee hours by streamlining security tasks.

The security provided by the CWP for containers is good. We are extremely satisfied.

Our CI/CD environment utilizes some scanning capabilities offered by workload protection, but it's not fully integrated. This creates limitations in proactively identifying issues before deployment. When we do use the workload protection capabilities they are critical for us.

Cloud security posture management is the feature we've been using the longest. What we particularly like about it is the rule-based capability. This allows us to develop our own custom rules using the GSL language provided by the CloudGuard platform.

The platform would be significantly enhanced by incorporating data security management capabilities.

I'd like to see CloudGuard offer more agentless functionality beyond what's currently available.

I have been using Check Point CloudGuard CNAPP for over seven years.

Check Point CloudGuard CNAPP is extremely stable and if there is an issue, Check Point is on top of it.

Check Point CloudGuard CNAPP is scalable. We haven't run into any scale issues and we have scaled significantly over the last six years.

We plan on expanding it into some of the newer capabilities that Check Point is coming out with.

The technical support is good.

Positive

The initial deployment was straightforward. As a SaaS platform, it is extremely easy to deploy it into environments.

We can deploy CloudGuard CNAPP and use it out of the box within hours.

Our initial strategy was to implement a basic solution and then expand its capabilities over time. Check Point, frankly, has done an excellent job of keeping its platform up-to-date by continuously adding and improving features. This is why we're still using it even after six years.

I would rate Check Point CloudGuard CNAPP nine out of ten.

Check Point CloudGuard CNAPP is predominantly owned by and controlled by the central security organization within our company.

Details matter. When comparing features to other security solutions on the market, the ability to develop custom rules is important to us, along with security posture capabilities. The ability to scale flawlessly is also important to us. The direct and overwhelming support that we received from the Check Point account team, the support team, and the leadership team has been fantastic.

Integrating with the cloud through APIs offered by a SaaS platform has significantly reduced the burden on our organization by eliminating the need for all the complex backend work we previously had to handle. This experience highlights the importance of embracing new ways of doing things.

We are a VAR. We use posture management in various client environments for different assessments. 

We do not use it internally. We use it in multiple client environments. We have different types of client environments with different sizes.

It is great for identifying misconfigurations. That is the part that I love about it.  It is very good at finding that needle in the haystack. It gives you an overall posture for every little thing, and if you dive into it and look at some of the findings, you start seeing that you have one or two servers that are misconfigured, and you have an open BLOB, open storage instance, unsecured web portal, or something else that you did not know about. 

The effectiveness of its Cloud Security Posture Management for providing compliance rulesets and security best practices is great.

Its Cloud Security Posture Management helps identify the risks that are most critical to our clients relatively quickly. I cannot put a number on that, but not having to go through every little configuration on every asset would probably save a week's worth of effort for the smallest client. 

Its traffic monitoring capabilities are good. Helps visualize traffic flows and possibly exposed assets.

The actual setup is pretty manual. It takes about an hour or two, depending on the client you are working with.

The rulesets and the findings are valuable. The actual core functionality of it and the efficacy of events are great. There is some triaging, but in terms of findings, it does seem to find the needle in the haystack.

The dashboards specifically are great. By just logging in and going into the portal, we can see the high-level dashboard views. We are able to dive into whatever we want to see there, and that is fantastic.

The network mapping and the traffic flow map, where it shows you which VMs might be possibly exposed, are also very valuable. It shows which systems might have direct access to the Internet and which systems do not. It shows you overall how the network flow is set up based on your security groups, routing, and everything. I have got a good use out of that.

The setup can be better. With every other Check Point SaaS product, the setup is scripted. You just approve deployment scripts,  and then you are off. The setup for this solution is still very much manual. I would like to see that transition to more of a scripted setup. That has been an issue when I set up a client because every client has different skill sets.

The general reporting also needs improvement. It is very cumbersome to pull the reports for big environments. I had a client environment with 50 tenants, and I had to manually run a CIS report for each tenant and download it. There were 50 different reports. I wish there was a way to get the reports for all 50 tenants in one report and not 50 different reports.

