at Financial Technnology Year
This content is provided by FinTechBenchmarker.com who are responsible for the content. Please contact them if you have any questions.
Check Point Infinity from Check Point Software
An integrated security architecture that provides protection across networks, cloud, endpoints, and mobile with unified management and security analytics. Features include advanced threat prevention, zero-day protection, and real-time intelligence sharing across the security infrastructure of financial organizations.
More about Check Point Software
Product analysis by function
Cybersecurity Solutions for IT and Infrastructure
Systems that protect the bank's information assets from cyber threats and ensure secure banking operations.
More Cybersecurity Solutions
More IT and Infrastructure ...
Access Control
(10 Yes /10 Known /11 Possible features)
|
Multi-factor Authentication Requires multiple forms of verification before granting access. |
Check Point Infinity supports multi-factor authentication as part of its Identity Awareness and central user access platform. | |
|
Role-Based Access Control Grants permissions based on user roles and responsibilities. |
Documentation and product marketing indicate Role-Based Access Control is available through Infinity's unified management. | |
|
Single Sign-On (SSO) Allows users to authenticate once for multiple applications. |
Check Point Infinity integrates with identity providers for Single Sign-On options (SAML, Azure AD etc). | |
|
Access Logging Records all access attempts for audit trails. |
Check Point Infinity Management records access and audit logs, as stated in the product documentation. | |
|
Privileged Account Management Controls and monitors elevated permissions. |
Privilege account management is handled through centralized management and role definition. | |
|
User Session Timeout Automatically terminates inactive sessions. |
User session timeouts are supported as part of security policy configuration. | |
|
Device Whitelisting Restricts access to approved devices only. |
Device whitelisting is achievable via network access control and endpoint protection within Infinity architecture. | |
|
Granular Permission Levels Supports fine-grained permissions per function. |
Granular permissions are a key part of Infinity's unified policy management. | |
|
API Key Management Secures and controls access to APIs. |
API Key Management is included for controlling access to APIs via Check Point's management APIs. | |
|
Geolocation-based Access Restrictions Limits access based on user's physical or network location. |
Geo-restrictions are present within network access policies. | |
|
Number of Supported Authentication Methods The total number of different authentication methods available (e.g., biometric, SMS OTP, hardware key, etc.). |
No information available |
Data Protection
(9 Yes /9 Known /10 Possible features)
|
End-to-End Encryption Encrypts data during all states and transfers. |
All Check Point gateways support end-to-end encryption for data in transit and at rest. | |
|
Database Encryption Encrypts stored data in databases. |
Database encryption is supported for Infinity's integrated logging and data storage solutions. | |
|
File Integrity Monitoring Detects unauthorized changes to critical files. |
File integrity monitoring is part of endpoint protection. | |
|
Data Masking Obfuscates sensitive data in non-production environments. |
Data masking can be applied to logs and is included in certain Infinity modules. | |
|
Tokenization Replaces sensitive information with random tokens. |
Tokenization capabilities for sensitive data are available in Infinity's data protection modules. | |
|
Data Loss Prevention (DLP) Prevents unauthorized data transfer or loss. |
Data loss prevention (DLP) is provided natively in Infinity's security suite. | |
|
Data Backup Frequency Frequency at which backups of critical data are performed. |
No information available | |
|
Audit Logging Maintains comprehensive logs of data access and changes. |
Infinity Management maintains audit logs on configuration and data access. | |
|
Automated Key Rotation Automatically rotates cryptographic keys at defined intervals. |
Automated key rotation for encryption keys available via APIs and Key Management integration. | |
|
Retention Policy Management Controls how long data is kept and when it is deleted. |
Retention policy management of logs and data is configurable through Infinity's data lifecycle policies. |
Network Security
(9 Yes /9 Known /10 Possible features)
|
Firewall Provides perimeter security by filtering incoming and outgoing network traffic. |
Check Point Infinity includes next-generation firewall as a core component. | |
|
Intrusion Detection System (IDS) Monitors and detects malicious network activity. |
Intrusion Detection System (IDS) is included in all Infinity security gateways. | |
|
