History tells us , there comes a time when almost every new innovative service starts to lose ground to a “good enough” competitor. Like Cars, TV’s, Medicines, smartphones etc.
With the huge growth of attacks and breaches in the past year such as: Log4J, SolarWinds, Kaseya / Revil, Colonial Pipeline to name a few
we see a pattern: Organizations that invested a lot in “good enough” security products lost the Cyber battle.
It’s apparent that “good enough” or "2nd best" though fitting for smartphones or cars, could spell trouble as this mindset creeps into the cyber security industry.
Now more than ever in this “New World” more digitized than ever before, I believe the single greatest cyber threat to organizations today is the “good enough” standard that’s being sold by key players within the cyber security industry.
And as we can see “good enough” mindset will get you breached
In order to overcome this mindset, businesses need to MIND THE GAP between good enough solutions and the BEST SERCURITY solutions by asking the hard questions and evaluating their cyber security strategy.
This will be the focus of my talk today, what makes a security solution the best , and what does BEST stand for according to our customers?
BLOCKING THREATS IN REAL-TIME is A PHILOSOPHY at Check Point
Every innovation (you can see some of them “popping up” on the screen) we develop starts with a fundamental mindset : can it prevent threats in real time ?
Lets focus on two primary examples :
Threat Extraction
Zero Phishing
Campaign Hunting
Reputation Service
Intelligence service
Infected hosts detection
AnalystMind
AI based aggregator model
Executables static analysis
Documents meta classifier
Documents static analysis
Executables dynamic analysis
ML Disassembled Code Analyzer
Documents macro analyzer
Documents dynamic analysis
CPU-Level Prevention
Neural Network model
Pattern matching engine
Push forward simulation
Human Interaction Simulator
Network Activity Monitor
False-Positive Guard
Vectorization family classifier
Behavioral detection rules
Black signatures
Trusted source
Forensics report
Icon similarity
AI based Intelligence decision Model
ThreatCloud Intelligence
AV Deep Scan engine
Virus and malware signatures
File type classifier
AV Behavioral Patterns
Links inside emails inspection
DNS trap
IP reputation engine
URL reputation engine
Domain reputation engine
Suspicious mail outbreaks
Behavioral patterns engine
Malicious activity signatures
Links inside emails inspection
IPS signatures
Machine Generated Signatures
Exploitable content Disarm and reconstruction
Self-Catered Access to Original Files
PDF Conversion
Click-Time URL Protection
Mail static analysis
DGA
DNS Tunneling
Document - AI based aggregator model
PDF - AI based aggregator model
First one threat extraction :
This is one of the most effective techniques to proactively block potential threats before they cause any damange
Essentially in this example the CV being sent to the organization (whether through email or web) , is being “photocopied” (AKA CDR) by the Check point enforcement point to sanitize any potential threats and deliver a safe copy to the user
Second one Zero phishing
Another very effective protection against the most threatening attack vector “phishing” (90% of email attacks starts with phishing link)
Where it uses advanced engines heuristic and AI to detect phishing websites like visual similarity in this case to office 365, URL reputation (like the fact that the domain was registered 3 days ago)
With a verdict issued in seconds and shared through threatcloud with all Check Point customers
Here is a quote from one of our customers stating “Check Point was instrumental in enabling us to prevent an attack in real time”
Our innovations save customers every day
NOT ALL VENDORS PROVIDEREAL-TIME PREVENTION
One example is Palo Alto networks with its advanced threats detection solution called “Wildfire”
Lets see what their admin guide says “After WildFire identifies the malware; a log is sent to the firewall and the firewall alerts the administrator who then contact the user to eradicate the malware.”
[click]
This is how the log looks and its not photoshop ;)
verdict “ malicious” but Action “Allow” ; meaning wildfire let the malware pass the GW (while inspecting it)… I kid you not this is real !!
[click]
now let’s see what palo alto recommend doing “At this point, the administrator can shut down the network”
Shut down the network ?!?! Seriously ?!?! I guess it is some sort of a way to achieve prevention (of malwares and business continuity)
Not only Palo Alto Networks , also Fortinet does not provide real time prevention of unknown threats
This is from their documentation of FortiSandbox their Advanced threat detection platform “ Sending files to the FortiSandbox does not block files that it uploads”
So what does it do exactly , Letting you know with vivid details you’ve been screwed?!!
Visibility on what to prevent and what to safely enable is not less important
And also here Check Point is One Step Ahead of the competition inWeb Traffic Control & Visibility , with up to 3 time as much application control signatures and highest amount of URL Filtering Categories, providing extreme granularity needed for safe web browsing
Check Point with its Infinity architecture has exactly that, with its consolidated security including:
Quantum for network security , SD-wAN & IoT,
CloudGuard for cloud security (posture mgmt., Workload, Intelligence, Runtime, Appsec, Network,_)
Harmony for securing the distributed workforce with its SASE solutions including secure remote access , email security , endpoint and mobile security
All with consolidated security management and shared threat intelligence
This is what one of our customers Incedo has to say “By consolidating our security defense with Check Point, we’re far more agile and flexible than we could have been before. Check Point has helped us become a highly resilient organization”
SMART starts with our most efficient management platform R81 with its Best Security with Industry First Autonomous Threat Prevention
Providing:
AI-driven security policy where u can Implement best practices in a single click and Gateways are immediately configured
With Policies that are continuously and automatically updated with no user intervention
No wonder that a utilities company stated to gartner that “’We cut the time we spend on managing security by 80%, thanks to the simplicity of the Check Point solution!’’
and a large bank said “Best GUI dashboard in the firewall market”
Another element of SMART
Is ThreatCloud
You can think of ThreatCloud as a brain, and like the human brain it consists of two parts that work together. The right side is intelligence – immense threat intelligence that is always up to date, and the left side is intellect – AI technology that combines the immense intelligence with advanced capabilities to identify and block never seen before threats.
