Check Point Infinity SOC is launched
July 2020 by Marc Jacob
Check Point® Software Technologies Ltd. has announced the launch of Infinity SOC, which unifies threat prevention, detection, investigation and remediation in a single platform to give unrivalled security and operational efficiency. Infinity SOC is used daily by the Check Point research cyber analysts, to expose and investigate the world’s most dangerous and sophisticated cyber-attacks. It uses AI-based incident analysis to filter millions of irrelevant logs and alerts, helping enterprise security teams to expose and shut down cyber-attacks with best-in-class speed and precision.
Security Operations Centre (SOC) teams at a majority of organizations struggle to identify and mitigate malicious activity on their complex network estates, because they use multiple point products that generate millions of event logs and alerts daily. In a SOC survey*, 68% of respondents stated that up to half of the events they analyse are false positives. As a result, critical attacks are often undetected until it is too late. 98% of IT security professionals reported SOC-related challenges, with the leading operational challenges being the manual work involved in analyzing and remediating incidents (cited by 52%), accurately identifying the most critical events (52%), and an overload of logs and alerts (51%).
Check Point’s Infinity SOC solves these challenges and helps enterprises protect their networks by delivering:
? Unrivalled accuracy to quickly shut down real attacks: it automatically exposes even the stealthiest attacks from millions of daily logs and alerts with unrivalled accuracy, powered by industry-first AI incident analysis. Infinity SOC automatically triages alerts to enable quicker respond to the critical attacks and offers single click remediation with a lightweight client on the infected host. It also prevents hackers from launching phishing campaigns against users by taking down lookalike corporate web and email domains.
? Rapid incident investigations: Infinity SOC is powered by ThreatCloud, the world’s largest collaborative network to fight cybercrime, enabling teams to quickly search for in-depth live intelligence on any indicator of compromise, including global spread, attack timelines and patterns, malware DNA and more. This also includes deep-link searches on social media and OSINT to deepen investigations – unlike other solutions, which use offline threat databases. Suspicious files are quickly checked using SandBlast threat emulation, which has the industry’s best malware catch rate.
? Zero-friction deployment: Infinity SOC is a single, centrally managed cloud platform, improving teams’ operational efficiency and reducing TCO. It deploys in minutes, and avoids costly log storage and privacy concerns with unique cloud-based event analysis that does not export and store event logs.
* Dimensional Research’s 2019 SOC Survey polled 301 qualified IT security professionals at organizations with 500+ employees across a range of industries internationally