Безпечна інтеграція в майбутнє


Безпечна інтеграція в майбутнє

Secured integration to the future

Secured integration to the future

CPX 2024: ThreatCloud AI — The Artificial Intelligence Cybersecurity Platform

Майстер-клас: секрети випікання найсмачніших млинців!

09.04.2024

We are continuing our series on the most exciting advancements in cybersecurity unveiled at CheckPoint Experience 2024. In this article, we delve into ThreatCloud AI, a comprehensive cybersecurity system from Check Point that safeguards organisations against known and yet-to-be-discovered threats using artificial intelligence and machine learning.

Modern Cybersecurity Challenges

Today, cybersecurity executives face the challenge of defending against known threats and implementing tools capable of preventing atypical attacks that organisations have not yet encountered. The emergence of new types of cyberattacks, along with their increasing quantity and complexity, makes vital the application of cutting-edge technological advancements, including developments in artificial intelligence and the processing of large datasets.

ThreatCloud AI — Over 90 Cybersecurity Engines Ready to Protect

ThreatCloud AI represents an innovative approach to cybersecurity, uniting the power of artificial intelligence with the analysis of vast data sets to detect and neutralise cyber threats. To ensure comprehensive protection, ThreatCloud AI analyses over 3 billion websites and files, emails, devices, and other threat sources daily.

Illustration

ThreatCloud AI harnesses 90 cybersecurity engines, 50 of which use AI and machine learning. Here are some of the most curious ones:
Macros Deep VBA: This tool analyses macros and functions for malicious code within an isolated environment. Since malicious macros adopt approximately two new templates daily, no other solution can offer the robust protection of AI-driven tools which identify threats through patented algorithms.
ClearSite is an engine designed to detect malicious websites that are disguising themselves as legitimate ones. This tool analyses various link elements to determine whether they're fake or genuine.
Preventing Malicious Code Packages: This tool prevents the execution of malicious codes at the initial stages of the CI/CD pipeline, at the network level, and endpoints. Unlike many contemporary methodologies that involve scanning code during the testing phase, ThreatCloud AI's approach anticipates potential threats. This technology checks code for malicious elements even before loading it into the testing environment, preventing system compromise at early stages.
Zero Phishing: Another patented technology by Check Point ThreatCloud AI enables the detection of web indicators directly at the Next-Generation Firewall level. This eliminates the need for additional protection on end devices or browsers. This tool uses JavaScript to analyse each HTML file for over 300 fraud indicators, verified through the Zero Phishing cybersecurity algorithm. The engine requires less than two seconds to decide whether to display or block the webpage.

Illustration

Local Brand Spoofing: Leveraging machine learning, text processing, and image analysis, this engine detects phishing attacks where criminals impersonate well-known organisations.

Illustration

In just 30 days, this engine blocked 520,000 attack instances across 160 countries. Its ability to block malicious links disguised as legitimate websites sets this technology apart.
DNS Security: Using deep learning, this engine fortifies defences against Domain Generation Algorithm (DGA) attacks. Within such attacks, domains created by infected nodes and registered by attackers bypass conventional reputation checks. However, with AI technologies, ThreatCloud AI can identify and prevent such attacks.
DNS Tunnelling Engine: This engine provides protection against complex DNS tunnelling attacks that redirect DNS queries to attacker servers, providing attackers with a covert command channel and a pathway for data breaches. It prevents real-time attacks, whereas cybersecurity experts typically require several months to detect such attacks.
Thus, the integration of these and other tools within the ThreatCloud AI suite enables a detection and prevention efficacy level of 99.8%, while competitors typically do not exceed 84%.

Illustration

ThreatCloud AI Update Roadmap in 2024

Threats evolve rapidly, prompting CheckPoint to update its products continuously. Check Point introduced its first AI-driven Security (AI) products back in 2018, and in 2023 alone, ten new cybersecurity engines were integrated into ThreatCloud AI. Here are the company's plans for platform updates in 2024:

Illustration

DNS Dashboard

The DNS Dashboard management platform will significantly add to the ThreatCloud AI ecosystem, allowing users to track and manage DNS protection in real-time, thus enhancing threat response and cyber incident analytics.

