The
company
showcased
dozens
of
new
security
tools
and
services
to
detect
and
prevent
malware,
phishing,
ransomware
and
other
attacks,
but
AI
took
center
stage.
your123/Adobe
Stock
Artificial
intelligence
in
the
service
of
security
was
a
major
focus
at
global
cybersecurity
firm
Check
Point’s
annual
showcase
for
customers,
CPX
360
2023.
Besides
pulling
the
wraps
off
dozens
of
new
products
and
services,
including
Quantum
SD-WAN
and
an
Extended
Cyber
Attack
Prevention
Platform
that
covers
network,
endpoints,
emails
and
more,
the
event
gave
stage
time
to
Check
Point’s
ThreatCloud
AI
generative
AI
framework.
SEE:
Artificial
intelligence:
5
uses
cases
of
AI
(TechRepublic)
The
global
conference,
anchored
in
NYC
with
simultaneous
events
in
Toronto,
Chicago,
Denver,
Miami
and
Bogota
included
a
panel
on
ChatGPT
that
also
included
ChatGPT
exploring
AI
both
as
a
bar-lowering
tool
for
attackers
and
as
a
tool
of
growing
importance
for
fast
defensive
tactics.
Jump
to:
AI
powers
an
all-points
approach
to
security
During
the
opening
keynote,
Gil
Shwed,
the
company’s
founder
and
CEO,
called
2023
the
tipping
point
for
AI
as
a
security
tool
(Figure
A).
Figure
A
Check
Point.
Gil
Schwed,
founder
and
CEO
of
Check
Point,
gives
the
opening
keynote
at
Check
Point
CPX
360
2023.
“We
are
on
verge
of
an
AI
revolution,”
Shwed
said
during
the
opening
keynote.
“We
have
all
been
working
on
it
for
over
ten
years,
and
you
see
that
today
more
than
half
of
our
threat
engines
are
AI.”
Eyal
Manor,
VP
product
management,
introduced
the
company’s
“three
C’s”
mantra
—
comprehensive,
consolidated
and
collaborative
—
and
how
its
portfolio
of
services
and
tech
align
with
those
to
deliver
both
security
prevention
and
detection.
SEE:
Check
Point
vs
Palo
Alto:
Compare
EDR
software
(TechRepublic)
“Partners
now
have
fewer
resources
and
are
required
to
do
more
with
less,”
he
said.
“Last
year
demonstrated
to
us
that
in
order
for
us
to
provide
the
best
security,
we
must
not
only
detect
threats,
but
defend
the
organization.
Detection
isn’t
enough.”
New
“Horizon”
for
everything
SOC
The
company,
which
last
year
launched
Horizon,
a
comprehensive
approach
to
prevention
first,
this
year
introduced
Horizon
XDR/XPR,
which
it
called
an
industry-first,
AI
powered,
extended
detection,
protection
and
response
framework
meant
to
handle
complex
attacks
on
all
fronts.
Dan
Wiley,
head
of
threat
management
and
Check
Point’s
chief
security
advisor,
pointed
out
that
the
tools
required
to
run
a
traditional
SOC
are
pretty
extensive,
requiring
a
SIM
or
data
lake
to
store
data,
intelligence
to
explain
what’s
in
that
data,
orchestration,
ticketing
systems
and
a
team
of
IT
people
to
cover
the
clock.
“That
last
bit
is
where
a
lot
of
organizations
fall
short,
because
they
can’t
afford
the
12
to
14
people
to
run
a
SOC
24/7
365,”
Wiley
said.
“With
Horizon,
within
Check
Point’s
ecosystem,
our
goal
is
to
incorporate
all
of
the
above
into
one
layer
that
you
can
consume
with
one
click,
because
all
these
elements
are
baked
in.”
Incorporating
generative
AI
—
ThreatCloud
AI
—
with
other
services
under
the
Horizon
umbrella
enables
a
real-time
feedback
loop
of
detection
and
prevention,
according
to
Wiley
(Figure
B).
Figure
B
Check
Point.
ThreatCloud
AI
closes
the
detection
and
prevention
loop
through
integration
with
Check
Point
solutions.
“What
we
are
attempting
to
do
is
drive
the
prevention
story
aggressively
by
using
detection,
but
in
a
novel
way
through
our
AI
engines,”
Wiley
said.
“This
‘hive-mind’
approach
enables
us
to
get
to
the
conclusion
of
prevention
faster.
Its
main
goal
is
to
distribute
knowledge
and
make
it
available
to
all
of
our
capabilities
in
a
scalable
way.”
Wiley
explained
that
seven
years
ago,
the
company
began
creating
systems
to
automate
delivery,
consumption
and
automation
through
neural
networks
and
AI.
“Now
we
are
up
to
40
some-odd
engines
just
around
AI,”
he
said.
“We
can
automate
in
multiple
areas.”
A
stitch
in
time
saves
several
million
In
an
impromptu
presentation
during
the
event,
Yoav
Chelouche,
managing
partner
at
Aviv
Venture
Capital,
gave
a
primer
on
security
based
on
his
own
company’s
ransomware
experience,
which
took
down
the
company
and
cost
millions.
“We
had
a
low
target
profile,
with
no
consumer
record
of
credit
cards,”
he
said.
“Who
would
bother
to
attack
us?”
He
described
the
call
from
the
firm’s
COO
around
midnight
that
the
entire
operation
was
down.
“Ransom
has
a
clock,”
Chelouche
said.
“Time
has
a
cost.
The
ransom
increases,
but
the
first
task
is
knowing
if
the
actors
are
even
credible.
Do
we
know
that
these
guys
are
even
the
people
who
will
put
us
back
online?”
He
offered
two
“stitch
in
time”
lessons
in
hindsight:
Perception
of
risk
is
lower
than
actual
risk;
prepare
for
much
worse
than
what
you
may
anticipate,
because
it’s
much
cheaper
to
prepare
than
to
repair.
Learn
the
key
elements
of
security
and
prevention
by
ramping
up
Infosec4TC
knowledge.
Check
out
TechRepublic
Academy
unlimited-access
courses
on
GSEC,
CISSP
and
beyond.
About Author