Intrusion Prevention System (IPS) Blocks and prevents detected threats. |
Prevention (IPS) is part of the advanced threat prevention portfolio in Infinity. | |
|
Virtual Private Network (VPN) Secures remote access to banking resources. |
VPN support is a standard Infinity feature for securing remote connections. | |
|
Network Segmentation Divides the network into separate zones for better security. |
Network segmentation is configurable in the Infinity architecture, supporting security zoning. | |
|
Distributed Denial of Service (DDoS) Protection Detects and mitigates DDoS attacks. |
DDoS protection is included as part of the threat prevention suite. | |
|
Deep Packet Inspection Examines traffic for threats beyond simple packet headers. |
Deep packet inspection available for advanced threat detection use cases. | |
|
Encrypted Network Traffic Ensures all internal and external communication is encrypted. |
All Check Point network traffic can be encrypted as per customer configuration. | |
|
Bandwidth Monitoring Monitors bandwidth utilization for anomalies. |
Network and bandwidth monitoring tools are integrated in Security Management. | |
|
Network Traffic Analysis Capability The number of simultaneous connections that can be analyzed. |
No information available |
Threat Detection and Response
(7 Yes /7 Known /10 Possible features)
|
Security Information and Event Management (SIEM) Aggregates, analyzes, and alerts on security events. |
Check Point Infinity offers built-in SIEM-like event aggregation and can integrate with 3rd party SIEM solutions. | |
|
Automatic Threat Remediation Responds to detected threats without manual intervention. |
Automatic threat remediation is enabled through security automation and orchestration features. | |
|
Real-time Alerting Notifies security personnel immediately upon threat detection. |
Real-time alerting is a core feature of the unified management portal. | |
|
Threat Intelligence Integration Ingests external threat intelligence feeds. |
Threat intelligence sharing and integration is a major feature, including integrations with external feeds. | |
|
Incident Response Playbooks Provides pre-defined procedures for common security incidents. |
Incident response playbooks and templates are included in the Infinity management suite. | |
|
Threat Simulation and Red Team Testing Supports simulated attacks for evaluation. |
Red team testing and threat simulation tools provided via security services and some modules. | |
|
False Positive Rate The percentage of security alerts that are determined to be benign. |
No information available | |
|
Time to Detect Average time between threat occurrence and detection. |
No information available | |
|
Time to Respond Average time between detection and mitigation. |
No information available | |
|
Automated Compliance Reporting Generates regulatory and incident response reports automatically. |
Automated compliance and incident reporting is available in the management portal. |
Endpoint Security
(9 Yes /9 Known /10 Possible features)
|
Endpoint Detection and Response (EDR) Monitors endpoints for threats and suspicious activity. |
End-point protection in Infinity includes EDR as part of SandBlast Agent suite. | |
|
Anti-malware Protection Prevents malicious software from infecting endpoints. |
Anti-malware is a central feature, branded as SandBlast Threat Emulation. | |
|
Device Control Restricts usage of external devices like USB drives. |
Device control includes blocking or allowing of USB and other devices via security policy. | |
|
Patch Management Automates the distribution of security updates. |
Patch management is available through Infinity endpoint solutions. | |
|
Mobile Device Management (MDM) Secures and manages mobile endpoints. |
Infinity supports MDM integrations for securing mobile devices. | |
|
Remote Wipe Capability Erases data from lost or stolen devices remotely. |
Remote wipe capability is included for managed mobile and endpoint devices. | |
|
Application Whitelisting/Blacklisting Controls which applications can be installed or run. |
Application whitelisting and blacklisting are part of EPP/EDR policy definitions. | |
|
Endpoint Isolation Allows quick quarantine of compromised devices. |
Infinity EDR includes rapid endpoint isolation. | |
|
Number of Devices Supported Maximum number of endpoints protected by the solution. |
No information available | |
|
Endpoint Policy Enforcement Automatically enforces security policies on all endpoints. |
Endpoint policy enforcement is done automatically across fleet. |
Fraud Detection and Prevention
(8 Yes /8 Known /10 Possible features)
|
Behavioral Analytics Analyzes user behavior for anomalies indicative of fraud. |
Behavioral analytics are available via Infinity’s threat detection and user monitoring. | |
|
Transaction Monitoring Monitors transactions in real time for suspicious patterns. |
