AI-driven threat detection has reduced incidents and saved team hours weekly
What is our primary use case?
Check Point CloudGuard WAF's main use case is protecting web application APIs from external threats. It helps us block common attacks like SQL injections, cross-site scripting, and bot traffic, while also ensuring compliance with the security standards.
One unique aspect of our use case for Check Point CloudGuard WAF is how we leverage it to protect customer APIs that are critical to our business. Because we develop and host several in-house applications, we needed a solution that could adapt quickly to new endpoints and traffic patterns. Check Point CloudGuard WAF has been especially helpful here, automatically learning and adjusting protection without requiring constant manual tuning.
What is most valuable?
The best features Check Point CloudGuard WAF offers include AI-driven threat prevention, protection against OWASP Top 10, and zero-day attacks.
The zero-day attack protection in Check Point CloudGuard WAF has been very effective for us. Instead of waiting for signature updates or manual rule changes, the system uses AI to detect abnormal patterns and block suspicious traffic automatically.
Check Point CloudGuard WAF has positively impacted our organization by strengthening application security while reducing the workload in our team. The AI-driven protection against zero-day attacks and OWASP Top 10 vulnerabilities means threats are blocked automatically before patches are applied. This noticeably reduced the number of incidents we needed to investigate, freeing up time for more strategic projects.
Check Point CloudGuard WAF's ability to preemptively block zero-day attacks is one of its strongest advantages. Instead of relying on traditional signature updates, it uses AI and contextual analysis to spot abnormal traffic patterns and block them before they can exploit vulnerabilities. For example, during the Log4Shell disclosure, Check Point CloudGuard WAF was already blocking the suspicious payloads without us needing to manually adjust rules.
The breach reduction feature of Check Point CloudGuard WAF is one of the most impactful aspects of the solution. It proactively blocks suspicious traffic before it can exploit vulnerabilities, which has noticeably reduced the risk of breach in our environment.
What needs improvement?
Check Point CloudGuard WAF's support is only available in English. I gave Check Point CloudGuard WAF a rating of 9 out of 10 because the language limitation of support keeps it from being a perfect score, as I prefer support in different languages.
For how long have I used the solution?
I have been using Check Point CloudGuard WAF for around six years.
What do I think about the stability of the solution?
Check Point CloudGuard WAF is very stable.
What do I think about the scalability of the solution?
Check Point CloudGuard WAF's scalability is very good, and I have no issues with this.
How are customer service and support?
Check Point CloudGuard WAF's customer support is very great and very fast.
I would give Check Point CloudGuard WAF a rating of 10 for customer support.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I previously used Azure WAF, but I decided to switch to Check Point CloudGuard WAF.
How was the initial setup?
The first deployment of Check Point CloudGuard WAF was initially difficult because the documentation is not intuitive, but it is no longer an issue.
What about the implementation team?
I do not utilize Check Point CloudGuard WAF alongside any other Check Point products. I prefer to use a centralized WAF or specialist WAF to assess the efficiency improvements provided by Check Point CloudGuard WAF compared to traditional WAFs.
What was our ROI?
I have saved a significant amount of time and resources since implementing Check Point CloudGuard WAF. Before, our teams often spent several hours manually tuning rules and chasing false positives. The detection has now cut the workload by more than half, freeing up three or four hours less per week.
Check Point CloudGuard WAF has reduced our total cost of ownership by approximately 10%. I consider the time saved as a return on investment since using Check Point CloudGuard WAF.
What's my experience with pricing, setup cost, and licensing?
The pricing, setup cost, and licensing for Check Point CloudGuard WAF are excellent, and I have no concerns with them.
Which other solutions did I evaluate?
I did not evaluate other options before choosing Check Point CloudGuard WAF.
What other advice do I have?
Check Point CloudGuard WAF is an excellent security tool, and my advice to others looking into using it is that it is complete and modern. Check Point CloudGuard WAF is an excellent solution for web applications, and you should consider it for future deployments. I would rate this product 9 out of 10.
My review: Check Point CloudGuard WAF
What do you like best about the product?
the level of automation! The fact that we didnt have to rely on constant signature updates and changes. The system, sensitive documentation and quality management system are fully protected.
What do you dislike about the product?
The learning curve! I always say it's totally worth it after you've crossed it. It may feel at times that more guidance is needed to really get acquainted with the workings od the tool.
What problems is the product solving and how is that benefiting you?
In the medical device industry and from my point of view, protecting sensitive patient files is the most important feature it has. It is also protecting product art, patents, schemes and product development information.
