Check Point Formally Rolls Out Cloud Security Toolset To Combat Malware Infections, Account Hijacks
Check Point Software Technologies has unveiled a family of cloud security products to thwart an increase in account hijacking and multi-vector attacks on cloud workloads and applications.
The San Carlos, Calif.-based enterprise security vendor said its new product, CloudGuard, could protect enterprises against cyberattacks on cloud infrastructure workloads, as well as SaaS applications. CloudGuard integrates with IaaS cloud platforms and cloud-based SaaS providers to instantly and easily protect any cloud, service or application against the most sophisticated breaches, malware and zero-day attacks, the company said.
SaaS security offerings typically focus on identity brokerage capabilities, such as providing multi-factor authentication, user validation, and auditing, according to Don Meyer, Check Point's head of product marketing. But organizations need more than a CASB (cloud access security broker) to combat next-generation threats such as account hijacking and spear-phishing attacks, he said.
[Related: Check Point To Launch Cloud Security Offering Focused On Safeguarding IaaS, SaaS Applications]
To combat account hijacking, Meyer said organizations need more information about both the device and users to better understand what could be exposed if this transaction was allowed to occur and whether or not this falls within the regular exchange of information.
"There's some need for additional threat prevention capabilities," Meyer told CRN. "We feel that it was a good time for us."
CloudGuard supports single-click SaaS deployment to keep security aligned with the dynamic and agile nature of cloud-based services, Check Point said. Additionally, dynamic policy updates and auto-provisioning ensure quick and easy scaling of IaaS cloud security that's fast and in-line with modern business requirements, according to the company.
Check Point CloudGuard IaaS is available immediately, with CloudGuard SaaS expected to be available early in the second quarter, the company said. CloudGuard IaaS was formerly known as vSEC and provides advanced security and threat prevention for all leading public and private cloud platforms.
Enterprise cloud adoption is accelerating around both the adoption of hybrid cloud infrastructures like AWS, Microsoft Azure, and VMWare NSX, as well as cloud-based applications such as Microsoft Office 365, Google G-Suite and Box. But with shared ownership of assets in the cloud, Check Point said knowing who is responsible for security is often unclear, and can often lead to additional confusion.
CloudGuard SaaS uses patent-pending ID-Guard technology to prevents account takeover as well as the hacking of SaaS applications, Check Point said. The tool stops advanced persistent threats and unknown zero-day malware from infecting content in SaaS by using real-time sandboxing, ransomware protection, and anti-bot technologies, according to the company.
For Microsoft Office 365 or Gmail, Meyer said Check Point can intercept attachments, send them off to the company's ThreatCloud, explode them there, and see what's embedded in those applications. This is a popular threat vector today for malware and ransomware attacks, according to Meyer.
The company can intercept documents before they get to the endpoint and, should they contain malicious content, strip all of the bad stuff off and deliver the customer a clean version of the PDF that's completely sanitized, according to Meyer. This ensures the end user gets the information they desire in real-time without any delays, he said.
From an identity protection perspective, Check Point said CloudGuard blocks threat actors or imposters from accessing SaaS accounts, as well as thwarting unauthorized users and compromised devices. CloudGuard automatically forces encryption of sensitive data, and blocks and quarantines the unauthorized sharing of sensitive files to bolster data protection, the company said.
CloudGuard SaaS additionally ensures consistent policies are enforced across Check Point security gateways and SandBlast mobile offerings, the company said. The offering is powered by integrated, real-time cloud-based threat intelligence focused on identifying new attack vectors, according to Check Point.
Most customers are unaware of the security risks associated with SaaS and mistakenly think the vendor providing the tool secures them completely, said Ashok Thakur, president and CEO of Hicksville, N.Y.-based Computer Consultants Network. A handful of high-profile ransomware cases around SaaS tools would raise customer awareness around the vulnerabilities associated with the technology, Thakur said.
Given the lack of customer awareness today, Thakur said he isn't sure how much his company will leverage CloudGuard SaaS from the get-go. But as both SaaS-based threats and the technology addressing the space mature, Thakur anticipates it will be a more significant part of his company's business come 2019.
"There's a big opportunity here," he said.
Kio Networks would like to see Check Point boost its capabilities around hybrid cloud since the Interlomas, Mexico-based solution provider has a number of customers with a footprint in both the on-premise and cloud world, according to Solutions Architect Manager David Garcia.
"This needs to come along since we're living in a cloud world now," Garcia said.