Welcome to Check Point Jump Start training series. Check Point CloudGuard is a suite of products and solutions that can secure your data and virtual networks in the Cloud. In this training video series, we'll be looking at CloudGuard Posture Management and listen to we talked about what are some of the Cloud security challenges that customers face when moving their assets into the Cloud. In Lesson 3, we're going to discuss how CloudGuard Posture Management solution specifically addresses these challenges. This video will be the heart of this training module. The first two lessons in this module were just prerequisites in order to understand not only some of the main Cloud adoption challenges but also what are the primary security concerns that customers face when shifting your assets into the Cloud. In Lesson 3, we will dive into how Check Point CloudGuard Posture Management solutions work. We will not only examine some of the customers' Cloud concerns but also how to enforce the Cloud security challenges. What is Check Point CloudGuard Posture Management? Cloud security Posture Management is a new class of technologies defined by Gartner Research. It defined and standardizes the new industries market for securing your Cloud assets. It suggests and offers a framework to address Cloud security and risk management. It promotes processes and tools to proactively and reactively identify and remediate risks. Check Point software technologies offers a Cloud security Posture Management product called CloudGuard Posture Management. CloudGuard Posture Management is a consolidated platform that is built from the ground up for the Cloud and gives administrators complete visibility and active control of their Cloud environments. Formally called Dome9, Check Point CloudGuard security Posture Management is a robust and comprehensive security solution to address and fix many Cloud security challenges. As more, organizations open their infrastructure into the Cloud, there is a need to make sure that there is visibility and control in the Cloud, and also stay continuously compliant. Check Point CloudGuard Posture Management Solution deliver security and compliance automation to enterprises as they scale into the public Cloud. Check Point CloudGuard Posture Management currently supports seamless integration using Cloud API calls for the following Cloud service providers. We have the Microsoft Azure, Amazon Web Services, Google Cloud Platform, and in addition, we also support Kubernetes Solutions. More solutions are in the pipeline like Ali Cloud. Now let's take a look at how Check Point CloudGuard Posture Management addresses these challenges that we've mentioned. CloudGuard Posture Management, Cloud inventory. Let's talk about the Cloud inventory. Using a single unified console, you can get a full inventory of all your Cloud assets across all your accounts, your regions, and your Cloud ecosystems. It scans your Cloud accounts to retrieve a full list of all your assets, keeping this information in one centralized place. This centralized list provides you at a quick understanding of the situation within your environment without having to go to each Cloud environment separately to get all the answers. With the CloudGuard console, you can get a full and comprehensive map of all your Cloud assets, including all the details of all your devices and all your networks. You can use this map to not only view but also edit and change any configurations. You can perform a deep dive into all your public Cloud, multi-Cloud, and hybrid Cloud platforms to form a complete and comprehensive list of all your Cloud assets across all your Cloud ecosystems. CloudGuard Posture Management, visualization of assets. Let's talk about visualization of your assets. With CloudGuard console, you can get a full and complete visibility into all your Cloud security configurations, infrastructure using a powerful visualization tool called Clarity. Using Clarity, you can get a full and complete representation and outline of all your network topologies or the security policies, security groups, and network routing and forwarding pathways to help formulate and define a complete end-to-end portrait of your Cloud infrastructure to help you assess all your security risks and vulnerabilities. This information provides you with abroad in-depth view of all your Cloud network infrastructures, and attack services, and potential network exposures. Allowing administrators to quickly identify risks and threats within your Cloud environment, to help tighten security and access controls, and minimize the attack surface to prevent cyber security breaches. Clarity can be used by administrators and new Cloud users to better understand their overall traffic flow. CloudGuard posture management and compliance. Let's talk about posture management and compliance. The checkpoint CloudGuard has built-in a compliance and policy management rule set which continuously assesses the accounts in a Cloud environment to help your organization assess compliance and also governance standards. The CloudGuard posture management solution supports over 50 plus major compliance frameworks to help you maintain governance and compliance standards. Light out of the box to help reinforce good behavior across all of your environments. All of these features can be quickly deployed to make sure that your Cloud is as secure as can be. You can use the compliance engine toolset to notify you when rules have failed compliance standards that your organization is required to meet. All of these notifications can also be sent and relayed to third-party tools. Third-party tools like ServiceNow, Splunk, Slack, and others. CloudGuard posture management, security configuration management. Let's discuss security configuration management. CloudGuard is not just a monitoring tool, but it can also be used to manage security policies and security groups across your regions and across your accounts to help you understand and control the overall security of your Cloud assets. This allows administrators to identify misconfigurations that can lead to data breaches and assist in addressing and fixing issues quickly. The centralized console has over 2,400 built-in industry security, best-practice rules. It accesses connected Cloud accounts once every hour, looking for misconfigurations and security issues. CloudGuard helps businesses elevate the level of their existing security posture to achieve optimal standards and to pass a variety of audits. CloudGuard posture management, identity, and access management. Let's talk about IAM protection. CloudGuard provides identity protection and on-demand user access to protect your organizations against identity theft and stolen credentials. IAM safety give security teams granular control over users, roles and actions to prevent and protect against compromised credentials. IAM protection has two protections. First, we have