I have been working with posture management for 3 to 4 years.

I never had stability-related issues. That has always been fine.

It is scalable. You can do it, but you need to redo the setup for each and every additional account and visibility. It is scalable. It is just not quickly scalable.

I would rate their support for CloudGuard CNAPP a eight out of ten.

Positive

I have not used a posture management solution before.

Its setup is very manual. I would like to see that transition to more of a scripted setup. It is a very manual process. For the most part it is fine however I have definitely had issues with it. Sometimes, it just does not work, and I have had to open tickets.

I am an integrator and consultant.

Its price is very fair.

N/A

To the new users of this solution, I would advise not following the built-in guide while setting it up. Always open the admin guide for the most up-to-date information.

Overall, I would rate this solution an eight out of ten. Even with all the issues, what you do get out of it is very valuable. The reporting and the setup are holding it back from a ten. That is where it can be improved greatly.

I use CloudGuard CNAPP to protect and gain visibility into vulnerabilities across our cloud workloads in a multi-cloud environment spanning AWS, GCP, and Azure. By implementing CNAPP, we have successfully reduced vulnerabilities in our cloud infrastructure by 70-80% over the past two years.

CloudGuard has significantly improved our organization's security posture over the past few years by reducing critical vulnerabilities by up to 80-90% across various workloads. This enhancement has led to lower security costs and enabled us to effectively communicate our improved security stance to stakeholders, putting us in a much stronger position than before.

The most valuable features of CloudGuard CNAPP are its reporting capabilities for aggregating vulnerability information and scoring, as well as its CloudBot feature, which automates remediation deployment across our diverse workloads in various accounts and regions.

One area where CloudGuard CNAPP could be improved is in its reporting capabilities. Customization options for building tailored reports would be beneficial, as it would allow for different views on vulnerabilities based on specific criteria such as tags or dimensions. Currently, the reporting features have some limitations in providing the level of customization we require.

I have been using Check Point CloudGuard CNAPP for about three years.

We haven't had any stability issues with the solution so far.

Scalability, particularly in workload protection, is an area that needs improvement. It is challenging to roll out workload protection to different teams, and there is room for enhancement in this aspect.

I would rate Check Point's service and technical support as an eight out of ten. The pre-sales team was excellent, providing expert assistance, and our experience with the technical team has been good so far. 

Positive

The initial deployment of CloudGuard CNAPP was extremely straightforward since it is agentless and seamlessly integrates with public cloud tools. We began with a POC, then gradually rolled out the solution across all our cloud accounts, starting with AWS and expanding to GCP and Azure.

We have seen a return on investment in terms of reduced vulnerabilities.

I find CloudGuard CNAPP's pricing and licensing to be flexible, allowing us to explore new features without hard limits. Currently, we operate under an enterprise agreement with the flexibility to utilize the tools we need effectively.

We initially evaluated Palo Alto's cloud security posture management solution but ultimately chose CloudGuard CNAPP due to its faster implementation process and cohesive reporting capabilities. CloudGuard CNAPP's simplicity and comprehensive reporting aligned better with our need for efficient deployment and intuitive data analysis, making it the preferred solution for our cloud security requirements.

The benefits of using CloudGuard CNAPP were realized very quickly, almost immediately after deployment. The implementation process was straightforward and seamless, leveraging agentless integration with existing cloud security tools. The positive results were clear from the start.

We use CloudGuard CNAPP's CSPM capabilities extensively. We assess CSPM for identifying misconfigurations by running automated processes to scan all our cloud accounts. We prioritize risks, work with technical teams to explain vulnerabilities, and initiate fixing processes, deploying available solutions or performing manual/automated remediations. We then report progress to our teams and iterate on the process as needed.

The effectiveness of CloudGuard CNAPP's CSPM for providing compliance rules and security best practices is high. Its policies align well with common standards like NIST or CIS frameworks, enabling effective assessment against known vulnerabilities. This alignment facilitates communication and understanding between teams, streamlining the resolution process for identified vulnerabilities.

