CloudGuard platform now supports AWS services like EKS, ECS, and Fargate
Cybersecurity vendor Check Point Software is adding Kubernetes and serverless computing features to its cloud security platform, which comes on the heels of its decision this month to buy Protego, a firm with serverless expertise.
The Lowdown: Check Point recently announced that its CloudGuard platform now supports such Kubernetes services as Amazon Elastic Kubernetes Service (EKS) and Elastic Container Service (ECS). In the serverless realm, the platform will offer more security features for Amazon Web Services (AWS) solutions like AWS Lambda and Fargate (for container management) and Amazon API Gateway (API creation), DynamoDB (database), and Kinesis (data analytics).
The Details: CloudGuard already was able to secure traffic running between Kubernetes – the container orchestration technology – and on-premises or cloud environments using IPsec VPN. With its new functionality, the platform now can make sure that Kubernetes configurations remain compliant with such container security standards as CIS Kubernetes Benchmarks or NIST 800-190. Through its new Serverless Code Scanning capabilities, users can find and remediate security and compliance risks in serverless environments and alert users.
The Impact: The fast adoption of the cloud and the push by organizations to embrace modern workloads and become more digital-based businesses are driving the growing use of containers and serverless computing. A 2019 survey by storage provider Portworx and container security company Aqua Security found that 87% of respondents were running containers – a 55% increase over 2017 – and that serverless was the fastest-growing cloud service, with 50% growth over 2018.
Background: Check Point will add to its container and serverless expertise in the first quarter of 2020, when it begins integrating Protego’s technology into its Infinity consolidated security solution for networks, endpoints, the cloud, and the Internet of Things (IoT) and CloudGuard.
The Buzz: “No matter which cloud resources organizations choose, it’s critical that they have complete visibility and control over them to meet cloud workload protection (CWPP) and cloud security posture management (CSPM) requirements,” said Zohar Alon, head of cloud products at Check Point. “These enhancements to CloudGuard, including the recent acquisition of Protego, deliver powerful CSPM and CWPP capabilities across enterprises’ entire cloud deployments, continuously analyzing, detecting any misconfigurations or security issues, and remediating them. This ensures organizations can fully exploit the cloud’s agility without compromising their security posture.”