Check Point Unveils Collaborative Network to Combat Cybercrime

Computerworld August 16, 2012
Check Point ThreatCloud powers new Anti-Bot and Antivirus Software Blades, bringing security intelligence and real-time protections to security gateways.

Check Point Software Technologies has announced Check Point ThreatCloud – a collaborative network to fight cybercrime – that gathers threat data from a worldwide network of threat sensors and distributes threat intelligence to security gateways around the globe.

With over 250 million addresses analyzed for bot discovery, 4.5 million malware signatures and 300,000 infected sites, Check Point ThreatCloud powers new Anti-Bot and Antivirus Software Blades by feeding threat updates directly to customers’ gateways, enabling them to enforce pre-emptive protection against advanced threats, such as bots, APTs (Advanced Persistent Threats), and other forms of sophisticated malware.

Cybercriminals leveraging malware, bots and other forms of advanced threats often target multiple sites and organizations to increase the likelihood of an attack’s success. As many enterprises fight these threats separately, more than half of such threats are left undetected without a current way of sharing threat information across entities. To stay ahead of modern threats, businesses must collaborate – sharing threat data between organizations – to make security stronger and more effective.  

Bhaskar Bakthavatsalu, Regional Director – India & SAARC at Check Point Software Technologies said, "With emerging forms of viruses being generated on a daily basis in India, the introduction of ThreatCloud helps bring about awareness on the significant information along with the analysis about these attacks before they spread to the rest of the system. Therefore, ThreatCloud facilitates us to expand the organization’s security footprint."

Check Point ThreatCloud is dynamically updated based on a global network of threat sensors and invites organizations to share threat data and collaborate in the fight against modern malware. Customers can choose to collaborate by feeding ThreatCloud with their own threat data and can receive incoming protection updates through their security gateways with enriched threat intelligence. When new bots or malware threats are identified on an organization’s network, the malware identifier – such as the IP address, URL or DNS – is sent to the ThreatCloud and an update is distributed to their peers and customers around the world in a matter of seconds. ThreatCloud also includes other sources of threat data from the company’s install base of security gateways, Check Point research, and industry malware feeds.

"We see threat intelligence increasingly coming up as a topic of interest for many businesses, primarily because of the rise of advanced threats today, and in comparison, few resources where businesses can get quick access to the data, research and protections they need," said John Grady, senior analyst, security products at IDC Research.

The company’s new Anti-Bot Software Blade is powered by ThreatCloud, and is designed to help businesses discover, stop and prevent bot damage. The software blade features Check Point’s Multi-tier ThreatSpect™, a unique bot detection engine that analyzes traffic on every gateway and discovers bots by correlating multiple risk factors – such as botnet patterns, remote operator hide-outs and attack behaviors. When a bot is identified, the solution prevents damage by immediately blocking communication between infected hosts and remote operators.

The Antivirus Software Blade, also powered by ThreatCloud, delivers over 300 times more signatures than previous versions, enabling customers to restrict access to malware-infested websites and prevent unknown virus infections from invading the network to keep host systems secure. Leveraging intuitive dashboards, customers can quickly analyze bot and malware threats, highlighting emerging threats, their level of risk and resulting security implications for the business – such as data loss or an increase in fraudulent spam distribution. Together, the Anti-Bot and Antivirus Software Blades enable organizations to enforce a unified threat prevention solution to protect their businesses from the next wave of cybercrime.

"Whether an organization has already been the target of an APT or is simply looking to apply new pre-emptive protections, Check Point’s ThreatCloud enabled software blades are a promising solution that allows customers around the world to leverage Check Point’s broad installed base and threat research expertise within their own environment," Grady stated.

The new solution is available with Check Point’s latest software blade release, R75.40, which also introduces Check Point GAiA unified operating system supporting all security gateways and software blades. With over 100 additional security features, R75.40 brings customers advanced threat prevention, security consolidation and simplified management for better visibility and control.

Release R75.40 is a free upgrade for existing customers and pricing for individual software blades begins at $1,500. Release R75.40 and the new Anti-Bot and Antivirus Software Blades are available immediately through Check Point’s worldwide network of value-added resellers.