With RSA 2018 kicking off today in San Francisco, we’re excited to announce that the CloudPassage and Check Point integration will be showcased at our booth (N 3635). With dynamically-applied, finely-tuned sets of protection, this integration enables cloud security that meshes with the cloud’s agility and dynamism.
The same principles used to protect physical networks – concepts like the principle of least privilege and defense-in-depth, for example – also apply to protecting the cloud. But the cloud has a very important distinction from physical networks: the cloud is far more automated, and thus, our cloud security solutions need to evolve and “behave” more like the native cloud services that they’re protecting.
At the same time, migrating to public cloud environments means you no longer own, manage, or maintain the underlying network infrastructure anymore. Consequentially, security now becomes a shared responsibility. On the surface, that means the cloud service provider (CSP) is responsible for a portion of the security and the customer is responsible for the remainder. The responsibility lines are well defined between infrastructure protections (incumbent upon the CSP) and just about anything else (incumbent upon the customer).
However, digging in a bit deeper, it also means that customers need to consider the third-party solutions they choose for their side of the shared responsibility model. Specialized products are helpful for specific tasks, but modern threats require a greater degree of coordination and contextual sharing among all parties involved – from infrastructure to security vendors – to identify and block today’s multi-vector cyber-attacks.
Thus, it’s imperative to consider how the shared responsibility model should also include third-party security solutions. Most notably, solutions that leverage open APIs for enhanced integrations, support a variety of cloud environments and provide relevant context about threats, users, configurations and more. If agile and automated security that delivers a greater overall sum than the individual parts is important to your organization, Check Point and CloudPassage should be on your short list.
CloudPassage has been a leading innovator in cloud security automation and compliance monitoring for high-performance application development and deployment environments. Their flagship security automation platform, CloudPassage Halo, automates workload security and compliance from development to deployment across clouds, servers, and containers – at speed and scale. Halo instruments a broad set of security controls to secure all types of servers and workloads including virtual machines and containers as well as public and hybrid clouds (AWS, Azure, Google Compute Engine, etc.).
Likewise, Check Point CloudGuard IaaS brings comprehensive threat prevention security, access, identity, strong authentication, compliance reporting and multi-cloud connectivity to public and hybrid cloud environments. CloudGuard IaaS seamlessly integrates with leading cloud platforms and orchestration tools allowing it to be deployed in minutes while supporting dynamic security policies and elastic scalability. These powerful capabilities allow customers to grow their cloud security elastically while keeping aligned with the changing capacity requirements of dynamic environments.
Individually, Check Point and CloudPassage provide robust protections in their respective domains, but together the solutions do much more. Using RESTful APIs, CloudPassage Halo integrates with Check Point CloudGuard IaaS to share common vulnerability and exposure (CVE) lists about workloads, server configurations and other contextual data. These CVE lists are absorbed by Check Point to fine-tune the protection profiles of CloudGuard IaaS gateways. This tight integration dramatically reduces false positives, increases threat visibility and greatly improves the performance of the gateway, thus helping the cloud environment to perform better as well.
Come see this integration for yourself – we hope to see you at N3635!