Check Point Software Releases New Security Analytics Solution
Check Point Software Technologies has released CloudGuard Log.ic – a solution which delivers cloud-native threat protection and security intelligence. Log.ic joins Check Point’s CloudGuard family of cloud security products.
With the latest offering, customers can now see every data flow and audit trail in today’s elastic cloud environments, and make sense of cloud data and activities to expedite forensic investigation processes.
CloudGuard Log.ic effectively detects cloud anomalies, blocks threats, and intrusions, and delivers context-rich visualization to enable thorough investigations into security incidents in public cloud infrastructures such as AWS.
At the heart of CloudGuard Log.ic is an enrichment engine that collates data from a variety of sources including VPC Flow Logs and AWS CloudTrail, to build contextual awareness of security in public cloud environments. Security and DevOps teams can now use this turnkey solution to expedite incident response and threat hunting, review security policies and enforce them across multiple accounts. The solution can also integrate with third-party SIEM solutions, such as Splunk and ArcSight.
Few of the Key Features of CloudGuard Log.ic’s include:
- Advanced threat prevention via integration with Check Point’s industry-leading ThreatCloud intelligence feeds of malicious IPs.
- Easy creation of customized alerts triggered by suspicious network and user activity, compliance violations and security misconfigurations.
- Attribution assigned to users, groups, and roles, is analyzed to track even federated events, as configuration changes are tracked and correlated to the individual or role.
- Reporting on significant events, statistics and traffic can be defined and scheduled for direct reports in email and various ITMS tools, such as ServiceNow, PagerDuty, Jira, etc.
- CloudBots auto-remediation functions can be used to automatically act on specific alerts of malicious activity and to automate further steps such as quarantining or tagging for further investigation.
“CloudGuard Log.ic provides our enterprise customers with powerful visibility and context into all activity within their cloud environment, combined with feeds that identify malicious intent or intrusion detection to prevent mega Gen V cybersecurity attacks,” said Itai Greenberg, VP Product Management and Marketing, Check Point Software Technologies.
CloudGuard Log.ic is available immediately,
For more information: Click here.