3 min Security

Check Point adds a nice big dose of AI to its platforms

Tackling GenAI with GenAI

Check Point adds a nice big dose of AI to its platforms

The Harmony threat detection platform by Israeli-American company Check Point is getting a GenAI injection. This should better protect users against attacks that are also increasingly orchestrated using AI. It should prevent employees from leaking proprietary data to services such as ChatGPT and Gemini as well.

The new GenAI addition to the Harmony suite (which already offers download protection, phishing detection, secure remote access and anti-ransomware solutions, among other things) maps out which unofficially approved AI tools a company’s employees are using. Not necessarily to immediately penalize and ban this use–these tools can be a productivity gain, after all. But to prevent workers from making prompts with sensitive information or providing malicious actors with input.

Check Point’s solution uses AI-driven data classification and detects when the use of ChatGPT, Gemini, or Copilot, for example, violates compliance or cybersecurity policies. Administrators also see what employees within an organization mostly use GenAI for, be it coding, data analytics, marketing purposes, or other things. It further identifies risk, provides comprehensive monitoring, and plays an important role in mitigating breaches.

Preventing data loss

In addition to this feature, Check Point also introduces the Data Loss Prevention cloud service. By leveraging existing services such as Harmony Endpoint, Harmony Browse and Harmony SASE, enhanced by a hefty dose of GenAI embedded in the new service, admins can prevent sensitive data from oozing out to where it doesn’t belong. Features include copy/paste restrictions, extensive scanning of downloaded files, policy enforcement and proactive scanning of more than 700 file types. This also includes scanning images using OCR.

Furthermore, Check Point enriches its Infinity cybersecurity platform with ThreatCloudAI. This service reduces the time between discovering and blocking a threat to mere seconds. This works globally, the company said. A threat surfacing in Brazil would thus be blocked in Japan just two seconds later. In doing so, it does not matter what infrastructure or device ThreatCloudAI is catering to: it could be a cloud workload, a network gateway or mobile device, just to name a few examples.

To pull this off, the AI maps threats and their relationships to each other. It categorizes URLs of new sites based on Natural Language Processing (NLP) and knows how to distinguish the traffic patterns of trustworthy and untrustworthy websites. The Deep Brand Clustering feature even allows it to spot phishing campaigns using brand spoofing.

A company reinvents itself

Check Point is one of the largest pure security players in the world. Former founder and CEO Gil Shwed, perhaps best known for being the spiritual father of the firewall, recently abdicated his throne after more than 30 years.

After a five-month search, the company appointed former venture investor Nadav Zafrir as its leader. That choice may mean that Check Point is reinventing itself, no longer wanting (or able) to be the company where ‘the inventor of the firewall’ is in charge.

Tip: ‘Inventor of the firewall’ steps down at Check Point