The Check Point Logic App Connector and Playbooks allow customers to easily find and deploy pre-packaged Check Point connectors and playbooks directly from Azure Sentinel. Users can configure Azure Sentinel’s SOAR playbooks to automatically remediate threats using CloudGuard security gateways and on-premises Check Point Gateways, enhancing the security functionality of both Microsoft Azure and of Check Point CloudGuard.
The Check Point Logic App Connector and Playbooks can also provide automated remediation. Customers can configure SOAR playbooks to automatically trigger Check Point CloudGuard security gateways to update security policies, block malicious traffic, and more. By taking advantage of the Check Point Management API, the connector can automate these security operations tasks, which can be not only a time-saver for IT staff, network administrators, and security personnel, but also dramatically reduces the window that attackers can take advantage of security issues—because those problems don’t have to be fixed manually. This can help minimize the organization’s attack surface while saving hours of time for Network and Security Administrators, Security Analysts, DevOps/DevSecOps teams, and more. The pre-defined playbooks will also eliminate the need to write individual API calls and can easily integrate Check Point playbooks with all native Azure services and hundreds of existing logic app connectors.
Check Point and Azure Sentinel provide complete visibility for security events. Customers can manage all functionality from a single-pane-of-glass control center from which they can see both events coming from Check Point as one source, and events coming from other sources—from both inside and outside the Azure environment. Customers can correlate and visualize these events on Azure Sentinel.