Check Point presents its cloud posture management solution “CloudGuard Posture Management”, which deals with analyzing and managing cloud security and compliance, providing problem resolution.
The solution, proposed by the Israeli company leader in the world of cyber security and specialized in the development of technologies, is highly scalable and can be used on multiple projects within the cluod environment. Today we will know more about the peculiarities of this solution and future trends.
1) What is the need for this solution?
The reality of the cloud environments currently in use by companies sees the coexistence of very different types of services: Infrastructure as a Service, Platform as a Service and Function as a Service. Each solution creates countless challenges with respect to the safety of these environments, the security posture and possible misconfigurations which, to date, represent a real threat. In fact, an important percentage of successful attacks on cloud services is due precisely to incorrect configurations and poor management of the same. Thanks to the CloudGuard Posture Management solution, it is possible to view and evaluate security posture, detect incorrect configurations, automate and actively apply best practices to protect and prevent attacks and threats to cloud environments.
2) what is the functioning of the solution that combines threat intelligence feeds and AI?
The Threat Intelligence component, within the CloudGuard platform, allows you to import logs from cloud environments (with respect to audit and traffic activities). CloudGuard analyzes these logs by enriching them with information about entities within the cloud and integrating them with Check Point's Threat Cloud IOCs. This allows you to detect suspicious connections such as outbound and inbound traffic.
3) How does the solution interact with the rest of the security infrastructure, such as firewalls and more?
The CloudGuard platform, thanks to the use of cloud provider APIs, imports metadata based on how each asset is configured. With this information, the solution is able to create dynamic views that highlight the exposure and communications allowed within a virtual network between the various assets that are part of it.
4) How does remediation happen in cloud projects?
The platform can perform automatic remediation through CloudBots. These are serverless components (Function as a Service) that act within the controlled cloud account and that can correct missing or misconfigured settings. These can be invoked by CloudGuard when a security check fails in order to implement an ongoing compliance system.
5) What are the advantages of the solution for a company?
CloudGuard Posture Management automates the governance of assets and services in a multi-cloud perspective, through the visualization and evaluation of the security posture, the detection of incorrect configurations and the verification of the compliance of environments with regulatory standards such as GDPR, HIPAA, etc.
This allows you to manage the security of cloud environments in a single platform providing a single point of observation with respect to the security of all the cloud environments of a company.
6) Who are the customers to whom this solution is addressed?
Check Point's CloudGuard platform is a solution delivered in SaaS mode, making it easily deployable in environments and businesses of all sizes. Thanks to the multi-cloud approach, it is possible to manage different types of environments, including Amazon Web Services / Microsoft Azure / Google Cloud Platform / Alibaba and Kubernetes. These features make it the ideal solution for those who currently use the different types of services offered by Cloud Service Providers.
7) Three reasons for choosing CloudGuard Posture Management?
The Check Point platform in which the Posture Management component is located, also allows the implementation of Threat intelligence and Workload Protection tools within the same management console. An integral part of the solution is Governance Specification Language (GSL) which allows companies to define their own posture management rules through a single syntax applicable to any cloud environment. To import your cloud accounts within the Cloud Security Posture Management platform it will not be necessary to provide elements external to your environment with write access, as the solution will integrate via API with read-only permissions.
8) How does Check Point see the future of the cloud in cyber security?
The adoption of the cloud by companies is constantly growing, which is why these infrastructures are increasingly becoming critical assets. This transition will increasingly lead to the adoption of security control solutions within these environments and the services exposed, as a configuration problem in this context can immediately translate into an infrastructure vulnerability that can be exploited by a striker. For this reason, Check Point believes that security within the cloud can be considered a cornerstone for the correct use of these technologies.