These two parts create together what we call “accurate prevention” that is fast and, well, accurate – and feeds it to the entire Check Point portfolio, so no matter which Check Point product you use, you harness this power.
One interesting anecdote is Threat Cloud gets 86B overall queries/decisions a day vs. google with 5.6B
This accurate prevention (verdict) is delivered worldwide to all of Check Point’s customers in less than 2 seconds through all of the products.
With more than 30 advanced AI engines that are used in different security functionality such as phishing, malware detection& prevention ,, accuracy improvement and more.
All of these smart capabilities manifests to effective protection to our customers
When it comes to 3rd. Party validation (here you can see the latest Cyber Ratings (NSS Labs Reboot) NGFW report), where its clearly identified Check Point as the leading zero day malware prevention with the lowest rate of false positives.
Its important to note that out of 2331 unknown malwares Check Point Catched 99%, while Fortinet and Palo Alto missed 2.3X more malwares than check Point
And the same shows in email security effectiveness vs. mail security vendors , where we scored the highest in malware and phishing prevention,
compared to Microsoft, Proofpoint, Mimecast, Google and Barracuda
with for example Microsoft office 365 missing phishing attempts 93X more times than Check Point
You can Download the full unknown360 report @ https://tiny.cc/unknown360
Another example is endpoint security where we shined in another 3rd party test by MITRE , scoring the highest in the industry in “attack technique coverage “
for example, we caught 44 out 46 attack techniques vs. crowdstrike with 15!!! MS with 38, S1 with 39 etc.
Everyone has a plan ‘till they get punched in the mouth
What happens when a security vendor suffers from vulnerabilities ? It happens … to everyone … And their customers are exposed
Here are a few examples
Starting with an interesting quote by gartner on Fortinet
“gartner clients have expressed concerns about the recent forti-os related vulnerabilities announced by CISA”
[click]
And others as well like PAN , cisco , sonicwall , Microsoft and more
So This is where the DNA of the vendor is tested in its “sense of urgency” to make sure their customers can patch their systems as fast as possible
Until today, NSS labs is recognized as the most respectable hands-on testing 3rd party evaluator.
This is a tracking history comparison of all NSS labs test where CHECK POINT AND the competitors have participated side by side.
With Check Point in 93% of cases achieving the highest possible rating “recommended” vs. PALO alto for example that in 40% of cases got a rating of neutral or caution due to poor security performance like evasions and stability
This capture is yet another proof why Check Point can be trusted with its PROVEN TRACK RECORD OF SECURITY EXCELLENCE
All of this translates to unmatched customer satisfaction with over 1,000 positive reviews in 2021
That got CP a leadership position in 9 Magic Quadrants (AKA Grids) by G2 the largest software customer reviews site including :
Cloud Data security and Cloud workload protection ,
NGFW,
Mobile security,
Email Security,
Endpoint Security
VPN, Network security mgmt. & IPS,
an achievement second to none !!
This is why the best companies choose Check Point
So what do we do with all these data and proof points on how and why we are the BEST?
It was Rabbi Lord & Professor Jonathan Sacks that said “We can’t change the past, but by remembering it, we might just change the future.”
So I Want to share with you “Anatomy of a win “WHAT WINNERS DID THAT MOVED THE NEEDLE so we can learn and replicate and create a better and safer future for our customers (and our quota as well;)
So winners Demoed Real Time Prevention in action
They Positioned Maestro HyperScale. A huge competitive differntitor
They Introduced Infinity and its value proposition both TCO wise and security effectiveness wise
They worked closely with a partner . A great resource as a customer trusted advisor and amplifier of Check Point Brand
They used a reference, considered one of the top buying criteria in cyber
And They used competitive intelligence to PROVE why we have the best security
Let's go over some top tools that had helped the field to win deals
Starting Why Check Point one pager . A Very Popular “Leave Behind” document with C-Levels
You can download it at https://tiny.cc/whycp
Anatomy of a win on CheckMates Partner Community and available on Check Point Engage under “master our solutions” , with top assets for “before, during, and after the meeting !!”
Mobile friendly competitive assets on CheckMates
Where you can see Check Point top differentiators vs. top competitors , their sales strategy ,how our solutions mapped vs. theirs, what they say about us and how to handle objections and more
Infinity Competitive Assessment Calculator
A great SALES TOOL for infinity that highlights top infinity differentiators both in TCO and security effectiveness
The tool is available in CheckMates partner community
Agony meter, cybersecurity Management efficiency scale that I described before
Resonates really well with prospects
Customer facing competitive pages (vs. Mcafee, PAN, Fortinet, Cisco, Symantec, Crowdstrike, Top NGFW vendors, Cloud security)
Many of those are number 1 on google in terms of SEO