Erez Yarkoni, Check Point Software Technologies | AWS re:Invent 2020
From around the globe. It's thecube. With digital, coverage, of aws. Re invent 2020. Sponsored, by intel, aws. And our community, partners. Hey welcome back everybody jeff frick here with thecube welcome back to our ongoing, coverage of aws, re invent 2020.. It's virtual this year just like everything is virtual this year but it's still the biggest event in cloud and we're excited to be back, i'd like to welcome in our next guest he is arizoni. Head of cloud and telco, technologies. For checkpoint, software technologies, it is great to see you. Nice to see you jeff thank you for hosting me this morning, absolutely. So let's jump into it you've been in the cloud space, for a while i saw a great, uh interview, with you i think like four or five years ago when i was doing some research and you're talking about you know all the great innovation, that's coming from cloud, that was years and years ago. Now suddenly, we had kobit. Arrived, and i'm sure you've seen all the social media memes, you know who's driving your digital transformation, the ceo. The cmo. Or covid, and we all know what the answer is, so first off i'd just love to get your perspective, you've been in this a long time now that we're here, in 2020. Both in terms of the development. Of the cloud and the adoption of the cloud, as well as this accelerant. Uh that came into our lives in mid-march. Yeah jeff you know i i've been lucky that uh i got to participate. In this kind of uh. Innovation, cycle. Of. I.t. And, technology. Earlier, i was a, cio, for an, organization. A large organization, and and we were adopting, cloud. At the same time. As an organization, we were selling technologies, and networks to our customers, and they were asking. Uh, to adopt cloud and so on and these are probably some of the early interviews you looked at so. I got lucky. That. I had to look at my own organization, and understand, where cloud is is beneficial. And obviously, now i work uh, with cyber security, and securing the cloud.
Um, So it's all come together. I think that, you know as. As cloud technologies, came in it really, came in to help. Uh, many of us address, uh, the fundamental. Need. To, come to who market, with business. Uh capabilities. And functionality. Faster, for those of us in technology. You know we, were probably, always the bottleneck. Of, our business counterparts. That said well if you could only do this for me i could grow the business i could change a business i can go to other places. I can incrementally, bring more. Customers. Uh revenues, and so on. The cloud platforms, have done, a, tremendous. Job, allowing. Developers. And. Operators. Of technology, to, change the speed in which they service their businesses. But with speed. Comes. Security. And uh i think the cloud platforms. You know specifically. Platforms, like aws. Uh build security, into into the cloud as well. But there's other needs in it and. The pandemic. Or covid. All it did is it shifted some of these motions, into, another gear and then it. Created, some new business, needs that can only be. Serviced, digital, me and you are now having a collaboration. Session. Over a digital, channel where otherwise, we'd be probably sitting in the same studio. So, definitely. Collaboration. Has changed. Commerce, have changed especially. For, some organizations. That never planned. To do commerce over digital, channels small businesses, and so on. Uh, just think about the food delivery, industry, and how many new customers, have now sorry restaurants, have now signed up. For. Food delivery services, that must have exploded. These, continuous, changes, brought. Continuous, needs, to, address. Security, as well. Aws. Is allowing people to build some. Amazing. Applications. Uh, i watch the commercials, when i watch, football, on sunday. Right so piloting, and zoom and education. And. Many other things, and uh. Yeah, so when people build those, amazing, applications. The next thing they need to do is make sure that the zoom session is secure, and nobody's, crashing, in if uh you have a bunch of kids uh doing zoom for school. There is you talked on so many topics on that so let's let's break a few of them down first off i just you know, thank goodness for cloud right if, this pandemic, had hit, 10 years ago 15 years ago, you know we would not have been able those of us in the i.t industry. To shift so easily. To cloud-based. Uh or excuse me to working from home or working from anywhere because of the the cloud, based applications. Huge enabler. But it's funny not once in what you just talked about did you talk about cost savings, and i still find there's a lot of people, that are looking at cloud, as a way to save costs, you've been in it for a while you know the truth, is all about agility, and speed of business speed of adoption, speed of, of innovation. You said it in every single one of your answers but it still seems to be, a lag for a lot of people now with, with covid, and, you know securing, people, work from home you know one of the big issues, let's go back to security. Is increasing attack surface. And we know the increasing, sophistication. Of the bad guys, now i'm hearing from some people that they're actually using old techniques, that they used to use, back in the day because they know people are at home and maybe things aren't, as locked down you talk about security, needs to be baked in, all along the way we're using all these um, you know more cloud-based, apps. How do people think about the security, perspective, how do you bake it into everything that you do, and how do you respond, to, the increased attack surfaces, that have now, suddenly opened up, to look like for probably, a little while not just uh, going back to the old way anytime, soon. Yeah so. You know you, you touched on that uh. You said that uh you hear about people using, uh old security. All the attack. Um. Methods, or vectors and so on uh coming back because people are now at home and no longer behind, a, very secure, environment, in their office, or. Uh in their data center uh people had to maybe. Move things that they never thought they would, call center, operations. That was by definition, you showed up to the call center. Uh, for certain organizations. And moved it out and they may have not been ready to move those applications, and so on so they had to address. Uh the security, of it i think that's, exactly, it which is now. Um. Some of the. Reaction, we had to have, for just staying in business. Uh. We used kind of very, uh, older, uh, or or, you know we increased, what we know about security, about remote access by, increasing vpn.
