PowerPoint Presentation
[Protected] Non-confidential contentCheck Point2016 Corporate
Overview
2016 Check Point Software Technologies Ltd. 2016 Check Point
Software Technologies Ltd.
1
IMAGINE A WORLD IN WHICH EVERYONE CAN SHARE THEIR KNOWLEDGE WITH
JUST A SIMPLE THOUGHT
Imagine a future where we start communicating just by thought.
We might implant chips that will turn our thoughts into actions.
That's where technology is taking us. This future is not far away.
2
Mobile is overtaking desktop, social is beating search,
messaging apps are challenging email, and everything around us is
becoming connected.THE ERA OF DIGITAL TRANSFORMATION
We are in the middle of the digital transformation. Mobile is
overtaking desktop. Social media is a primary means for
communicating. Email and voice communication are being replaced
with messaging apps. Being connected is dramatically changing
everything around us.
Suggested anecdote:To see what connectivity can do, just look at
Uber. Uber is the world's largest taxi company, but doesnt own any
vehicles. Likewise, Facebook is the world's most popular
communication channel, but doesnt create any content. Airbnb, is
the world's largest accommodation provider and it doesnt own any
real estate. They all connect people who have something to people
who want something.
How many companies run their IT infrastructure on hardware they
dont own like on Amazon Web Services and Microsoft Azure?
This is all possible thanks to the digital revolution.3
THE SEEDS OF THE FUTURE HAVE ALREADY STARTED BUDDING
IT environments are changing from well-defined networks to a
more borderless structure. Cloud, mobile and IoT are shaping the
new, flexible and agile environments.
Suggested anecdote:An example of IT without borders comes from
the Oil and Gas Industry. Until recently, oil & gas technicians
spent a lot of time downloading equipment manuals and other
documents before making service calls in the field. Now, these
workers simply travel to the equipment. An application tracks
workers locations using the GPS on a workers mobile device and
automatically pushes the right documents for the equipment at hand
to the mobile device. Besides sending manuals, the application
instantly sends information about an asset to the CFO so he or she
can quickly make a decision whether that asset can be taken out of
service for maintenance.
4
CHANGES CREATE NEW OPPORTUNITIES
FOR THE BAD ACTORS ASWELL AS THE GOOD GUYS
Evolving technologies create huge opportunities for all of us.
However, change creates opportunities not only for the bad actors
but also for the good guys.
Suggested anecdote:Think about how the cloud is changing how
companies deploy applications. DevOps is a good example. Its a huge
change. But, the collaboration of software development and
operations gives us an opportunity to bake security in from the
start. The bad guys are using these techniques to build malware.
Why shouldnt we use them too?5
THE CYBERTHREAT LANDSCAPE IS RAPIDLY EVOLVINGmore sophisticated
and more advanced
Threats are quickly evolving. Cybercrime has become a mature
industry. Today you no longer have to be a genius at writing code
to be a cybercriminal. Most of today's attackers buy platforms that
let them spread malware and rent botnets for attacks. The maturity
of cybercrime has lowered the barriers to entry.
Suggested anecdote:Case in point, heres a real-life story about
malware infrastructure-as-a-service. In June 2016, we saw the
Angler exploit kit vanish completely. Soon after, the Neutrino
exploit kit began spreading the same malware payloads that Angler
had delivered. The Angler criminal infrastructure might have become
ineffective against security measures, the authorities could have
shut it down, or possibly the group behind Neutrino offered the
malware producers a better deal. Whatever the reason, this is
malware infrastructure-as-a-service in action.More:
http://blog.checkpoint.com/2016/06/27/the-malware-as-a-service-industry/6
THERE IS MORE AND MORE THAT WE DONT KNOWZERO DAY, VirusCVEsBad
URLsAPTS, UNKNOWN MALWARE
SignaturesExploitsTrojansBotnets
THE GROWTH OF UNKNOWN MALWARE
I break threats into 2 types: known and unknown malware.
Traditional security measures identify known malware through
signatures, IPs, and URLs. Now, we are seeing a large volume of new
unknown malware that we cannot detect with traditional
technologies. We call these Advanced Persistent Threats or
ATPs.
