TrustRadius: an HG Insights company

Check Point ThreatCloud

Score8.9 out of 10

4 Reviews and Ratings

What is Check Point ThreatCloud?

Check Point Software Technologies provides threat intelligence via the Check Point ThreatCloud.

Categories & Use Cases

Cheap and effective solution for 0day detection and prevention

Use Cases and Deployment Scope

Check Point ThreatCloud is the core of Checkpoint products and services for intelligence sharing, threat exchange, detection, and prevention. It’s unique in terms of integrating at endpoint devices, networking devices, and cloud GWs and even on CSPM services. We generally purchase the perimeter next-generation firewalls with TX modules. TX and TP modules are automatically integrated with [Check Point] ThreatCloud. I prefer the TE and TX with cloud-enabled. This lowers the cost of operations. Even the TP modules are integrated with the threat cloud. TPs are not meant to be zero-day. However, mixing the TE/TX with TPs decreases the 0day catching times. NGFWs without TP even use [Check Point] ThreatCloud indirectly. Malware URLs/IPs are exchanged through [Check Point] ThreatCloud. We measure the effectiveness of [Check Point] ThreatCloud through cyber breach solutions. [The] last thing I want to mention and which is really shining is the Cloudguard CSPM and [Check Point] ThreatCloud. Colorguard/dome9 with [Check Point] ThreatCloud enablement based on the flow data is the real enhancer to dig out the missing security links throughout the Cloud installation. Last but not the least, Infinity portal integration with [Check Point] ThreatCloud completes the 360-degree overall threat hunting and forensics.

Pros

  • Threat prevention modules
  • Threat extraction modules
  • Threat emulation modules
  • Cloudguard with Threat Intelligence on the cloud with CSPM/dome9
  • NG firewalls with APP and URL enabled
  • Harmony Endpoints integrated with Infinity portal
  • Threat forensics and analytics on the cloud

Cons

  • SOAR integration, Checkpoint does not have built in SOAR
  • Automation throughout the findings of [Check Point] ThreatCloud
  • Special team for threat intelligence
  • K8s threat cloud integration and K8S forensics
  • Native SIEM integration

Most Important Features

  • Checkpoint internal research lab
  • Number of TIX indicators on the cloud is really high
  • Catching the 0days and targeted attacks
  • Preventing the users accessing dangerous sites and downloading malware
  • Solid security solution without decreasing the uptime
  • Full solution including IPS, URL, Malware, Bot, DNS security
  • Packet capture and forensics at the detection as well as the prevention
  • Ability to implement on premise as well as in cloud

Return on Investment

  • High score rates [are] seen on breach systems after deploying systems integrated with [Check Point] ThreatCloud
  • Catch rates are very high compared to other vendors
  • One missing thing is the detection for localized URLs and IPs
  • Purchasing within the 3-year perspective is cheap compared to other solutions; ROI is generally six months
  • [Check Point] ThreatCloud eliminates the need [for] other additional services that may need to be deployed like dedicated IPS, Dedicated Sandbox, DNS solution, etc.

Alternatives Considered

Palo Alto Networks AutoFocus, FortiGuard Web Filtering Service and Symantec WebFilter / Intelligence Services

Other Software Used

Palo Alto Networks Advanced URL Filtering, Fortinet FortiGate, Cisco Firepower 4100 Series

ThreatCloud - Next generation Threat Protection

Use Cases and Deployment Scope

Check Point ThreatCloud is being used across the network to keep the network secure. It helps online and offline based on reputationally and malware databases as anti virus and anti bot ware.

Pros

  • anti virus
  • anti bot

Cons

  • I personally feel that online guides and reads to gather information about this product are limited.

Most Important Features

  • Threat Intelligence
  • Updates and definitions

Return on Investment

  • Threat Free Network
  • Overall IT Security

Alternatives Considered

Sophos Managed Threat Response (MTR)

Other Software Used

Foxit PDF SDK, Adobe Acrobat Reader DC