The integration between Amazon Security Hub and Check Point CloudGuard provides a seamless experience to customers in protecting their AWS environments against advanced cyber-threats and mitigating compliance risks at any scale. This integration, together with the addition of Dome9 to the CloudGuard portfolio, enables security admins to have a complete snapshot of their security and compliance posture as well as visibility into threat alerts from a central console of Amazon Security Hub.

 

CloudGuard IaaS

 

CloudGuard IaaS adds contextual information such as asset tags, security groups and availability zones to dynamically update security policies. CloudGuard IaaS also actively monitors for both north-south and east-west cyber-attacks as well as network vulnerabilities and feeds these threat alerts into the console. These findings are driven by the platform’s Next Generation Threat Prevention and Extraction capabilities that include: Firewall, IPS,, application control, IPsec VPN, antivirus, and anti-bot capabilities.

 

CloudGuard Dome9

 

CloudGuard Dome9 allows customers to automatically assess their cloud environments against regulatory standards and security best practices. They can use pre-packaged test suites that check for compliance against regulatory standards or security best practices, or they can easily create their own test suites that capture their organization’s unique requirements.

 

 

One of the core features of the platform is a powerful, expressive language for specifying security policies, called the Governance Specification Language (GSL). Using GSL, customers are able to create human-readable and machine-enforceable policies that capture security and governance requirements.

 

 

The CloudGuard Dome9 platform offers continuous compliance capabilities that automatically run assessments on an ongoing basis and report on new violations. A compliance assessment creates a scorecard like the below:

 

 

AWS Security Hub Integration

Check Point CloudGuard natively integrates via an API to display findings that are easily consumable from within the Security Hub. In the example below, you can see how CloudGuard IaaS findings are represented in the Security Hub:

 

With the addition of Dome9, the CloudGuard platform provides two main uses cases for customers.

 

First, security teams can analyze and respond to events triggered by CloudGuard’s continuous compliance and governance framework. This provides AWS customers with better visibility into gaps in their security and compliance posture.

 

Second, admins can also accelerate intrusion detection and gain visibility into network activity alerts based on deep event correlation and rule-based cloud intrusion detection. This is based on contextual awareness of the cloud environment and attribution of network traffic and API activity to cloud-native ephemeral services

 

Checkpoint CloudGuard IaaS platform offers a comprehensive security solution for AWS environments. CloudGuard IaaS provides a unified management pane for policy enforcement across cloud and on-prem environments. With Dome9, it also extends as a security orchestration platform that offers visibility and management into the security posture, compliance automation and intrusion detection in the public cloud.

 

Check Point has been a proud AWS partner, and now we look forward to strengthening our partnership with richer integrations with AWS Security Hub.

For further details, please visit: https://www.checkpoint.com/products/iaas-public-cloud-security/

You may also like