Check Point shifts workload protection left with expansion of DevOps protection

Check Point’s messaging around protection of any user on any device using any application is strengthened by expansion of workload protection, to provide stronger ability to deliver that using any application.

Paul Comessotti, Sales and Operations Executive at Check Point Canada

Cybersecurity vendor Check Point Software Technologies has expanded the workload protection capabilities within their unified Cloud Native Security Platform, to deliver application-first workload protection with Check Point CloudGuard Workload Protection that provides fully automated coverage of the DevOps process.

CloudGuard is Check Point’s family name for their platform that protects clouds and workloads broadly, including cloud security posture management, serverless and container protection and threat intelligence.

“With this release, the workload protection has been increased,” said Paul Comessotti, Sales and Operations Executive at Check Point Canada. “The difference now is that with this expanded workload protection, we can provide security right at the developed point of an application. Security used to be an afterthought for DevOps. Now the security is baked in at the point of development. It provides guardrails. It’s not about developing an application and securing it later. The security is now baked into the application development.”

CloudGuard’s application protection now ensures that container and serverless functions are scanning from build by automatically assessing configuration risks and generating least privilege access control across these functions.

“Before, we relied on network aspects to protect these types of workload environments,” Comessotti said. “The new part here is embedding it in application development. Before you had to make sure the network is secure – and we still provide that – but we also now provide the protection based on the workload for the DevOps process.”

Comessotti said that this capability deals with a gap that was problematic before the pandemic, and which got worse with the pandemic.

“In the pandemic, more customers had to get their apps out faster,” he stated. “This will let them do that while still ensuring that the development process is secure.”

Comessotti also says the comprehensive nature of this protection is a differentiator for Check Point against cybersecurity competitors.

“We believe this puts us ahead of the market,” he said. “Some organizations do certain aspects of what we do with workload protection. Our differentiation is the extent of our automation, the ability to have the orchestration in there and being fully integrated natively into cloud security tools through API. Others do parts of this, but our ability to take native integration and continuously monitor it afterwards is a strong differentiator for Check Point.”

CloudGuard’s protection for containers has also been expanded with this release.

“It is now better automated and more efficient,” Comessotti said. “Using AI, we look at expected the behavior of a workload, and take action accordingly.”

CloudGuard Workload Protection is available now, and is sold as a separate module on the CloudGuard platform.

Comessotti noted that these new capabilities around DevOps will be particularly valuable for partners who haven’t been involved in this part of the security process before.

“We still have some security focused partners who are not yet cloud savvy,” he said. “They were never able to overcome this gap previously. Now they can be in the front end of the conversation. This allows security teams and DevOps to deploy simultaneously, so it means that these partners can come into play earlier in the app development lifecycle, and deliver value to the DevOps team.”