Powerful, Automated Protection for Modern Cloud Applications
What do you like best about the product?
It's designed to protect our websites , Api and cloud applications from cyber attacks. This protects our application from being hacked. random heavy traffic does not cause the website to go down. reduces false positives saving time for developers and testing. fully automated setup requires very little manual tuning. very powerful for modern cloud native applications.
What do you dislike about the product?
It's many users say that its policies and rules are not easy to configure correctly. it's very expensive. technical engineers are not always available and troubleshooting takes time.
What problems is the product solving and how is that benefiting you?
it's protects your website and API's from all types of cyberattacks , keep data secure makes compliance esay and strengthens your business continuity. cybercriminals try to steal personal , financial and sensitive data stored in databases . cloud guard blocks such attempts by using DPI.
Advanced AI Security with Flexible Deployment Options
What do you like best about the product?
Since this includes AI support, advanced features, and management automations, it helps protect against unknown attacks. It also offers flexible deployment options suitable for different cloud and hybrid environments.
What do you dislike about the product?
The platform presents a steep learning curve, which can impede initial adoption and make it difficult for new users to effectively manage complex rules and logs. Additionally, the documentation is insufficient, which further complicates the onboarding process. I have also noticed that the log retention is limited, which negatively affects visibility and control.
What problems is the product solving and how is that benefiting you?
This solution safeguards web applications against threats such as SQL injection, cross-site scripting, and botnet attacks, helping to prevent data breaches while offering improved visibility into traffic. It also defends against common web application attacks, automated and bot-driven threats, vulnerabilities in applications and APIs, as well as issues related to data breaches and insufficient visibility.
Great cloud protection that’s easy to set up and really effective
What do you like best about the product?
I really like how easy it is to deploy and how effectively it protects applications without adding latency. It integrates smoothly with cloud environments and provides great visibility into threats..
What do you dislike about the product?
Sometimes the configuration can feel a bit complex at first, and the interface could be more intuitive for fine-tuning policies.
What problems is the product solving and how is that benefiting you?
It helps protect our cloud applications from common web attacks like SQL injection and XSS, ensuring compliance and reducing security risks. It also saves time by automating threat detection and response
Check Point CloudGuard WAF
What do you like best about the product?
What I like best about Check Point CloudGuard WAF is that it gives solid protection for our web applications without being hard to use. It automatically detects and blocks threats like SQL injection, cross-site scripting, and other attacks, so we don’t have to worry about constant monitoring. It also keeps everything running smoothly without slowing things down. The setup is straightforward, and the dashboard makes it easy to see what’s happening.
What do you dislike about the product?
Some advanced settings can be a bit complex at first, but it works well once set up.
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF helps protect our web applications from common threats like SQL injection, cross-site scripting, and bot attacks. It blocks harmful traffic before it reaches our systems, which keeps our apps safe and running smoothly. This saves us time, reduces the risk of downtime, and gives us peace of mind knowing our web services are protected without needing constant manual monitoring.
Effective and User-Friendly Web Application Firewall
What do you like best about the product?
What I like best about Check Point CloudGuard WAF is its strong integration with cloud-native environments. It works seamlessly with our AWS deployment, and the automated protections help us stay ahead of evolving threats without constant manual tuning. The UI is intuitive, which makes managing policies and viewing logs much easier, even for team members who aren't deep into security. I also appreciate how responsive the threat intelligence updates are—there's a clear sense that we're being protected with real-time data. Overall, it gives us peace of mind knowing our web applications are secure without creating unnecessary complexity.
What do you dislike about the product?
While Check Point CloudGuard WAF is a solid solution overall, there are a few areas that could be improved. Occasionally, the initial configuration can be a bit time-consuming, especially for more complex environments. Also, while the documentation is helpful, some sections could benefit from a bit more clarity or real-world examples. That said, once everything is set up, the platform runs smoothly and delivers reliable protection.
What problems is the product solving and how is that benefiting you?
Check Point CloudGuard WAF helps us protect our web applications from common threats like SQL injection, cross-site scripting, and bot attacks. It’s particularly valuable in our cloud environment, where scalability and automation are key. By automatically adapting to new threats and integrating smoothly with our DevOps workflows, it reduces the need for manual intervention and speeds up our response time. This not only strengthens our security posture but also frees up our team to focus on other priorities without worrying about constant monitoring or complex rule updates.
WAF for Daily Life
What do you like best about the product?
facilitate the administration and it is very intuitive
What do you dislike about the product?
how easy it is to handle it, plus the interface is very easy to learn quickly
What problems is the product solving and how is that benefiting you?
