CPX23_Moti_2nd_best_sec_will_get_u_breached_v11.pdf

1
©2023 Check Point Software Technologies Ltd.
Moti Sagey | Check Point’s Chief Evangelist
Why Second-best Security
Will Get You Breached

2
TELECOM
AUTOMOTIVE
PUBLIC WEB
SMART HOMES HEALTHCARE
BANKING
REMOTE WORK
MANUFACTURING
CLOUD

3
But Every day, in the news
A continuous wave of Gen V attacks
IT WASN’T.
At companies
who thought their
security was
good enough.

4
“We should prepare for a COVID-like
global cyber pandemic that will spread
faster and further than a biological
virus, with an equal or greater economic
impact.”

5
Ransomware
APT
SW vulnerabilities
Supply chain
*According to ThreatCloud
Every month
10’s of millions of attacks
400K zero days*
THREAT LANDSCAPE IS EXCEPTIONALLY DANGEROUS
Colonial
Pipeline
May
Following
Microsoft
Exchange
Server
Codecov
Apr
2021
APOMacro
Sploit
APT34
Feb
Kaseya /
REvil
Jul
JBS
Jun
Mar
Microsoft
Exchange
Server
Nov
MediaTek
Crypto
wallet
campaign
Oct
OpenSea
NFT
Aug
Iranian
Railway
Nation state
Memorial
Health
System
Sep
PixStealer
Log4j
Dec Jan
OKTA /
Lapsus$
Mar
Spring4Shell
MediaTek
ALHACK
Apr
2022
Iran’s State
Broadcaster
Feb
Conti
group
Twisted
Panda
May
Uber
Jul Aug
Google
Translate
crypto miner
Nation state
Shields
Health Care
Group
Jun
Costa Rica
Social Security
Nov
Oct
Text4Shell
Sep
Rockstar
Games
GTA6
“For the imagination of man’s heart is evil from his youth” (Genesis)

6
“SECOND BEST”
WILL GET YOU
BREACHED
WHEN IT COMES TO
CYBER SECURITY,

7

8
THE
CHALLENGE
EVERY VENDOR WILL TELL YOU
THEY HAVE THE BEST SECURITY
IN GOD WE TRUST,
ALL OTHERS MUST
BRING DATA”
“
W.E DEMING

9
AND ONLY ONE VENDOR DELIVERS
THE BEST SECURITY TO PROTECT AGAINST GEN V ATTACKS
CHECK POINT.

10
COMPREHENSIVE
• REAL-TIME PREVENTION
ACROSS ALL ATTACK
VECTORS
• FROM CODE TO CLOUD,
NETWORKS, USERS, EMAIL
AND IOT
COLLABORATIVE
• BEST SECURITY ENGINES EASILY
APPLIED TO ANY ATTACK
VECTOR
• REAL-TIME SHARED THREAT
INTELLIGENCE
• API-BASED, INTEGRATED TO 3RD
PARTIES
CONSOLIDATED
• UNIFIED MANAGEMENT
• UNIFIED SECURITY
OPERATIONS FOR YOUR ENTIRE
SECURITY STACK
• EASY TO OPERATE
THE 3C’S OF BEST SECURITY

11
COMPREHENSIVE
ACROSS ALL ATTACK
VECTORS
AND IOT
COLLABORATIVE
VECTOR
INTELLIGENCE
PARTIES
CONSOLIDATED
SECURITY STACK
• EASY TO OPERATE

