sb-eu logo
Story image

Check Point launches cloud security analytics solution

13 Jun 2019

Cybersecurity solutions provider Check Point has announced the release of CloudGuard Log.ic, a solution which delivers cloud-native threat protection and security intelligence.

Using CloudGuard Log.ic, customers can see every data flow and audit trail in elastic cloud environments and make sense of cloud data and activities to expedite forensic investigation processes.

CloudGuard Log.ic detects cloud anomalies, blocks threats and intrusions, and delivers context-rich visualisations to enable investigations into security incidents in public cloud infrastructures such as AWS.

Log.ic joins Check Point’s CloudGuard family of cloud security products.

An upcoming cloud security survey conducted for Check Point by CyberSecurity Insiders found that the biggest operational cloud security headaches IT organisations struggle with are compliance (34%) and lack of visibility into infrastructure security (33%). 

While a majority of organisations say their cloud instances have not been hacked (54%), 25% did not know whether they had been breached or not.

15% of organisations confirmed they had experienced at least one cloud security incident.

At the heart of CloudGuard Log.ic is an enrichment engine that collates data from a variety of sources including VPC Flow Logs and AWS CloudTrail, to build contextual awareness of security in public cloud environments. 

Security and DevOps teams can now use this turnkey solution to expedite incident response and threat hunting, review security policies and enforce them across multiple accounts.

CloudGuard Log.ic can also integrate with third-party SIEM solutions, such as Splunk and ArcSight.

“One of the key differences in cloud environments is the ephemeral nature of elements,” says 451 Research market research firm Fernando Montenegro.

“As workloads and instances of virtual machines, containers or serverless functions execute, information that used to be considered static, such as IP addresses, can no longer be relied upon.

“We definitely see a need for newer security tooling that understands the new concepts natively and enriches information from flow logs, load balancers, and other cloud-native components.

“As a result, IT gets a more detailed view of events at runtime, allowing for a more precise understanding of the environment as well as stricter enforcement of security rules.” 

Some of CloudGuard Log.ic’s features include:

  • Advanced threat prevention via integration with Check Point’s ThreatCloud intelligence feeds of malicious IPs.
  • Easy creation of customised alerts triggered by suspicious network and user activity, compliance violations and security misconfigurations.
  • Attribution assigned to users, groups and roles, is analysed to track even federated events, as configuration changes are tracked and correlated to the individual or role.
  • Reporting on significant events, statistics and traffic can be defined and scheduled for direct reports in email and various ITMS tools, such as ServiceNow, PagerDuty, Jira, etc.
  • CloudBots auto-remediation functions can be used to automatically act on specific alerts of malicious activity and to automate further steps such as quarantining or tagging for further investigation.

“CloudGuard Log.ic provides our enterprise customers with visibility and context into all activity within their cloud environment, combined with feeds that identify malicious intent or intrusion detection to prevent Gen V cybersecurity attacks,” says Check Point software technologies product management and marketing VP Itai Greenberg.

Story image
Gartner predicts 75% of CEOs to be liable for cyber-physical security incidents by 2024
The nature of CPSs means incidents can quickly lead to physical harm to people, destruction of property or environmental disasters – and Gartner’s new research indicates that these incidents will increase drastically in the next few years if the lack of spending on these assets continues.More
Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More
Story image
Is cyber deception the latest SOC 'game changer'?
Cyber deception reduces data breach costs by more than 51% and Security Operations Centre (SOC) inefficiencies by 32%, according to a new research report by Attivo Networks and Kevin Fiscus of Deceptive Defense.More
Story image
Sophos named mobile security Leader in IDC MarketScape
Sophos Intercept X for Mobile has capabilities in protecting Android, iOS and Chrome OS users from known and never before seen mobile threats.More
Story image
Yubico launches latest YubiKey with NFC & USB-C support
Yubico has released a new hardware authentication key, designed to provide security through both near-field communication (NFC) and USB-C connections and smart card support.More
Story image
Cryptomining trojan malware discovered by ESET researchers
The malware, primarily targeting victims in Czechia and Slovakia, prioritises subterfuge through deployment of multiple techniques to avoid detection, and leans heavily on the Tor network and BitTorrent protocol to achieve its goals.More