Protection of applications
Has provided real-time protection against web attacks and improved visibility across hybrid environments
What is our primary use case?
The main use case of Check Point CloudGuard WAF is for application protection.
Check Point CloudGuard WAF provides protection from OWASP threats, and secures web applications from common vulnerabilities, such as SQL injection, cross-site scripting, cross-site request forgery, and remote file inclusions.
What is most valuable?
The best feature of Check Point CloudGuard WAF is advanced threat prevention integrated with Check Point threat cloud intelligence, which provides real-time protection against web application attacks including zero-day threats, automatically receiving updates from the threat cloud and analyzing millions of indicators of compromise daily.
Cloud intelligence means that Check Point CloudGuard continuously collects threat data from global resources such as firewalls and sandboxes, analyzing billions of IPs, URLs, and behaviors using machine learning, distributing updates, security signatures, and threat profiles to CloudGuard WAF in real-time, automatically applying updated protection without manual interventions.
For how long have I used the solution?
We have been using Check Point CloudGuard WAF for the last two years, and this is a very useful product.
What other advice do I have?
I monitor the volume of the type of traffic our web applications receive and understand the types and threats targeting our environment.
Check Point CloudGuard WAF effectively detects or blocks malicious SQL queries in real-time, protecting our web application from exploitation. To block SQL injection in Check Point CloudGuard WAF, I access the CloudGuard WAF console, log into the Check Point CloudGuard WAF management console using administrative credentials, then navigate to the security policies or application security section of the console, where the firewall rules of the protection are configured. In the web security policy setting, I verify that the SQL injection protection is enabled, which is typically a predefined feature within the WAF rule set activated to detect and block SQL injection attacks. Check Point CloudGuard WAF comes with predefined SQL injection attack signatures based on known patterns and payloads commonly used in SQL injection attacks, and I ensure the SQL injection signature set is enabled so that CloudGuard can detect and block common SQL injection techniques.
I find no issues in software testing details with our predefined feature-rich template, providing automated security incident handling with real-time visibility and control across multi-cloud environments.
Achieved improved security compliance with comprehensive visibility across cloud environments
What is our primary use case?
We have over ten root domains that we need to protect through the firewall. All our hosts are in
EC2 instances, and it is challenging to protect them by using any
AWS load balancer or shields. Therefore, we have implemented
Check Point CloudGuard WAF as a solution to protect all these domains from the open internet. It supports all environments, including on-premises,
Azure,
AWS, and we have also implemented it for
CDN URLs as well.
How has it helped my organization?
It has improved the overall security posture of our organization. Earlier, our security score was around eight to nine, which increased after implementing
Check Point CloudGuard WAF. We have achieved NIST compliance, and now ninety-five percent of the environment compliance level is equal to ninety-five percent.
What is most valuable?
The support of the root domain is one of the best features, as is the support for the
CDN and advanced load balancer. These are key features that differentiate Check Point CloudGuard
WAF from other vendors. Additionally, rate limiting is another significant feature of the
WAF.
What needs improvement?
The UI interface needs improvement because there are a number of bugs. Integration with the
SIEM platform is currently one of the key challenges that need to be addressed.
For how long have I used the solution?
We have been using Check Point CloudGuard WAF for the last six months.
What do I think about the stability of the solution?
I think Check Point CloudGuard WAF is stable.
What do I think about the scalability of the solution?
It is a SaaS-based model, and we have not encountered any scalability issues. They have sufficient resources, and there are no challenges from a scalability perspective.
How are customer service and support?
The customer support is good. They have skilled personnel to provide support.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We did not use a different solution prior to this.
What was our ROI?
The return on investment is reflected in the improvement of the overall security posture. While it does not have a direct monetary impact, it enhances security with an improved NIST compliance score and better overall security scores for our organization.
What's my experience with pricing, setup cost, and licensing?
Pricing and setup costs are fine. It is less costly than
Cloudflare, Fortinet, and other vendors. Additionally, it is less costly than the OEM.
Which other solutions did I evaluate?
We evaluated
Cloudflare and Fortinet.
What other advice do I have?
I would advise others to use and implement Check Point CloudGuard WAF as a solution in the firewall segment. Check Point has been in this segment for two decades and is more stable than other firewall vendors. I recommend using it and implementing all the features it offers. Overall, it's a good solution, and it fulfills all our core purposes, providing complete visibility and security. That's why I rate it ten out of ten.
