# Check Point WAF (formerly CloudGuard WAF) Reviews **Vendor:** Check Point Software Technologies **Category:** [API Security Tools](https://www.g2.com/categories/api-security) **Average Rating:** 4.4/5.0 **Total Reviews:** 70 ## About Check Point WAF (formerly CloudGuard WAF) CloudGuard WAF is a cloud-native Web and API security solution designed to help users safeguard their applications from both known and unknown threats. By leveraging advanced contextual AI, this solution provides precise threat prevention without the need for traditional signature-based detection methods. This innovative approach allows organizations to maintain a robust security posture while minimizing the risks associated with evolving cyber threats. Targeted primarily at businesses that rely on web applications and APIs, CloudGuard WAF is particularly beneficial for enterprises in sectors such as finance, healthcare, and e-commerce, where data protection is paramount. The solution is designed to address the complex security challenges that arise in modern application environments, especially those utilizing continuous integration and continuous deployment (CI/CD) practices. As organizations increasingly adopt cloud-native architectures, the need for flexible and efficient security solutions becomes critical. One of the standout features of CloudGuard WAF is its preemptive protection capabilities. By employing machine learning-based security measures, the solution can effectively prevent zero-day threats, which are vulnerabilities that have not yet been discovered or patched. This proactive approach eliminates the reliance on frequent signature updates, allowing organizations to stay ahead of potential attacks without the need for constant manual intervention. Moreover, CloudGuard WAF excels in precise detection, enabling it to identify a broader range of attacks while minimizing the need for ongoing fine-tuning and exception creation. This feature not only enhances the accuracy of threat detection but also reduces the operational burden on security teams, allowing them to focus on more strategic initiatives rather than routine adjustments. Designed with cloud-native principles in mind, CloudGuard WAF supports CI/CD-friendly deployment and automation. This means that organizations can easily integrate the solution into their existing workflows, from installation to upgrades and configuration. By utilizing declarative infrastructure-as-code or APIs, users can streamline their security processes, ensuring that their applications remain protected as they evolve. Overall, CloudGuard WAF represents a significant advancement in the realm of web and API security, offering organizations a sophisticated and adaptable solution to combat the ever-changing landscape of cyber threats. Its combination of preemptive protection, precise detection, and cloud-native design makes it a valuable asset for any organization looking to enhance its security posture in today's digital environment. ## Check Point WAF (formerly CloudGuard WAF) Pros & Cons **What users like:** - Users highlight the **strong protection** offered by Check Point CloudGuard WAF against various web application attacks. (35 reviews) - Users value the **advanced security** features of Check Point CloudGuard WAF, ensuring comprehensive threat coverage with minimal effort. (29 reviews) - Users appreciate the **proactive and AI-driven threat prevention** of Check Point CloudGuard WAF for effective threat detection. (21 reviews) - Users value the **AI-driven DDoS protection** of Check Point CloudGuard WAF for its proactive threat detection and minimal effort. (21 reviews) - Users highly value the **seamless management** of Check Point CloudGuard WAF across various environments like AWS and Azure. (18 reviews) - Users appreciate the **fully automated setup** of Check Point CloudGuard WAF, enabling quick and easy deployment. (17 reviews) - Users highlight the **accurate threat detection** and ease of use of Check Point CloudGuard WAF, ensuring effective protection. (13 reviews) - Cloud Integration (12 reviews) - Automation (10 reviews) - Users praise the **active customer support** of Check Point CloudGuard WAF, enhancing their experience and satisfaction. (9 reviews) **What users dislike:** - Users struggle with a **complex setup** that hinders initial adoption and complicates effective management of rules and logs. (21 reviews) - Users find Check Point CloudGuard WAF to be **expensive** , particularly challenging for smaller teams seeking budget-friendly options. (14 reviews) - Users experience a **steep learning curve** with Check Point CloudGuard WAF, complicating initial setup and navigation. (13 reviews) - Users find the **difficult learning curve** of Check Point CloudGuard WAF a barrier to effective usage and adoption. (11 reviews) - Users find the **poor documentation** problematic, hindering effective onboarding and management of the platform's complexities. (9 reviews) - User Interface Issues (9 reviews) - Users find the **initial setup and UI complexity** challenging, especially when managing extensive rules and logs. (9 reviews) - Poor Customer Support (8 reviews) - Complex Configuration (5 reviews) - Complexity (5 reviews) ## Check Point WAF (formerly CloudGuard WAF) Reviews ### 1. Strong and reliable WAF for modern web and API security **Rating:** 4.5/5.0 stars **Reviewed by:** Dharamveer p. | Application Security Engineer, Information Technology and Services, Small-Business (50 or fewer emp.) **Reviewed Date:** May 02, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What I like best about Check Point CloudGuard WAF is its strong AI-driven threat protection and ability to handle modern web and API security challenges. It does a great job at blocking common attacks like XSS and SQL injection, as well as more advanced threats like zero-day vulnerabilities without relying heavily on manual rule updates. The real-time detection and low false positives make it reliable in production environments, and it reduces a lot of manual effort for security teams. Another thing I appreciate is how well it fits into cloud environments. Deployment is relatively smooth, and once configured properly, it provides good visibility into traffic, threats, and application behavior. The automated learning and tuning capabilities also help in reducing the overhead typically required in traditional WAF solutions. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** What I dislike about Check Point CloudGuard WAF is that the initial setup and fine-tuning can take time, especially for teams that are new to the platform. Some advanced configurations require deeper understanding, and integration with other tools is not always as seamless as expected. Cost can also be a factor, particularly for smaller teams or organizations. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF solves the problem of securing web applications and APIs against evolving cyber threats without heavy manual intervention. It automates threat detection and prevention, reduces operational workload, and ensures continuous protection against both known and unknown attacks. For me, it helps in improving overall application security posture while saving time on manual monitoring and rule management. Overall, my experience has been positive, especially in terms of strong protection, automation, and reduced manual effort in managing application security. ### 2. Excellent Traffic Insights for Securing Web Apps and APIs **Rating:** 4.5/5.0 stars **Reviewed by:** Nijat I. | Full-stack Developer, Information Technology and Services, Small-Business (50 or fewer emp.) **Reviewed Date:** May 12, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Check Point WAF was mostly used for monitoring and securing internet-facing applications and APIs receiving traffic from outside clients. The majority of daily operations entailed examining rejected requests, analyzing security events post-deployment, and tuning protection rules in case legitimate traffic was impacted. The main asset in terms of operational activities was insight provided at the HTTP and API level. This allowed for examination of request patterns, header details, path and URL parameters and, if needed, the actual contents of blocked requests, rather than looking at basic network data. It made things more clear whether strange behavior was caused by legitimate application operation, automated scanning, or attack attempts against available services. Post-updates policy tuning was done occasionally because even minor front-end or API changes were affecting some protection settings. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The tuning phase can be a lengthy one due to traffic fluctuations or custom APIs. Initially, I had to spend quite some time ensuring that blocked calls were indeed malicious or a result of the application's normal activity misinterpreted as something else. Additionally, there is a need for constant tuning when dealing with multiple applications as well as keeping a balance between tight protection and not interrupting the production traffic. Only after acquiring a good understanding of how signature definitions, exceptions, and policies worked internally did troubleshooting become easier. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** The reliance on traditional firewall filtering and manual monitoring for web application security was much higher before the deployment of Check Point WAF, as these methods were insufficient when detecting potential attacks on application layer. With the implementation of the new system, security monitoring became more application-focused, allowing us to detect malicious activity targeted at our web applications and web APIs, as well as minimizing vulnerability to standard web attacks and gaining more control over incoming traffic. ### 3. Strong Multi-Cloud Protection, Needs Easier Tuning **Rating:** 3.5/5.0 stars **Reviewed by:** Jawher S. | Mid-Market (51-1000 emp.) **Reviewed Date:** April 28, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I use Check Point CloudGuard WAF to protect cloud-native apps and APIs from OWASP Top 10 threats, like injection and XSS, while also providing bot mitigation and granular traffic inspection. I like its seamless integration with the CI/CD pipeline, allowing security policies to be deployed as code without slowing down development. This automation ensures security enforcement with every development, eliminating manual policy updates and reducing human error, which lets developers ship faster while protecting new code immediately. I appreciate its integration with CI/CD tools like Jenkins and CircleCI, and security platforms like Wiz and AWS Network Firewall. We switched to Check Point CloudGuard WAF from a legacy web app firewall because it lacked API security and multi-cloud support, and CloudGuard WAF provides better automation and centralized policy management. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The policy tuning can be complex, leading to occasional false positives. Also, dashboard sync delays sometimes occur across multi-cloud environments. The learning curve and tuning effort for non-trivial apps keep it from being a perfect fit for every team. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to secure cloud apps and APIs against automated attacks, zero-day exploits, and reduce manual rule tuning. It integrates seamlessly with CI/CD pipelines, automating security enforcement and allowing faster code deployment. ### 4. Robust AI-Driven Security with Room for UI Enhancement **Rating:** 4.0/5.0 stars **Reviewed by:** BintuFatimah T P. | Information Security Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** April 14, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like Check Point CloudGuard WAF for its ability to combine intelligent automation with strong visibility, making it a reliable solution for securing cloud applications while reducing operational overhead. It balances advanced security capabilities with usability and scalability effectively, which is great for both security operations and compliance-focused teams. It also integrates well with broader security and cloud ecosystems, which enhances visibility, monitoring, and incident response. The AI-driven protection, excellent visibility, and scalability for cloud environments are strong points, making it a solution I recommend for strengthening application security. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I think there are a few areas where Check Point CloudGuard WAF could be improved. I would appreciate more guided onboarding and configuration support. Also, an enhanced UI/UX for policy management and log analysis would be beneficial. I'd like to see greater flexibility in custom rule creation and deeper integration with SIEM and GRC platforms. Expanded documentation and real-world use cases would also be helpful, along with better cost transparency and scalability options. While the setup was moderately easy, there is a learning curve during initial configuration, and the documentation and guidance could improve. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to secure cloud-hosted apps, handle web threats, reduce false positives, improve traffic visibility, simplify multi-cloud security, support compliance, and lower operational overhead. ### 5. Effortless Cloud Security with Automated Protection **Rating:** 4.0/5.0 stars **Reviewed by:** jawher s. | AI Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** April 08, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like how Check Point CloudGuard WAF delivers strong automated threat prevention with minimal tuning, making cloud app protection feel both powerful and effortless. I also really appreciate how seamlessly CloudGuard WAF integrates with cloud-native workflows, applying protections automatically as new services spin up so security never slows down development. It's great how CloudGuard automatically applies security policies to every new cloud resource as it's created, so nothing ever launches unprotected and you don't have to slow down development to keep things secure. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** CloudGuard WAF could improve by making advanced configuration and log analysis faster and less cumbersome. It would benefit from clearer, more intuitive advanced settings and a faster, more searchable log viewer that makes deep dive investigation less time-consuming. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect cloud applications by detecting, blocking, and mitigating web attacks. It solves the headache of constantly monitoring web defenses by automatically blocking threats like OWASP Top 10, bot attacks, and zero-day exploits, making protection feel both powerful and effortless. ### 6. Great Protection Without the Need to Be a Pro **Rating:** 5.0/5.0 stars **Reviewed by:** Prasanth K. | Enterprise Architect | Cloud Transformation Leader | Driving Multi-Cloud Strategy, Solutions | DevSecOps Excellence | Innovation Resilient Infrastructure at Scale, Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** February 19, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** CloudGuard WAF is an excellent non-cloud choice to keep the applications or website secured without being a security expert. It hides the background or ground level details of application and acts as a barrier layer in front of your site and automatically blocks unauthorized and DDos and others attacks. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Just liek any other software out there Cloudguard does have some complex and rigid configuration policies which i really feel aren't worthy. Sometimes configuration takes more time than actual benefits. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It actually secures applications by just exposing it via secured channel which is more beneficial or public apps. Its inbuilt support to stop the bot, SQLi, heavy body, DDos and more traffic is really appreciative of. We can configure our own security rules to make sure what is allowed and what is not. ### 7. Centralized Security with a Learning Curve **Rating:** 4.0/5.0 stars **Reviewed by:** Jawher S. | Data Scientist, Mid-Market (51-1000 emp.) **Reviewed Date:** March 25, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like the single pane of glass management that Check Point CloudGuard WAF offers, providing consistent policies across all cloud environments. I appreciate how it enforces granular, context-aware security policies across multi-cloud, protecting my cloud-native applications from web exploits and bots. I also find its centralized security management across multi-cloud environments valuable, as it eliminates the complexity of maintaining disparate WAF solutions and stops sophisticated attacks like SQL injection and zero-day exploits. Additionally, I use it with SIEM platforms like Splunk for centralized logging and threat correlation, and I integrate it with CI/CD pipelines such as Jenkins to automate security policy deployment. Overall, it delivers powerful security. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The setup and policy tuning have a steep learning curve, and the reporting dashboard could be more intuitive. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect my applications from web exploits and bots, centralize security across multi-cloud environments, and reduce manual effort for consistent compliance. ### 8. Solid Protection with Machine Learning; Console Improvable **Rating:** 3.5/5.0 stars **Reviewed by:** Eric S. | Mid-Market (51-1000 emp.) **Reviewed Date:** March 05, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I greatly appreciate the machine learning engine of Check Point CloudGuard WAF for prevention, because it automates much of the complex work of rule management, drastically reducing false positives. I don't have to write custom rules from scratch and the policies adapt well to real traffic after the initial learning period. Additionally, I like the security policy updates that come from the cloud without me having to intervene manually. The preemptive bot protection is very effective, clearly distinguishing between good and malicious bots, and the automatic API discovery is convenient for mapping APIs and detecting unprotected endpoints. The unified console for policy management across different environments, cloud and on-prem, is very useful to avoid maintaining separate stacks. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The management console could be improved; sometimes you have to click too many times to find specific information, and the logging system is not granular enough during troubleshooting. The documentation lacks concrete examples for real use cases, and more practical troubleshooting support would be helpful. Integration with Splunk requires writing custom parsing, and support for configuration as code has room for improvement. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF manages false positives using machine learning, better protecting APIs and reducing bot traffic. It unifies management on cloud and on-premises, simplifying work compared to the past, but the management console has room for improvement. ### 9. Effortless Hybrid App Security and Rock-Solid API Protection **Rating:** 5.0/5.0 stars **Reviewed by:** Rabindra K. | Cloud Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** February 12, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What really stands out to me is how easy it is to manage across our hybrid environment it doesn’t care if our apps are in AWS, Azure, or on-prem, everything just works. The SSL offloading took a massive load off our backend servers, and the API protection has been rock solid. Honestly, I don’t have to think about WAF configs anymore, and that’s the dream. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The reporting and logging could definitely be more intuitive I usually end up exporting logs just to make sense of them because the built-in tools feel clunky. Also, the dashboard sometimes takes a few extra seconds to load, which is more annoying than it should be for a product at this price point. Minor frustrations, but they add up. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** We were drowning in alert fatigue our old setup would ping us for every tiny anomaly, and half the time it was just noise. CloudGuard actually filters out the garbage and tells us what really needs attention, so my team can focus on actual threats instead of babysitting logs. It’s cut our incident response time in half and honestly made work a lot less stressful. ### 10. AI-Driven WAF with Minimal Manual Tuning **Rating:** 4.0/5.0 stars **Reviewed by:** Maqsud A. | Network Security Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** February 17, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like Check Point CloudGuard WAF because of its contextual AI that delivers near-zero false positives and automatic zero-day protection. I find it extremely valuable for providing strong automatic protection against zero-day threats with almost no false positives and requiring zero daily tuning effort. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** One area that could be improved is the initial learning period for very complex or highly dynamic applications, which sometimes requires a bit more manual exception tuning than I'd prefer in the first few weeks. Also, the initial setup/learning phase for complex apps can be a bit involved, and pricing feels premium, though the low-maintenance protection usually justifies it for serious environments. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I expect Check Point CloudGuard WAF to solve zero-day attack exposure and reduce manual tuning and false positives. It offers strong, automatic protection with contextual AI, near-zero false positives, and minimal daily management, making it valuable for securing our cloud/web environments. ### 11. Centralized Protection with Seamless Cloud Integration **Rating:** 4.0/5.0 stars **Reviewed by:** Yosra M. | Consultante Salesforce, Mid-Market (51-1000 emp.) **Reviewed Date:** March 26, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like most about Check Point CloudGuard WAF is its seamless integration with cloud environments and the ability to enforce consistent security policies across multiple platforms through a single console. It also provides strong centralized protection and cloud-native integration. The initial setup was relatively simple thanks to the cloud-native integration and automated policy template. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** One area that could be improved is the initial setup and policy tuning, which can feel complex and time-consuming, especially for teams without deep prior experience with Check Point's ecosystem. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect our cloud-native applications from web attacks, centralize security policy management, automate defense, and solve the challenge of securing distributed cloud applications with unified visibility, automated threat prevention, and simplified compliance management. ### 12. Easy to Distribute, Great for the Cloud **Rating:** 4.0/5.0 stars **Reviewed by:** Eric S. | Machine Learning Engineer **Reviewed Date:** January 12, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I really like the simplicity of deploying Check Point CloudGuard WAF. It is cloud native and integrates well with AWS and Azure, automatically scaling when there is a traffic spike. I appreciate the centralized management that saves me time and the console where I can manage multiple environments from a single interface. The AI engine for threat detection is impressive and reduces the tuning work, learning from legitimate traffic and alerting you to attacks that might go unnoticed with other solutions. Check Point's support has always been quite responsive. Additionally, the updates for signatures and protection rules are automatic, which saves me valuable time. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The thing that annoys me the most is the price. It is not cheap at all, and when I have to propose it to smaller clients, I often struggle to justify the cost compared to cheaper alternatives. The documentation could also be much better. Sometimes you look for how to do a specific thing and end up going around in circles among guides that don't answer your question or are outdated. Another thing that bothers me is that the console is sometimes slow, especially when you have to scroll through heavy logs or generate reports over long periods. The initial tuning of the machine learning requires patience. The first few weeks it generates some false positives until it learns the traffic well, and you have to keep an eye on it to avoid blocking legitimate users. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect web applications, reduce false positives with machine learning, manage automated attacks, and centralize policy management in mixed cloud environments. It allows me to respond quickly to emerging threats and reduces the tuning workload. ### 13. Effective Security with Easy-to-Use Interface **Rating:** 4.5/5.0 stars **Reviewed by:** Md Akil A. | Associate Consultant, Computer Networking, Mid-Market (51-1000 emp.) **Reviewed Date:** February 16, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like the Check Point CloudGuard WAF's GUI, which is very easy to use. It effectively helps in providing security to applications by allowing and blocking IPs, which is especially useful as we work on zero internet in our project. If we know an IP is part of our internal or external client, we can easily allow that IP. Check Point CloudGuard WAF's security is a key reason why we switched from using Azure Firewall. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I think internal DNS needs to be removed. Also, the initial setup isn't easy, and when we try to resolve any ip it getting resolved but not from given source **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to provide security to our application, allowing us to manage IPs by allowing internal and external client IPs and blocking others. ### 14. AI-Driven Protection with Complex Setup **Rating:** 4.0/5.0 stars **Reviewed by:** Mikolaj . | Small-Business (50 or fewer emp.) **Reviewed Date:** April 27, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I really appreciate the AI-driven protection of Check Point CloudGuard WAF. It helps in protecting web apps and APIs from SQL injections, XSS, and DoS attacks by analyzing incoming traffic and blocking malicious activity in real-time. This reduces the need for manual security management. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The setup was a little bit complex, requiring me to understand specifications and documentation. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF for protecting web apps and APIs from SQL injections, XSS, and DoS, analyzing and blocking malicious activity, and reducing the need for manual security management. ### 15. AI-Powered Security with a Price Tag **Rating:** 5.0/5.0 stars **Reviewed by:** Munyaradzi Allan N. | Assistant - IT Audit and Assurance, Mid-Market (51-1000 emp.) **Reviewed Date:** March 29, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I really appreciate Check Point CloudGuard WAF as it stands out as a modern, AI-driven web application and API protection platform that does far more than traditional WAFs. I like its prevention-first approach using contextual AI and machine-learning models to detect new and unknown threats before they are documented, which is especially appealing for organizations that prioritize true zero-day resilience. It addresses multiple modern security issues that traditional WAFs struggle with. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** the pricing is high, many companies might not benefit from this **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I find Check Point CloudGuard WAF prevents zero-day attacks before they're known, addressing multiple modern security challenges traditional WAFs struggle with. ### 16. Powerful, Automated Protection for Modern Cloud Applications **Rating:** 5.0/5.0 stars **Reviewed by:** aditya t. | Developer, Mid-Market (51-1000 emp.) **Reviewed Date:** November 18, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** It's designed to protect our websites , Api and cloud applications from cyber attacks. This protects our application from being hacked. random heavy traffic does not cause the website to go down. reduces false positives saving time for developers and testing. fully automated setup requires very little manual tuning. very powerful for modern cloud native applications. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** It's many users say that its policies and rules are not easy to configure correctly. it's very expensive. technical engineers are not always available and troubleshooting takes time. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** it's protects your website and API's from all types of cyberattacks , keep data secure makes compliance esay and strengthens your business continuity. cybercriminals try to steal personal , financial and sensitive data stored in databases . cloud guard blocks such attempts by using DPI. ### 17. Proactive Threat Prevention with Easy Setup **Rating:** 4.0/5.0 stars **Reviewed by:** oscarina s. | Manager, Small-Business (50 or fewer emp.) **Reviewed Date:** November 30, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I appreciate the proactive and AI-driven threat prevention offered by Check Point CloudGuard WAF. It effectively detects and blocks threats like SQL injections, remote code execution, and automated bots without the need for traditional signature updates. This advanced AI-driven security extends protection against a wide range of threats, including zero-day exploits and API attacks, all with minimal effort. I find the product’s capability to ensure comprehensive threat coverage with reduced manual intervention to be highly valuable. Additionally, the initial setup process is very easy, which facilitates a smooth adoption and fast deployment. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The steep learning curve is largely due to the sheer number of features and the extensive configuration needed before the system feels truly comfortable to use. With so many profiles, protections, exception paths, and tuning options available, it can be difficult to determine exactly what is necessary from the very beginning. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect web applications by automatically detecting and blocking threats like SQL injections and API attacks, without needing traditional signature updates. ### 18. Quick and Effective Protection, but with Configuration Challenges **Rating:** 4.5/5.0 stars **Reviewed by:** Jean Carlos B. | JEFE, Small-Business (50 or fewer emp.) **Reviewed Date:** November 29, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I love that Check Point CloudGuard WAF protects our web applications and cloud APIs against a wide range of threats, which is crucial in today's digital environment. I especially value its ability to prevent bot attacks, ensuring the secure operation of our applications, in addition to effectively protecting us against scammers. I find that the implementation is quick and simplified, which is a great benefit by minimizing the time and effort needed to get the system up and running. I am also impressed with its multi-platform security that provides solid protection, and the high protection rate it offers highlights its effectiveness. Additionally, the initial configuration of Check Point CloudGuard WAF is very simple and suitable for users of different experience levels, which greatly facilitates the integration process. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Possible bottleneck in the performance of the computer's processor and poor management of configurations. It overloads the computer's CPU a lot despite the hardware's power. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect web applications and APIs in the cloud from threats, including fraudsters and bots, with quick deployment and multi-platform security. ### 19. Seamless Deployment and Robust Threat Protection with Minimal Maintenance **Rating:** 4.0/5.0 stars **Reviewed by:** Alejandro M. | Technical Services Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** November 19, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** The combination of seamless deployment and strong, intelligent threat protection is the greatest upside. The Ease of Implementation was a significant win, allowing us to onboard critical applications with minimal downtime or configuration overhead. The managed intelligence behind the WAF dramatically reduces false positives while effectively stopping complex Layer 7 attacks, freeing up our team to focus on other priorities. Its low maintenance requirement and high-fidelity alerting are also major benefits. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** While the core WAF functionality is excellent, the reporting and dashboard visualization could be improved for enterprise-level visibility. It sometimes requires extra effort to correlate specific security events across a large fleet of applications outside of the primary console. Furthermore, the initial licensing model required a bit more negotiation to align perfectly with our specific scale-out architecture. However, the strong Customer Support helped us resolve these initial issues quickly. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** The primary problem solved is the comprehensive and proactive defense of critical web applications and APIs against the escalating threat landscape, particularly zero-day attacks and OWASP Top 10 vulnerabilities. This ensures regulatory compliance is consistently met without excessive manual oversight. The benefit is a significant reduction in operational risk and a dramatic increase in security team efficiency, as the intelligent, automated protection means we spend far less time on triage and fine-tuning rules, ultimately accelerating our application deployment timelines. ### 20. Exceptional Threat Protection and Seamless Cloud Integration **Rating:** 4.5/5.0 stars **Reviewed by:** Tulika R. | Business Development Management, Mid-Market (51-1000 emp.) **Reviewed Date:** November 01, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Users consistently praise its ability to identify and block sophisticated threats targeting web applications and APIs using machine learning and behavioral analysis. CloudGuard WAF secures APIs with deep inspection and policy enforcement, which is crucial for modern cloud-native applications. CloudGuard WAF is built for cloud/DevOps environments: quick deployment, infrastructure as code, SaaS-style or managed mode.Easy to implement **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** No dislike as of now. we liked the solution. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Stronger Application Security Reduces the risk of data breaches and service disruptions by proactively blocking threats.Simplified Management Centralized dashboard and automated policy updates make it easy to monitor and respond to threats.Because it supports cloud native and SaaS modes, you can deploy quickly and scale as your web infrastructure grows or shifts. That supports agile/DevOps workflows.Since the WAF is more intelligent (fewer false blocks) and supports modern web architectures (APIs, microservices), legitimate users have fewer disruptions and the business can deliver services reliably. ### 21. Easy Cloud Setup with Strong Protection **Rating:** 4.0/5.0 stars **Reviewed by:** Deepthi A. | QA Engineer, Information Technology and Services, Mid-Market (51-1000 emp.) **Reviewed Date:** January 15, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** The ease of set up and its strong protection. We were able to set up quickly in our cloud environment without a lot of complex configuration. The biggest plus is its minimal maintenance. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** UI feels a bit complex in the beginning, especially when we are trying to find specific settings or understand why something was blocked. Some features takes time to get used to. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** CloudGuard WAF helps us protect our web apps and APIs from common attacks and unwanted traffic without requiring a lot of manual effort. It also provides solid visibility into what’s happening with our traffic, which makes it easier to understand what’s being blocked and the reasons behind it. ### 22. Effortless Deployment and Robust Threat Prevention with CloudGuard WAF **Rating:** 4.5/5.0 stars **Reviewed by:** Aditya K. | Technical, Mid-Market (51-1000 emp.) **Reviewed Date:** November 29, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** CloudGuard WAF’s biggest strengths are strong automated threat prevention, multi-cloud support, and ease of deployment for modern application environments. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Trial periods and evaluation phases might be limited, It may longer trials or better QA/testing support before committing. And the rest parts are good. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Uploaded files can hide malware or malicious payloads; CloudGuard’s “file security” inspects uploads and blocks dangerous content before it reaches your application. And traditional WAFs often require manual tuning of rules and signatures a tedious, error-prone task. CloudGuard’s AI-driven contextual detection and automated policy/rule management reduce manual maintenance and cut down false positives. ### 23. Strong ML-Based Protection, but Pricing, Setup, and Documentation Need Work **Rating:** 3.5/5.0 stars **Reviewed by:** Ema B. | Service Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** January 23, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** It can easily distinguish between attacks and legitimate traffic. It doesn’t require a lot of manual tuning, such as creating rules and policies. It protects using machine learning and AI, which helps prevent most attacks. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I don’t like the pricing and the complexity of the initial setup. Log retention is limited, which creates issues with troubleshooting, and the documentation feels lacking—especially when it comes to real-world examples. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It protects against SQL injection and XSS attacks that are often missed. It also reduces false positives, which means less overhead for the network security team. It helps stop automated botnets as well. Overall, it strengthens our network security. ### 24. Advanced AI Security with Flexible Deployment Options **Rating:** 5.0/5.0 stars **Reviewed by:** Giridhar G. | National Bussiness Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** November 17, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Since this includes AI support, advanced features, and management automations, it helps protect against unknown attacks. It also offers flexible deployment options suitable for different cloud and hybrid environments. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The platform presents a steep learning curve, which can impede initial adoption and make it difficult for new users to effectively manage complex rules and logs. Additionally, the documentation is insufficient, which further complicates the onboarding process. I have also noticed that the log retention is limited, which negatively affects visibility and control. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** This solution safeguards web applications against threats such as SQL injection, cross-site scripting, and botnet attacks, helping to prevent data breaches while offering improved visibility into traffic. It also defends against common web application attacks, automated and bot-driven threats, vulnerabilities in applications and APIs, as well as issues related to data breaches and insufficient visibility. ### 25. Lower TCO and DevOps-Friendly Nano Agent **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Telecommunications | Enterprise (> 1000 emp.) **Reviewed Date:** February 05, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Total Cost of Ownership (TCO) is often lower because you don't need a full-time engineer just to babysit the WAF rules. The Nano agent is perfect in a devops environment **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Frustration where troubleshooting deep technical bugs results in a loop of being told to wait for a specific "hotfix" rather than receiving immediate configuration help. Slow Response for Lower Tiers: If you aren't on a high-tier support plan, getting an L3 engineer on the phone for a P1 issue can take longer than desired. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** CloudGuard WAF uses contextual AI to stop manual rule tuning and alert fatigue. It solves the "zero-day gap" by blocking threats like Log4Shell preemptively. Benefit from a 0.81% false positive rate and auto-API discovery that finds "shadow" endpoints. While pricey and complex to license, it saves massive dev time via automation. ### 26. Strong Protection, Overwhelming Setup **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Accounting | Small-Business (50 or fewer emp.) **Reviewed Date:** November 30, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I appreciate Check Point CloudGuard WAF's ability to provide a balance between strong protection and low maintenance. The product effectively shields our web applications on AWS by allowing straightforward rule setup for API protection, virtual patching, and blocking common web attacks. One of the standout features for me is the ability to apply virtual patches instantly, which is crucial when developers need more time to address vulnerabilities. I also find the auto-updates to threat signatures invaluable for keeping us protected against the latest threats. The learning mode is another advantage, as it quickly propagates policy changes, allowing our security measures to adapt swiftly. Switching to Check Point CloudGuard WAF from AWS WAF has resulted in stronger, more automated protection with enhanced visibility, which aligns perfectly with the time constraints we face. This product delivers a robust solution while minimizing the hands-on management typically required. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I find the initial setup of Check Point CloudGuard WAF overwhelming. Upon logging in, the dashboard presents many menus, which can be quite daunting. Implementing a more intuitive feature such as a 'Connect Cloud Environment' could significantly ease this process. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** I use Check Point CloudGuard WAF to protect web apps with virtual patching, strong API defense, and automatic threat updates, balancing strong protection with low maintenance. It also automates tasks that were too manual with AWS WAF, enhancing efficiency and visibility. ### 27. Check Point CloudGuard WAF **Rating:** 4.5/5.0 stars **Reviewed by:** Anshika B. | Solution Consultant, Mid-Market (51-1000 emp.) **Reviewed Date:** October 13, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Checkpoint CloudGuard WAF is a great solution. It uses contextual AI/ML based threat prevention to stop both known threats and zero-day attacks without need for constant signature updates. From a deployment and operation viewpoint, CloudGuard WAF shines, it is cloud-native, Supports infrastructure as a code/API-based setup. Customer support is so great. We have achieved all our use cases. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** No dislike as of now. We liked that product. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** CloudGuard WAF addresses the challenges posted by traditional WAFs that rely heavily on static signatures, manual rule tuning and reactive defences. It also improves detection accuracy while dramatically reducing false positives, so your security operation teams spend much time investigating benign traffic and more time responding to real threats. Additional features like built in bot detection, DDos mitigation, and file upload scanning further close off common attack vectors. ### 28. AI-Powered Protection That Adapts and Blocks Zero-Day Threats **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Food & Beverages | Small-Business (50 or fewer emp.) **Reviewed Date:** November 18, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What I like best is that it uses AI and machine learning, blocking zero-day web attacks, bypassing the need for signatures. It can also distinguish humans from bots using behavioral analysis like mouse movements and keystrokes. The upsides of using the tool basically is that its ML engine adapts to changing traffic patterns automatically and it inspects uploaded files for malicious content. and its frequency of use is high because teams monitor it daily. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Well, there is a few things I don't like the cost is higher than more basic WAFs, especially for smaller apps. On the downside if by any chance you have unusual or custom web apps, the contextual ML might misclassify traffic until properly “trained". Their customer support is not that good. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** For my work maintaining order flow is key, forestalling lost earnings and safeguarding customer satisfaction. it helps me to keep safe business information and sensitive data. Since my line of work greatly depend on uptime, logistics, consumer trust and supply chain reliability. the main problem it helps me solve is that it keeps our digital operations secure, stable, readily available - directly shielding both income and brand's standing. ### 29. My review for Check Point CloudGuard WAF **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Medical Devices | Mid-Market (51-1000 emp.) **Reviewed Date:** November 18, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** As user the most definitely excited by the system's AI, is the robust threat defense, which presents impressively accurate in blocking those intrusions, almost no false positives. Its function demonstrates how easily it’s launched and managed, mainly because of its automated system. It includes strong web application and API protection, with fewer misleading alerts, easy setup in cloud, an adjustment is very easy too. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I dislike that it can be expensive compared to other WAF solutions, and the initial learning curve can be challenging for new users. Some of the documentation could be more detailed, especially for advanced configurations. Additionally, while customer support is generally responsive, it can sometimes take longer than expected to resolve complex issues. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** In one of the cases that i have in the company using Check point cloudGuard WAF, we were experiencing repeated bot attacks and unauthorized API calls that were impacting the performance of a customer-facing application. Some API endpoints were undocumented and being targeted, causing slowdowns and increasing operational risk. After deploying CloudGuard WAF, it automatically discovered these API routes, blocked malicious requests, and filtered out harmful bot traffic. ### 30. Strong Security Features, but Setup and Management Can Be Challenging **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Government Relations | Mid-Market (51-1000 emp.) **Reviewed Date:** January 09, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I have been using the product for some time now, and I can honestly say it is highly effective against SQL injection, cross-site scripting, and bot threats. The automated rules make configuration appear very straightforward and simple. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Configuring the system correctly requires a significant investment of time and a certain level of expertise, particularly when it comes to adjusting security rules to minimize false positives. Additionally, managing and reviewing policies can be somewhat cumbersome, as the interface is not always intuitive, especially when working with complex rule configurations or analyzing large volumes of traffic logs. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** As I have mentioned above the product is highly effective against SQL injection, cross-site scripting, and bot threats. The automated rules make configuration appear very straightforward and simple. ### 31. Reliable Cloud WAF with Strong Automation **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.) **Reviewed Date:** November 13, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What I like most about Check Point CloudGuard WAF is how reliably it blocks common web attacks without needing constant manual tuning. The dashboard is clean, and the threat visibility makes it easy to understand what is happening in real time. Its automated protections and strong integration with cloud environments help maintain security with less operational effort. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The initial setup can feel a bit complex, especially for teams that are not already familiar with Check Point’s ecosystem. Some of the advanced configuration options could be more intuitive, and certain logs take time to get used to. Aside from that, the product performs well but could improve in terms of onboarding and documentation clarity. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF helps us protect our applications from common web attacks like SQL injection, bot traffic, and malicious API calls. It reduces manual monitoring by automatically blocking suspicious behavior. This has improved our overall security posture and saved time for our team by minimizing false positives and providing clearer visibility into threats. ### 32. AI-powered WAF that reduces manual tuning BUT comes at a premium **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Enterprise (> 1000 emp.) **Reviewed Date:** November 07, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I evaluated Check Point CloudGuard WAF as part of a proposal to protect a cloud-hosted web and API stack. The deployment process was remarkably fast — it took only a few minutes to get up and running — and the integration with our existing CI/CD pipeline was smooth and straightforward. It provided comprehensive visibility into API traffic and strong protection against common web threats without requiring extensive manual tuning. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The solution is slightly more expensive compared to some of its competitors, such as Cloudflare WAF and Imperva WAF. However, the additional cost is partly justified by its advanced AI-driven threat detection, API discovery capabilities, and the overall reliability of Check Point’s cloud-native infrastructure. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** For us, the biggest benefit has been the ease of deployment and ongoing management — it integrates seamlessly with CI/CD workflows, scales automatically with cloud workloads, and provides clear visibility into traffic patterns and attack trends. Overall, it has simplified application security operations and improved confidence in protecting our cloud environment. ### 33. Easy Implementation and Management **Rating:** 4.0/5.0 stars **Reviewed by:** Swapnil K. **Reviewed Date:** January 09, 2026 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like that Check Point CloudGuard WAF is easy to implement and manage, which is a standout feature for me. It was also a bit faster to implement access control. I appreciate the search criteria as it doesn't require specific parameters for troubleshooting, making it a more straightforward process. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Nothing to be disliked yet **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF was faster to implement for access control and easier to manage, protecting our company's web application and improving over our previous solution. ### 34. Checkpoint Cloudguard WAF **Rating:** 4.5/5.0 stars **Reviewed by:** Sidharth M. | Solution Consultant, Mid-Market (51-1000 emp.) **Reviewed Date:** October 10, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Checkpoint CloudGuard WAF is appreciated for its intelligent,prevention first approach to securing web application and API's. It offers comprehensive suite of protection, including bot mitigation, DDoS defence, file reputation check and coverage for thousands of known vulnerabilities.Beyond its technical strengths, Checkpoint CoudGuard WAF Excels in delivering a seamless user experience. customer support is so great. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Some users have also noted that documentation can be more user-friendly. Other than this solution is so greta. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** One of the biggest problems it solves is the detection and prevention of zero-day attacks and OWASP top 10 vulnerabilities with relying on signature update. A common pain point with traditional WAFs that generate excessive false positive. CloudGuard's cloud-native design and support for infrastructure-as-code streamline deployment and integration into CI/CD pipelines. ### 35. Seamless Cloud Integration and Effortless Deployment for DevOps **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.) **Reviewed Date:** November 18, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I liked that it integrates well with cloud environments and supports laC workflows and this makes the deployment smooth for the Devops team.It is very effective against common web attacks like SQL injection, XSS etc. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The User Interface is powerful but it felt slightly overwhelming at first open. Some advanced and powerful options are bit hidden in the menus. Sometimes I felt UI lag issues. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Cloudguard WAF helped us to tackle two major issues , securing our API's and protecting out web app from modern attacks pattern. During our trial we were able to quickly setup protections against SQL injection and DDOs attack. It gave us better visibility into the suspicious requests and helped us to understand where our product was vulnerable. We used the trial to evaluate whether we could adopt it long term and the experience was vey positive. ### 36. Simple and effective security solution **Rating:** 5.0/5.0 stars **Reviewed by:** NIKHIL G. | Network Security Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** December 17, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I like how it helps protect web applications from common attacks and gives clear visibility into traffic. The dashboard makes it easier to monitor activity and understand what’s being blocked. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The initial setup and tuning can take some time to understand, especially when working with cloud environments. The interface also has a learning curve for new users. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It helps protect web applications from common attacks and reduces the risk of security incidents. This improves application security and makes monitoring traffic easier from a central place. ### 37. Cloudguard WAF protects our critical web applications and APIs **Rating:** 4.5/5.0 stars **Reviewed by:** Dialungana M. | Principal Cybersecurity Specialist, Enterprise (> 1000 emp.) **Reviewed Date:** April 22, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** It does not require too much manual configuration and it is straight forward to set it up and get your critical assets protected against sophisticated attacks using AI and machine learning to automatically understand the behavior of our applications and APIs. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The fact that you cannot have two assets with the same URL even though the application is reached using different IP addresses. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Before we had no visibility into the application layer attacks targeting our web applications and APIs. We relied completely on our Next Generation Firewalls (NGFW) to protect our assets. Ever since we deployed Cloudguard WAF, we immediately understood that we were missing many attacks that were targeting the applications. Today, with Cloudguard WAF, we block an average of 3500 attacks on daily basis. In addition to that, with tha API protection, we are now able to identify all the endpoints associated with the applications and better protect our APIs. ### 38. Check Point CloudGuard WAF: AI-Powered Protection for Web and API Workloads **Rating:** 4.5/5.0 stars **Reviewed by:** Samrawit T. | IT Logistics Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** May 16, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What I like best about Check Point CloudGuard WAF is its contextual AI-driven threat prevention, which delivers precise, signature-free protection against zero-day attacks and OWASP Top 10 vulnerabilities—while seamlessly integrating into CI/CD pipelines for automated, cloud-native security. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** What I dislike about Check Point CloudGuard WAF is its steep learning curve, limited documentation, and high cost—factors that can slow down adoption, complicate integration with custom applications, and restrict accessibility for smaller teams. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF solves the critical challenge of protecting web applications and APIs from zero-day threats, OWASP Top 10 vulnerabilities, and malicious bot traffic by using contextual AI and machine learning—benefiting me by enabling precise, signature-free threat prevention, reducing manual tuning, and ensuring secure, compliant cloud operations across dynamic environments. ### 39. Check Point CloudGuard WAF **Rating:** 5.0/5.0 stars **Reviewed by:** Sumeet M. | Cyber Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** June 18, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What I like best about Check Point CloudGuard WAF is that it gives solid protection for our web applications without being hard to use. It automatically detects and blocks threats like SQL injection, cross-site scripting, and other attacks, so we don’t have to worry about constant monitoring. It also keeps everything running smoothly without slowing things down. The setup is straightforward, and the dashboard makes it easy to see what’s happening. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Some advanced settings can be a bit complex at first, but it works well once set up. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF helps protect our web applications from common threats like SQL injection, cross-site scripting, and bot attacks. It blocks harmful traffic before it reaches our systems, which keeps our apps safe and running smoothly. This saves us time, reduces the risk of downtime, and gives us peace of mind knowing our web services are protected without needing constant manual monitoring. ### 40. Great cloud protection that’s easy to set up and really effective **Rating:** 5.0/5.0 stars **Reviewed by:** Heiner M. | Account Manager, National Accounts, Small-Business (50 or fewer emp.) **Reviewed Date:** November 04, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I really like how easy it is to deploy and how effectively it protects applications without adding latency. It integrates smoothly with cloud environments and provides great visibility into threats.. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Sometimes the configuration can feel a bit complex at first, and the interface could be more intuitive for fine-tuning policies. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** It helps protect our cloud applications from common web attacks like SQL injection and XSS, ensuring compliance and reducing security risks. It also saves time by automating threat detection and response ### 41. Presales Engineer **Rating:** 4.0/5.0 stars **Reviewed by:** Kowshik R. | Technical engineer , Information Technology and Services, Mid-Market (51-1000 emp.) **Reviewed Date:** June 12, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Check Point CloudGuard WAF is great because it uses smart AI to stop new and advanced threats automatically. It’s fully managed, so you don’t have to worry about updates or tuning—Check Point handles everything. It works perfectly with cloud platforms like AWS and Azure, scaling up as your traffic grows. It protects against all kinds of attacks, including bots, DDoS, and hacked APIs, all in one place. Plus, it’s easy to control with a single dashboard, making security simple and hassle-free **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Check Point CloudGuard WAF can be pricey, especially for smaller teams. Setting it up isn't always quick—it might take some time to get everything working smoothly. While it's good at blocking threats, tweaking advanced rules isn't as flexible as some other tools. Since Check Point manages updates, you can't always make changes on your own schedule. Occasionally, it might slow down your apps a tiny bit when inspecting traffic deeply. Still powerful, but worth considering these trade-offs **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF solves three big headaches for me. First, it acts like a smart shield that automatically blocks hackers trying to break into my websites or APIs - stopping stuff like SQL injections, credential stuffing, and sneaky bot attacks. Second, it saves me tons of time because Check Point handles all the security updates and rule changes behind the scenes. Third, it keeps my cloud apps safe without slowing them down, growing automatically as my traffic increases. The best part? I get strong protection without needing to be a security expert, and I can see everything that's happening through one simple dashboard. It's like having a 24/7 security guard that never sleeps and learns new tricks to catch threats. ### 42. The Best Protection Shield for Web App and API Security **Rating:** 4.0/5.0 stars **Reviewed by:** Soe Moe T. | System Engineer, Information Technology and Services, Mid-Market (51-1000 emp.) **Reviewed Date:** August 26, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Firstly, I like the best about Check Point CloudGuard WAF is It's UI. It is very responsive, simple and easy to use and understand. It is also provided for AI powered, Automation and can block others attack such as DDOS, SQL Injection, and etc ... So I used CloudGuard WAF for my Web and API security. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** I don't have much about Check Point Cloud Guard WAF. It is very useful for me and I prefer to use. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Cloud Guard WAF can benefit to me because it can protect a lot of protection for my Web and API security. The best benefiting to me is unknown threats. ### 43. My review: Check Point CloudGuard WAF **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Medical Devices | Mid-Market (51-1000 emp.) **Reviewed Date:** November 18, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** the level of automation! The fact that we didnt have to rely on constant signature updates and changes. The system, sensitive documentation and quality management system are fully protected. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The learning curve! I always say it's totally worth it after you've crossed it. It may feel at times that more guidance is needed to really get acquainted with the workings od the tool. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** In the medical device industry and from my point of view, protecting sensitive patient files is the most important feature it has. It is also protecting product art, patents, schemes and product development information. ### 44. Reliable Threat Prevention for Web Apps and APIs **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.) **Reviewed Date:** April 29, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** I really like how easy it is to deploy in the cloud and how it just works with AWS and Azure. It blocks threats before they get near our apps, and the real-time alerts are super helpful. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** While CloudGuard WAF is effective, the initial configuration and policy tuning can be complex, especially in environments with custom applications. The user interface could also be more intuitive when managing large rule sets or viewing logs. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** "Check Point CloudGuard WAF helps us secure our web applications and APIs against common and advanced threats like SQL injection, cross-site scripting, and bot attacks. It addresses the challenge of protecting dynamic, cloud-native workloads by integrating directly with AWS and Azure. The benefit is real-time protection with automated scaling and consistent policy enforcement across our cloud environments, significantly reducing the risk of breaches and downtime. ### 45. Check Point CloudGuard WAF: Essential Shield for Web Applications **Rating:** 4.5/5.0 stars **Reviewed by:** Etsub A. | Senior Presales engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** May 15, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** 1. Offers robust protection against a wide range of web application attacks, including SQL injection and cross-site scripting 2. Simplifies the setup process with user-friendly interfaces and quick configuration options 3. Provide real-time visibility into web traffic and security incidents, enabling proactive threat detection **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** 1. Higher cost for a small business organization 2. Users might encounter false positives that can disrupt legitimate traffic 3. The extensive features may lead to a steep learning curve for new users, impacting initial adoption **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF addresses several critical problems: 1. Protect against a variety of common threats 2. Helps safeguard sensitive data transmitted over web applications, reducing the risk of data breaches 3. Provides detailed insights into web traffic and security incidents ### 46. CloudGuard WAF Delivers Peace of Mind and Similipfied **Rating:** 4.5/5.0 stars **Reviewed by:** Satish P. | DGM - SOC Servcies, Mid-Market (51-1000 emp.) **Reviewed Date:** April 23, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** 1 ) Accurate threat detection with minimal false positives 2) Prevention First approach 3) Reduces operation overhead 4) Good detection technology 5) Minimal false positive 6) Onboarding is easier 7) Best feature is its comprehensive API security and automated API discovery **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** 1) Initial onboarding is tedious 2) Documentations needs further improvement 3) Drastic improvements needs in support 4) Need further improvement in antibot **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Zero-day threats, API risks, operational complexity—with AI-driven automation, precise threat prevention, and seamless cloud integration. This resulted in stronger security postures, lower operational costs, and scalable protection. ### 47. Effective and User-Friendly Web Application Firewall **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** May 23, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** What I like best about Check Point CloudGuard WAF is its strong integration with cloud-native environments. It works seamlessly with our AWS deployment, and the automated protections help us stay ahead of evolving threats without constant manual tuning. The UI is intuitive, which makes managing policies and viewing logs much easier, even for team members who aren't deep into security. I also appreciate how responsive the threat intelligence updates are—there's a clear sense that we're being protected with real-time data. Overall, it gives us peace of mind knowing our web applications are secure without creating unnecessary complexity. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** While Check Point CloudGuard WAF is a solid solution overall, there are a few areas that could be improved. Occasionally, the initial configuration can be a bit time-consuming, especially for more complex environments. Also, while the documentation is helpful, some sections could benefit from a bit more clarity or real-world examples. That said, once everything is set up, the platform runs smoothly and delivers reliable protection. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Check Point CloudGuard WAF helps us protect our web applications from common threats like SQL injection, cross-site scripting, and bot attacks. It’s particularly valuable in our cloud environment, where scalability and automation are key. By automatically adapting to new threats and integrating smoothly with our DevOps workflows, it reduces the need for manual intervention and speeds up our response time. This not only strengthens our security posture but also frees up our team to focus on other priorities without worrying about constant monitoring or complex rule updates. ### 48. Great AI-powered security **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** August 20, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** Great AI-powered security protecting web applications and APIs Contextual Threat Prevention API Discovery & Protection Easy Deployement Self sufficent and able to prevent and improve by itself isolating possible breaches. **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** Depends a lot on the support and to resolve certain issues it might require some time. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** WAF and cloud protection ### 49. An interesting proposition in a sea of competitor **Rating:** 4.0/5.0 stars **Reviewed by:** Frédérick F. | System Administrator, Mid-Market (51-1000 emp.) **Reviewed Date:** May 12, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** The interface is easy to understand. When I compare to the competition with overly complex menu and nested option. It’s a bref of fresh air. It’s also cohesive with the rest of checkpoint’s offering **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** With more comprehensive approach I feel that’s it’s missing a few features. Such as a zero trust feature for clients which the competitors offers. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Peace of mind for any Saas product I have in the cloud and my azure subscription ### 50. Protecting your brand with Check Point CloudGuard **Rating:** 4.0/5.0 stars **Reviewed by:** José Luis C. | IT Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** April 22, 2025 **What do you like best about Check Point WAF (formerly CloudGuard WAF)?** The automation of rules and the visibility of logs by category **What do you dislike about Check Point WAF (formerly CloudGuard WAF)?** The initial setup was a bit complicated having an AWS behind it. **What problems is Check Point WAF (formerly CloudGuard WAF) solving and how is that benefiting you?** Automatic reputation protection on a CMS developed in WordPress - [View Check Point WAF (formerly CloudGuard WAF) pricing details and edition comparison](https://www.g2.com/products/check-point-waf-formerly-cloudguard-waf/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-19+23%3A43%3A31+-0500&secure%5Bsession_id%5D=d1a04281-a917-440b-8b3b-5c47fe8f3d35&secure%5Btoken%5D=1fd65fb0c5db0aca59405c14edd9e9aa8d62008b6947de7cac776b60b69f77f5&format=llm_user) ## Check Point WAF (formerly CloudGuard WAF) Integrations - [AWS CloudFormation](https://www.g2.com/products/aws-aws-cloudformation/reviews) - [Azure Portal](https://www.g2.com/products/azure-portal/reviews) - [Google Analytics](https://www.g2.com/products/google-analytics/reviews) - [YouTube Advertising](https://www.g2.com/products/google-youtube-advertising/reviews) ## Check Point WAF (formerly CloudGuard WAF) Features **Analysis** - Logging and Reporting - Issue Tracking - Security Monitoring **API Management ** - API Discovery - API Monitoring - Reporting - Change Management **Cloud Visibility** - Data Discovery - Cloud Registry - Cloud Gap Analytics **Controls** - Application-Layer Controls - Traffic Controls - Network Controls **Security Testing** - Compliance Monitoring - API Verification - API Testing **Security** - Data Security - Data loss Prevention - Security Auditing **Functionality** - API / Integrations - Extensibility - Bot Traffic **Security Management** - Security and Policy Enforcement - Anomoly Detection - Bot Detection **Identity** - SSO - Governance - User Analytics **Generative AI** - AI Text Summarization ## Top Check Point WAF (formerly CloudGuard WAF) Alternatives - [HAProxy](https://www.g2.com/products/haproxy/reviews) - 4.7/5.0 (883 reviews) - [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) - 4.5/5.0 (578 reviews) - [Postman](https://www.g2.com/products/postman/reviews) - 4.6/5.0 (1,726 reviews)