Check Point CloudGuard WAF
What do you like best about the product?
What I like best about Check Point CloudGuard WAF is that it gives solid protection for our web applications without being hard to use. It automatically detects and blocks threats like SQL injection, cross-site scripting, and other attacks, so we don’t have to worry about constant monitoring. It also keeps everything running smoothly without slowing things down. The setup is straightforward, and the dashboard makes it easy to see what’s happening.
What do you dislike about the product?
Some advanced settings can be a bit complex at first, but it works well once set up.
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF helps protect our web applications from common threats like SQL injection, cross-site scripting, and bot attacks. It blocks harmful traffic before it reaches our systems, which keeps our apps safe and running smoothly. This saves us time, reduces the risk of downtime, and gives us peace of mind knowing our web services are protected without needing constant manual monitoring.
Presales Engineer
What do you like best about the product?
Check Point CloudGuard WAF is great because it uses smart AI to stop new and advanced threats automatically. It’s fully managed, so you don’t have to worry about updates or tuning—Check Point handles everything. It works perfectly with cloud platforms like AWS and Azure, scaling up as your traffic grows. It protects against all kinds of attacks, including bots, DDoS, and hacked APIs, all in one place. Plus, it’s easy to control with a single dashboard, making security simple and hassle-free
What do you dislike about the product?
Check Point CloudGuard WAF can be pricey, especially for smaller teams. Setting it up isn't always quick—it might take some time to get everything working smoothly. While it's good at blocking threats, tweaking advanced rules isn't as flexible as some other tools. Since Check Point manages updates, you can't always make changes on your own schedule. Occasionally, it might slow down your apps a tiny bit when inspecting traffic deeply. Still powerful, but worth considering these trade-offs
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF solves three big headaches for me. First, it acts like a smart shield that automatically blocks hackers trying to break into my websites or APIs - stopping stuff like SQL injections, credential stuffing, and sneaky bot attacks. Second, it saves me tons of time because Check Point handles all the security updates and rule changes behind the scenes. Third, it keeps my cloud apps safe without slowing them down, growing automatically as my traffic increases. The best part? I get strong protection without needing to be a security expert, and I can see everything that's happening through one simple dashboard. It's like having a 24/7 security guard that never sleeps and learns new tricks to catch threats.
Effective and User-Friendly Web Application Firewall
What do you like best about the product?
What I like best about Check Point CloudGuard WAF is its strong integration with cloud-native environments. It works seamlessly with our AWS deployment, and the automated protections help us stay ahead of evolving threats without constant manual tuning. The UI is intuitive, which makes managing policies and viewing logs much easier, even for team members who aren't deep into security. I also appreciate how responsive the threat intelligence updates are—there's a clear sense that we're being protected with real-time data. Overall, it gives us peace of mind knowing our web applications are secure without creating unnecessary complexity.
What do you dislike about the product?
While Check Point CloudGuard WAF is a solid solution overall, there are a few areas that could be improved. Occasionally, the initial configuration can be a bit time-consuming, especially for more complex environments. Also, while the documentation is helpful, some sections could benefit from a bit more clarity or real-world examples. That said, once everything is set up, the platform runs smoothly and delivers reliable protection.
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF helps us protect our web applications from common threats like SQL injection, cross-site scripting, and bot attacks. It’s particularly valuable in our cloud environment, where scalability and automation are key. By automatically adapting to new threats and integrating smoothly with our DevOps workflows, it reduces the need for manual intervention and speeds up our response time. This not only strengthens our security posture but also frees up our team to focus on other priorities without worrying about constant monitoring or complex rule updates.
WAF for Daily Life
What do you like best about the product?
facilitate the administration and it is very intuitive
What do you dislike about the product?
how easy it is to handle it, plus the interface is very easy to learn quickly
What problems is the product solving and how is that benefiting you?
Protection of applications
Check Point CloudGuard WAF: AI-Powered Protection for Web and API Workloads
What do you like best about the product?
What I like best about Check Point CloudGuard WAF is its contextual AI-driven threat prevention, which delivers precise, signature-free protection against zero-day attacks and OWASP Top 10 vulnerabilities—while seamlessly integrating into CI/CD pipelines for automated, cloud-native security.
What do you dislike about the product?
What I dislike about Check Point CloudGuard WAF is its steep learning curve, limited documentation, and high cost—factors that can slow down adoption, complicate integration with custom applications, and restrict accessibility for smaller teams.
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF solves the critical challenge of protecting web applications and APIs from zero-day threats, OWASP Top 10 vulnerabilities, and malicious bot traffic by using contextual AI and machine learning—benefiting me by enabling precise, signature-free threat prevention, reducing manual tuning, and ensuring secure, compliant cloud operations across dynamic environments.