We are seeing a sharp increase APTs for 2 reasons. First,
attackers are spending more time looking for vulnerabilities in new
systems. Second, someone is creating simple applications that can
convert any known malware into unknown malware by altering a few
characteristics. Normal security will not recognize the altered
malware. Suggested anecdote:How do you discover if you have ATPs on
your network? The Verizon Report tells us security organizations
identify incidents internally 10% of time, externally 75% of the
time and are notified by law enforcement 40% of the time. Not only
is unknown malware growing, it takes 200 days on average to
identify you have itoften by receiving a call from the police.7
President How can I create value for customers? CIODo we have
up-to-the-second information everywhere we need it?
LEADERS MAKE MAJOR BUSINESS DECISIONS DAILYEVERY MAJOR DECISION
EVOKES SECURITY RISKSCMOWill online marketing make a
difference?
CEOHow can technology transform my business?
CFODo I comply with regulations?
Whether management or boardroom meetings revolve around customer
demand, the supply chain, human resources, finance, marketing,
compliance or another topic; every major business decision has
security implications.8
HOW DO YOUINNOVATE, INSPIRE AND COMPETEWHILE
REMAININGSECURE?
How can we continue to innovate, inspire and grow while being
secure?
Suggested anecdote:To circle back to Uber and Airbnb, how do you
think services like them affect the taxi industry or hotel chains
like Marriott? Organizations that fail to stay ahead of technology
fall behind. Kodak and Blockbuster immediately come to mind. To
compete and win you need to constantly innovate. And to innovate,
you need a secure environment.
9
Most security technologies today stayPATCHWORK OF POINT
SOLUTIONS.COMPLEX SOLUTIONS WITH UNCERTAIN SECURITY
COVERAGE.Looking for yesterdays signaturesDetection instead of
prevention ONE STEP BEHIND
Currently, there are hundreds of security vendors. Most vendors
offer point solutions that protect one attack vector. These point
solutions usually look at old signatures that dont prevent unknown
threats. Also, using several point solutions from multiple vendors
leaves organizations with a complex patchwork of systems that is
very hard to manage and leaves holes in security coverage.
Most security vendors provide detection, not prevention.
Detection means finding threats after they penetrate a system.
Costs for remediation are huge - close to a million dollars per
incident, not to mention the bad reputation and management time
spent.
Suggested anecdote:Even though we are all spending more on
cybersecurityaccording to Gartner $86 Billion, which is 8.8% more
than last yearcybersecurity incidents increased 38% in 2015
compared to the year before according to PwC.10
THE TRADITIONALAPPROACH
Anti-Virus
URL Filtering
IPS
Anti-Bot
Application Control
Attacks
Botnet
High Risk Applications
Malicious Websites
Virus
When you look at the security industry, it's quite interesting.
There are different attack vectors such as viruses, malicious
websites, intrusions, bots and so forth. Then you look at the
security technologies developed to protect against each them. For
viruses, antivirus. For intrusions, intrusion prevention systems.
For bots, there's anti-bot. This reactive approach always leaves
defenses one step behind. That's definitely not the right way if to
protect your critical assets.
11
NOW IMAGINE A FUTUREIN WHICH WE ARE ALWAYS OF THREATSONE STEP
AHEAD
I imagine a future where we're one step ahead of threats.12
THREATS ARE BEING BLOCKED BEFORE THEY DAMAGE YOUR NETWORKS AND
SYSTEMSIMAGINE
Imagine a world where you block threats before they impact your
networks and systems.
13
A future in which security is managed with fewer people, with
less capital investment and a smaller footprint on the networkWITH
BETTER SECURITYIMAGINE and yet,
Think about a future where you can administer security
effectively with fewer people and less investment.
14
CHECK POINT KEEPS YOUONE STEP AHEAD
That's what Check Point is all about.Check Point keeps you one
step ahead.
Suggested anecdote:Back when the Internet was new, banks simply
plugged-in to it. There was no security. No such thing as a
firewall. This was when Gil Shwed started Check Point. Since then,
Check Point has grown to be the worlds largest company exclusively
dedicated to cybersecurity. Weve remained the leader from the
beginning because whenever technology changes, Check Point
innovation is one step ahead to keep new technologies secure.15
WE DOPREVENTION
We provide prevention.