CloudGuard CNAPP's CSPM effectively identifies risks critical to our business, particularly focusing on exposure and availability ratings. It saves us significant time, likely reducing the resolution process for critical risks by around 30-40%, as it provides pre-configured assessments and clearer insights compared to starting from scratch.

The CloudGuard CNAPP team provides excellent visibility into incident investigations by simplifying access to cloud workload configuration logs and integrating with tools like SIEM platforms. This enables the incident response team to ingest data from CloudGuard CNAPP and correlate it with internal indicators, streamlining the investigation process.

We use CloudGuard CNAPP across eight countries in South America and North America, with around 130,000 employees and approximately 5,000 engineers. We manage over 100 AWS accounts and support various applications, including e-commerce tools, generating over 10,000 notifications.

My advice for someone evaluating CloudGuard CNAPP would be to start with a hands-on exploration of the dashboards and data provided by the solution, then focus on internal selling and localized deployments. The biggest lesson I have learned from using CNAPP is that while it is easy to start with, achieving full adoption and maximizing its potential requires thorough preparation and dedicated effort from the team.

Overall, I would rate CloudGuard CNAPP as an eight out of ten.

We have our CSPM and CNAPP services powered by CloudGuard. Those are the two that we are doing direct services for today, but as a reseller, we offer all the pillars.

We are a value-added reseller. We are not necessarily using it as our own. We are not a dev shop, but those are the use cases. If one of our customers has a dev shop and is working out of the cloud, this is where they look to get some better understanding and control over what their development team or their DevOps team is doing and building. This is where CloudGuard CNAPP comes into play.

CloudGuard CNAPP definitely helps with bringing the controls, which can then play to compliance. We have a few key customers in the utility space, so compliance is a major driver. Being able to apply required controls through CNAPP helps and benefits them.

Security is not a No, where you have to say, "No. You cannot do it." By having the CNAPP toolset for the DevOps team, you enable them to do their work, and it is securely done.

We use CloudGuard CNAPP's Cloud Security Posture Management (CSPM) capabilities. We have been using CSPM for just over a year. We use it internally for our own IT security. We are a company with about 75 people, and our IT security uses CSPM actively not just to respond in time but also to help manage and keep an eye on all the controls and things.

Cloud Security Posture Management identifies the risks that are most critical to our business. It helps us to prioritize those. 

We do not use CloudGuard CNAPP's CloudGuard Workload Protection capabilities. We do not have a development shop. That is where the workloads come into play, but absolutely, that is where our customers could get some of the value to be able to keep their automations and speed going by having those workload protections in place. 

It is able to bring visibility into that cloudy space where the security departments do not really see what is happening on the DevOps side. It brings visibility, security control, and standardization. These are some key features.

I am not a technical person, but generically, the user interface can be a little more intuitive. Our staff has trained network security and cloud security professionals, and they get it, but when you are trying to get to the customers to be able to pick it up and maintain it, it can be a bit difficult, so the user interface can be a little better.

We have been using CloudGuard CNAPP for just about a year.

It is a Check Point product. It is not going anywhere. We have known CSPM for years, and it has only got improved every step of the way. Our impression is that CNAPP and the other pillars will do the same. They will continue to be steady and sturdy.

Their top-end technical support is excellent. Like anything else, it is hard to get to TAC, but we are an elite partner, so we have great channel support and strategic support. We have good experience with tech support.

We have not used any other solution. We have been a Check Point customer for a long time. When it started to come out, we started to take it on.

We are primarily on Azure, but our customers are in AWS and Azure. We do not have a lot of work with Google Cloud. We have a little bit of Oracle cloud, but AWS and Azure are the two big players we see our customers using.

I am not involved in its deployment, but I know that for CSPM, which is probably related, you discover as you go. You deploy it, and you are able to get the overall insights into what the environment is. I presume you would lead with that and then work on the workload and CNAPP, but I have not had to do it myself.