Real-time transaction monitoring capabilities built into network and endpoint modules. | |
|
Machine Learning Models Uses AI models to identify emerging fraud techniques. |
AI and ML models are leveraged for advanced threat and anomaly/fraud detection. | |
|
Geolocation Verification Checks if transactions originate from expected regions. |
Geolocation verification is available through access policies. | |
|
Device Fingerprinting Identifies repeat or suspicious devices. |
Device fingerprinting is provided as part of network access and secure authentication. | |
|
Case Management Tracks fraud investigation from detection to closure. |
Case management tools supported for investigations in Infinity SOC modules. | |
|
Rule-based Alerts Generates alerts based on pre-set fraud rules. |
Rule-based alerting is core to all Infinity monitoring and SIEM workflows. | |
|
False Positive Rate Percentage of transactions erroneously flagged as fraud. |
No information available | |
|
Detection Speed Average time taken to detect suspicious activities. |
No information available | |
|
Integration with Core Banking Systems Supports real-time integration with existing banking infrastructure. |
Integration with core banking systems is feasible via broad API and industry standard integrations. |
Application Security
(9 Yes /9 Known /10 Possible features)
|
Web Application Firewall (WAF) Protects web applications from common exploits. |
Web Application Firewall (WAF) capabilities are included in Check Point’s CloudGuard and Infinity Gateway. | |
|
Vulnerability Scanning Regularly scans for known security weaknesses. |
Infinity includes automated vulnerability scanning in its application security portfolio. | |
|
Secure Coding Standards Enforcement Ensures adherence to secure development practices. |
Secure coding practices and standards are enforced via security scanning tools. | |
|
Regular Penetration Testing Conducts simulated attacks to find weaknesses. |
Penetration testing support is available through built-in tools and partner integrations. | |
|
Automated Patch Deployment Deploys application security patches automatically. |
Automated patching capabilities exist within application and endpoint security modules. | |
|
Code Obfuscation Makes application source code harder to reverse-engineer. |
Code obfuscation features are available for application defense in Check Point Infinity. | |
|
Session Management Security Protects active user sessions against hijacking. |
Session management security is included to help prevent hijacking and session replay. | |
|
API Security Controls Protects and monitors API endpoints. |
API security controls are a core part of Infinity protection suites (APIs and endpoints). | |
|
Number of Supported Programming Languages The range of programming frameworks or languages natively supported for secure app development. |
No information available | |
|
Dynamic Application Security Testing (DAST) Integration Integrates tools for runtime security testing of applications. |
DAST and other runtime security integrations are available with Infinity’s application security suite. |
Regulatory Compliance
(8 Yes /8 Known /10 Possible features)
|
Prebuilt Compliance Reporting Offers reports tailored for key banking regulations. |
Compliance reporting is available out of the box for major standards relevant to banking. | |
|
Automated Policy Management Automates the application and monitoring of compliance policies. |
Policy management and compliance monitoring are automatable via the unified console. | |
|
Audit Trail Management Maintains immutable logs for audit purposes. |
Immutable logs for audits are maintained by the logging and reporting tools. | |
|
Regulatory Change Monitoring Tracks changes in relevant regulations and standards. |
Infinity tracks regulatory changes and maintains rule updates for compliance. | |
|
Self-assessment Tools Allows internal audits for compliance readiness. |
No information available | |
|
Compliance Workflow Automation Automates workflows to meet compliance requirements. |
Compliance workflow automation is provided by Infinity’s integrated management platform. | |
|
Data Residency Controls Specifies where data can be stored based on regulations. |
Infinity enables administrators to set and enforce data residency controls where data can be stored. | |
|
Regulatory Coverage Number of major regulations covered out-of-the-box. |
No information available | |
|
Retention Policy Automation Automatically applies data retention and deletion policies. |
Automated enforcement of data retention and deletion is managed on the platform. | |
|
Secure Document Management Secure storage and retrieval of compliance documentation. |
Secure document management options included via compliance and audit modules. |
Identity and Access Management (IAM)
(9 Yes /9 Known /10 Possible features)
|
Centralized User Directory Maintains a single source of truth for user authentication. |
