Check Point CloudGuard vs. Snyk

Checkpoint Cloud Guard Native Security Platform is much better in native cloud infra security requirements. It works well, and the manageability of said product is good. But If you are having some hybrid kind of environment, it is not suitable, and the products have more complexity to deploy. There are so many other players to do well in this segment.

Incentivized

Scenarios Where Snyk Is Well-Suited CI/CD Pipeline Integration (Node.js, Python, etc.) Container Security Open Source License Compliance Infrastructure as Code (IaC) SecurityScenarios Where Snyk May Be Less Appropriate Scanning Proprietary or Custom Code for Unknown Vulnerabilities Complex Monorepos with Custom Build Tools Organizations Requiring Custom Security Rules Advanced Security Teams Needing Correlation and Deep Triage.

Incentivized

• Advanced Threat protection via Check Point CloudGuard proven ThreatCloud intelligence feeds for malicious IP's is a nice feature.
• We have not set up the cloud bots auto-remediation functionality yet, but from initial testing, it looks to be something worth utilizing.
• Having reporting tie in's with our ServiceNow asset management platform is very handy.

Incentivized

• Helps in dependency management
• SAST - Static Application Security Testing
• Infra Code Scan ( Terraform , Cloud Formation , Docker image scan)
• OSSG

Incentivized

• Support Services - Support during implementation
• Proof-of-concept - Needs to more detailed
• Troubleshooting multi-cloud/ vendor issues
• Should contain all the compliance standards - NIST, HIPPA, FedRAMP

Incentivized

• The tool itself has many capabilities but using them operationally within the platform on a day to day basis for managing vulnerabilities is not a good experience.
• Our company was in desparate need of a tool to help us manage vulnerabilities so we could achieve a SOC 2 assurance report without findings.

Incentivized

Is easy to use, and the standad configuration is well prepared.

Incentivized

Developer-Centric Design - Snyk integrates directly into IDEs (like VS Code and IntelliJ), CI/CD pipelines, GitHub/GitLab, and container registries. Clear, Actionable Vulnerability report issues are categorized by severity.


Reports include fix recommendations, pull request suggestions, and links to remediation advice.

Incentivized

Checkpoint support is great. They provide great SLAs and they comply with service times accordingly.

Incentivized

Most products have their pros and cons but Dome9 does everything Evident.io and Redlock can do and more. Evident was a good tool but merging the two products into one complicated things.

Incentivized

Unfortunately, neither cover all of the use cases that we would like so we need to use both but they are both excellent tools as part of our vulnerability management. We find that Snyk helps us better with improving our MTTR of identified vulnerabilities when compared to inspector but that may be more based on how we have implemented both tools

Incentivized

• Significant $$$ cost savings as compared to other competitors in the market
• Long term contracting also helped in cost savings and good ROI - 750k USD approx
• Multi-vendor and Multi-cloud capabilities also helped us forecast the capex well
• No need of any other IAM solution - Some cost savings in that area as well for us,

Incentivized

• Increased developer experience
• Better productivity due to shift left as Vulnerabilities are caught earlier in the SDLC process
• Improved Vulnerability Management
• Common dashboard for various stages in CI/CD

Incentivized