Check Point’s annual cybersecurity event focuses on the power of artificial intelligence

The company unveiled dozens of new security tools and services to detect and prevent malware, phishing, ransomware and other attacks, but AI took center stage.

Artificial intelligence in the service of security was the main focus of global cyber security company Check Point’s annual customer presentation, CPX 360 2023. In addition to dozens of new products and services, including Quantum SD-WAN and an expanded cyber attack prevention platform covering network, endpoint, email and more, the event showcased Check Point’s ThreatCloud AI generative AI framework.

SEE: Artificial Intelligence: Apply AI in 5 instances (TechRepublic)

The global conference, anchored in NYC and held concurrently in Toronto, Chicago, Denver, Miami and Bogotá, included a panel on ChatGPT, which also explored ChatGPT as a tool to reduce the limits of attackers, and an increasingly important tool in quick defense. tactics.

Jump:

Artificial intelligence provides an all-encompassing approach to security

During the opening keynote, Gil Shwed, the company’s founder and CEO, called the year 2023 the turning point of AI as a security tool (Figure A).

Figure A

“We are on the cusp of an artificial intelligence revolution,” Shwed said in the opening keynote. “We’ve all been working on it for over ten years, and you can see that more than half of our threat engines today are artificial intelligence.”

Eyal Manor, VP of Product Management, introduced the company’s “three Cs” mantra – comprehensive, consolidated and collaborative – and how its portfolio of services and technologies aligns with them for security prevention and detection.

SEE: Check Point vs Palo Alto: Compare EDR Software (TechRepublic)

“Partners have fewer resources and have to do more with less,” he said. “Last year proved to us that for the best security, we must not only detect threats, but also protect the organization. Perception is not enough.”

New “Horizon” for all SOCs

The company that pioneered a comprehensive approach to prevention last year, Horizon, this year introduced Horizon XDR/XPR, which it calls an industry-first AI-driven extended detection, protection and response framework that can address all fronts complex attacks. .

Dan Wiley, Head of Threat Management and Chief Security Advisor at Check Point, pointed out that the tools needed to run a traditional SOC are quite broad, requiring a SIM card or data lake to store the data, intelligence to explain the data, orchestration, ticketing. systems and a team of IT people to cover the clock.

“That last point is where many organizations fall short because they can’t afford the 12 to 14 people to run a 24/7 365 SOC,” Wiley said. “With Horizon, within the Check Point ecosystem, our goal is to put all of the above into one layer that you can consume with a single click, because all of these elements are baked into it.”

According to Wiley, the integration of generative artificial intelligence (ThreatCloud AI) with other services under the Horizon umbrella enables real-time feedback for detection and prevention (Figure B).

Figure B

“What we’re trying to do is aggressively drive the story of prevention with detection, but in a novel way through our AI engines,” Wiley said. “This ‘hive-mind’ approach allows us to get to the bottom of prevention more quickly. Its main goal is to distribute knowledge and make it available to all our abilities in a scalable way.”

Wiley explained that the company began building systems that automate delivery, consumption and automation through neural networks and artificial intelligence seven years ago.

“We now have up to 40 unusual engines around AI,” he said. “We can automate in several areas.”

One stitch saves millions in time

During the event, in an impromptu presentation, Yoav Chelouche, managing partner of Aviv Venture Capital, gave a primer on security based on his own company’s experience with ransomware that brought down the company and cost them millions.

“We had a low target profile, no consumer record with credit cards,” he said. “Who would bother to attack us?”

He described the company’s CEO calling him around midnight to say that the entire operation had shut down.

“Ransom has an hour,” Chelouche said. “Time has a price. The ransom is increasing, but the first task is to determine if the actors are credible. Do we know that these guys are the people who are going to bring us back to the Internet?”

In retrospect, it offered two lessons in “stitch in time”: The perception of risk is lower than the actual risk; prepare for much worse than you expect because it is much cheaper to prepare than to fix.

Learn the key elements of security and prevention by expanding your knowledge of Infosec4TC. Check out TechRepublic Academy’s unlimited access courses on GSEC, CISSP, and more.