CloudGuard Log.ic integrates with Amazon Detective to provide rich, context-based cloud security intelligence and enhanced traffic inspection capabilities to customers
Check Point Software Technologies Ltd. announced the integration of CloudGuard Log.ic with Amazon Detective, a security service from Amazon Web Services (AWS) that is designed to easily analyse, investigate, and quickly identify the root cause of security findings or suspicious activities. CloudGuard Log.ic complements Amazon Detective by delivering cloud security intelligence, analytics, and simplified visualisation of potential security incidents to customers.
Today, security professionals struggle to establish context to a security incident in the cloud, especially when associated incident data is disparate and large-scale. According to a recent IBM Security Report, conducted by Ponemon Institute, the average time it takes to detect a cybersecurity incident in 2019 is 206 days, and an additional 73 days to contain a breach, if one occurs. Together, Amazon Detective and CloudGuard Log.ic are constructed to help improve incident response times by delivering meaningful context via a graphical representation of a customer’s security posture and cloud attack surface. As an example, a security professional can use Amazon Detective and ClougGuard Log.ic to visualise abnormal behavior by an adversary attempting to access sensitive data in the cloud.
Through Check Point CloudGuard Log.ic’s automated machine learning capabilities and Amazon Detective’s threat hunting capabilities, customers can now gain important alerts on cloud traffic compliance issues and violations and scale investigations by providing context that helps enrich the incident response process.
“Amazon Detective and CloudGuard Log.ic are designed to enable customers to accelerate the detection of some of the most serious security issues in the cloud,” said Zohar Alon, Head of Cloud Product Line at Check Point Software Technologies. “The integration leverages machine learning to help incident responders bring quick and meaningful logic to a potential risk in their cloud environment.”
“We’re delighted to be working with Check Point Cloud Guard Log.ic,” said Dan Plastina, Vice President, Security Services, Amazon Web Services, Inc. “With this integration, security professionals can further complement the management of their cloud security posture and gain insight into potential cybersecurity attacks in the cloud. Now, customers can gain a more complete view of the threat landscape, while drastically improving incident response times in the cloud.”
Furthermore, the integration between CloudGuard IaaS and Amazon VPC Ingress Routing, which was announced at AWS re:Invent 2019 this week, helps improve customers’ flexibility to control traffic flow and inspection.