Check Point Acquisition Sets Up Skirmish With Palo Alto Networks

Check Point Software Technologies is ramping up the battle against rival Palo Alto Networks, acquiring Israel-based security startup Hyperwise in a bid to detect advanced threats.

Check Point said it would integrate the Hyperwise technology into its Threat Eumulation Blade and cloud-based emulation sandbox service. Terms of the deal were not disclosed. Hyperwise, based in Tel Aviv, was started in 2013 and has been in stealth mode. Check Point said the transaction is not expected to have a material effect on financial results.

The Hyperwise technology is designed much like Cyvera -- the emerging security startup acquired by Palo Alto Networks and at the core of its Traps endpoint protection offering. Hyperwise is hardware-based, meaning it sits below the operating system level to identify exploitation behavior.

[Related: Palo Alto Networks Overtakes Fortinet In Network Security Market]

Sponsored post

The integration will be available as early as next quarter, said Alon Kantor, vice president of business development at Check Point. Kantor told CRN that Check Point’s long-term plan is to incorporate it into its endpoint protection offering and other available software blades.

’We already have our product being evaluating against other competing solutions and we think this will improve our position and set us up for significant growth,’ Kantor said. ’The Traps approach is running within the operating system and Hyperwise will also look for exploit attempts but do this from outside the operating system at the CPU level; it’s a very unique approach.’

Established vendors are looking at emerging security vendors, and assessing their technologies and engineering teams to determine whether the approach is novel and sustainable, said Mark Robinson, president of Findlay, Ohio-based CentraComm.

’There’s a lot of attention being drawn to the new technologies doing behavioral monitoring and malware analysis to support incident response,’ said Robinson, whose firm partners with Palo Alto Networks. "We see the value and attention of having endpoint technology components that align closely with a traditional next generation firewall technology and the market is likely to see more of these additional capabilities added in the future."

Check Point sells its Threat Emulation Blade as an on-premise deployment option or as a cloud-based service, enabling malware analysts to upload suspicious files into the cloud sandbox for analysis.

Hyperwise was founded by Shlomo Kramer, who co-founded Check Point and a spate of other security vendors in recent years, including Web security vendor Imperva and Trusteer, the antifraud and enterprise endpoint security vendor acquired by IBM in a $1 billion deal in 2013. Kramer was a founding investor in DNS security vendor Incapsula and SaaS security vendor Skyfence. Both vendors merged and became part of Imperva’s product offerings.

Palo Alto Networks was unavailable for comment.

Palo Alto Networks acquired Cyvera in a $200 million deal and launched its Traps endpoint protection offering in September to expand its portfolio beyond traditional firewall and intrusion prevention capabilities. Traps is a subscription service that uses an agent-based approach to detect and block a set of nearly two dozen malware exploitation techniques. In a recent earnings call with Wall Street analysts, Palo Alto Networks executives said adoption of Traps is among customers that already subscribe to its Wildfire suspicious file analysis service.

Check Point is the second largest security appliance vendor behind Cisco Systems, according to IDC's latest Worldwide Quarterly Security Appliance Tracker. Palo Alto Networks overtook Fortinet in the network security market, with the third most market share. Check Point has cited strong growth and interest in its data center security blades and recently cited wins in retail, government and technology sectors.