Cheap and effective solution for 0day detection and prevention
December 28, 2021
Cheap and effective solution for 0day detection and prevention
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Check Point ThreatCloud
Check Point ThreatCloud is the core of Checkpoint products and services for intelligence sharing, threat exchange, detection, and prevention. It’s unique in terms of integrating at endpoint devices, networking devices, and cloud GWs and even on CSPM services. We generally purchase the perimeter next-generation firewalls with TX modules. TX and TP modules are automatically integrated with [Check Point] ThreatCloud. I prefer the TE and TX with cloud-enabled. This lowers the cost of operations. Even the TP modules are integrated with the threat cloud. TPs are not meant to be zero-day. However, mixing the TE/TX with TPs decreases the 0day catching times. NGFWs without TP even use [Check Point] ThreatCloud indirectly. Malware URLs/IPs are exchanged through [Check Point] ThreatCloud. We measure the effectiveness of [Check Point] ThreatCloud through cyber breach solutions. [The] last thing I want to mention and which is really shining is the Cloudguard CSPM and [Check Point] ThreatCloud. Colorguard/dome9 with [Check Point] ThreatCloud enablement based on the flow data is the real enhancer to dig out the missing security links throughout the Cloud installation. Last but not the least, Infinity portal integration with [Check Point] ThreatCloud completes the 360-degree overall threat hunting and forensics.
Pros
- Threat prevention modules
- Threat extraction modules
- Threat emulation modules
- Cloudguard with Threat Intelligence on the cloud with CSPM/dome9
- NG firewalls with APP and URL enabled
- Harmony Endpoints integrated with Infinity portal
- Threat forensics and analytics on the cloud
Cons
- SOAR integration, Checkpoint does not have built in SOAR
- Automation throughout the findings of [Check Point] ThreatCloud
- Special team for threat intelligence
- K8s threat cloud integration and K8S forensics
- Native SIEM integration
- Checkpoint internal research lab
- Number of TIX indicators on the cloud is really high
- Catching the 0days and targeted attacks
- Preventing the users accessing dangerous sites and downloading malware
- Solid security solution without decreasing the uptime
- Full solution including IPS, URL, Malware, Bot, DNS security
- Packet capture and forensics at the detection as well as the prevention
- Ability to implement on premise as well as in cloud
- High score rates [are] seen on breach systems after deploying systems integrated with [Check Point] ThreatCloud
- Catch rates are very high compared to other vendors
- One missing thing is the detection for localized URLs and IPs
- Purchasing within the 3-year perspective is cheap compared to other solutions; ROI is generally six months
- [Check Point] ThreatCloud eliminates the need [for] other additional services that may need to be deployed like dedicated IPS, Dedicated Sandbox, DNS solution, etc.
If you have the Checkpoint firewalls, the only real solution is the Check Point ThreatCloud to be used. If you have PAN - Autofocus or Fortinet-fortiguard. One advantage of Check Point ThreatCloud is the elimination of web security services, as the checkpoint with the threat cloud replaces the web security solutions with its vast features. Check Point products are very easy to use, and operation costs are much lower than the other vendors.
Do you think Check Point ThreatCloud delivers good value for the price?
Yes
Are you happy with Check Point ThreatCloud's feature set?
Yes
Did Check Point ThreatCloud live up to sales and marketing promises?
Yes
Did implementation of Check Point ThreatCloud go as expected?
Yes
Would you buy Check Point ThreatCloud again?
Yes
Comments
Please log in to join the conversation