30 Nov 2018

Check Point announces a technology integration with Amazon Web Services (AWS) Security Hub, a unified security service, which centralises view and management for security alerts. This integration, together with the addition of Dome9 to the CloudGuard portfolio, following its recent acquisition by Check Point, allows enterprises to access multi-layered security and nearly continuous compliance capabilities from the central console of AWS Security Hub.

By leveraging AWS Security Hub, Check Point can provide a nearly seamless experience to customers in providing additional protection to their AWS environments against advanced cyber-threats in real time and mitigating compliance risks at any scale.

Enhanced threat prevention

CloudGuard IaaS adds contextual information such as asset tags, security groups and availability zones to dynamically update security policies

AWS Security Hub provides users with a comprehensive view of their high-priority security alerts and compliance status by aggregating, organising, and prioritising alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie as well as from AWS Partner Network (APN) security solutions. The findings are then visually summarised on integrated dashboards with actionable graphs and tables.

The Check Point CloudGuard solution natively integrates with AWS Security Hub to provide customers with better visibility into gaps in their security and compliance posture, and context-rich security intelligence for enhanced threat prevention. CloudGuard IaaS adds contextual information such as asset tags, security groups and availability zones to dynamically update security policies and provide AWS Security Hub with visibility into threat alerts based on deep event correlation and rule-based cloud intrusion detection. To complete the picture, customers leveraging the CloudGuard Dome9 solution can analyse and respond to events triggered by its sophisticated nearly continuous compliance and governance framework.

Continuous network monitoring

Enterprises using it benefit from powerful features that prevent 5th generation cyber-attacks in their hybrid environments. These features include:

  • Threat prevention of both North-South and East-West cyber-attacks based on contextual awareness and attribution of network traffic to cloud-native ephemeral services
  • Real-time alerts on network vulnerabilities, with nearly continuous network monitoring and alerting based on easily customisable policies
  • Comprehensive visibility into cloud assets and security configurations
  • Nearly continuous compliance monitoring and enforcement of security posture
  • Fully integrated security capabilities, including firewall, IPS, application control, IPsec VPN, antivirus, anti-bot and more
  • Unified management of security policies across hybrid environments (datacenter, private and public clouds)

Manage cloud environments

Check Point has been at the forefront of cloud security automation solutions that have built deep integrations with a broad range of AWS security services"

AWS is a leader among cloud services providers, delivering powerful security capabilities that help enterprises deploy and manage cloud environments with enhanced security features at scale,” says Itai Greenberg, Vice President of Product Management at Check Point Security.

Check Point has been at the forefront of cloud security automation solutions that have built deep integrations with a broad range of AWS security services. We are privileged to offer integration with AWS Security Hub to deliver comprehensive visibility into ongoing security and compliance risks, and end-to-end workflows to mitigate risks.”

We are happy to have Check Point as a launch APN Partner integrating the CloudGuard IaaS solution with AWS Security Hub,” said Dan Plastina, Vice President, Security Services, Amazon Web Services, Inc. “Check Point offers advanced threat prevention capabilities to AWS customers. The integration with support for AWS Security Hub makes it even easier for our shared customers to access and act on their cloud security insights.”