Suggested anecdote:Our customer SE2 told us they had to replace
their emulation environment (FireEye) because they had way too many
security alerts and emergency drills to remediate malware. The
competitors security appliance took 5 to 10 minutes after malware
had hit a workstation to respond.Instead of detecting malware
attacks, SE2 needed something to block threats inline not just send
alerts. Installing Check Point SandBlast for prevention stopped
attacks and the extra work resulting from only detecting
threats.
16
OUR SECURITY PREVENTS BOTH THEKNOWN UNKNOWN THREATS
We prevent known threats and the unknown threats that are
increasing faster than any other attack in todays threat landscape.
17
Reconnaissance
DeliveryExploitation Control
ONE STEP AHEAD MEANSBLOCK THE ATTACK AT EVERY STAGE
Attacks are built in several stages. We call these stages the
kill chain. The 1st stage of the kill chain is reconnaissance. This
is when the attacker chooses a victim by looking for networks that
have open ports and software vulnerabilities. After the attacker
picks a victim and understands the victim's systems, network and
vulnerabilities, he or she creates malware. Then the attacker
delivers the malware, usually in an email or through a website.
Before the victim has downloaded malware and it is in the network,
the attacker needs to exploit the vulnerability found during
reconnaissance. After exploitation, the malware will then be
downloaded and in most cases the malware has command and control
functions and spreads in the network to steal data, destroy systems
or cause other damage.
18
CHECK POINTPREVENTING THE KILL CHAINRECONNAISSANCEBlock
suspiciousnetwork activity
DELIVERYBlock maliciousdownloadEXPLOITATIONBlock exploitationof
vulnerabilities CONTROLBlock command & control activity
Check Point blocks attacks at every stage. Check Point's
Next-Generation Firewall prevents attackers from scanning networks
during reconnaissance. Our IPS virtually patches vulnerabilities to
prevent attackers from exploiting them. Check Point scans web and
email traffic to prevent delivering malware to your environment. We
block exploitation using a technology that is unique to Check
Point.
We also identify and block command and control traffic. By
integrating the best technologies with multi-layer protection into
one solution, we bring the most effective security to the
market.
19
BLOCKING ATTACKS AT THE PRE-INFECTION STAGE
CHECK POINTPREVENTING THE KILL CHAIN
I want to elaborate about exploits because Check Point offers a
very unique, very strong solution. Our technology identifies
malware milliseconds before it gets into a system by recognizing
when an exploit is happening.
20
WE BUILDARCHITECTURE
We build architecture
21
PREVENTIONACROSSALLBUSINESS PLATFORMS
ONE STEP AHEAD MEANSBLOCKING ATTACKS EVERYWHERE
We protect all the new and emerging business platforms whether
they are: physical and virtual networks, desktop, mobile, cloud,
and IoT.
22
MOBILE THREAT PREVENTION
PROTECTING MOBILE DEVICES
Lets talk about mobile. Most of you have a smartphone. If you
receive work emails or connect to your company's intranet, your
smartphone is mixing your private data and business data. Your
smartphone goes everywhere with you and has a GPS that knows where
you are. It has microphone that can listen to your conversations.
The company and personal information on your smartphone and the
connections to your business network are available to you and
anyone else who can take control of your phone. Your smartphone
must be secure. Check Point offers very innovative protection for
smartphones and tablets. We do this by sending your metadata,
applications and networking behavior to the cloud. We analyze your
mobile device's activity in the cloud and give you an immediate
alert for any malware or breach.
Suggested anecdote: Want to be a hacker? Heres how to conduct a
man-in-the-middle attack. Simply connect to free airport Wi-Fi and
change your phone settings to broadcast free airport Wi-Fi. In a
instant, youll have a hundred users connected to your phone. You
can harvest every password or login on their phones: corporate and
personal.23
AUTOMATED SECURITY FOR THE HYBRID CLOUD
ACI
ADVANCED SECURITY FOR ALL DATACENTER TRAFFIC
PROTECTING THE CLOUD
Another fast growing technology is public and private cloud. We
see more companies using Amazon AWS and Microsoft Azure public
cloud platforms. We also see more companies moving to private cloud
environments. Very advanced cloud technologies from Cisco ACI,
VMware NSX, OpenStack and others are helping more organizations
migrate to cloud computing. These cloud environments are not
stand-alone. They're extensions of existing infrastructures. Check
Point protects cloud the same way we protect physical networks; our
security is platform-agnostic. You can secure and manage a physical
network and a cloud environment with the same management and the
same policies.
