Check Point has announced the general availability of CloudGuard SaaS, an industry-first cloud suite designed to prevent sophisticated security threats that target SaaS applications.
One of the latest additions to Check Point’s CloudGuard portfolio of cloud security products, CloudGuard SaaS protects enterprises that use SaaS applications and cloud-based email (including Office 365, GSuite and OneDrive), and prevents targeted attacks intended to steal sensitive data.
Addressing advanced SaaS threats, CloudGuard SaaS provides 360-degree protection against malware and zero-days, phishing attacks, as well as employee account takeovers. Additionally, it can discover unsanctioned use of SaaS applications and prevent data leakage, while providing instant threat visibility.
“In today’s fifth-generation cyberattack landscape, it’s crucial to implement technology equipped to take on more threats on business cloud applications,” said Itai Greenberg, VP of Product Management at Check Point Software Technologies. “Businesses generally turn to solutions in the cloud access security broker domain, which offer visibility and data leakage protection. CloudGuard SaaS goes beyond CASB capabilities. It’s designed to prevent the most common attacks on SaaS applications, providing peace of mind to enterprises.”
According to Jay Heiser, Research VP, Analyst at Gartner: “CIOs should work with security and risk managers to create and follow a comprehensive and continuous approach for the controlled use of SaaS, or they will fail to meet business goals, resulting in unnecessary losses or incidents.”
CloudGuard SaaS is an essential solution that equips businesses with the necessary preventive security for a multitude of enterprise SaaS applications within minutes.
“Businesses today face potential cyberattacks occurring from multiple vectors, including SaaS-based applications. Products like Check Point CloudGuard SaaS can help enterprises looking to protect themselves from attacks of different levels – from phishing to zero-day compromises,” said Jon Oltsik, Senior Principal Analyst at the analyst firm ESG.
Superior threat prevention against malware and zero-days: CloudGuard SaaS is the most effective breach prevention solution for malware and zero-day attacks on SaaS applications, leveraging Check Point’s industry-leading SandBlast technology. SandBlast scored a 100% block rate and highest evasion testing with NSS Labs, a globally recognised trusted source for independent, fact-based cybersecurity testing. By leveraging these capabilities, CloudGuard SaaS protects email attachments and file downloads on file hosting services and collaboration tools. CloudGuard SaaS blocks zero-day threats before they reach users and delivers safe content in seconds, using advanced threat emulation and extraction technology.
Innovative technology stops account takeovers: CloudGuard SaaS blocks SaaS account takeovers by preventing unauthorised users from logging in, even if the device is already compromised. Using its new ID-Guard technology, CloudGuard SaaS identifies fraudulent access by finding bad logins and centralising multi-factor authentication. In addition, CloudGuard SaaS can authenticate users in any SaaS application on any device – mobile or PC.
Total phishing protection: CloudGuard SaaS prevents more phishing attacks than standard email services by leveraging artificial intelligence engines. It can stop sophisticated phishing attacks, spear-phishing, and email spoofing that may bypass other solutions. Malicious email content can also be blocked with high-precision certainty
Check Point integrates with new Amazon Web Services Security Hub
Check Point has also announced a technology integration with Amazon Web Services (AWS) Security Hub, a unified security service, which centralises view and management for security alerts. This integration, together with the addition of Dome9 to the CloudGuard portfolio, following its recent acquisition by Check Point, allows enterprises to access multi-layered security and nearly continuous compliance capabilities from the central console of AWS Security Hub.
By leveraging AWS Security Hub, Check Point can provide a nearly seamless experience to customers in providing additional protection to their AWS environments against advanced cyberthreats in real time and mitigating compliance risks at any scale.
AWS Security Hub provides users with a comprehensive view of their high-priority security alerts and compliance status by aggregating, organising and prioritising alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector and Amazon Macie as well as from AWS Partner Network (APN) security solutions. The findings are then visually summarised on integrated dashboards with actionable graphs and tables.
The Check Point CloudGuard solution natively integrates with AWS Security Hub to provide customers with better visibility into gaps in their security and compliance posture, and context-rich security intelligence for enhanced threat prevention. CloudGuard IaaS adds contextual information such as asset tags, security groups and availability zones to dynamically update security policies and provide AWS Security Hub with visibility into threat alerts based on deep event correlation and rule-based cloud intrusion detection. To complete the picture, customers leveraging the CloudGuard Dome9 solution can analyse and respond to events triggered by its sophisticated nearly continuous compliance and governance framework.
Enterprises using it benefit from powerful features that prevent fifth generation cyberattacks in their hybrid environments. These features include:
- Threat prevention of both North-South and East-West cyberattacks based on contextual awareness and attribution of network traffic to cloud-native ephemeral services
- Real-time alerts on network vulnerabilities, with nearly continuous network monitoring and alerting based on easily customisable policies
- Comprehensive visibility into cloud assets and security configurations
- Nearly continuous compliance monitoring and enforcement of security posture
- Fully integrated security capabilities, including firewall, IPS, application control, IPsec VPN, antivirus, anti-bot and more
- Unified management of security policies across hybrid environments (data centre, private and public clouds)
“AWS is a leader among cloud services providers, delivering powerful security capabilities that help enterprises deploy and manage cloud environments with enhanced security features at scale,” said Itai Greenberg, Vice President of Product Management at Check Point Security. “Check Point has been at the forefront of cloud security automation solutions that have built deep integrations with a broad range of AWS security services. We are privileged to offer integration with AWS Security Hub to deliver comprehensive visibility into ongoing security and compliance risks, and end-to-end workflows to mitigate risks.”
“We are happy to have Check Point as a launch APN Partner integrating the CloudGuard IaaS solution with AWS Security Hub,” said Dan Plastina, Vice President, Security Services, Amazon Web Services, Inc. “Check Point offers advanced threat prevention capabilities to AWS customers. The integration with support for AWS Security Hub makes it even easier for our shared customers to access and act on their cloud security insights.”