SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image
Check Point to acquire SaaS security vendor Atmosec
Fri, 8th Sep 2023

Check Point Software, a provider of cyber security solutions, has announced the acquisition of Atmosec. An early-stage start-up, Atmosec specializes in the rapid discovery and disconnection of malicious SaaS applications, preventing risky third-party SaaS communications, and rectifying SaaS misconfigurations. 

“The move reinforces Check Point‘s commitment to enhance its SaaS security offering and address the security gaps and blind spots in SaaS applications. Atmosec was founded in January 2021 and employs 17 employees,” says a company spokesperson. 

The widespread adoption of SaaS applications has exposed organizations to increased cyber threats. Statista reports an average use of 130 SaaS applications by organizations globally. Yet, Atmosec's research reveals that approximately 700 additional SaaS applications are in use without IT's knowledge. 

Moreover, hundreds of third-party apps are connected within popular enterprise SaaS platforms like O365 and Slack. This ever-expanding SaaS landscape increases the potential attack surface and introduces many apps that could be harmful or misused to leak sensitive information, often bypassing proper IT authorization.

“The shift to SaaS applications introduces specific challenges, notably in the realm of malicious SaaS-to-SaaS communications. Atmosec's capabilities in SaaS discovery, risk assessment, and full visibility are instrumental in addressing these challenges," says Nataly Kremer, chief product officer and head of R&D at Check Point Software Technologies. 

"Integrating Atmosec’s technology into Check Point Infinity sets us to deliver one of the industry's most secure SASE solutions, enabling organizations to effectively manage SaaS security, prevent data leaks, unauthorized access, and malware dissemination, and ensure a robust, adaptive zero trust environment.”

Some of the key features of Atmosec's technology include quick discovery and disconnection of malicious SaaS applications, completed in under 10 minutes, and preventing third-party SaaS applications from communicating with an enterprise’s SaaS environment. It also helps provide complete visibility into authorized and unauthorized SaaS applications, fix misconfigurations within SaaS applications such as publicly exposed repositories, enforce multi-factor authentication (MFA) to access the application, and many more. 

With Atmosec's technology, Check Point Infinity will offer SaaS security with continuous SaaS posture management, prevention of malicious communications (SSPM), and a full security stack for SaaS apps, including threat prevention, data protection, and adaptative zero-trust access controls for both users and devices (CASB).

New capabilities will be incrementally released based on roadmap milestones, enabling organizations to utilize these critical enhancements from the same Check Point Infinity platform they use today. The acquisition of Atmosec is expected to close by mid-September 2023.

“Check Point Infinity’s portfolio of solutions protects enterprises and public organizations from 5th generation cyberattacks with an industry-leading catch rate of malware, ransomware, and other threats. Infinity comprises four core pillars delivering uncompromised security and generation V threat prevention across enterprise environments: Check Point Harmony, for remote users; Check Point CloudGuard, to automatically secure clouds; and Check Point Quantum, to protect network perimeters and data centres, all controlled by the industry’s most comprehensive, intuitive unified security management; Check Point Horizon, a prevention-first security operations suite. Check Point protects over 100,000 organizations of all sizes,” informs Kremer.