Bit9 has announced the availability of Bit9 for Check Point, a new solution that integrates Bit9’s real-time endpoint and server security with the next-generation firewall and threat emulation offerings of Check Point® Software Technologies Ltd., the worldwide leader in securing the Internet.
Bit9 for Check Point delivers closed-loop integration between network security and endpoint/server security. When the Check Point next-generation firewalls detect a suspicious file on the network, Bit9 automatically confirms the location, scope and severity of the threat on enterprise endpoints and servers. Security teams can also submit suspicious files that have landed on endpoints and servers to the Check Point Threat Emulation Service to quickly determine the risk of each file and whether it needs to be stopped. Bit9 for Check Point reduces the overall operational effort of managing network and system security, accelerates incident response time and improves any organisation’s overall security posture.
The integration of Bit9 with Check Point solves four key security challenges:
· Prioritise alerts: Automatically correlate Check Point Threat Prevention network alerts with real-time endpoint sensor and recorder data to determine which alerts are actionable and prioritise them based on the number of systems infected.
· Rapidly respond to alerts: Gain instant visibility into file execution events, file system modifications, registry changes, and unique binary execution data to understand if a malicious file executed, to locate every instance of the suspicious file across all endpoints and servers, and to accelerate incident response if required.
· Prevent Attacks: Reduce the total threat surface with advanced, signature-less prevention policies to lock down high-risk endpoints, servers and fixed-function devices. Leverage the Check Point Threat Emulation Service to perform real-time analysis of suspicious files and immediately stop malicious software from executing on remaining endpoints and spreading throughout your enterprise.
· Analyse Files: Use “detonate-and-deny” to analyse and block every malicious file landing on any endpoint. Submit files arriving on endpoints and servers automatically or on-demand to the Check Point Threat Emulation Service to quickly determine the risk of each file and whether it needs to be stopped. If the file is malicious, immediately block its execution.
In February 2014, Bit9 announced the integration of its Carbon Black lightweight endpoint sensor and recorder for real-time detection and incident response in seconds with Check Point’s next-generation firewall and threat emulation offerings. Bit9 + Carbon Black provides the full lifecycle of Visibility, Detection, Response and Protection on endpoints and servers. The integration of Bit9 + Carbon Black with Check Point delivers a powerful solution to stop advanced threats anywhere in the enterprise.
“Integrating the Check Point network protection and threat emulation capabilities with the Bit9 and Carbon Black solutions extends real-time advanced threat prevention, detection, analysis and response to every endpoint and server in an enterprise,” said Brian Hazzard, Bit9 vice president of product management. “Attacks and compromise are the new normal but complete lock down of every machine is unrealistic for many companies. The best protection against today’s advanced threats is to secure as many endpoints and servers as possible and put the rest in a ‘detonate-and-deny’ posture that allows for real-time security policy enforcement as threats appear. This is exactly the operational value and closed-loop integration this partnership of industry leaders delivers.”