A centralized user directory is provided via Identity Awareness and management. | |
|
Self-service Password Reset Allows users to reset passwords without admin assistance. |
Self-service password reset is provided in Infinity’s IAM options. | |
|
User Provisioning and Deprovisioning Automates onboarding and offboarding staff access. |
Provisioning and deprovisioning of users is automatable via integration with standard IAM connectors. | |
|
Federated Identity Support Allows use of external identity providers (SAML, OAuth, etc.). |
Infinity supports federated identity using SAML, OAuth etc. | |
|
Access Certification Regularly reviews and certifies user privileges. |
Access review and certification is done through periodic automation in admin console. | |
|
Credential Encryption Ensures user credentials are encrypted at rest and in transit. |
All credentials are strongly encrypted at rest and over the network. | |
|
Group Management Supports management of user groups and access policies. |
User group and policy management is an established function within Infinity IAM. | |
|
Identity Federation Integrations Number of external identity federations supported. |
No information available | |
|
Password Policy Enforcement Automatically applies strong password requirements. |
Strong password policy enforcement is configurable in Infinity management. | |
|
User Access Review Automation Automates periodic reviews of user access rights. |
Periodic automated user access reviews can be set up in the IAM configuration. |
Monitoring and Reporting
(8 Yes /8 Known /10 Possible features)
|
Real-time Dashboards Visualizes live security and system data. |
Live dashboards are a central feature of Check Point Infinity for security analytics. | |
|
Customizable Reports Allows users to define and schedule security and compliance reports. |
Customizable and schedulable reporting engine is included within Infinity's portal. | |
|
Alert Threshold Customization Enables setting of specific alert thresholds. |
Alert thresholds are customizable within the Infinity alert and monitoring system. | |
|
Historical Data Retention Keeps historical security data for analysis. |
Supports and retains historical data for further advanced analytics. | |
|
Audit Log Integration Centralizes logs from various sources. |
Integration with external and internal log sources is fully supported. | |
|
Automated Reporting Frequency How often reports are automatically generated. |
No information available | |
|
User Activity Monitoring Tracks user activities for policy violations. |
User activity monitoring for audit and security policy use is provided. | |
|
Custom Alert Channels Supports multiple channels for alerting (email, SMS, app). |
Supports email, SMS, and app push for alerting channels. | |
|
Third-party Log Integration Integrates with external log and monitoring providers. |
Supports connectors with 3rd party logging and SIEM/monitoring providers. | |
|
Report Retention Period Length of time reports are stored and accessible. |
No information available |
Resilience and Recovery
(8 Yes /8 Known /10 Possible features)
|
Disaster Recovery Planning Provides tools for planning and testing disaster recovery. |
Disaster recovery tools and documentation provided for planning and testing. | |
|
Business Continuity Management Ensures continued operations during disruptions. |
Business continuity is a primary aim; documentation and procedures are covered. | |
|
Automated System Failover Automatically switches to backup systems on failure. |
System failover to backup infrastructure is supported and automated within security gateways. | |
|
Backup and Restore Automation Automates data and system backup/restore processes. |
Automated backup and restore processes are built into Infinity management. | |
|
Ransomware Recovery Supports fast recovery from ransomware attacks. |
Ransomware recovery tools, including quick restore and rollback, are part of endpoint protection. | |
|
Recovery Time Objective (RTO) Target time to restore function after disruption. |
No information available | |
|
Recovery Point Objective (RPO) Maximum acceptable amount of data loss after an incident. |
No information available | |
|
Resilience Testing Support Enables regular testing of resilience and recovery plans. |
Support for resilience and recovery plan testing included in Check Point documentation. | |
|
Automated System Health Checks Monitors backup and resilience readiness automatically. |
Automatic health checks are part of the resilience and DR monitoring systems. | |
|
Service Level Agreement (SLA) Monitoring Tracks compliance with recovery SLAs. |
Service levels (SLAs) for monitoring compliance can be tracked and alerted upon. |
This data was generated by an AI system. Please check
with the supplier. While you are talking to them, remind them that they need
to update their entry.