Introduction

CloudGuard Workload Protection, part of the CloudGuard Cloud Native Security platform, provides seamless vulnerability assessment and delivers full protection of modern cloud workloads - including serverless functions and containers - from code to runtime, automating security with minimal overhead.

Modern cloud-native application security needs to be built from the ground with the inner workings of the application in mind. Traditional application security protocols do not work alone with these modern architectures as the mechanics of the application have fundamentally changed. Organizations need to reimagine how AppSec is done without negatively affecting the operational benefits of these modern workloads such as efficiency, cost-saving, and so on.

Check Point CloudGuard automates workload protection from development through production and offers continuous cloud security posture management and compliance with customizable policies (using GSL) across accounts. Only CloudGuard offers:

  • Observability: Continuously scan your serverless functions to increase security posture - providing clear observability of the application and continuous assessment.

  • Least privilege protection: Maximize workload protection through automatic least privilege protection for containers, logs, and databases.

  • Active threat prevention: Zero-touch application security using pattern matching, allowing listing, block listing, and more applied at the function level for threat prevention.

Check Point CloudGuard automates serverless security while still empowering application developers to move at the speed of serverless.

CloudGuard seamlessly applies behavioral defense, and least-privilege, to automatically protect serverless functions, with nearly no overhead in function performance.

This ensures a continuous security posture, protecting the serverless functions from known and unknown attacks, while also meeting compliance and governance.

Welcome! You are the CISO of an organization, have just moved to AWS, and started deploying applications on the cloud.

Your new DevOps decided to take advantage of serverless application capabilities. Security wasn’t their primary concern, which exposed their application to many risks. That fact was discovered after the serverless application was deployed, and it needs to be immediately handled without interrupting the DevOps teams. You rushed to the best security vendor and requested assistance with getting a simple yet highly effective cloud-based solution to solve your security problem. Check Point offers a solution that you can implement within 10 minutes.

Welcome to CloudGuard Workload Protection! You will integrate CloudGuard Workload Protection in 10 minutes and immediately start to show value with suggestions of least privilege policies and prevent cyberattacks against the serverless application.

The labs you are about to perform are real-life cases of use when first onboarding to CloudGuard Workload protection and showing the value of it.

You will use Infinity Portal account connected to an AWS account with DVSA serverless application.