Check Point® Software Technologies Ltd., a leading provider of cybersecurity solutions globally, has expanded the capabilities of its unified Cloud Native Security Platform, to deliver application-first workload protection with Check Point CloudGuard Workload Protection. This fully automated cloud workload security solution empowers security teams with tools to automate security across applications, Application Programming Interfaces (APIs) and microservices from development to runtime via a single interface.
As the COVID-19 pandemic forced enterprises to transition to the new ‘work from anywhere’ environment, cloud became a natural progression for organisations looking to enable their remote workers quickly. As more organisations are still migrating to the cloud in parallel to undergoing the “shift-left” organisational change, security teams find themselves with multiple platforms to manage. These platforms provide neither the visibility nor the ability to protect the rapidly growing cloud workload deployments. In fact, according to a recent survey, 68% of enterprises regard the misconfiguration of cloud assets as one of the biggest contributors to cloud security threats.
“By unifying essential cloud security capabilities, Check Point’s CloudGuard platform is meeting a central requirement revealed from ESG’s annual cloud-native security research study, a strong preference for a consolidated set of controls based on an integrated platform. The fully automated approach of the CloudGuard platform reflects another central finding from our research, automating the introduction of controls and processes via integration with the continuous integration and continuous (CI/CD) tools employed by DevOps,” said Doug Cahill, Vice President, Analyst Services and Senior Analyst, Enterprise Strategy Group.
Application-first approach to automated workload protection
CloudGuard takes an “application-first” approach to workload protection with cloud native automated web application and API protection. Key features and benefits include:
- Unified and automated approach reduces the complexity and risks of securing cloud applications and workloads with end-to-end protection for all applications and microservices on a single, cloud native-platform.
- Microservice protection ensures zero trust and the highest level of threat detection across the entire environment by automatically profiling and enforcing function and container behaviour with threat prevention in runtime.
- “Shift-left” tool ensures container and serverless functions are scanning from build by automatically assessing configuration risks and generating least privilege access control across these functions.
- CI/CD tools for central control: automates security from build and at the registry stage.
“CloudGuard significantly helps us to improve and automate our overall cloud security posture,” explained Leonardo Amor and Darwin Ochoa, CISO office, Telefonica Tech. “This cloud native solution allows us to visualise and control our security posture, and conform to regulatory requirements and security best practices automatically, and therefore our team can actively enforce security best practices, and protect us against identity theft and data loss in the cloud.”
“To protect cloud native applications, organisations need to implement cloud born solutions that can keep up with the speed of DevOps,” said TJ Gonen, Head of Cloud Product Line, at Check Point Software. “Check Point´s strategy is to help organisations secure their most critical workloads with a unified platform. Check Point CloudGuard is designed to address the challenges that come with cloud computing and automate all aspects of application and workload security.”
Check Point CloudGuard has expanded to include container security, which completes the cloud native Workload Protection suite. The combination of AppSec, threat intelligence & threat hunting, high fidelity posture management, combined with runtime protection and admission control for containers and serverless functions, makes Check Point CloudGuard the most complete, automated, cloud native workload protection offering in the market.