Tag Archives: check point software

News

Check Point Software Technologies Named a Leader in the Gartner® Magic QuadrantTM for Network Firewalls

Check Point Software recognized as a Leader for its security architecture innovations like Maestro,
roadmap execution, complete security portfolio for on-premises, cloud and hybrid networks, and enhanced customer satisfaction

 Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, today announced that it has been recognized as a Leader in the Gartner® Magic Quadrant™ for Enterprise Network Firewalls. Check Point Software has been listed as a Leader yet again, which we believe further validates Check Point’s track record and tradition of innovation.

“Security threats have become more sophisticated requiring Check Point Software to continuously improve threat intelligence, automate policy management and deliver security architecture innovations like Maestro Hyperscale. We believe, being recognized as a Leader in Gartner® Magic Quadrant™ for Enterprise Network Firewalls is a testament to our vision of providing best-in-class security for rapidly changing environments,” said Itai Greenberg, VP of Product Management at Check Point. “This year’s recognition solidifies our position as a leader in delivering a hybrid data center security architecture that enables enterprises to scale threat prevention on demand on premises and in the cloud with a unified management system.”

Check Point Software’s Infinity Architecture is the industry’s first consolidated security architecture spanning networks, cloud, endpoint, mobile and IoT, providing the highest level of threat prevention against both known and unknown cyber threats. At the heart of Check Point’s threat prevention capabilities lies ThreatCloud, the world’s most powerful threat intelligence network.

The continuous recognition for Check Point Software’s Network Firewall products is driven by:

 

  • Advanced security architecture and innovative roadmap: To name a few, these include Check Point’s Maestro Hyperscale security solution that provides fast, on-demand cloud-like scaling of organizations’ on-premises security gateways, intelligently orchestrating existing resources and providing redundancy, as well as autonomous threat prevention, which offers administrators set-and-forget policies and security settings that are continually optimized in the background.
  • Complete portfolio for securing evolving IT environments: Check Point Software has a clear prevention-first security strategy with products that span on-prem, hybrid and IaaS security needs. Its comprehensive security architecture swiftly manages entire IT infrastructures: Quantum for on-prem networks, Check Point CloudGuard for public clouds (Azure, AWS, GCP etc.) and Harmony Connect, Check Point’s Secure Access Service Edge (SASE) solution, to secure the remote workforce
  • Unparalleled customer satisfaction: This year Check Point Software customer satisfaction was commended in Gartner Peer Insights reviews for Network Firewalls.  This is a reflection of Check Point’s   uncompromised commitment to high quality products, service and support. Check Point secures over 100,000 organizations in over 80 countries around the globe, including 90% of the global Fortune 500.

Many enterprises are adopting the hybrid work model permanently, so the adoption of Secure Access Service Edge (SASE) security solutions is on the rise. The Secure Access Service Edge (SASE) model addresses the limitations of traditional network architectures, by converging networking and security in the cloud enabling enterprises to prioritize security and threat prevention.  Check Point Harmony Connect SASE offers the only prevention-focused SASE solution with a 100% catch rate for malware threats, enabling enterprises to prevent and block even the most advanced attacks, before they can disrupt business. Some of the key features include Firewall-as-a-service, Zero Trust Network Access (ZTNA) and a cloud-delivered Secure Web Gateway (SWG).

Read more about today’s announcement and receive Gartner® Magic Quadrant™ for Network Firewalls.

*Gartner® Magic Quadrant™ for Network Firewalls, Rajpreet Kaur, Adam Hils, Jeremy D’Hoinne, Nat Smith 1 November 2021.

 

Cybersecurity, Logistics, News, Supply Chain

2022 Predictions: Supply Chain Cyber Attacks to Increase and Ransom Demands by Hackers to Break Records

With 1 out 61 organizations impacted by ransomware each week, Check Point Research (CPR) issues its 2022 Cyber Security Predictions, stating that supply chain cyberattacks will become more common and proliferate next year.