We have seen an ROI, but I do not have statistics to back it. Even for our small internal IT, it helps with efficiency and reduces the time in having to go through and try to find all the misconfigurations and other things. That time is money, and that is the return on the investment, for sure. I presume our customers feel the same way when they are using and deploying, especially things related to CNAPP. Once deployed and in action, they save a lot of time because one hour of prework saves ten hours as a rework, and that is what we get with CloudGuard CNAPP.

We evaluated Orca and Wiz. We are a value-added reseller, so we do sell them. Wiz has a lot of good and competitive aspects to CloudGuard features, but CloudGuard is very competitive with them, and we are deep partners, so we lean towards that.

To those considering this solution, I would say that it is pretty easy to get it started and get the evaluation going. Check Point has a whole cloud team that is there not to sell you anything but to help find where you are in the cloud journey and bring evaluation and other things forward.

CloudGuard CNAPP is definitely in the upper echelon. I would rate it a nine out of ten. It competes very well with other solutions such as Wiz. If you break it down, it competes very well with them. That puts it right up there at the top.

I use it for cloud visibility detection and remediation. I also use it for reporting and dashboarding.

The most valuable features of CloudGuard CNAPP are its compliance engine and auto-remediation features.

CloudGuard CNAPP is a great tool that justifies its investment. Like any other tool, there are opportunities for improvement that can be addressed through a roadmap.

I have been using Check Point CloudGuard CNAPP for six years.

I would rate the scalability of the solution as a ten out of ten.

I would rate the technical support as seven out of ten. It is good when we get attention, but sometimes it is a bit difficult to get the attention we need.

Neutral

We opted for CloudGuard CNAPP over other solutions mostly due to its flexibility.

The implementation of the solution was easy.

There has been a significant ROI for me because now I can reduce risks effectively, and every risk I mitigate is a return on investment for the platform.

CloudGuard CNAPP has been crucial in giving us visibility into our cloud setup and has significantly lowered our risks by enabling better control over our cloud security.

I find that CloudGuard CNAPP 's cloud security posture management is exceptional for addressing both physical and digital security concerns. It offers extensive coverage and provides a straightforward yet sophisticated method for creating and implementing new security queries.

My advice would be to define your use cases very well when considering this solution.

Overall, I would rate CloudGuard CNAPP as an eight out of ten.

We use CloudGuard CNAPP for accessing the security status of our assets, managing inventory, and overseeing configuration settings.

It assists our visibility team in monitoring configurations, enabling us to proactively address issues before they arise.

I find the product to have strong detection capabilities. It is adept at generating the desired reports, provided you are familiar with its functionality.

It offers a range of features tailored to address the unique security challenges.

Having additional documentation on how to use CloudGuard CNAPP would be advantageous, especially if it were made more user-friendly. The application's structure seems to lead users down one path, then into another, making it difficult to backtrack or navigate seamlessly between different components. Streamlining the user interface would greatly improve the user experience.

We have been using it for three years.

It is proven to be stable.

It provides good scalability.

There is room for improvement in technical support. I would rate it five out of ten.

Neutral

Setting up CloudGuard CNAPP is straightforward, as it is API-driven. Just a few quick steps, like providing credentials and configuring settings, and you're ready to go.

The ROI of CloudGuard CNAPP is intangible since it primarily involves cost avoidance rather than direct cost reduction or profit generation. It doesn't directly contribute to revenue generation.

When we were comparing Prisma or Pallos, we found that CloudGuard CNAPP offered a more comprehensive range of tools and configuration management settings. It appeared to be a more mature product with a broader scope of capabilities.

My advice to anyone thinking about implementing it is to consider investing in professional services to handle the setup, as they possess a deeper understanding of the platform. Overall, I would rate it seven out of ten.

We use it to protect our applications in the cloud. We are doing a lot more cloud migration. We are moving all our applications into the cloud and our servers into the cloud. We need to protect our servers in the cloud.

By implementing CloudGuard CNAPP, we wanted to make sure we get alerts so that we can react much faster.