12
BLOCKING THREATS IN REAL-TIME AS A PHILOSOPHY
MALWARE DNA
ZERO
PHISHING
FP-GUARD
PUBLIC-CLOUD
AUTO
PROVISION
MOBILE APP
SCANNING
MOBILE
CODE
ANALYSIS
MOBILE SMS
PHISHING
SS7 ATTACK
PREVENTION
MEMORY
ANALYSIS
THREAT EXTRACTION
HUMAN
INTERACTION
SIMULATION
ICON
SIMILARITY
MOBILE MAN
IN THE
MIDDLE
ATTACK
DOMAIN
PREDICTION
MACHINE LEARNING
CPU LEVEL SANDBOX
HYPERVISOR
LEVEL
SECURITY
ADVANCED
JAILBREAK
PROTECTION
CAMPAIGN
HUNTING
ENDPOINT
EXPLOITATION
DETECTION
FLASH
EMULATION
URL
REPUTATION
BLUETOOTH
ATTACK
DETECTION
INTRUSION
PREVENTION
Behavior
similarity
ANTI-RANSOMWARE
IMAGE FILE
SANITIZER
DECOYS &
TRAPS
OS-LEVEL
SANDBOX
DROPPED
FILES
EMULATION
TRANSPARENT
HTTPS
INSPECTION
ENDPOINT
FORENSICS
CPU EXPLOIT
DETECTOR
STATIC
ANALYZER
ACCOUNT TAKEOVER
PREVENTION
INTELLIGENCE
COLLABORATION
MACRO ANALYSIS
FILE
FEEDER
EMBEDDED OBJECTS
INSPECTION
BEHAVIORAL
BOT PROTECTION
SMEP Detector
TARGET LOCK

13
©2023 Check Point Software Technologies Ltd. 13

14
PHISHING, PHISHING, AND SOME MORE PHISHING…
Samples from a period of 72 hours

15
REAL-TIME PREVENTION IN ACTION
WITH ZERO PHISHING

16
“With Check Point, we gained industry-
leading protection.
Check Point stops malicious
DNS requests automatically, and blocks
phishing in real time!”

17
NOT ALL VENDORS PROVIDE
REAL-TIME PREVENTION
“SHUT DOWN THE NETWORK”?!
[Protected] Distribution or modification is subject to approval 17

18
Threat Intelligence
UNIFIED MANAGEMENT
& SECURITY OPERATIONS
PORTAL
Management & Unified Visibility
ENDPOINT AND MOBILE
SECURE USERS & ACCESS
• Threat
Prevention
• Anti-
Ransomware
• Forensics
• Secure Media
• Access Control
• Zero Day
Browser
Protection
• Threat
Prevention
• Zero Phishing
• App Protection
• Network
Protection
• Device
Protection
EMAIL AND COLLABORATION
• Account Takeover Protection
• Data Loss Prevention
• Threat Prevention
• Zero Phishing
SD-WAN
Runtime Workload
Protection
Web and API Protection
Posture Management
& Visibility
Network Traffic Analysis
Cloud Access Control
& Prevention
SECURE THE CLOUD
Multi & Hybrid Cloud
SECURE ACCESS SERVICE EDGE (SASE)
• Zero Trust Network Access (ZTNA)
• Secure Web Gateway (SWG)
• Cloud Access Security Broker (CASB)
• Branch FWaaS
INFINITY - THE MOST COMPREHENSIVE SECURITY
Managed Prevention & Response
Extended Prevention & Response
Unified Events
IoT Security
• Access Control
• Advanced Threat
Prevention
• Data Protection
• Wide Range of Firewalls
• Up to 3 Tbps Throughput
• 1, 10, 25, 40, 100 GbE ports
• Wi-Fi, DSL, 3G/4G/ LTE
SECURE THE NETWORK
Hyperscale
Enterprise Firewalls
ICS Security
SMB Suite
Hyper-Fast Firewall Secure OS
Security Management
• Unified Policy
• Autonomous Security
• Event Management
• Compliance

19
COMPREHENSIVE
ACROSS ALL ATTACK
VECTORS
AND IOT
COLLABORATIVE
VECTOR
INTELLIGENCE
PARTIES
CONSOLIDATED
SECURITY STACK
• EASY TO OPERATE

20
[Internal Use] for Check Point employees
INFINITY
CONSOLIDATION. ONE PORTAL TO MANAGE ALL PRODUCTS

21
CHECK POINT INFINITY
ONE PORTAL TO MANAGE ALL PRODUCTS
VS

22
AGONY METER
22
Full reference: https://tiny.cc/agonymeter
Palo Alto & Cisco with 5Xmore menus to operate network & cloud
Agony Meter
Task
Network
Security
Total Agony Score
6Menus
1 Menu
1 3.18 2.43 3.73
Cloud
Security
29Menus
6 Menus
17Menus
5 Menus
29Menus
7 Menus

23
Best Security with Industry First Autonomous Threat Prevention
Implement best practices
in a single click
Gateways are
immediately configured
AI-driven security policy
designed to prevent
against zero day attacks
Policies are continuously
and automatically updated
’We cut the time we spend on managing security
by 80%, thanks to the simplicity of the
Check Point solution!’’

