Announcing Tami, Our New AI Cloud SecOps Agent Learn More

LET’S TALK
BACK TO RESOURCES

February 11, 2025

Seamlessly Migrate from Check Point CloudGuard to Wiz in Under 2 Weeks with Tamnoon

Seamlessly Migrate from Check Point CloudGuard to Wiz

Yoni Lebowitsch

Vice President of Technical Services

Share:

Check Point Software’s new strategic partnership with Wiz is shaking up cybersecurity.

Companies are now exploring how they will migrate from Check Point CloudGuard to Wiz’s CNAPP—something that may sound and seem exhausting.

Between the integrated systems, configurations, and training your teams will need—there’s a lot to think about.

Change is coming no matter what, so how can you prepare? It starts with finding CNAPP/CSPM-agnostic partners who can support you through all stages of migration.

Let’s make this process as easy as possible for you with the exact steps and value we provided to help an enterprise media company successfully migrate to Wiz in under two weeks.

POCs, Planning, and Getting Started

Migrating to Wiz can stir up a few emotions. On the one hand, you’re nervous about the uncertainty of the migration process. On the other hand, you’re probably excited to deploy a new tool with cool features.

Depending on your migration approach, you may skip this stage if you’re already a CloudGuard customer.

The first step is to start the conversation with Wiz. This usually includes: 

  • A POC to test use cases and specific needs
  • Defining stakeholders and who’s responsible for what
  • Finalizing and getting contracts signed
  • Identifying strategic partners to accelerate timelines and support the migration process

Cool, what’s next?

Get Your Cloud Engineering Teams and Developers Involved Early

A lot needs to happen to keep your migration timeline on track. The good news is you’re in good hands.

The first step is to involve your cloud engineering teams and developers while ensuring every piece of infrastructure is onboarded. 

Developers are the ones you’re going to be working with on remediation and preventing problems from happening again. Make them feel involved in the process. They’ll also be responsible for connecting your cloud accounts with Wiz. Luckily, Wiz has a fairly smooth and established process for this.

Define What to Monitor, Your Alerts, and Exceptions

If you’re like most companies, you’re no stranger to alert fatigue. It’s also generally safe to say your security, engineering, and DevOps teams have limited resources to keep up with everything.

That’s why it’s essential to define what you will monitor in Wiz. This means: 

  • Mapping out what needs to be monitored—and why
  • Establishing what will trigger an alert
  • Porting existing or creating new exceptions/exclusions—known as ignore rules in Wiz

A strong understanding of these processes allows you to customize your deployment based on organizational needs.

Implement Tracking During the Migration Process

There are many moving pieces when it comes to migrating CNAPPs.

Early on, it’s important to implement a way to track the migration process to ensure issues detected in Check Point CloudGuard are carried over into Wiz.

Tamnoon uses open tasks to accomplish this for our customers. This ensures open tasks in Check Point CloudGuard are connected to a corresponding task for that same Wiz alert. More importantly, it provides full visibility and better tracking for these tasks.

It’s more important to focus on tasks in accounts you deem as critical to your business. If you’re not seeing the alerts you wanted, are seeing more or less, or it just isn’t lining up, there’s some config tuning that needs to be done.

Match and Optimize Your Configurations

Modern CNAPPs are packed with advanced features, but great features are useless without the right configurations behind them.

Your migration partner will help you finetune these configurations as you port and create them in Wiz. This includes mapping what will be alerted and how severity is established based on previous configurations in CheckPoint CloudGuard.

There’s a big difference between findings, issues, and alerts. 

  • Findings: The raw, granular data points or indicators, like a vulnerable package or configuration detail, that Wiz collects during scans. They serve as building blocks for potential risks but aren’t necessarily actionable alone.
  • Issues: The higher-level security risks or misconfigurations that Wiz creates by correlating multiple findings and contextual information. An Issue represents a specific problem like a discovered vulnerability, overprivileged role, or exposed secret that you can investigate and remediate.
  • Alerts: The notifications or messages Wiz sends via integrations, email, or ticketing systems to make teams aware of new Issues or noteworthy changes in the environment. Alerts help ensure security and DevOps teams know about critical concerns needing attention.

You need the right configurations and ignore rules in place to achieve comprehensive visibility. This requires a lot of finetuning and shouldn’t be seen as a one-and-done process. Instead, it should become a continuous process that evolves with your organization.

Port and Create Your Exceptions/Exclusions (Ignore Rules)

It’s safe to assume you want to reduce the number of unnecessary alerts you receive. That’s where ignore rules come into play.

Unfortunately, recreating Check Point’s CNAPP exceptions/exclusions isn’t a one-click process. A lot of work goes into understanding how these ignore rules will carry over into Wiz.

