Check Point spreads AI goodness throughout its security portfolio

Evolving threat environment means preventative AI – and SmartNICs – are needed to improve protection

GTC Check Point Software has put Nvidia GPUs and artificial intelligence techniques to work across its broad portfolio of security tools in order to address and adapt better to an increasingly sophisticated and rapidly changing threat environment.

"In the last one year and a half, the threat landscape has evolved very, very fast," Dorit Dor, chief product officer at Check Point, said during a session at Nvidia's GTC conference this week. "It's exceptionally dangerous these days. We see extreme attacks. APTs [advanced persistent threats] from nation-states. We see it coming through supply chain and leveraging ransomware. We see amazing software vulnerabilities across the board and we see attacks on [digital] wallets and cryptocurrency."

The escalation in threats started with the supply-chain attack on software maker SolarWinds in late 2020, Dor said. That attack saw the Russia-linked group Nobelium insert malicious code into the vendor's Orion monitoring platform, which users then unwittingly ran once they installed updates of the product. Dor pointed to another supply-chain hack – on developer tools maker Codecov early last year – and the flaw in the widely used Log4j open-source logging tool last year that has been exploited dozens of times.

We want security to evolve and change all the time

The Log4j vulnerability – dubbed "Log4Shell" – sent a shockwave through the industry, but was also a proof point for Check Point, showing how well its AI-enabled products were able to push back against the threat.

"Log4j started as an innocent software vulnerability, but every such software vulnerability calls for attackers, so an amazing number of attacks were based on Log4j," Dor said. "With our own AI, we were able to provide a guarantee of protection [to enterprises]."

Dor also pointed to the rapid rise in the number and complexity of ransomware attacks, noting that ransom demands in 2013 were as low as $300 per incident. In 2021, attackers demanded a total of $14 billion or more. The threat groups also are using more sophisticated methods, including double- and triple-extortion demands – such as threatening to leak the captured sensitive data onto the internet or erasing the data that has been encrypted – if the victims don't pay the ransom.

Check Point is using AI to make life harder for those bad actors.

"It helps keep us up-to-date and [evolving] for the changes of the threats and the malware," Dor said. "We want to do prevention first. It's a challenge because we want to really stop the attacks at first sight. We do this with more and more advanced AI with very low false positives and the best catch rate in the industry, as well as other methods that help us [erase] the threats before they reach the customers."

At the same time, the company's zero-trust architecture increasingly relies on AI to drive the autonomous capabilities that are key to the platform. Zero-trust architectures rely on the premise that anything and anyone trying to access a network can't be trusted and must be verified – and continuously verified throughout the transaction – and given access only to those resources they need.

Demand for zero-trust is growing as organizations' IT environments extend from central datacenters to the cloud and edge.

"We want to be autonomous," Dor said. "We want security to evolve and change all the time to adapt to the latest threats. It has to be identity-based because identity plays a major role. It has to have a unified policy in order to make sure you are secure and it has to have the scalability to scale up."

Check Point has been partnering with Nvidia for several years, integrating the GPU maker's products with its own. One example of the relationship at work is the Maestro Hyperscale network security product, which uses Nvidia's Spectrum switches to help the system scale to protect the largest datacenters and networks. At GTC, Nvidia launched its new Spectrum-4 Ethernet networking platform and a 51.2 terabit Spectrum-4 switch.

In January, Check Point launched its Quantum Lightspeed firewalls, which uses Nvidia's ConnectX SmartNIC adapter card – inherited when Nvidia bought high-speed interconnect vendor Mellanox in 2020 for $7 billion. Lightspeed delivers from 200 to 800Gbit/sec throughput, and can scale up to 3Tbit/sec with Maestro.

"We leverage the Nvidia ConnectX NIC by offloading some of the functions of the security [including stateful inspection] into the secure architecture of accelerated packet processing that exists in the Nvidia technology," Dor said. "This is a really exciting collaboration that enables our customers to deploy the security at the line rate that they need."

Check Point also uses AI for such jobs as addressing zero-day malware and the roadmap includes expanding its use to threat protection for encrypted traffic and DNS in the network. In addition, the vendor will continue to bring Nvidia's GPUs and data processing units (DPUs) into its products as well as Nvidia's Morpheus AI framework. ®

Other stories you might like

  • Train once, run anywhere, almost: Qualcomm's drive to bring AI to its phone, PC chips
    Software toolkit offered to save developers time, effort, battery power

    Qualcomm knows that if it wants developers to build and optimize AI applications across its portfolio of silicon, the Snapdragon giant needs to make the experience simpler and, ideally, better than what its rivals have been cooking up in the software stack department.

    That's why on Wednesday the fabless chip designer introduced what it's calling the Qualcomm AI Stack, which aims to, among other things, let developers take AI models they've developed for one device type, let's say smartphones, and easily adapt them for another, like PCs. This stack is only for devices powered by Qualcomm's system-on-chips, be they in laptops, cellphones, car entertainment, or something else.

    While Qualcomm is best known for its mobile Arm-based Snapdragon chips that power many Android phones, the chip house is hoping to grow into other markets, such as personal computers, the Internet of Things, and automotive. This expansion means Qualcomm is competing with the likes of Apple, Intel, Nvidia, AMD, and others, on a much larger battlefield.

    Continue reading
  • AMD touts big datacenter, AI ambitions in CPU-GPU roadmap
    Epyc future ahead, along with Instinct, Ryzen, Radeon and custom chip push

    After taking serious CPU market share from Intel over the last few years, AMD has revealed larger ambitions in AI, datacenters and other areas with an expanded roadmap of CPUs, GPUs and other kinds of chips for the near future.

    These ambitions were laid out at AMD's Financial Analyst Day 2022 event on Thursday, where it signaled intentions to become a tougher competitor for Intel, Nvidia and other chip companies with a renewed focus on building better and faster chips for servers and other devices, becoming a bigger player in AI, enabling applications with improved software, and making more custom silicon.  

    "These are where we think we can win in terms of differentiation," AMD CEO Lisa Su said in opening remarks at the event. "It's about compute technology leadership. It's about expanding datacenter leadership. It's about expanding our AI footprint. It's expanding our software capability. And then it's really bringing together a broader custom solutions effort because we think this is a growth area going forward."

    Continue reading
  • Microsoft promises to tighten access to AI it now deems too risky for some devs
    Deep-fake voices, face recognition, emotion, age and gender prediction ... A toolbox of theoretical tech tyranny

    Microsoft has pledged to clamp down on access to AI tools designed to predict emotions, gender, and age from images, and will restrict the usage of its facial recognition and generative audio models in Azure.

    The Windows giant made the promise on Tuesday while also sharing its so-called Responsible AI Standard, a document [PDF] in which the US corporation vowed to minimize any harm inflicted by its machine-learning software. This pledge included assurances that the biz will assess the impact of its technologies, document models' data and capabilities, and enforce stricter use guidelines.

    This is needed because – and let's just check the notes here – there are apparently not enough laws yet regulating machine-learning technology use. Thus, in the absence of this legislation, Microsoft will just have to force itself to do the right thing.

    Continue reading

Biting the hand that feeds IT © 1998–2022