24
1 2
Quantum IOT Protect Software Blade
The Only Autonomous Zero-Trust Threat Prevention for IoT Devices
DISCOVER & PROFILE IoT ASSETS
VIA QUANTUM GATEWAY
AUTONOMOUS ZERO-TRUST
THREAT PREVENTION PROFILES
IoT Threat Prevention in Minutes!

25
COMPREHENSIVE
ACROSS ALL ATTACK
VECTORS
AND IOT
COLLABORATIVE
VECTOR
INTELLIGENCE
PARTIES
CONSOLIDATED
SECURITY STACK
• EASY TO OPERATE

26
ThreatCloud: The brain behind Check Point’s power
Big data threat intelligence
Always acquires the most recent
IoCs and protections of latest
attacks seen in the wild
AI technology
30+ AI and Machine Learning technologies that
identify and block emerging threats that were
never seen before
ThreatCloud APIs QUANTUM CLOUDGUARD HARMONY
Network Security User & Access Security
Cloud-Native Security
Telemetry Telemetry
ACCURATE PREVENTION
(MALICIOUS/SAFE)
2B overall
inspections
a day
Unified management & security operations

27
40+ engines across different security functionality
Unknown
Malware
Zero-day
Phishing
Anomaly
Detection
Improve
Accuracy
Expose stealth
breaches
Campaign
Hunting
Classify
Infected hosts detection
Sandbox static analysis executables
Sandbox static analysis documents
Sandbox static analysis macros
Sandbox dynamic analysis
Email static analysis
Network zero-phishing detection
Mobile zero-phishing detection
Anti-Phishing AI engine
HTML body NLP
Cloud networks anomaly detection
XDR/XPR user behavior analysis
SSH tunneling
ThreatCloud Campaign Hunting
Documents meta classifier Vectorization family classifier
XDR/XPR incidents aggregation
ML Similarity Model
MRAT Classifier
IP Port
Network AI engines aggregator
Mobile AI engines aggregator
Machine validated signature
Analyst Mind
Malicious activity detection
DNS
Security
DNS Tunneling
DNS Slow tunneling
DGA Domain Generation Algorithm
New in
2022

28
AI is all about your data
2,000,000,000
Websites and files inspected
Counted
DAILY!
20,000,000
Potential IoT devices
1,500,000
Newly installed mobile apps
73,000,000
Full content emails
1,000,000
Online web forms
2,000,000
Malicious indicators
Big data threat intelligence:
30,000,000
File emulations

29
First seen &
proactively
prevented by a
customer in Italy
Zero-day malware
“AveMaria” RAT
May 2022
99.9%
Security effectiveness
BEST RESULT
IN THE
INDUSTRY**
Deep Learning
Machine Learning Emulation Runtime
File Reputation
Identified as
malicious in
seconds
Synced in real-time to all
Check Point’s
enforcement points
worldwide
ENDPOINT
CLOUD
GATEWAY
MOBILE

30
CloudGuard AppSec : Industry’s Smartest WAF
Vendor and Product Preemptive protection before
vulnerability published
Check Point CloudGuard AppSec Yes
AWS WAF No
Azure WAF No
Cloudflare WAF No
Imperva WAF No
F5 NGINX App Protect No
F5 BIG-IP ASM/Advanced WAF No
Akamai WAF No
Fortinet Fortiweb No
Palo Alto Networks No
ModSecurity No
The Only Vendor to preemptively block
Log4Shell, Spring4Shell and Text4Shell

