Responding to threats with a diverse set of security products manually leaves the security analyst to correlate heaps of information and act on potential threats. Check Point next-gen Threat Prevention Firewall closed the security gap by preventing and responding to threats with seamless integration with ServiceNow SecOps.
Check Point Software Technologies Ltd. is a multinational provider of software and combined hardware and software products for IT security, including network security, endpoint security, cloud security, mobile security, data security, and security management.
The Check Point wanted to develop the ServiceNow application for Next Generation Threat Prevention Integration for Security Operations Team. The company wanted to enable enterprise security analysts to block malicious IP addresses, URLs, and Domains using Block Request List capabilities within ServiceNow Security Incident Response.
The Check Point ServiceNow application integrates Security Operations allowing security analyst to create Check Point Block List entries from observables and determined to be malicious in ServiceNow security incidents. The main features of the integration include:
By deriving the threat intelligence from tracked Observables in ServiceNow Security Incident Response, a SOC analyst can block the malicious observables on Threat Prevention platform seamlessly, reducing the turnaround time significantly.