DeepPDF

Інструмент DeepPDF, що сканує текст, зображення та посилання в PDF-файлах на предмет шкідливих URL та спроб фішингу, є однією з найбільш очікуваних новинок, яка значно підвищить захист від загроз, що поширюються через документи.

Threat Prevention Dashboards

The Deep PDF tool, which scans text, images, and links in PDF files for malicious URLs and phishing attempts, is one of the most anticipated novelties. It significantly improves protection against threats propagated through documents.
Threat Prevention Dashboards
The functionality of Threat Prevention Dashboards unlocks new possibilities for monitoring and comparing the effectiveness of cyber defence. It offers users an in-depth analysis of conducted attacks and enables them to benchmark their metrics against other organisations. It analyses cyberattacks by region, industry, or enterprise size.
ThreatCloud Graph is a forthcoming engine that employs the concept of "Comprehensive Threat Prevention," analysing the connections in cyberspace to proactively combat cyber threats at early stages. One notable feature of this tool is its ability to identify unique interaction patterns among entities, aiding in the recognition and analysis of potentially threatening actions, including attacks through DNS poisoning.
Using the information obtained from ThreatCloud AI, ThreatCloud Graph actively prevents zero-day threats by evaluating the reputation of URL addresses, domains, and IP addresses based on their previous associations with known threats, thus minimising the risk of malware propagation.

Illustration

ThreatCloud AI from Check Point embodies an innovative approach to cybersecurity, showcasing how the integration of artificial intelligence and machine learning can radically transform the cybersecurity landscape. Leveraging leading-edge technologies, ThreatCloud AI empowers organisations to respond to known threats and forecast and prevent future previously unknown attacks.

Illustration

The best part is that the installation process of artificial intelligence tools into an organisation's target infrastructure doesn't differ from the classical approach of building layered protection. Additionally, the AI Copilot management system based on natural language processing will guide users in setting configurations to ensure the highest level of security and compliance with the updated ISO 27001:2022 standard. You can learn more about it in our article "What's Changed in ISO 27001:2022 Certification since May?"
Artificial intelligence has changed the rules of the game in the cybersecurity market. While initially used by cybercriminals, artificial intelligence now helps to prevent the attacks. Moreover, AI enables efficient analysis of vast amounts of information, the volume of which is constantly increasing. Thanks to high data processing throughput, it becomes possible to automate routine data review processes and continuous security monitoring, thus reducing the risks of human error. Machine and deep learning-based cybersecurity engines are evolving through the analysis of previous incidents and threat data, enabling them to predict and detect previously unknown threats in real-time.
Check Point's ThreatCloud AI leverages all the advantages of AI for effective detection and prevention of cyberattacks. This solution analyses over 3 billion websites, files, and emails, as well as hundreds of thousands of other cyber threat sources daily, using 50 AI-based cybersecurity engines. Blocking HTML threats, phishing attempts, IoT threats, fake websites, malicious macros, and many other tools becomes accessible to cybersecurity experts through engines applying machine and deep learning technologies. To leverage all these advantages, organisations simply need to update their existing Check Point equipment to the latest version, R81.20, which includes all the innovations from this article.


Call Us

+38 (044) 390 81 90

Write Us

moc.tsilaicepsti-ym%40olleh

Meet for coffee

Sigma Business Center,Vatslav Havel Boulevard, 6, building 3,Ukraine, Kyiv, 03124


Call Us

+38 (044) 390 81 90

Write Us

moc.tsilaicepsti-ym%40olleh

Meet for coffee

Sigma Business Center,Vatslav Havel Boulevard, 6, building 3,Ukraine, Kyiv, 03124

Illustration


Зателефонувати

+38 (044) 390 81 90

Написати

moc.tsilaicepsti-ym%40olleh

Приїхати на каву

Бізнес-центр Sigma,
бульвар Вацлава Гавела, 6, корпус 3,
Україна, Київ, 03124

Illustration


Зателефонувати

+38 (044) 390 81 90

Написати

moc.tsilaicepsti-ym%40olleh

Приїхати на каву

Бізнес-центр Sigma,
бульвар Вацлава Гавела, 6, корпус 3,
Україна, Київ, 03124