Check Point CloudGuard WAF: Essential Shield for Web Applications
What do you like best about the product?
1. Offers robust protection against a wide range of web application attacks, including SQL injection and cross-site scripting
2. Simplifies the setup process with user-friendly interfaces and quick configuration options
3. Provide real-time visibility into web traffic and security incidents, enabling proactive threat detection
What do you dislike about the product?
1. Higher cost for a small business organization
2. Users might encounter false positives that can disrupt legitimate traffic
3. The extensive features may lead to a steep learning curve for new users, impacting initial adoption
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF addresses several critical problems:
1. Protect against a variety of common threats
2. Helps safeguard sensitive data transmitted over web applications, reducing the risk of data breaches
3. Provides detailed insights into web traffic and security incidents
An interesting proposition in a sea of competitor
What do you like best about the product?
The interface is easy to understand. When I compare to the competition with overly complex menu and nested option. It’s a bref of fresh air. It’s also cohesive with the rest of checkpoint’s offering
What do you dislike about the product?
With more comprehensive approach I feel that’s it’s missing a few features. Such as a zero trust feature for clients which the competitors offers.
What problems is the product solving and how is that benefiting you?
Peace of mind for any Saas product I have in the cloud and my azure subscription
Has provided real-time protection against web attacks and improved visibility across hybrid environments
What is our primary use case?
The main use case of Check Point CloudGuard WAF is for application protection.
Check Point CloudGuard WAF provides protection from OWASP threats, and secures web applications from common vulnerabilities, such as SQL injection, cross-site scripting, cross-site request forgery, and remote file inclusions.
What is most valuable?
The best feature of Check Point CloudGuard WAF is advanced threat prevention integrated with Check Point threat cloud intelligence, which provides real-time protection against web application attacks including zero-day threats, automatically receiving updates from the threat cloud and analyzing millions of indicators of compromise daily.
Cloud intelligence means that Check Point CloudGuard continuously collects threat data from global resources such as firewalls and sandboxes, analyzing billions of IPs, URLs, and behaviors using machine learning, distributing updates, security signatures, and threat profiles to CloudGuard WAF in real-time, automatically applying updated protection without manual interventions.
For how long have I used the solution?
We have been using Check Point CloudGuard WAF for the last two years, and this is a very useful product.
What other advice do I have?
I monitor the volume of the type of traffic our web applications receive and understand the types and threats targeting our environment.
Check Point CloudGuard WAF effectively detects or blocks malicious SQL queries in real-time, protecting our web application from exploitation. To block SQL injection in Check Point CloudGuard WAF, I access the CloudGuard WAF console, log into the Check Point CloudGuard WAF management console using administrative credentials, then navigate to the security policies or application security section of the console, where the firewall rules of the protection are configured. In the web security policy setting, I verify that the SQL injection protection is enabled, which is typically a predefined feature within the WAF rule set activated to detect and block SQL injection attacks. Check Point CloudGuard WAF comes with predefined SQL injection attack signatures based on known patterns and payloads commonly used in SQL injection attacks, and I ensure the SQL injection signature set is enabled so that CloudGuard can detect and block common SQL injection techniques.
I find no issues in software testing details with our predefined feature-rich template, providing automated security incident handling with real-time visibility and control across multi-cloud environments.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Development cycle has streamlined with enhanced collaboration and automation while cost estimation remains challenging
What is our primary use case?
We mainly use
Azure DevOps for CI/CD pipelines for our applications, as well as project management and tracking bugs.
What is most valuable?
It has definitely streamlined our development cycle. The integration with other Microsoft products, especially Visual Studio, is seamless. The automation capabilities have saved us a lot of time and reduced manual errors. We are also using the Boards feature to manage sprints and track progress, which has improved team collaboration significantly.
What needs improvement?
The pricing can be a bit complex to understand initially. It can be challenging to estimate costs, especially when scaling our usage. Also, while the documentation is comprehensive, it can be difficult to navigate at times.
What's my experience with pricing, setup cost, and licensing?
The pricing can be a bit complex to understand initially. It can be challenging to estimate costs, especially when scaling our usage.
What other advice do I have?
Azure DevOps is a comprehensive platform that streamlines our development workflow and enhances team collaboration, though the pricing structure could be simplified.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
AI-Powered Protection WAF for Web and API
What do you like best about the product?
CheckPoint Cloud Guard is an intuitive feature packed firewall providing our clients with the best web protection in this dynamic technological sector.
I like that is Ai powered, has feature rich management Web UI which is easy to navigate.
What do you dislike about the product?
Initial setup is a bit complex but once done all is good.
What problems is the product solving and how is that benefiting you?
Looking at protection against web app attacks.