  • Expect ransom demanded by hackers to break records next year. In May 2021, US insurance giant paid $40 million in ransom to hackers.
  • Mobile malware attacks will increase, as mobile wallets and mobile payment platforms are used more frequently
  • Cryptocurrency is anticipated to become a focal point for cyber attacks

Today, Check Point Software released its cyber security predictions for 2022, detailing the key challenges that organizations will face over the next year.

 

Why Supply Chain Attacks?

CPR believes that supply chain attacks will become more common and governments will begin to establish regulations to address these attacks and protect networks. They will also look into collaborating with the private sectors as well as other countries to identify and target more threat groups operating on a global and regional scale.

Supply chain attackers take advantage of a lack of monitoring within an organization’s environment. They can be used to perform any type of cyber-attack, such as data breaches and malware infections. The well-known SolarWinds supply chain attack stands out in 2021 due to its scale and influence, but other sophisticated supply chain attacks have occurred such as Codecov in April, and most recently, Kaseya.  Kaseya provides software for Managed Service Providers (MSPs) and the REvil ransomware gang exploited the company to infect over 1,000 customers with ransomware.  The group demanded a ransom of $70 million to provide decryption keys for all affected customers.

Going into 2022 we will see an increase in data breaches that will be larger scale. These breaches will also have the potential to cost organizations and governments more to recover. In May 2021, US insurance giant paid $40 million in ransom to hackers. This was a record, and we can expect ransom demanded by attackers to increase in 2022.

 

Full List of Predictions

  • Misinformation campaigns will return and advent of fake news 2.0. In 2022, cyber groups will continue to leverage these types of fake news campaigns to execute various phishing attacks and scams.
  • Cyber-cold war to intensify. Improved infrastructure and technological capabilities will enable terrorists groups and political activists to further their agendas and carry out more sophisticated, widespread attacks. Cyber-attacks will increasingly be used as proxy conflicts to destabilize activities globally.
  • Supply chain cyber-attacks continue to grow, and governments will address the challenge. Supply chain attackers take advantage of a lack of monitoring within an organization’s environment.
  • Data breaches will be larger scale and costlier. We can expect ransom demanded by attackers to increase in 2022. Going into 2022 we will see an increase in data breaches that will be larger scale. These breaches will also have the potential to cost organizations and governments more to recover.
  • Mobile malware attacks are to increase. As mobile wallets and mobile payment platforms are used more frequently, cybercriminals will evolve and adapt their techniques to exploit the growing reliance on mobile devices.
  • Cryptocurrency to become a focal point for cyberattacks globally. As reports of stolen crypto wallets triggered by free airdropped NFTs become more frequent, Check Point Research (CPR) investigated OpenSea and proved it was possible to steal crypto wallets of users by leveraging critical security. In 2022, we can expect to see an increase in cryptocurrency related attacks.
  • Attackers to leverage vulnerabilities in microservices to launch large scale attacks. With microservices becoming the leading method for application development, and microservices architecture being embraced by Cloud Service Providers (CSPs), attackers are using vulnerabilities found in microservices, to launch their attacks. We can also expect to see large-scale attacks targeting CSPs.
  • Attackers to weaponize deepfake technologies. Threat actors will use deepfake social engineering attacks to gain permissions and access sensitive data.
  • Penetration tools continue to grow. Hackers will increasingly use penetration tools to customize attacks in real time and to live and work within victim networks.

 

Maya Horowitz, VP Research at Check Point Software at Check Point Software, comments:

“In 2021, cyber criminals adapted their attack strategy to exploit vaccination mandates, elections and the shift to hybrid working, to target organizations’ supply chains and networks to achieve maximum disruption. The sophistication and scale of cyber-attacks will continue to break records and we can expect a huge increase in the number of ransomware and mobile attacks. Looking ahead, organizations should remain aware of the risks and ensure that they have the appropriate solutions in place to prevent, without disrupting the normal business flow, the majority of attacks including the most advanced ones. To stay ahead of threats, organizations must be proactive and leave no part of their attack surface unprotected or unmonitored, or they risk becoming the next victim of sophisticated, targeted attacks.”