Capacity, For the organization. Or. Um. Or those type of uh, methodologies. Uh now. People are looking at. What happened to our. Topology, to our architecture. Where are people, and machines, coming in to execute, their work. Uh over the network, where are the applications. Residing, what have we moved to the cloud because we, had to now flex for capacity. And speed, and maybe. Localize. And, and move it into regions, and so on, um i don't think, it was about cost saving, i do think it was about business agility, especially, in this phase. I actually think that. At, the end of the day the big benefit, from cloud, is business agility. Um. Cost has to come with it we cannot sacrifice, cost in everything we do. Um, and we look at uh overall how, we, use cloud technologies, and other technologies, and make sure that the cost. Uh fits into, uh what our business, uh demands, from a cost structure but, it is about business, agility. Um. Now it's also about. Security, agility. So people are building. You know. Methods. And capabilities. Uh, to match the business agility, with security, and security, was, at least for me for instance as, as a cio. Security, was a bottleneck, so when business demanded. Agile, development. Uh. You know, uh, iterations. Sprints. Deliver, functionality. In weeks. And, you know keep pouring it into the environment. One of the inhibitors, was, uh security. Right we weren't ready for it we weren't ready to release it so we had to uh find a way to adopt it and then came in companies, like. Aws. Saying. We built some of that security, built into the, platform. And companies, like checkpoint, saying we have. Cloud security, that moves at cloud speed and allows you to integrate, into your. Ci cd. Um. Environment, or um. Or processes, and uh, allows you to match the speed of the business with the speed of security. Yeah that's great i mean again i i agree with you 100. It's all about agility. Uh and and speed of business and being uh, able to move faster it just always surprises, me how people how many people are still kind of stuck on the cost saving, piece and then the other thing of course what you're, super aware of and if you've ever been to one of you know kind of the technical keynotes at aws, re invent the amount of investment. You know that they can make in infrastructure. Including. Security. You know just, just, completely, over, overshadows. Anything. Uh you know i as an individual, company. Can invest just in terms of the resources, and then somebody like you guys, can leverage on top of not only, using the the massive amazon. You know kind of core investments, and security, at. The infrastructure, layer, but then all the stuff that you guys can do in terms of securing, the enterprise, and helping make sure that you know the right people have access to the right information, at the right time, but not a lot more than that i wonder if you can um, you know talk about. You know kind of zero trust in some of the the evolution. Within, security, in terms of the posturing, and how you, you know kind of make assumptions, as we said it's no longer, a wall the wall anymore it's no longer talking about, having these physical borders. Uh or even logical, borders but it's really about access. And breaking down access even to the person in the application. And, and the data et cetera. Yeah i think you asked specifically, about zero trust uh, you know and i think that uh. Um. We want to move. Maybe we want to keep that the the, theme here around uh the application, security and so on i'll get to uh zero trust at the end, uh you know so. One of the things that that, definitely, is is. Thematic, or all we see, uh, happening, is, uh in the evolution, in the maturity, curve of adopting the cloud the, uh initial adoption, was uh you know maybe some lift and shift from organizations. And the uh is layer was a big player. Uh but the past layers, of the cloud, are where all the interesting, happen where all the exciting, services, all the innovation, coming from organizations, like aws.
All The enablers. For, a, business agility. Uh, and uh capabilities. Are coming from there. Uh and when you start developing your applications. For that pass layer you start. Leveraging, the services. Uh the, type of security. Changes so you're no longer looking at network security, or maybe northeast, east west, uh north south east west type of security, on your network you're now looking. At. Securing. Apis, and securing. The, the back lane of the cloud uh from those services, that they give you you know you're gonna encrypt your buckets you're gonna make sure your security, groups. Are correct, you want to make sure your serverless, functions. Uh. Are not. Executing. Anything. Malicious, in them or. Or. Talking to. Ip addresses, they shouldn't be, uh same with your container, you want to make sure that your container, code. Uh is scanned, properly you didn't download, anything in there that's malicious. And obviously, uh have runtime, security. Uh both to make sure you're compliant, from a posture. Uh perspective. You made compliance, may require you to be pci, compliant one of those, so. The, the. Elevation. In which you execute. Security, changed, uh from the from the stack, from kind of a, traditional, stack. It requires. Uh, different uh capabilities. And, between, what aws. Has built into the platform, and what checkpoint, puts together in cloudguard. This is the, the the big target then we get into, okay so how do you access. All these great things that we just built right so we built these, this great application. It's sitting on aws. It's using some of the great services, there. Um. How do you how do you get to it who gets to it how do you get to it, this is where some of these, you know sassy, and zero trusts come in, because, what happened, is. You used to come into a lot of. Enterprise, applications, from the data center then we moved some web apps and you came over. Uh the web into the application, so we have some web firewalls, and and security, for that. Now you're getting into every application. From, the edge of the network, because, we are all at home. Or we are we used to be traveling but a lot more of us are now at home coming over the edge of the network, we're adding iot, devices, coming off the edge of network, and so on.