We use CloudGuard CNAPP's Cloud Security Posture Management capabilities. It knows all the accounts that were spun up. When we create an account in the cloud, it is onboarded automatically. We pull it into automation. Whenever someone changes any settings on the infrastructure side, the posture management will flag it. Sometimes, there is a way to automate a change. If we put some settings, it can make changes right away to shut that down.

Cloud Security Posture Management has a lot of compliances. It helps us to make sure our cloud configuration is up to a certain standard. If we have to be compliant, we have a good start on where we are.

Cloud Security Posture Management identifies the risks that are most critical to our business. It gives a risk score for what is being discovered. After we have that score, it is up to us how fast we want to remediate an issue. Sometimes, we might think that it is not crucial, and we might not take immediate action on it. 

We send every finding to our backend SIEM and work with our SOC to remediate those findings. Our SOC environment has that visibility of the logs so that we can react.

We know the vulnerability in advance, so we can take some action for that vulnerability. It is mostly all about how fast we can react to something.

We could see its benefits right away after we deployed the technology. However, getting visibility does not mean that we can react fast. For that, we have to work closely with all the app guys or server guys to patch all the things after we get the visibility.

Down the road, we would like to see automation. That is probably a feature that most people want. If they can automate patching a vulnerability, it will be much easier.

I have been using CloudGuard CNAPP for about four years.

I am not aware of any problems.

So far, so good. We have plans to increase its usage, but it depends on the collaboration with multiple groups.

We have been using it with a small group in our organization. We want to make sure that this group benefits from it, and then we can use that use case and expand that use case throughout the organization. Currently, it is being used for a small group, and there is an ongoing effort to make it more visible.

They are good and responsive. We have a dedicated engineer, which is good. We have a certain person to go to for any questions or any problems. It has been good so far. Sometimes, we do experience slowness in responding, but overall, it has been pretty good.

We have been using CloudGuard from day one. It used to be known by another name. We have been using it before the name change. We are long-time customers.

Currently, we are just dealing with the public cloud. We have AWS and Azure clouds. 

Its deployment needs a lot more collaboration. From the cybersecurity side, we can only do certain things to protect our environment. From the app side, it also needs collaboration with whoever is managing that application or server. A lot of collaboration is needed rather than just having the security person.

When we get all the permission to do the deployment, it is a lot easier. The security team does not hold the key to the kingdom, so we do not have access to all environments. Once we get that access, it can be deployed a lot easily.

We have definitely seen an ROI. We have not quantified it, but the notifications about misconfiguration or vulnerabilities by CloudGuard CNAPP are helping us to improve our site. Our risk is much lower. It lowers our risk on how we do things, and sometimes, it is hard to quantify that into money.

The licensing part still needs some work. The issue that I have is that we do not use all the services in the cloud, but sometimes, CloudGuard identifies them as an asset. 

We did not explore other options. We are just leveraging what CloudGuard has.

To those evaluating this solution, I would recommend trying it. You never know what you will see until you try.

It is a good product. We definitely want to see more features. We constantly try to see the new features being integrated into the product so that we can leverage them.

We are not yet using CloudGuard CNAPP's CloudGuard Workload Protection capabilities. Because the workload side is hosted by a different group, it requires collaboration. We need to work closely with the workload group. We are looking at opportunities to see if we can collaborate.

We are not yet using CloudGuard Workload Protection for VMs, containers, and serverless, but we are interested in looking into it. If we have it, the scanning provided by CloudGuard Workload Protection will help us identify problems before they go live. I have seen a demo of it, and I am looking into whether we can deploy it for our environment. It will give our cybersecurity visibility. It will help us know what is going on, and then we can react to it.

We are also not using CloudGuard CNAPP's CloudGuard CDR (formerly Intelligence) and its intrusion detection and threat-hunting capabilities. I would love to use that and get some benefits out of it sometime in the future.

I would rate CloudGuard CNAPP an eight out of ten. Automation is what we are looking for because we do not have enough time and people to handle all the events and findings.