--- title: Check Point WAF (formerly CloudGuard WAF) Reviews meta_title: 'Check Point WAF (formerly CloudGuard WAF) Reviews 2026: Details, Pricing, & Features | G2' meta_description: Filter 82 reviews by the users' company size, role or industry to find out how Check Point WAF (formerly CloudGuard WAF) works for a business like yours. aggregate_rating: rating_value: 4.4 review_count: 82 scale: '5' date_modified: '2026-06-24' parent_category: name: Cloud Security url: https://www.g2.com/categories/cloud-security --- # Check Point WAF (formerly CloudGuard WAF) Reviews **Vendor:** Check Point Software Technologies **Category:** [API Security Tools](https://www.g2.com/categories/api-security) **Average Rating:** 4.4/5.0 **Total Reviews:** 82 ## About Check Point WAF (formerly CloudGuard WAF) CloudGuard WAF is a cloud-native Web and API security solution designed to help users safeguard their applications from both known and unknown threats. By leveraging advanced contextual AI, this solution provides precise threat prevention without the need for traditional signature-based detection methods. This innovative approach allows organizations to maintain a robust security posture while minimizing the risks associated with evolving cyber threats. Targeted primarily at businesses that rely on web applications and APIs, CloudGuard WAF is particularly beneficial for enterprises in sectors such as finance, healthcare, and e-commerce, where data protection is paramount. The solution is designed to address the complex security challenges that arise in modern application environments, especially those utilizing continuous integration and continuous deployment (CI/CD) practices. As organizations increasingly adopt cloud-native architectures, the need for flexible and efficient security solutions becomes critical. One of the standout features of CloudGuard WAF is its preemptive protection capabilities. By employing machine learning-based security measures, the solution can effectively prevent zero-day threats, which are vulnerabilities that have not yet been discovered or patched. This proactive approach eliminates the reliance on frequent signature updates, allowing organizations to stay ahead of potential attacks without the need for constant manual intervention. Moreover, CloudGuard WAF excels in precise detection, enabling it to identify a broader range of attacks while minimizing the need for ongoing fine-tuning and exception creation. This feature not only enhances the accuracy of threat detection but also reduces the operational burden on security teams, allowing them to focus on more strategic initiatives rather than routine adjustments. Designed with cloud-native principles in mind, CloudGuard WAF supports CI/CD-friendly deployment and automation. This means that organizations can easily integrate the solution into their existing workflows, from installation to upgrades and configuration. By utilizing declarative infrastructure-as-code or APIs, users can streamline their security processes, ensuring that their applications remain protected as they evolve. Overall, CloudGuard WAF represents a significant advancement in the realm of web and API security, offering organizations a sophisticated and adaptable solution to combat the ever-changing landscape of cyber threats. Its combination of preemptive protection, precise detection, and cloud-native design makes it a valuable asset for any organization looking to enhance its security posture in today's digital environment. ## Check Point WAF (formerly CloudGuard WAF) Pros & Cons **What users like:** - Users value the **user-friendly GUI and automated security features** of Check Point CloudGuard WAF, enhancing application protection. (35 reviews) - Users value the **robust security features** of Check Point CloudGuard WAF, ensuring effective protection against threats effortlessly. (30 reviews) - Users value the **automatic zero-day protection** of Check Point CloudGuard WAF, ensuring minimal false positives and effective defense. (21 reviews) - Users value the **effective DDoS protection** of Check Point CloudGuard WAF, ensuring robust security for cloud applications. (21 reviews) - Users appreciate the **comprehensive proactive protection** of Check Point CloudGuard WAF against modern web application threats. (18 reviews) - Users appreciate the **fully automated setup** of Check Point CloudGuard WAF, enabling quick and easy deployment. (17 reviews) - Users highlight the **accurate threat detection** and ease of use of Check Point CloudGuard WAF, ensuring effective protection. (13 reviews) - Cloud Integration (12 reviews) - Automation (11 reviews) - Time-Saving (10 reviews) **What users dislike:** - Users find the **initial setup complex** , making it challenging for teams less familiar with Check Point's ecosystem. (21 reviews) - Users find the product's **premium pricing** to be higher than competitors, which may deter budget-conscious customers. (14 reviews) - Users find the **learning difficulty** significant due to complex setup and extensive features requiring extensive tuning. (14 reviews) - Users find the **difficult learning curve** challenging due to extensive features and configurations required for effective use. (11 reviews) - Users find the **user interface overwhelming** , with complex configurations and hidden options that hinder ease of use. (10 reviews) - Users find the **initial setup and UI complexity** challenging, especially when managing extensive rules and logs. (10 reviews) - Poor Customer Support (9 reviews) - Users find the **poor documentation** to be a significant barrier during onboarding and effective management of the platform. (9 reviews) - Complex Configuration (6 reviews) - Complexity (6 reviews) ## Check Point WAF (formerly CloudGuard WAF) Reviews ### 1. Strong and reliable WAF for modern web and API security **Rating:** 4.5/5.0 stars **Reviewed by:** Dharamveer p. | Application Security Engineer, Information Technology and Services, Small-Business (50 or fewer emp.) **Reviewed Date:** May 02, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What I like best about Check Point CloudGuard WAF is its strong AI-driven threat protection and ability to handle modern web and API security challenges. It does a great job at blocking common attacks like XSS and SQL injection, as well as more advanced threats like zero-day vulnerabilities without relying heavily on manual rule updates. The real-time detection and low false positives make it reliable in production environments, and it reduces a lot of manual effort for security teams. Another thing I appreciate is how well it fits into cloud environments. Deployment is relatively smooth, and once configured properly, it provides good visibility into traffic, threats, and application behavior. The automated learning and tuning capabilities also help in reducing the overhead typically required in traditional WAF solutions. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** What I dislike about Check Point CloudGuard WAF is that the initial setup and fine-tuning can take time, especially for teams that are new to the platform. Some advanced configurations require deeper understanding, and integration with other tools is not always as seamless as expected. Cost can also be a factor, particularly for smaller teams or organizations. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF solves the problem of securing web applications and APIs against evolving cyber threats without heavy manual intervention. It automates threat detection and prevention, reduces operational workload, and ensures continuous protection against both known and unknown attacks. For me, it helps in improving overall application security posture while saving time on manual monitoring and rule management. Overall, my experience has been positive, especially in terms of strong protection, automation, and reduced manual effort in managing application security. ### 2. Strong Protection with Room for Onboarding Improvement **Rating:** 4.5/5.0 stars **Reviewed by:** Hazem H. | Cyber Security Trainee Network Security Trainee Self Learning – Cyber & Network Security, Mid-Market (51-1000 emp.) **Reviewed Date:** June 20, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I use Check Point WAF to protect web applications and APIs from a wide range of cyber threats like SQL injection and cross-site scripting (XSS). What I like most about Check Point WAF is its ability to provide strong, automated protection for web applications while remaining easy to manage on a day-to-day basis. The platform effectively detects and blocks traffic. The initial setup of Check Point WAF was relatively straightforward, especially with the available documentation and guided configuration options. It provides strong protection against modern web application threats and offers good visibility through a centralized management interface. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** One challenge is the initial onboarding and policy tuning process. For organizations with complex or highly customized web applications, achieving the right balance between strong protection and minimizing false positives can require additional time and expertise. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point WAF to protect web applications and APIs from cyber threats like SQL injection and XSS. It offers strong, automated protection while being easy to manage daily. It effectively detects and blocks traffic, solving security challenges by defending against common and complex attacks. ### 3. Powerful Security with a Complex Setup **Rating:** 4.5/5.0 stars **Reviewed by:** Merin K O. | Core Team Member (Cybersecurity), Small-Business (50 or fewer emp.) **Reviewed Date:** May 29, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I use Check Point WAF to protect our internet-facing web application and APIs from web-based threats like SQL injection and cross-domain issues. The solution provides advanced threat prevention and automated policy cleaning. I appreciate the traffic inspection and reverse migration capabilities that ensure application availability and maintain security compliance. It supports both community and hybrid environments. We also integrate it with our broader security ecosystem, which helps in monitoring and provides better visibility for threat detection. Cloud integration capabilities have simplified development, providing better visibility to application networks and stronger protection against top vulnerabilities. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** While Check Point WAF provides strong application security and configuration capabilities, there are some areas that could be improved. The initial set of policy tuning process can be complex for new administrators, requiring a good understanding of web application traffic patterns. The interface could be more user-friendly, and the reporting and dashboard customization options could be enhanced to provide more actionable insights. Additionally, licensing can be challenging for smaller organizations, I assume. Faster deployment templates for cloud-native applications would further simplify the implementation. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point WAF to protect our web application and APIs from threats like SQL injection and ensure security compliance. It offers advanced threat prevention, automated policy cleaning, and supports hybrid environments, though initial setup needs expertise. ### 4. Excellent Traffic Insights for Securing Web Apps and APIs **Rating:** 4.5/5.0 stars **Reviewed by:** Nijat I. | Full-stack Developer, Information Technology and Services, Small-Business (50 or fewer emp.) **Reviewed Date:** May 12, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Check Point WAF was mostly used for monitoring and securing internet-facing applications and APIs receiving traffic from outside clients. The majority of daily operations entailed examining rejected requests, analyzing security events post-deployment, and tuning protection rules in case legitimate traffic was impacted. The main asset in terms of operational activities was insight provided at the HTTP and API level. This allowed for examination of request patterns, header details, path and URL parameters and, if needed, the actual contents of blocked requests, rather than looking at basic network data. It made things more clear whether strange behavior was caused by legitimate application operation, automated scanning, or attack attempts against available services. Post-updates policy tuning was done occasionally because even minor front-end or API changes were affecting some protection settings. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The tuning phase can be a lengthy one due to traffic fluctuations or custom APIs. Initially, I had to spend quite some time ensuring that blocked calls were indeed malicious or a result of the application's normal activity misinterpreted as something else. Additionally, there is a need for constant tuning when dealing with multiple applications as well as keeping a balance between tight protection and not interrupting the production traffic. Only after acquiring a good understanding of how signature definitions, exceptions, and policies worked internally did troubleshooting become easier. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** The reliance on traditional firewall filtering and manual monitoring for web application security was much higher before the deployment of Check Point WAF, as these methods were insufficient when detecting potential attacks on application layer. With the implementation of the new system, security monitoring became more application-focused, allowing us to detect malicious activity targeted at our web applications and web APIs, as well as minimizing vulnerability to standard web attacks and gaining more control over incoming traffic. ### 5. Strong OWASP Protection and AI-Driven Threat Prevention That Scales **Rating:** 5.0/5.0 stars **Reviewed by:** Luciano P. | Cybersecurity Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** May 29, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Strong protection against OWASP Top 10 attacks Easy integration with cloud environments Good real-time threat prevention and bot protection Centralized management and visibility AI-driven threat intelligence from Check Point Scalable for enterprise workloads Helpful automation and policy tuning feature **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Initial setup can be complex Can be expensive for smaller companies Some advanced configurations require expertise Dashboard/UI can feel overwhelming at first Occasional false positives that need tuning Support response time may vary depending on the plan **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF is solving web application security problems by blocking attacks such as SQL injection, XSS, bots, and API threats. It helps secure cloud applications, reduce security incidents, improve visibility into traffic, and support compliance requirements. The benefits include stronger protection for business applications, reduced downtime, lower risk of data breaches, faster threat response, and improved operational efficiency through centralized management and automation. ### 6. Strong Web Protection with Easy Management **Rating:** 4.0/5.0 stars **Reviewed by:** Syed M. | SOC Analyst Trainee , Mid-Market (51-1000 emp.) **Reviewed Date:** June 02, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like the strong protection Check Point WAF offers against web application attacks. Its easy-to-manage interface is a big plus for me, as is the real-time threat detection that it provides. I also appreciate the detailed visibility into web traffic and security events, which makes it easier to monitor and respond to potential threats. The documentation was helpful during the initial setup, allowing for a straightforward configuration. Additionally, it integrates well with other security tools, which enhances its effectiveness in our security infrastructure. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** One area that could be improved is reducing false positives and making policy tuning more straightforward. The reporting and dashboard customization options could also be more flexible and user-friendly. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point WAF protects web applications from cyberattacks, detects malicious traffic, reduces security risks, and improves application security without affecting user experience. ### 7. Strong Multi-Cloud Protection, Needs Easier Tuning **Rating:** 3.5/5.0 stars **Reviewed by:** Jawher S. | Mid-Market (51-1000 emp.) **Reviewed Date:** April 28, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I use Check Point CloudGuard WAF to protect cloud-native apps and APIs from OWASP Top 10 threats, like injection and XSS, while also providing bot mitigation and granular traffic inspection. I like its seamless integration with the CI/CD pipeline, allowing security policies to be deployed as code without slowing down development. This automation ensures security enforcement with every development, eliminating manual policy updates and reducing human error, which lets developers ship faster while protecting new code immediately. I appreciate its integration with CI/CD tools like Jenkins and CircleCI, and security platforms like Wiz and AWS Network Firewall. We switched to Check Point CloudGuard WAF from a legacy web app firewall because it lacked API security and multi-cloud support, and CloudGuard WAF provides better automation and centralized policy management. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The policy tuning can be complex, leading to occasional false positives. Also, dashboard sync delays sometimes occur across multi-cloud environments. The learning curve and tuning effort for non-trivial apps keep it from being a perfect fit for every team. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to secure cloud apps and APIs against automated attacks, zero-day exploits, and reduce manual rule tuning. It integrates seamlessly with CI/CD pipelines, automating security enforcement and allowing faster code deployment. ### 8. Check Point WAF Delivers Strong Protection Against Common Web Attacks **Rating:** 5.0/5.0 stars **Reviewed by:** Otniel V. | SOC Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** June 09, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I believe the best advantage of the Check Point WAF solution is that it offers a strong protection against common web attacks (OWASP Top 10, bots, API threats), which are the most common threats I met. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** There are no many things to say here, but let’s say that the complex initial setup can be challenging, especially for teams without prior Check Point experience. However, there are a lot of tutorials that will help with this, so I wouldn’t say that it is really a thing I don’t like, just that it’s challenging. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** In my team case, Check Point WAF protects our web applications and APIs from common cyber threats while providing centralized visibility and control. This reduces security risks, improves compliance, and saves time on manual security management. ### 9. Robust AI-Driven Security with Room for UI Enhancement **Rating:** 4.0/5.0 stars **Reviewed by:** BintuFatimah T P. | Information Security Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** April 14, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like Check Point CloudGuard WAF for its ability to combine intelligent automation with strong visibility, making it a reliable solution for securing cloud applications while reducing operational overhead. It balances advanced security capabilities with usability and scalability effectively, which is great for both security operations and compliance-focused teams. It also integrates well with broader security and cloud ecosystems, which enhances visibility, monitoring, and incident response. The AI-driven protection, excellent visibility, and scalability for cloud environments are strong points, making it a solution I recommend for strengthening application security. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I think there are a few areas where Check Point CloudGuard WAF could be improved. I would appreciate more guided onboarding and configuration support. Also, an enhanced UI/UX for policy management and log analysis would be beneficial. I'd like to see greater flexibility in custom rule creation and deeper integration with SIEM and GRC platforms. Expanded documentation and real-world use cases would also be helpful, along with better cost transparency and scalability options. While the setup was moderately easy, there is a learning curve during initial configuration, and the documentation and guidance could improve. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to secure cloud-hosted apps, handle web threats, reduce false positives, improve traffic visibility, simplify multi-cloud security, support compliance, and lower operational overhead. ### 10. Effortless Cloud Security with Automated Protection **Rating:** 4.0/5.0 stars **Reviewed by:** jawher s. | AI Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** April 08, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like how Check Point CloudGuard WAF delivers strong automated threat prevention with minimal tuning, making cloud app protection feel both powerful and effortless. I also really appreciate how seamlessly CloudGuard WAF integrates with cloud-native workflows, applying protections automatically as new services spin up so security never slows down development. It's great how CloudGuard automatically applies security policies to every new cloud resource as it's created, so nothing ever launches unprotected and you don't have to slow down development to keep things secure. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** CloudGuard WAF could improve by making advanced configuration and log analysis faster and less cumbersome. It would benefit from clearer, more intuitive advanced settings and a faster, more searchable log viewer that makes deep dive investigation less time-consuming. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect cloud applications by detecting, blocking, and mitigating web attacks. It solves the headache of constantly monitoring web defenses by automatically blocking threats like OWASP Top 10, bot attacks, and zero-day exploits, making protection feel both powerful and effortless. ### 11. Great Protection Without the Need to Be a Pro **Rating:** 5.0/5.0 stars **Reviewed by:** Prasanth K. | Enterprise Architect | Cloud Transformation Leader | Driving Multi-Cloud Strategy, Solutions | DevSecOps Excellence | Innovation Resilient Infrastructure at Scale, Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** February 19, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** CloudGuard WAF is an excellent non-cloud choice to keep the applications or website secured without being a security expert. It hides the background or ground level details of application and acts as a barrier layer in front of your site and automatically blocks unauthorized and DDos and others attacks. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Just liek any other software out there Cloudguard does have some complex and rigid configuration policies which i really feel aren't worthy. Sometimes configuration takes more time than actual benefits. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It actually secures applications by just exposing it via secured channel which is more beneficial or public apps. Its inbuilt support to stop the bot, SQLi, heavy body, DDos and more traffic is really appreciative of. We can configure our own security rules to make sure what is allowed and what is not. ### 12. Centralized Security with a Learning Curve **Rating:** 4.0/5.0 stars **Reviewed by:** Jawher S. | Data Scientist, Mid-Market (51-1000 emp.) **Reviewed Date:** March 25, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like the single pane of glass management that Check Point CloudGuard WAF offers, providing consistent policies across all cloud environments. I appreciate how it enforces granular, context-aware security policies across multi-cloud, protecting my cloud-native applications from web exploits and bots. I also find its centralized security management across multi-cloud environments valuable, as it eliminates the complexity of maintaining disparate WAF solutions and stops sophisticated attacks like SQL injection and zero-day exploits. Additionally, I use it with SIEM platforms like Splunk for centralized logging and threat correlation, and I integrate it with CI/CD pipelines such as Jenkins to automate security policy deployment. Overall, it delivers powerful security. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The setup and policy tuning have a steep learning curve, and the reporting dashboard could be more intuitive. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect my applications from web exploits and bots, centralize security across multi-cloud environments, and reduce manual effort for consistent compliance. ### 13. Modern WAF that actually reduces tuning, not perfect but solid **Rating:** 4.0/5.0 stars **Reviewed by:** Ivan D. | Pre-sales IT Security Solutions Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** May 28, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I appreciate how quickly you can get it up and running. Compared to older WAFs that take time to tune, this one is much faster to deploy and requires less ongoing maintenance, which makes a real difference in day-to-day operations. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The platform is also not the most intuitive at first. While the core functionality is strong, getting familiar with some of the advanced features and configuration options takes time, especially if you’re used to simpler WAF solutions. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It helps a lot with handling modern threats like API abuse, OWASP-type attacks, and zero-days without waiting for signatures or manual rule updates. That means you’re not always reacting after the fact — it blocks things much earlier in the cycle. ### 14. Great UI, Smooth Integration, and Helpful Support **Rating:** 4.5/5.0 stars **Reviewed by:** Alejandro F. | Generative AI Trust & Safety Specialist (Partnering with Google), Small-Business (50 or fewer emp.) **Reviewed Date:** June 12, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** The user interface is really good, also a good integration and performance on my device. Pricing is okay in the actual market. Always when I had a problem the support team has been helpful. AI integration could be better **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I will say that the AI integration on Check Point WAF could be better and use more of the Agentic AI but overall the rest is okay so far as I had a great experience overall **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Actually Check Point WAF is solving multiple problems at my company that we had and no other tool was capable of resolving but this one has been able to. ### 15. Solid Protection with Machine Learning; Console Improvable **Rating:** 3.5/5.0 stars **Reviewed by:** Eric S. | Mid-Market (51-1000 emp.) **Reviewed Date:** March 05, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I greatly appreciate the machine learning engine of Check Point CloudGuard WAF for prevention, because it automates much of the complex work of rule management, drastically reducing false positives. I don't have to write custom rules from scratch and the policies adapt well to real traffic after the initial learning period. Additionally, I like the security policy updates that come from the cloud without me having to intervene manually. The preemptive bot protection is very effective, clearly distinguishing between good and malicious bots, and the automatic API discovery is convenient for mapping APIs and detecting unprotected endpoints. The unified console for policy management across different environments, cloud and on-prem, is very useful to avoid maintaining separate stacks. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The management console could be improved; sometimes you have to click too many times to find specific information, and the logging system is not granular enough during troubleshooting. The documentation lacks concrete examples for real use cases, and more practical troubleshooting support would be helpful. Integration with Splunk requires writing custom parsing, and support for configuration as code has room for improvement. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF manages false positives using machine learning, better protecting APIs and reducing bot traffic. It unifies management on cloud and on-premises, simplifying work compared to the past, but the management console has room for improvement. ### 16. Effortless Hybrid App Security and Rock-Solid API Protection **Rating:** 5.0/5.0 stars **Reviewed by:** Rabindra K. | Cloud Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** February 12, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What really stands out to me is how easy it is to manage across our hybrid environment it doesn’t care if our apps are in AWS, Azure, or on-prem, everything just works. The SSL offloading took a massive load off our backend servers, and the API protection has been rock solid. Honestly, I don’t have to think about WAF configs anymore, and that’s the dream. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The reporting and logging could definitely be more intuitive I usually end up exporting logs just to make sense of them because the built-in tools feel clunky. Also, the dashboard sometimes takes a few extra seconds to load, which is more annoying than it should be for a product at this price point. Minor frustrations, but they add up. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** We were drowning in alert fatigue our old setup would ping us for every tiny anomaly, and half the time it was just noise. CloudGuard actually filters out the garbage and tells us what really needs attention, so my team can focus on actual threats instead of babysitting logs. It’s cut our incident response time in half and honestly made work a lot less stressful. ### 17. AI-Driven WAF with Minimal Manual Tuning **Rating:** 4.0/5.0 stars **Reviewed by:** Maqsud A. | Network Security Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** February 17, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like Check Point CloudGuard WAF because of its contextual AI that delivers near-zero false positives and automatic zero-day protection. I find it extremely valuable for providing strong automatic protection against zero-day threats with almost no false positives and requiring zero daily tuning effort. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** One area that could be improved is the initial learning period for very complex or highly dynamic applications, which sometimes requires a bit more manual exception tuning than I'd prefer in the first few weeks. Also, the initial setup/learning phase for complex apps can be a bit involved, and pricing feels premium, though the low-maintenance protection usually justifies it for serious environments. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I expect Check Point CloudGuard WAF to solve zero-day attack exposure and reduce manual tuning and false positives. It offers strong, automatic protection with contextual AI, near-zero false positives, and minimal daily management, making it valuable for securing our cloud/web environments. ### 18. Low False Positives and an Easy Setup from Day One **Rating:** 4.0/5.0 stars **Reviewed by:** Dominika T. | Cybersecurity Engineer - Data Protection, Enterprise (> 1000 emp.) **Reviewed Date:** June 17, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like the most that since beginning of set up the rate of False Positives is significantly lower then in other tools. Also 0 day protection is working well and does not require manual rules updates. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** There is not enough of technical documentation and also initial set up is complicated. Will be easier if will be more knowledge-base articles available. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It protect assets in hybrid, cloud and on-premises environments. Allows for Iac for better configuration so it allows to save some time of cloud security engineers. ### 19. Catches Zero-Day Attacks with Low False Positives and a Unified Security Dashboard **Rating:** 5.0/5.0 stars **Reviewed by:** Rithin m. | Software Developer, Small-Business (50 or fewer emp.) **Reviewed Date:** May 27, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** The AI engine catches zero-day attacks without throwing false positives at us all day. Bot protection killed our scraping problem, and managing cloud plus on-prem from one dashboard saves real time. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The initial learning curve is steeper than I'd like. Documentation could be clearer for advanced policy tuning, and the console can feel sluggish when pulling reports across larger time ranges. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It solves the problem of constant manual tuning that older WAFs needed. Now our APIs are shielded from injection attacks and credential stuffing automatically, and our team spends way less time triaging noise. ### 20. Centralized Protection with Seamless Cloud Integration **Rating:** 4.0/5.0 stars **Reviewed by:** Yosra M. | Consultante Salesforce, Mid-Market (51-1000 emp.) **Reviewed Date:** March 26, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like most about Check Point CloudGuard WAF is its seamless integration with cloud environments and the ability to enforce consistent security policies across multiple platforms through a single console. It also provides strong centralized protection and cloud-native integration. The initial setup was relatively simple thanks to the cloud-native integration and automated policy template. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** One area that could be improved is the initial setup and policy tuning, which can feel complex and time-consuming, especially for teams without deep prior experience with Check Point's ecosystem. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect our cloud-native applications from web attacks, centralize security policy management, automate defense, and solve the challenge of securing distributed cloud applications with unified visibility, automated threat prevention, and simplified compliance management. ### 21. Strong Security and Easy Management for Multi-Cloud App Protection **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.) **Reviewed Date:** June 09, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** It’s a solid combination of strong security and easy management. I also appreciate its cloud-native approach, especially the ability to protect applications across different cloud environments. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Compared with some competing WAF solutions, the initial setup and policy-tuning process can feel complicated, particularly for teams that are new to web application security. I’ve also seen users note that troubleshooting false positives may take a significant amount of manual effort, and that the user interface can come across as less intuitive than some cloud-native alternatives. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It protects web applications and APIs from cyber threats that traditional network firewalls can’t effectively stop. It also helps mitigate attacks such as SQL injection, cross-site scripting (XSS), remote code execution, bot attacks, API abuse, and denial-of-service attempts. ### 22. Efficient Threat Management, Tough Learning Curve **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User | Enterprise (> 1000 emp.) **Reviewed Date:** June 09, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I really like the AI engine in Check Point WAF; it's cool how it automatically handles threats, saving us a lot of time by reducing the false positive rate. This automation allows us to block threats efficiently without impacting the user experience, which is great because the team doesn't waste hours chasing down false alarms. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** It has a pretty steep learning curve, and the initial config is pretty tough as well, and also the price can sting quite a bit. The documentation needs some work. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point WAF to protect web apps and APIs automatically, reducing manual rule tuning and false positives. The AI engine saves us time by handling threats and automating blocking without impacting user experience. ### 23. Easy to Distribute, Great for the Cloud **Rating:** 4.0/5.0 stars **Reviewed by:** Eric S. | Machine Learning Engineer **Reviewed Date:** January 12, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I really like the simplicity of deploying Check Point CloudGuard WAF. It is cloud native and integrates well with AWS and Azure, automatically scaling when there is a traffic spike. I appreciate the centralized management that saves me time and the console where I can manage multiple environments from a single interface. The AI engine for threat detection is impressive and reduces the tuning work, learning from legitimate traffic and alerting you to attacks that might go unnoticed with other solutions. Check Point's support has always been quite responsive. Additionally, the updates for signatures and protection rules are automatic, which saves me valuable time. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The thing that annoys me the most is the price. It is not cheap at all, and when I have to propose it to smaller clients, I often struggle to justify the cost compared to cheaper alternatives. The documentation could also be much better. Sometimes you look for how to do a specific thing and end up going around in circles among guides that don't answer your question or are outdated. Another thing that bothers me is that the console is sometimes slow, especially when you have to scroll through heavy logs or generate reports over long periods. The initial tuning of the machine learning requires patience. The first few weeks it generates some false positives until it learns the traffic well, and you have to keep an eye on it to avoid blocking legitimate users. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect web applications, reduce false positives with machine learning, manage automated attacks, and centralize policy management in mixed cloud environments. It allows me to respond quickly to emerging threats and reduces the tuning workload. ### 24. Effective Security with Easy-to-Use Interface **Rating:** 4.5/5.0 stars **Reviewed by:** Md Akil A. | Associate Consultant, Computer Networking, Mid-Market (51-1000 emp.) **Reviewed Date:** February 16, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like the Check Point CloudGuard WAF's GUI, which is very easy to use. It effectively helps in providing security to applications by allowing and blocking IPs, which is especially useful as we work on zero internet in our project. If we know an IP is part of our internal or external client, we can easily allow that IP. Check Point CloudGuard WAF's security is a key reason why we switched from using Azure Firewall. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I think internal DNS needs to be removed. Also, the initial setup isn't easy, and when we try to resolve any ip it getting resolved but not from given source **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to provide security to our application, allowing us to manage IPs by allowing internal and external client IPs and blocking others. ### 25. AI-Driven Protection with Complex Setup **Rating:** 4.0/5.0 stars **Reviewed by:** Mikolaj . | Small-Business (50 or fewer emp.) **Reviewed Date:** April 27, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I really appreciate the AI-driven protection of Check Point CloudGuard WAF. It helps in protecting web apps and APIs from SQL injections, XSS, and DoS attacks by analyzing incoming traffic and blocking malicious activity in real-time. This reduces the need for manual security management. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The setup was a little bit complex, requiring me to understand specifications and documentation. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF for protecting web apps and APIs from SQL injections, XSS, and DoS, analyzing and blocking malicious activity, and reducing the need for manual security management. ### 26. AI-Powered Security with a Price Tag **Rating:** 5.0/5.0 stars **Reviewed by:** Munyaradzi Allan N. | Assistant - IT Audit and Assurance, Mid-Market (51-1000 emp.) **Reviewed Date:** March 29, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I really appreciate Check Point CloudGuard WAF as it stands out as a modern, AI-driven web application and API protection platform that does far more than traditional WAFs. I like its prevention-first approach using contextual AI and machine-learning models to detect new and unknown threats before they are documented, which is especially appealing for organizations that prioritize true zero-day resilience. It addresses multiple modern security issues that traditional WAFs struggle with. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** the pricing is high, many companies might not benefit from this **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I find Check Point CloudGuard WAF prevents zero-day attacks before they're known, addressing multiple modern security challenges traditional WAFs struggle with. ### 27. Powerful, Automated Protection for Modern Cloud Applications **Rating:** 5.0/5.0 stars **Reviewed by:** aditya t. | Developer, Mid-Market (51-1000 emp.) **Reviewed Date:** November 18, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** It's designed to protect our websites , Api and cloud applications from cyber attacks. This protects our application from being hacked. random heavy traffic does not cause the website to go down. reduces false positives saving time for developers and testing. fully automated setup requires very little manual tuning. very powerful for modern cloud native applications. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** It's many users say that its policies and rules are not easy to configure correctly. it's very expensive. technical engineers are not always available and troubleshooting takes time. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** it's protects your website and API's from all types of cyberattacks , keep data secure makes compliance esay and strengthens your business continuity. cybercriminals try to steal personal , financial and sensitive data stored in databases . cloud guard blocks such attempts by using DPI. ### 28. Proactive Threat Prevention with Easy Setup **Rating:** 4.0/5.0 stars **Reviewed by:** oscarina s. | Manager, Small-Business (50 or fewer emp.) **Reviewed Date:** November 30, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I appreciate the proactive and AI-driven threat prevention offered by Check Point CloudGuard WAF. It effectively detects and blocks threats like SQL injections, remote code execution, and automated bots without the need for traditional signature updates. This advanced AI-driven security extends protection against a wide range of threats, including zero-day exploits and API attacks, all with minimal effort. I find the product’s capability to ensure comprehensive threat coverage with reduced manual intervention to be highly valuable. Additionally, the initial setup process is very easy, which facilitates a smooth adoption and fast deployment. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The steep learning curve is largely due to the sheer number of features and the extensive configuration needed before the system feels truly comfortable to use. With so many profiles, protections, exception paths, and tuning options available, it can be difficult to determine exactly what is necessary from the very beginning. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect web applications by automatically detecting and blocking threats like SQL injections and API attacks, without needing traditional signature updates. ### 29. Quick and Effective Protection, but with Configuration Challenges **Rating:** 4.5/5.0 stars **Reviewed by:** Jean Carlos B. | JEFE, Small-Business (50 or fewer emp.) **Reviewed Date:** November 29, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I love that Check Point CloudGuard WAF protects our web applications and cloud APIs against a wide range of threats, which is crucial in today's digital environment. I especially value its ability to prevent bot attacks, ensuring the secure operation of our applications, in addition to effectively protecting us against scammers. I find that the implementation is quick and simplified, which is a great benefit by minimizing the time and effort needed to get the system up and running. I am also impressed with its multi-platform security that provides solid protection, and the high protection rate it offers highlights its effectiveness. Additionally, the initial configuration of Check Point CloudGuard WAF is very simple and suitable for users of different experience levels, which greatly facilitates the integration process. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Possible bottleneck in the performance of the computer's processor and poor management of configurations. It overloads the computer's CPU a lot despite the hardware's power. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect web applications and APIs in the cloud from threats, including fraudsters and bots, with quick deployment and multi-platform security. ### 30. Seamless Deployment and Robust Threat Protection with Minimal Maintenance **Rating:** 4.0/5.0 stars **Reviewed by:** Alejandro M. | Technical Services Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** November 19, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** The combination of seamless deployment and strong, intelligent threat protection is the greatest upside. The Ease of Implementation was a significant win, allowing us to onboard critical applications with minimal downtime or configuration overhead. The managed intelligence behind the WAF dramatically reduces false positives while effectively stopping complex Layer 7 attacks, freeing up our team to focus on other priorities. Its low maintenance requirement and high-fidelity alerting are also major benefits. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** While the core WAF functionality is excellent, the reporting and dashboard visualization could be improved for enterprise-level visibility. It sometimes requires extra effort to correlate specific security events across a large fleet of applications outside of the primary console. Furthermore, the initial licensing model required a bit more negotiation to align perfectly with our specific scale-out architecture. However, the strong Customer Support helped us resolve these initial issues quickly. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** The primary problem solved is the comprehensive and proactive defense of critical web applications and APIs against the escalating threat landscape, particularly zero-day attacks and OWASP Top 10 vulnerabilities. This ensures regulatory compliance is consistently met without excessive manual oversight. The benefit is a significant reduction in operational risk and a dramatic increase in security team efficiency, as the intelligent, automated protection means we spend far less time on triage and fine-tuning rules, ultimately accelerating our application deployment timelines. ### 31. Easy to Use, Affordable, and Accessible for New Users **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.) **Reviewed Date:** June 04, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** It's ease of use and accessibility for new users. Genuinely helpful products with affordable price. Makes sense for enthusiasts and companies. Not much else to say. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Nothing in particular, I would continue to use the service if I was doing anything at the moment that required it. It's a good product, nothing comes to mind as a dislike **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It was handling security of my endpoints that i created personally as enthusiast. Benefits me by keeping me assured that my data is safe from attacks. ### 32. Exceptional Threat Protection and Seamless Cloud Integration **Rating:** 4.5/5.0 stars **Reviewed by:** Tulika R. | Business Development Management, Mid-Market (51-1000 emp.) **Reviewed Date:** November 01, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Users consistently praise its ability to identify and block sophisticated threats targeting web applications and APIs using machine learning and behavioral analysis. CloudGuard WAF secures APIs with deep inspection and policy enforcement, which is crucial for modern cloud-native applications. CloudGuard WAF is built for cloud/DevOps environments: quick deployment, infrastructure as code, SaaS-style or managed mode.Easy to implement **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** No dislike as of now. we liked the solution. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Stronger Application Security Reduces the risk of data breaches and service disruptions by proactively blocking threats.Simplified Management Centralized dashboard and automated policy updates make it easy to monitor and respond to threats.Because it supports cloud native and SaaS modes, you can deploy quickly and scale as your web infrastructure grows or shifts. That supports agile/DevOps workflows.Since the WAF is more intelligent (fewer false blocks) and supports modern web architectures (APIs, microservices), legitimate users have fewer disruptions and the business can deliver services reliably. ### 33. Easy Cloud Setup with Strong Protection **Rating:** 4.0/5.0 stars **Reviewed by:** Deepthi A. | QA Engineer, Information Technology and Services, Mid-Market (51-1000 emp.) **Reviewed Date:** January 15, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** The ease of set up and its strong protection. We were able to set up quickly in our cloud environment without a lot of complex configuration. The biggest plus is its minimal maintenance. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** UI feels a bit complex in the beginning, especially when we are trying to find specific settings or understand why something was blocked. Some features takes time to get used to. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** CloudGuard WAF helps us protect our web apps and APIs from common attacks and unwanted traffic without requiring a lot of manual effort. It also provides solid visibility into what’s happening with our traffic, which makes it easier to understand what’s being blocked and the reasons behind it. ### 34. Effortless Deployment and Robust Threat Prevention with CloudGuard WAF **Rating:** 4.5/5.0 stars **Reviewed by:** Aditya K. | Technical, Mid-Market (51-1000 emp.) **Reviewed Date:** November 29, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** CloudGuard WAF’s biggest strengths are strong automated threat prevention, multi-cloud support, and ease of deployment for modern application environments. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Trial periods and evaluation phases might be limited, It may longer trials or better QA/testing support before committing. And the rest parts are good. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Uploaded files can hide malware or malicious payloads; CloudGuard’s “file security” inspects uploads and blocks dangerous content before it reaches your application. And traditional WAFs often require manual tuning of rules and signatures a tedious, error-prone task. CloudGuard’s AI-driven contextual detection and automated policy/rule management reduce manual maintenance and cut down false positives. ### 35. Strong ML-Based Protection, but Pricing, Setup, and Documentation Need Work **Rating:** 3.5/5.0 stars **Reviewed by:** Ema B. | Service Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** January 23, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** It can easily distinguish between attacks and legitimate traffic. It doesn’t require a lot of manual tuning, such as creating rules and policies. It protects using machine learning and AI, which helps prevent most attacks. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I don’t like the pricing and the complexity of the initial setup. Log retention is limited, which creates issues with troubleshooting, and the documentation feels lacking—especially when it comes to real-world examples. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It protects against SQL injection and XSS attacks that are often missed. It also reduces false positives, which means less overhead for the network security team. It helps stop automated botnets as well. Overall, it strengthens our network security. ### 36. Advanced AI Security with Flexible Deployment Options **Rating:** 5.0/5.0 stars **Reviewed by:** Giridhar G. | National Bussiness Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** November 17, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Since this includes AI support, advanced features, and management automations, it helps protect against unknown attacks. It also offers flexible deployment options suitable for different cloud and hybrid environments. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The platform presents a steep learning curve, which can impede initial adoption and make it difficult for new users to effectively manage complex rules and logs. Additionally, the documentation is insufficient, which further complicates the onboarding process. I have also noticed that the log retention is limited, which negatively affects visibility and control. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** This solution safeguards web applications against threats such as SQL injection, cross-site scripting, and botnet attacks, helping to prevent data breaches while offering improved visibility into traffic. It also defends against common web application attacks, automated and bot-driven threats, vulnerabilities in applications and APIs, as well as issues related to data breaches and insufficient visibility. ### 37. Lower TCO and DevOps-Friendly Nano Agent **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Telecommunications | Enterprise (> 1000 emp.) **Reviewed Date:** February 05, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Total Cost of Ownership (TCO) is often lower because you don't need a full-time engineer just to babysit the WAF rules. The Nano agent is perfect in a devops environment **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Frustration where troubleshooting deep technical bugs results in a loop of being told to wait for a specific "hotfix" rather than receiving immediate configuration help. Slow Response for Lower Tiers: If you aren't on a high-tier support plan, getting an L3 engineer on the phone for a P1 issue can take longer than desired. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** CloudGuard WAF uses contextual AI to stop manual rule tuning and alert fatigue. It solves the "zero-day gap" by blocking threats like Log4Shell preemptively. Benefit from a 0.81% false positive rate and auto-API discovery that finds "shadow" endpoints. While pricey and complex to license, it saves massive dev time via automation. ### 38. Strong Protection, Overwhelming Setup **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Accounting | Small-Business (50 or fewer emp.) **Reviewed Date:** November 30, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I appreciate Check Point CloudGuard WAF's ability to provide a balance between strong protection and low maintenance. The product effectively shields our web applications on AWS by allowing straightforward rule setup for API protection, virtual patching, and blocking common web attacks. One of the standout features for me is the ability to apply virtual patches instantly, which is crucial when developers need more time to address vulnerabilities. I also find the auto-updates to threat signatures invaluable for keeping us protected against the latest threats. The learning mode is another advantage, as it quickly propagates policy changes, allowing our security measures to adapt swiftly. Switching to Check Point CloudGuard WAF from AWS WAF has resulted in stronger, more automated protection with enhanced visibility, which aligns perfectly with the time constraints we face. This product delivers a robust solution while minimizing the hands-on management typically required. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I find the initial setup of Check Point CloudGuard WAF overwhelming. Upon logging in, the dashboard presents many menus, which can be quite daunting. Implementing a more intuitive feature such as a 'Connect Cloud Environment' could significantly ease this process. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect web apps with virtual patching, strong API defense, and automatic threat updates, balancing strong protection with low maintenance. It also automates tasks that were too manual with AWS WAF, enhancing efficiency and visibility. ### 39. Check Point CloudGuard WAF **Rating:** 4.5/5.0 stars **Reviewed by:** Anshika B. | Solution Consultant, Mid-Market (51-1000 emp.) **Reviewed Date:** October 13, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Checkpoint CloudGuard WAF is a great solution. It uses contextual AI/ML based threat prevention to stop both known threats and zero-day attacks without need for constant signature updates. From a deployment and operation viewpoint, CloudGuard WAF shines, it is cloud-native, Supports infrastructure as a code/API-based setup. Customer support is so great. We have achieved all our use cases. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** No dislike as of now. We liked that product. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** CloudGuard WAF addresses the challenges posted by traditional WAFs that rely heavily on static signatures, manual rule tuning and reactive defences. It also improves detection accuracy while dramatically reducing false positives, so your security operation teams spend much time investigating benign traffic and more time responding to real threats. Additional features like built in bot detection, DDos mitigation, and file upload scanning further close off common attack vectors. ### 40. AI-Powered Protection That Adapts and Blocks Zero-Day Threats **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Food & Beverages | Small-Business (50 or fewer emp.) **Reviewed Date:** November 18, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What I like best is that it uses AI and machine learning, blocking zero-day web attacks, bypassing the need for signatures. It can also distinguish humans from bots using behavioral analysis like mouse movements and keystrokes. The upsides of using the tool basically is that its ML engine adapts to changing traffic patterns automatically and it inspects uploaded files for malicious content. and its frequency of use is high because teams monitor it daily. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Well, there is a few things I don't like the cost is higher than more basic WAFs, especially for smaller apps. On the downside if by any chance you have unusual or custom web apps, the contextual ML might misclassify traffic until properly “trained". Their customer support is not that good. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** For my work maintaining order flow is key, forestalling lost earnings and safeguarding customer satisfaction. it helps me to keep safe business information and sensitive data. Since my line of work greatly depend on uptime, logistics, consumer trust and supply chain reliability. the main problem it helps me solve is that it keeps our digital operations secure, stable, readily available - directly shielding both income and brand's standing. ### 41. My review for Check Point CloudGuard WAF **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Medical Devices | Mid-Market (51-1000 emp.) **Reviewed Date:** November 18, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** As user the most definitely excited by the system's AI, is the robust threat defense, which presents impressively accurate in blocking those intrusions, almost no false positives. Its function demonstrates how easily it’s launched and managed, mainly because of its automated system. It includes strong web application and API protection, with fewer misleading alerts, easy setup in cloud, an adjustment is very easy too. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I dislike that it can be expensive compared to other WAF solutions, and the initial learning curve can be challenging for new users. Some of the documentation could be more detailed, especially for advanced configurations. Additionally, while customer support is generally responsive, it can sometimes take longer than expected to resolve complex issues. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** In one of the cases that i have in the company using Check point cloudGuard WAF, we were experiencing repeated bot attacks and unauthorized API calls that were impacting the performance of a customer-facing application. Some API endpoints were undocumented and being targeted, causing slowdowns and increasing operational risk. After deploying CloudGuard WAF, it automatically discovered these API routes, blocked malicious requests, and filtered out harmful bot traffic. ### 42. Strong Security Features, but Setup and Management Can Be Challenging **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Government Relations | Mid-Market (51-1000 emp.) **Reviewed Date:** January 09, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I have been using the product for some time now, and I can honestly say it is highly effective against SQL injection, cross-site scripting, and bot threats. The automated rules make configuration appear very straightforward and simple. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Configuring the system correctly requires a significant investment of time and a certain level of expertise, particularly when it comes to adjusting security rules to minimize false positives. Additionally, managing and reviewing policies can be somewhat cumbersome, as the interface is not always intuitive, especially when working with complex rule configurations or analyzing large volumes of traffic logs. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** As I have mentioned above the product is highly effective against SQL injection, cross-site scripting, and bot threats. The automated rules make configuration appear very straightforward and simple. ### 43. Reliable Cloud WAF with Strong Automation **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.) **Reviewed Date:** November 13, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What I like most about Check Point CloudGuard WAF is how reliably it blocks common web attacks without needing constant manual tuning. The dashboard is clean, and the threat visibility makes it easy to understand what is happening in real time. Its automated protections and strong integration with cloud environments help maintain security with less operational effort. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The initial setup can feel a bit complex, especially for teams that are not already familiar with Check Point’s ecosystem. Some of the advanced configuration options could be more intuitive, and certain logs take time to get used to. Aside from that, the product performs well but could improve in terms of onboarding and documentation clarity. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF helps us protect our applications from common web attacks like SQL injection, bot traffic, and malicious API calls. It reduces manual monitoring by automatically blocking suspicious behavior. This has improved our overall security posture and saved time for our team by minimizing false positives and providing clearer visibility into threats. ### 44. AI-powered WAF that reduces manual tuning BUT comes at a premium **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Enterprise (> 1000 emp.) **Reviewed Date:** November 07, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I evaluated Check Point CloudGuard WAF as part of a proposal to protect a cloud-hosted web and API stack. The deployment process was remarkably fast — it took only a few minutes to get up and running — and the integration with our existing CI/CD pipeline was smooth and straightforward. It provided comprehensive visibility into API traffic and strong protection against common web threats without requiring extensive manual tuning. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The solution is slightly more expensive compared to some of its competitors, such as Cloudflare WAF and Imperva WAF. However, the additional cost is partly justified by its advanced AI-driven threat detection, API discovery capabilities, and the overall reliability of Check Point’s cloud-native infrastructure. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** For us, the biggest benefit has been the ease of deployment and ongoing management — it integrates seamlessly with CI/CD workflows, scales automatically with cloud workloads, and provides clear visibility into traffic patterns and attack trends. Overall, it has simplified application security operations and improved confidence in protecting our cloud environment. ### 45. Easy Implementation and Management **Rating:** 4.0/5.0 stars **Reviewed by:** Swapnil K. **Reviewed Date:** January 09, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like that Check Point CloudGuard WAF is easy to implement and manage, which is a standout feature for me. It was also a bit faster to implement access control. I appreciate the search criteria as it doesn't require specific parameters for troubleshooting, making it a more straightforward process. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Nothing to be disliked yet **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF was faster to implement for access control and easier to manage, protecting our company's web application and improving over our previous solution. ### 46. Checkpoint Cloudguard WAF **Rating:** 4.5/5.0 stars **Reviewed by:** Sidharth M. | Solution Consultant, Mid-Market (51-1000 emp.) **Reviewed Date:** October 10, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Checkpoint CloudGuard WAF is appreciated for its intelligent,prevention first approach to securing web application and API's. It offers comprehensive suite of protection, including bot mitigation, DDoS defence, file reputation check and coverage for thousands of known vulnerabilities.Beyond its technical strengths, Checkpoint CoudGuard WAF Excels in delivering a seamless user experience. customer support is so great. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Some users have also noted that documentation can be more user-friendly. Other than this solution is so greta. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** One of the biggest problems it solves is the detection and prevention of zero-day attacks and OWASP top 10 vulnerabilities with relying on signature update. A common pain point with traditional WAFs that generate excessive false positive. CloudGuard's cloud-native design and support for infrastructure-as-code streamline deployment and integration into CI/CD pipelines. ### 47. Seamless Cloud Integration and Effortless Deployment for DevOps **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.) **Reviewed Date:** November 18, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I liked that it integrates well with cloud environments and supports laC workflows and this makes the deployment smooth for the Devops team.It is very effective against common web attacks like SQL injection, XSS etc. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The User Interface is powerful but it felt slightly overwhelming at first open. Some advanced and powerful options are bit hidden in the menus. Sometimes I felt UI lag issues. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Cloudguard WAF helped us to tackle two major issues , securing our API's and protecting out web app from modern attacks pattern. During our trial we were able to quickly setup protections against SQL injection and DDOs attack. It gave us better visibility into the suspicious requests and helped us to understand where our product was vulnerable. We used the trial to evaluate whether we could adopt it long term and the experience was vey positive. ### 48. Simple and effective security solution **Rating:** 5.0/5.0 stars **Reviewed by:** NIKHIL G. | Network Security Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** December 17, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like how it helps protect web applications from common attacks and gives clear visibility into traffic. The dashboard makes it easier to monitor activity and understand what’s being blocked. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The initial setup and tuning can take some time to understand, especially when working with cloud environments. The interface also has a learning curve for new users. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It helps protect web applications from common attacks and reduces the risk of security incidents. This improves application security and makes monitoring traffic easier from a central place. ### 49. Cloudguard WAF protects our critical web applications and APIs **Rating:** 4.5/5.0 stars **Reviewed by:** Dialungana M. | Principal Cybersecurity Specialist, Enterprise (> 1000 emp.) **Reviewed Date:** April 22, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** It does not require too much manual configuration and it is straight forward to set it up and get your critical assets protected against sophisticated attacks using AI and machine learning to automatically understand the behavior of our applications and APIs. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The fact that you cannot have two assets with the same URL even though the application is reached using different IP addresses. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Before we had no visibility into the application layer attacks targeting our web applications and APIs. We relied completely on our Next Generation Firewalls (NGFW) to protect our assets. Ever since we deployed Cloudguard WAF, we immediately understood that we were missing many attacks that were targeting the applications. Today, with Cloudguard WAF, we block an average of 3500 attacks on daily basis. In addition to that, with tha API protection, we are now able to identify all the endpoints associated with the applications and better protect our APIs. ### 50. Check Point CloudGuard WAF: AI-Powered Protection for Web and API Workloads **Rating:** 4.5/5.0 stars **Reviewed by:** Samrawit T. | IT Logistics Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** May 16, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What I like best about Check Point CloudGuard WAF is its contextual AI-driven threat prevention, which delivers precise, signature-free protection against zero-day attacks and OWASP Top 10 vulnerabilities—while seamlessly integrating into CI/CD pipelines for automated, cloud-native security. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** What I dislike about Check Point CloudGuard WAF is its steep learning curve, limited documentation, and high cost—factors that can slow down adoption, complicate integration with custom applications, and restrict accessibility for smaller teams. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF solves the critical challenge of protecting web applications and APIs from zero-day threats, OWASP Top 10 vulnerabilities, and malicious bot traffic by using contextual AI and machine learning—benefiting me by enabling precise, signature-free threat prevention, reducing manual tuning, and ensuring secure, compliant cloud operations across dynamic environments. - [View Check Point WAF (formerly CloudGuard WAF) pricing details and edition comparison](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews?section=pricing&secure%5Bexpires_at%5D=2026-06-26+17%3A22%3A34+-0500&secure%5Bsession_id%5D=b895ff7e-702f-471d-9c20-71c73f4ef36a&secure%5Btoken%5D=ded258457e815939d6eb9846c01bac0cb8d3a1fead711d2a793b68387cefa74e&format=llm_user) ## Check Point WAF (formerly CloudGuard WAF) Integrations - [Azure Portal](https://www.g2.com/products/azure-portal/reviews) - [Google Analytics](https://www.g2.com/products/google-analytics/reviews) - [ngrok](https://www.g2.com/products/ngrok/reviews) - [YouTube Advertising](https://www.g2.com/products/google-youtube-advertising/reviews) ## Check Point WAF (formerly CloudGuard WAF) Features **Analysis** - Logging and Reporting - Issue Tracking - Security Monitoring **API Management ** - API Discovery - API Monitoring - Reporting - Change Management **Cloud Visibility** - Data Discovery - Cloud Registry - Cloud Gap Analytics **Controls** - Application-Layer Controls - Traffic Controls - Network Controls **Security Testing** - Compliance Monitoring - API Verification - API Testing **Security** - Data Security - Data loss Prevention - Security Auditing **Functionality** - API / Integrations - Extensibility - Bot Traffic **Security Management** - Security and Policy Enforcement - Anomoly Detection - Bot Detection **Identity** - SSO - Governance - User Analytics **Generative AI** - AI Text Summarization ## Top Check Point WAF (formerly CloudGuard WAF) Alternatives - [HAProxy](https://www.g2.com/products/haproxy/reviews) - 4.7/5.0 (893 reviews) - [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) - 4.5/5.0 (580 reviews) - [Postman](https://www.g2.com/products/postman/reviews) - 4.6/5.0 (1,745 reviews)