24
[Restricted] ONLY for designated groups and
individualsSECURITYANALYSISINTELLISTORESENSORS
SECURITYEVENTSANALYSISSECURITYCOMMUNITYMALWARERESEARCHwith the most
comprehensiveSECURITY INTELLIGENCECERTSONE STEP AHEAD250 MILLIONBOT
ADDRESSES11 MILLIONMALWARE SIGNATURES5.5 MILLIONINFECTED
WEBSITES
Once you have this enforcement point for all environments, we
support it with security intelligence. Check Point takes advantage
of its large size and global presence. We gather the collective
wisdom coming from Check Point security analysts, sensors spread
around the Internet and cybersecurity organizations from around the
world. Check Point combines a huge quantity of threat information
from these many sources into one large data repository we call
ThreatCloud.
25
SOFTWARE-DEFINED PROTECTION (SDP) ARCHITECTURECONVERTING
INTELLIGENCE INTO PROTECTIONENFORCEMENT LAYER
THREAT PREVENTIONENDPOINTSECURITYNETWORK
SECURITYGATEWAYMOBILESECURITYVIRTUALSYSTEMSCLOUDSECURITY
CONTROL LAYERMANAGEMENT LAYERSINGLE MANAGEMENT
We take ThreatCloud intelligence and transform it into
prevention. Probably the best way to show how we do it is our
complete architecture called Software-Defined Protection. The idea
behind Software-Defined Protection is we have a complete set of
enforcement points: physical, virtual, cloud, mobile, and desktop
endpoints and connect all of them to ThreatCloud in real-time.
Suggested anecdote:If for example I find new malware propagating
in a power plant in Vietnam, I would like a power plant in the U.S.
to be protected at the same time. Software Defined Protection
translates threat intelligence from one source into protection
throughout your whole environment, all managed by the single,
efficient management platform.26
INTEGRATED Threat ManagementEFFICIENT Automated
OperationsUNIFIED Policy ManagementA SINGLE MANAGEMENTPLATFORM TO
CONSOLIDATE ALL YOURSECURITY
Check Point management has always been one of our greatest
advantages for our customers. Recently the new R80 platform took
our management effectiveness one more step ahead. A very robust
infrastructure, R80 lets you manage and unify all your security
policies for threats and access. We make management much more
efficient by letting multiple admins work on the same policy. You
can segregate duties and you can automate and orchestrate
processes.
Suggested anecdote:The largest telco in Canada uses our R80
security-management platform. The telco lets subscribers change
their enforcement subscriptions in a self-service portal with R80
automatically provisioning security setting in the
background.27
20% REDUCTION in consolidating on single architecture SECURITY
SPEND 50% REDUCTION inHUMAN INVESTMENTwith single management
platform
Consolidating on Check Point, I can promise you about a 20%
reduction of your security spend by consolidating to a single
unified architecture. Also, we can reduce the human investment it
takes to manage security by about 1/2.
28
DESERVE THE BEST SECURITYYOU
Security that is ONE STEP AHEADSecurity that preventsSecurityfor
every environmentSecuritythat is manageable
Check Point is here to give you the security you
deserve;security that is manageable, security that runs on every
environment and most important, security that prevents.
29
[Protected] Non-confidential contentThank You
2016 Check Point Software Technologies Ltd. 2016 Check Point
Software Technologies Ltd.
30
[Protected] Non-confidential content[Protected] Non-confidential
contentAPPENDIX
31
HIGHEST MALWARE CATCH RATE
LEADS CYBERSECURITY VISION AND INNOVATIONFASTEST TO STOP ZERO
DAY MALWARE
BEST SECURITY MANAGEMENT
INNOVATION. VISION. LEADERSHIP.LEADER: ENFW Magic Quadrant Since
1997MARKET SHARE LEADER: Worldwide NGFW and UTMMOST NSS RECOMMENDED
PRODUCTS, 11 Since 2011
LEADER: Unified Threat Management MQ LEADER: Mobile Data
Protection MQLEADER & BEST SCORE:Forrester Automated Malware
Analysis Wave
32