Your migration partner will help you translate and migrate your exceptions by carefully mapping out the logic for each exclusion and ensuring it translates into Wiz. They’ll also create new ignore rules if an existing exclusion doesn’t immediately translate over.

The goal here is to finetune and customize your CNAPP to your exact needs, accelerating your go-live timeline while reducing alerts and risk exposure.

Onboard New Wiz Features with Confidence

Wiz continues to push the boundaries of what’s possible with a modern CNAPP. This often translates into exciting new features to try.

Before flipping the switch, it’s crucial to understand how each feature may impact existing configurations, integrations, and ignore rules.

But with Tamnoon, your Wiz Technical Account Manager, and your Customer Success Manager by your side—trying and deploying new features becomes easy, allowing you to get the most out of Wiz.

Migrate from Check Point CloudGuard to Wiz in Two Weeks

Migrating to a new CNAPP doesn’t need to be hard—it can even be easy with the right partner by your side. Chat with an expert today.

Working with Tamnoon minimizes disruption and accelerates your time to migration by: 

  • Giving your teams access to a team of in-house Wiz migration experts who have done this for large-scale customers.
  • Mapping and creating custom policies, alerting rules, ignore rules, and automation workflows.
  • Supporting migration of your integrations with ticketing systems (like Jira), CMDB tools (like ServiceNow), SIEM tools (like Splunk), and any other platforms that are used in your cloud security program.
  • Migrating the custom org structures and ownership models. 
  • Reducing alert fatigue while ingesting, triaging, and prioritizing every Wiz alert.
  • Improving your MTTR for critical and high issues while collaborating with cloud security, engineering, and DevOps teams.

You don’t have to train our team on how to use Wiz—or any CNAPP. We make the migration to Wiz a seamless experience. Get in touch today to see how we can get you up and running within two weeks.

Frequently Asked Questions

Begin with a proof of concept (POC) alongside Wiz to validate use cases, define stakeholders, and finalize contracts. Then identify a migration partner to help create a tailored plan and timeline suited to your environment.

Involve your cloud engineering and development teams early to onboard infrastructure, handle remediation workflows, and set up account connections with Wiz. Their participation ensures configurations and integrations are aligned from the start.

Map what to monitor, define alerts, and port or recreate ignore/exclusion rules from CloudGuard to Wiz. This prevents alert fatigue and ensures that findings and issues translate correctly between platforms.

Use a tracking system that links open tasks in CloudGuard to equivalent alerts in Wiz. Prioritize critical accounts and continuously validate that alerts and configurations align between tools.

Your migration partner should help map findings, issues, and alerts from CloudGuard to Wiz, define severity, and translate ignore rules. Continuous configuration tuning ensures visibility remains accurate and relevant over time.

Introduce new Wiz features thoughtfully: assess their impact on existing configurations, integrations, and ignore rules before enabling them. This reduces risk and preserves alert fidelity during feature rollouts.

Discover the Latest From Tamnoon

There’s always more to learn, see our resources center

Blog

November 26, 2025

Misconfigurations in the Wild: How We Untangled 103 Hard-Coded Secrets

READ MORE

Blog

November 20, 2025

Why Speed Matters in Cloud Security (And What You Can Do About It)

READ MORE

Data Sheets

November 18, 2025

A Comparative Overview of Cloud Security Platforms

READ MORE
Scroll to Top

Join us for

CNAPP Decoded: Alerts, Remediations, and CNAPP Best Practices 1x a Month

Join 2,300+ Cloud Security leaders looking to master their CNAPP with expert remediation tips and best practices to test in your own CNAPP today.

Platform

Learn about Tamnoon's cloud security Al platform.

Learn More

Tami

The AI cloud security agent at Tamnoon’s core.

Integrations

See all the platforms Tamnoon works with.

Reporting and Compliance

Deep and relevant reporting to keep you compliant.

Agentic Prioritization

Make sure you’re working on the right issues.

Agentic Investigation

An AI-first process to get to the truth behind the alert.

Agentic Remediation

Custom-made remediation plans for every scenario.

CNAPP Copilot

Keep your backlog in check using AI built for SecOps.

CDR Copilot

An active, 24/7 Cloud SOC powered by AI.

Expert Supervision

Cloud security experts that know how to work with, not against, AI.

Agentic Cloud
Security

An AI-managed cloud security experience.

Expert-supervised Security

Expert AI Cloud SecOps backed by human experts.

Tool-agnostic Security

We work with the stack you already use

Cloud Detection and Response

An active, 24/7 Cloud SOC.

Full-cycle Remediation

Go from open → closed faster.


CNAPP Migration

Migrate between CNAPPs without losing coverage.

Crown Jewels

Focus on your most precious assets first.

Resources

Research & Interactive

Recent Content

Full CNAPP Demos

Watch on-demand demos from all major CNAPPs, filmed at our latest showcase.
HOW IT WORKS
LET’S TALK