News

Check Point Software Technologies Acquires Avanan, the fastest growing cloud email and collaboration security company, to redefine security for cloud email

With email threat landscape becoming wider every year, the integrated Check Point Software and Avanan offering will deliver best-of-breed cloud e-mail malware protection and expand security to SaaS collaboration suites

Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions to corporate enterprises and governments globally, today announced the acquisition of Avanan, the fastest growing cloud email security company. Avanan technology provides the highest level of security for emails and SaaS collaboration suites. Avanan will integrate into the Check Point Infinity consolidated architecture to deliver the world’s most secure email security offering. Utilizing patented technology designed and built for cloud email environments, this will be the only unified solution in the market to protect remote workforce from malicious files, URLs and Phishing across email, collaboration suites, web, network, and endpoint.

Email technologies have evolved and transitioned from on premise solutions to the cloud. With 95% of cyber-attacks targeting enterprise networks are caused by successful spear phishing, the cloud email threat landscape has never been wider. The amount of phishing attacks doubled in 2020, with every Microsoft Office 365 user in the world attacked at least once.

The COVID-19 pandemic and the move to remote work continue to fuel the adoption of cloud office systems and the use of other collaboration suites beyond email (e.g. Teams, Slack, OneDrive), expanding users’ exposure to cyber-attacks even more. This expanded threat landscape requires a new approach to email security since conventional solutions built for on-premises email have failed to adapt for the cloud. Legacy email solutions (SEG) impair native security tools, are blind to cloud threats, and cannot protect collaboration suites.

Avanan, founded in 2015, is the world’s fastest growing cloud-email security vendor. The company developed a patented application-programming interface (API) solution to stop email threats before arriving to the inbox (inline), for both internal and external emails using AI based engines. With over 100 employees, it protects more than 5000 customers and over 2.5 million inboxes. The solution deploys in minutes like an app and is configured in a few clicks.

“More and more businesses are moving to cloud-email platforms and with email becoming a major channel to launch devastating cyber-attacks, this acquisition represents a huge potential as organizations are looking for a new approach to email and collaboration suite security,” said Dr. Dorit Dor, Check Point’s Chief Product Officer. “By integrating Avanan into Check Point Infinity, organizations will be able to modernize legacy solutions with email security as-a-service and protect cloud email and collaboration suites from the most sophisticated attacks.  We’ve been using the Avanan technology as an OEM for the last 3 years and I am confident that with this new addition, customers will enjoy the best email security with the best cyber security capabilities.”

“Avanan’s journey to reinvent email security is starting a whole new chapter. By merging with Check Point Software, we are combining Avanan’s best in class A.I. that catches the sophisticated email-borne attacks everyone else misses, with Check Point Software’s unparalleled security capabilities and threat intelligence,” says Gil Friedrich, CEO and co-founder of Avanan. “With Check Point Software’s global organization, we plan to bring our joint solution to all organizations, of all sizes and geographies, to anyone that needs better security for their email and collaboration suite”.

Check Point Software entered into a definitive agreement to acquire Avanan and the transaction is expected to close imminently.

Check Point Infinity is the industry’s first consolidated security architecture, providing the highest level of threat prevention against both known and unknown cyber-threats. The integration of Avanan technology into the Check Point Infinity architecture is set-to deliver the highest level of security to remote workforces worldwide, providing the only unified solution that will protect from malicious files, URLs and phishing across email, collaborations apps, web, network, and endpoint. The unified solution will allow organizations to:

  • Modernize legacy solutions (SEG) with email security as a service and protect cloud email in less than 5 minutes.
  • Stop 30% more infected emails than any conventional email security solution with best of breed malware protection and no impact in productivity: preventing phishing attacks and malicious files from landing in the inbox, eliminate hazardous clicks on emails with click time URL protection and prevent attack expansion before any damage is evident with automatic post attack remediation.
  • Protect email data loss (internal and external) with the most secure and flexible solution: security admins have multiple response actions to protect data before it leaves the organization.
  • Protect SAAS collaboration suites such as OneDrive, Google Drive, Teams, Share Point, Slack, Box and more, from Malicious URLs, infected files, and data loss prevention (DLP).

 

About Check Point Software Technologies Ltd.

Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to corporate enterprises and governments globally.  Check Point Infinity´s portfolio of solutions protects enterprises and public organizations from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other threats. Infinity comprises three core pillars delivering uncompromised security and generation V threat prevention across enterprise environments: Check Point Harmony, for remote users; Check Point CloudGuard, to automatically secure clouds; and Check Point Quantum, to protect network perimeters and datacenters, all controlled by the industry’s most comprehensive, intuitive unified security management. Check Point protects over 100,000 organizations of all sizes.

 

About Avanan

Avanan has defined the cutting edge of email security with its patented inline protection and innovative machine learning since its founding in 2015. Avanan is committed to continuous innovation and to define the future of email and collaboration security. Over 5,000 customers use Avanan technology. Industry reviews like Gartner, position Avanan a leader in email security.

News

Securing the hybrid data centre

Written by Ian Porteous, Regional Director, Security Engineering, UK&I at Check Point Software Technologies

Against the backdrop of the rise of the remote workforce and the growing prevalence of sophisticated attacks such as ransomware, zero day malware and supply chain attacks, CISOs have been forced to rethink their security architecture. Today, with the need for distributed applications to support their business and security needs, organisations are leveraging hybrid data centres and security architectures.

A hybrid data centre combines on-premise and cloud-based infrastructure with orchestration that allows data and applications to be shared between them over the network, enabling organisations to experience the capabilities and benefits of both. Hybrid data centres span public and private clouds and on-premise environments, and organisations that have adopted this approach need to ensure cybersecurity resilience, security visibility and ease of security management across the entire architecture.

 

No longer just the data centre, but also the cloud

Ultimately, the differing natures of the on-premise data centre and cloud means that organisations need to ensure security and operational parity across the entire architecture. When organisations have their own data centre architecture, it means this has been developed over a long period of time and the security controls they have in place are mature and work very well. However, when they move inside the public cloud, teams need to be aware of the shared responsibility model when it comes to securing assets. While cloud providers may provide some degree of security and have performance agreements offering some shared culpability, at the end of the day, organisations are still responsible for the data, and cannot be absolved from legal or other ramifications in the event of a cybersecurity incident.

Migrating services very quickly to the cloud can also invariably create a less resilient environment because of the specific security requirements of the cloud. Even a minute change made by the provider or the organization can affect its security posture. For example, when a business creates a data base server instance in the cloud that has direct access to the Internet, this puts the data at risk of exposure. Cloud security posture management is key, and having visibility into where the data is residing and the traffic crossing the cloud environment is important.

 

Effectively securing the hybrid data centre

So what should organisations consider when looking at solutions to secure their hybrid data centre? Here are six factors to take into consideration:

  • Security for hybrid data centers must be unified and offer a single interface for monitoring and managing the security of multi-cloud and on-premises assets.
  • As organizations adopt DevOps, they need security that can keep pace. This requires support for automation, including integration with CI/CD pipelines, programmatic management, automated incident response workflows, and dynamic updates that eliminate the need for humans in the loop.
  • Hybrid data centers are complex ecosystems, requiring deep and granular visibility and security management. Securing these environments requires the ability to perform in-depth traffic inspection including tailored threat intelligence, content, code and image analysis, monitoring user and app interactions, configuration changes and other account activity.
  • Cloud environments provide access to dynamic and flexible infrastructure. Securing hybrid data centers requires solutions that can grow with the needs of the business.
  • Data centers offer high availability and redundancy to support business functions. Security must provide the same guarantees to minimize disruption to operations.
  • Hybrid data center security solutions should ingest data from across the entire environment and use it to develop adaptive and context-aware security policies that ensure consistent security across the board. These policies should adapt dynamically to reflect changing configurations of the data center’s infrastructure minimizing the need for manual change controls where possible.

 

The modern data center and network require the flexibility of a hybrid cloud security architecture that uses automation and artificial intelligence (AI) to scale threat prevention performance on demand on premise and in the cloud, with a simplified and unified management system. Organisations should adopt a security framework that encapsulate as many security layers as possible, to reduce the possible attack or intrusion surfaces from threat actors, and to afford effective resilience actions whenever security policies are breached.