There's A lot more volume, coming at you and you've got to find different ways than just. Uh. Vpn, authentication. Of the traffic, into, so. We are. Coming into, the age of. Having to identify. Who's coming. At the application, at the capability. At any given time. And, that's where you come into the framework of xero trust i, every time you come in i'm going to authenticate. That as you and there's different methodologies. In there, uh for instance, one of the things that, we just added to our portfolio. Is the ability, to put an agent let's say in your, around your aws, application. And allow. Remote. Access, with no vpn, to your enterprise. App. To an acquisition, company. We call odo. Without having to put a vpn, so, the administrator. Defines. What applications. Are connected, to the connector. They define, who's the users. Uh that are allowed, and authenticates, them based on the authentication. Framework, let's say octa or something like that, and allows them to come in and that that those are the type of capabilities. You need in these new frameworks, of how do you get to these great applications, we're building right right, and you touched on something really interesting right which is, which is the complexity, is only going up, as you mentioned ed you mentioned a little bit. Of iot, right so as 5g, comes on board as iot. Gets increasing. Amounts of traction. All these, applications, are api, based there's all types of information. Flying back and forth so i wonder if you can, share kind of your guys thoughts on you know applied machine learning and artificial, intelligence. To help you know kind of, get through. All the all the signal, or excuse me all the noise find the signal. And really you know bring more automation, to help the security, experts, and the security systems, be more effective at their jobs. Yeah, so so i think a lot of what we talked about. Until now was, um. Protecting, establishing, a new perimeter, there's not really a perimeter. Right because we talked about the perimeter, has grown, and it's fuzzy, and, and, and it's, at scale, that really, doesn't allow you to say i have a perimeter, so you have to authenticate, everybody, but.
Like You said with that, speed, and scale. Came a lot of data. You know you got a lot of logs running in there you like got a lot of events, you got a lot of things that you can look into. And by looking into them you can, start with machine learning, and and those type of and ai methodologies. Start looking, both to, identify, things before they happen. Or. Uh. Um. Inform. Organizations. That inform. Um. About things that are already happened, and therefore and and potentially, remediate, them. Um. At checkpoint, for instance, we. Have something called the threat the threat cloud. Uh we collect. Uh these events from, every, gateway, every. Uh appliance. Every virtual appliance every type of security, agent that we have around the world. Uh into uh the threat cloud it, uh processes. Uh. And, i'm gonna throw a number there that's uh the closer about 80 billion a day. Transactions. And, billion, with it yeah and it allows, us to. Um. To, process, uh, to, apply, machine learning. And ai algorithms. To find. Threats. And then inform, all these. Great. Checkpoint, security, agents, out there. Of new threats, and prevent those threats from ever happening in the in the environment. Right, if you're operating, on uh on an aws. Environment. Uh. There's a lot of blood flows happening in your environment there's a lot of things to collect and look at, right so. In cloudguard. We offer, something called, logic or log.ic. Which allows you to. Harvest, those uh, logs we enrich, them and then we allow threat. Hunting, inside those environment, right so, those type of capabilities. Are definitely. Kind of the future. Of advanced, security, right so beyond just, establishing. It's like you know you establish, your security, around what you do and then you have your, intelligence. Unit, starting to identify. What signals, are out there. Allowing you to, both prevent. Security. Breaches, or any type of threats. But also remediate, any. You find the traces, of things that happen and remediate, them, right right, well there is that's that's a great illustration, of you know kind of baking, security, into, multiple steps of the process and all the steps of the process, that's not, just the bolt-on, anymore it's got to be, you know part of everything you do and baked into everything you do i still. I still wonder how certain companies, that that. Are run by having people click on links that they're not familiar with still happen today but i guess, i guess they still do so as i give you the final word again you've been in this space for a long time as we kind of turn the turn the page on 2020.
What Are some of your priorities, what are you excited about for 2021. I, think the most exciting, uh things for us in uh in cloud security in 2021. Uh. Is. Uh, we're. Releasing, more capabilities. Into, into the environment, we're in the maturity, curve. Of uh protecting, you know your network in the cloud and then protecting, your posture in the cloud, we're moving, very strongly into predicting, your runtime. And applications, in the cloud your apis. Uh, and. Working with organizations. Through that maturity, curve and getting them up to all the way up to uh. Threat hunting. Capabilities. And i think that will be. Exciting, because. I hear from customers. That they need to move quickly through that maturity, curve, of cloud security, as they have accelerated. And continued, there to accelerate. Their move to the cloud. Well that's great well i think uh, no shortage of job security. In the cloud security, space so i'm sure it'll be, a busy year well, thanks for uh for sharing your insight really appreciate. The time and it was great catching up, thank you uh jeff for uh for your time today and it was great talking to you, absolutely, all right well he's there is i'm jeff you're watching thecube's. Continuous, coverage, of aws, reinvent, 2020, thanks for watching we'll see you next. Time.
2020-12-06 12:23
