GTC Check Point Software has leveraged Nvidia GPUs and AI techniques across its broad portfolio of security tools to better respond and adapt to an increasingly sophisticated and rapidly changing threat environment .
“Over the past year and a half, the threat landscape has evolved very, very rapidly,” said Dorit Dor, chief product officer at Check Point, during a session at Nvidia’s GTC conference this week. “It’s exceptionally dangerous these days. We see extreme attacks. APT [advanced persistent threats] nation states. We see it going through the supply chain and taking advantage of ransomware. We see incredible software vulnerabilities at every level and we see attacks on [digital] wallets and cryptocurrency.”
The escalation in threats began with the supply chain attack on software maker SolarWinds in late 2020, Dor said. The attack saw Russian-linked group Nobelium insert malicious code into the vendor’s Orion monitoring platform, which users then unwittingly executed once they installed updates to the product. Dor pointed to another supply chain hack – on developer tool maker Codecov early last year – and the flaw in last year’s widely used open-source logging tool Log4j that been used dozens of times.
We want security to evolve and change all the time
The Log4j vulnerability – dubbed “Log4Shell” – sent shockwaves through the industry, but was also a point of proof for Check Point, showing how well its AI-enabled products were able to repel the threat.
“Log4j started out as an innocent software vulnerability, but every such software vulnerability calls for attackers, so an incredible number of attacks were based on Log4j,” Dor said. “With our own AI, we were able to provide a guarantee of protection [to enterprises].”
Dor also pointed to the rapid increase in the number and complexity of ransomware attacks, noting that ransom demands in 2013 were just $300 per incident. In 2021, attackers demanded a total of $14 billion or more. Threat groups also use more sophisticated methods, including double and triple extortion demands – such as threatening to release captured sensitive data from the internet or erase data that has been encrypted – if victims do not pay the ransom. .
Check Point is using AI to make life harder for these bad actors.
“It helps us stay up to date and [evolving] for threat and malware changes,” Dor said. “We want to do prevention first. It’s a challenge because we really want to stop attacks at first sight. We do this with increasingly advanced AI with very low false positives and the best catch rate in the industry, as well as other methods that help us [erase] threats before they reach customers.”
At the same time, the company’s zero-trust architecture increasingly relies on AI to drive the autonomous capabilities that are critical to the platform. Zero-Trust architectures are based on the principle that anything that attempts to access a network is untrustworthy and must be checked – and constantly checked throughout the transaction – and only has access the resources it needs.
The demand for zero trust increases as organizations’ computing environments expand from central data centers to the cloud and edge.
“We want to be self-sufficient,” Dor said. “We want security to evolve and change all the time to adapt to the latest threats. It must be identity-based because identity plays a major role. It must have a unified policy in order to ensure that you you’re safe and it has the scalability to evolve.”
Check Point has partnered with Nvidia for several years, integrating the GPU maker’s products with its own. One example of the relationship at work is the Maestro Hyperscale network security product, which uses Nvidia’s Spectrum switches to help scale the system to protect the largest data centers and networks. At GTC, Nvidia debuted its new Spectrum-4 Ethernet networking platform and a 51.2 terabit Spectrum-4 switch.
In January, Check Point launched its Quantum Lightspeed firewalls, which use Nvidia’s ConnectX SmartNIC adapter card — inherited when Nvidia bought broadband interconnect provider Mellanox in 2020 for $7 billion. Lightspeed offers throughput from 200 to 800 Gbps and can scale up to 3 Tbps with Maestro.
“We take advantage of the Nvidia ConnectX network card by offloading some of the functions from the security [including stateful inspection] in the secure packet-accelerated architecture that exists in Nvidia technology,” Dor said. “This is a really exciting collaboration that allows our customers to deploy the line-rate security they need.
Check Point is also using AI for tasks such as combating zero-day malware, and the roadmap includes expanding its use to threat protection for encrypted traffic and DNS in the network. Additionally, the vendor will continue to integrate Nvidia’s GPUs and data processing units (DPUs) into its products, as well as Nvidia’s Morpheus AI framework. ®