31
Validated by 3rd party (Miercom):
THE BEST PROTECTION AND VALUE TO OUR CUSTOMERS
[Protected] Distribution or modification is subject to approval 31
99.7%
99.7%

32
Preventing email phishing attacks
PHISHING EMAIL/100K IN USER INBOX
BEST
EMAIL SECURITY
NO EMAIL SECURITY
10
440
626
812
932
1,232
81x
BETTER PROTECTION
OTHERS

33
[Restricted] ONLY for designated groups and individuals

34
Security vendors should secure their own code 1st
https://www.theregister.com/2021/07/20/fortinet_rce/ https://securityaffairs.co/wordpress/113129/hacking/fortinet-fortiweb-waf-flaws.html
https://www.itpro.co.uk/security/vulnerability/360008/vulnerability-in-fortinet-firewall-could-enable-hackers-to-gain
https://www.bleepingcomputer.com/news/security/cisco-asa-vulnerability-actively-exploited-after-exploit-released/
https://thestack.technology/microsoft-defender-rce/
https://threatpost.com/sonicwall-vpn-bugs-attack/167824/
https://threatpost.com/critical-palo-alto-bug-remote-war-room/167169/
https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/

35
It’s not anecdotal. It’s a pattern.
The lowest number of known vulnerabilities in the
industry and fastest response time to vulnerabilities
(X20 faster than any other company)
22X
Faster Response
90X
less High-Profile
Vulnerabilities
2
1
22
68
61
77
# Critical & High SW Vulnerabilities (Last 3 years) Avg. Time To fix Critical & High Vulnerabilities
Source: vendors security advisories web pages & https://tiny.cc/urgency
Updated Jan 1st 23
50
127

36
OVER 1,700
CUSTOMER REVIEWS
LEADER IN 15
CATEGORIES!
AN ACHIEVEMENT
SECOND TO NONE.
CUSTOMERS
CHECK POINT

37
The Best Companies
Choose Check Point

38
ANATOMY
OF
A WIN
38
“The primary success factor is knowing how to learn from
others and rely on yourself.” .” Denis Waitley

39
ANATOMY OF A WIN
WHAT WINNERS DID THAT MOVED THE NEEDLE
39
Introduced
Infinity
Demoed Real Time
Prevention in action
Used
Competitive Intel.
Worked closely
with the Partner
Used a
Reference
Positioned
Maestro
HyperScale

40
Why Check Point one pager
TOP TOOLS TO HELP YOU WIN
Download here
https://tiny.cc/whycp
Very Popular
“Leave Behind”
document with C-Levels

41
Anatomy of a win on CheckMates Partner Community

42
#2
#3
#1
#4
Mobile friendly competitive on CheckMates

43
Infinity Competitive Assessment Calculator
Released internally & partners

44
Maestro Assessment and Sizing Tool

45
Agony Meter 3.0– https://tiny.cc/agonymeter

46
Customer facing competitive pages
(vs. Mcafee, PAN, Fortinet, Cisco, Symantec, Crowdstrike, Top NGFW vendors, Cloud security)
#1 Google

47
COMPREHENSIVE
ACROSS ALL ATTACK
VECTORS
AND IOT
COLLABORATIVE
VECTOR
INTELLIGENCE
PARTIES
CONSOLIDATED
SECURITY STACK
• EASY TO OPERATE

48
COMPREHENSIVE
ACROSS ALL ATTACK
VECTORS
AND IOT
COLLABORATIVE
VECTOR
INTELLIGENCE
PARTIES
CONSOLIDATED
SECURITY STACK
• EASY TO OPERATE

49
THANK YOU
Feel free to connect on LinkedIn: Moti Sagey
Link to slides:

CPX23_Moti_2nd_best_sec_will_get_u_breached_v11.pdf

More Related Content

What's hot

Similar to CPX23_Moti_2nd_best_sec_will_get_u_breached_v11.pdf

More from Moti Sagey מוטי שגיא

Recently uploaded

CPX23_Moti_2nd_best_sec_will_get_u_breached_v11.pdf