the protected mode. In this mode, users cannot perform protected actions on these Cloud services. We also have protected with elevation mode. Here, only certain protective actions can be performed, but only when you elevate privileged permissions as and as needed basis only. This mode helps protect the Cloud in case administrator's credentials have been compromised. You only get permissions for certain actions and only for specific small amount of time. CloudGuard posture management, tamper protection. CloudGuard tamper protection offers continuously Cloud development protection against unapproved or unauthorized configuration changes. The CloudGuard tamper tool continuously monitors Cloud environments for any changes that have deviated and drifted from the last approved an official state configuration changes. If a region lock has been enabled, then any slight deviation from official supported snapshots could be caused by a potential security breach. The administrator will get notified and if a breach has occurred or is in the process of occurring, the administrator can revert back to the approved goal standard configuration. Check point provides a multi-layer defense enabling administrators to lockdown Cloud instances with a single click. Dynamically we can figure policies to provide secure access for authorize services. These are some of the standard tools for CloudGuard security posture management. In addition, we offer some other tools that are standard and irrelevant for most of the CloudGuard security platforms. CloudGuard posture management, auto remediation. As mentioned earlier, your CloudGuard posture management solution would not be complete without an automatic remediation solution. CloudGuard offers a couple of options to help you automatically remediate systems configurations and prevent network leakage. We have two major remedies for automatic remediation. We have the GSL, which stands for Governance and Specification Language, and we have the CloudBots. The GSL is a scripting language, or I should say, it is a methodology to make scripting easier for engineers. It's a syntax enhancer to help define posture management rules. It helps engineers to find a specific item or value in a sea of entities, in a sea of assets. The CloudBots, on the other hand is an open source project that helps identify threats and automatically correct issues. Together they can work in tangent like a dynamic duel, if you will, helping to identify and remediate any threats or issues. Let's break down these two different Auto-Remediation Solutions a little bit further. The GSL, Governance and Specification Language, is used with various CloudGuard native products like Posture Management, and also Cloud intelligence. With many other CloudGuard products, you have the capability to use GSL scripting language, the Governance and Specification Language, which is a very incredibly powerful scripting language. GSL allows customers to write and run custom security and compliance checks that can be easily read and written, and organizations can use the scripting language to create and write their own scripts to help them identify any vulnerabilities or any threats. The CloudGuard GSL scripting language is designed to be an intuitive GSL builder. It helps users to build rules, and aid users in simplifying code syntax construction, making it easier to create and run code. It allows you to easily create rules to test your environment without needing to learn complex API code for each and every service, and also we have the CloudBots. CloudBots is an open-source project offering an auto remediation solution for public Cloud platforms like AWS, Microsoft Azure, and Google Cloud Platform. It was built to automatically enhance compliance capabilities. It enables you to auto-remediate any findings that were identified. The platform has a bunch of pre-built, predefined bots. But the administrator can also clone, and modify, and create additional bots as needed to remediate any misconfigurations, and it can also help create customized responses to specific automatic remediations, and together, both of these solutions can be combined to resolve and mitigate risks and exposures. You can use DSL to find servers or network configurations or versions, and then you can use a CloudBot to fix or close ports or services. Here are a few examples to help you understand this. Let's take a look at example A, GSL script can be launched to identify Windows or Linux workstations, identify their versions, and they identify their patches, or maybe a script B, this script can be launched to list all security groups allowing inbound FTP traffic after you've identified the versions or you've identified the traffic using GSL, then you can fix these problems using the CloudBots. A bot can be launched to disable HTTP and enable HTTPS on one or all of your workloads. A bot can be launched to block FTP access on security groups. You don't need to run them together. Each of these tools can be run separately, but I just wanted to give you a visual of the power and what you can do when you run them together like a tag team. This gives you optimal remediation and optimal security. That brings us to the end of Lesson 3. Let's take a quick recap before exiting this video. In this lesson, we defined what CloudGuard Posture Management is, and what CloudGuard Posture Management does. We mentioned that CloudGuard Posture Management is a multi-cloud solution, supporting Azure, AWS, Google Cloud Platform, and Kubernetes, and feature support for Ali Cloud is also in the works. CloudGuard Posture Management is also a Cloud inventory solution. It uses a single unified console to keep track of all your cloud assets in one centralized location. CloudGuard Posture Management is also a visualization of assets tool. Using the clarity visualization tool, you can get a full visibility into your Cloud security configurations. CloudGuard Posture Management and compliance, CloudGuard Posture Management supports over 50 plus major compliance frameworks. CloudGuard Posture Management also offer security configuration management. This helps you control the security of your Cloud networks and links, and we have over 2400 security best-practice rules built into the product. CloudGuard Posture Management, IAM protection. This helps you protect your organization against identity theft and stolen credentials. CloudGuard Posture Management, Tamper Protection, you can lock any configuration changes which helps enforce the use of only your approved gold standard configurations, and we also offer to Automatic Remediation Solutions, the GSL, intuitive and powerful scripting language to identify problems, and then you can launch the CloudBots to automatically remediate and patch any security gaps. That completes this lesson. In the next lesson, we will be talking about how CloudGuard Posture Management works. I will see you there.
