Check Point Software Technologies has announced the acquisition of Atmosec. An early-stage start-up, Atmosec specialises in the rapid discovery and disconnection of malicious SaaS applications, preventing risky third party SaaS communications, and rectifying SaaS misconfigurations. 

According to the company, the move reinforces Check Point's commitment to enhance its SaaS security offering and address the security gaps and blind spots in SaaS applications. Atmosec was founded in January 2021 and employs 17 employees.

The widespread adoption of SaaS applications has exposed organisations to an increased array of cyber threats. Statista reports an average use of 130 SaaS applications by organisations globally.

Yet, Atmosec's research reveals that there are approximately 700 additional SaaS applications in use without IT's knowledge. Moreover, within popular enterprises SaaS platforms like O365 and Slack, hundreds of third-party apps are connected.

This ever-expanding SaaS landscape not only increases the potential attack surface, but it also introduces many apps that could be harmful or misused to leak sensitive information, often bypassing proper IT authorisation, Check Point states.

Nataly Kremer, Chief Product Officer and Head of R&D at Check Point Software Technologies, says, "The shift to SaaS applications introduces specific challenges, notably in the realm of malicious SaaS-to-SaaS communications. Atmosec's capabilities in SaaS discovery, risk assessment, and full visibility are instrumental in addressing these challenges."

"Integrating Atmosecs technology into Check Point Infinity sets us to deliver one of the industry's most secure SASE solutions, enabling organisations to effectively manage SaaS security, prevent data leaks, unauthorised access, and malware dissemination, and ensure a robust, adaptive zero trust environment."

Key features of Atmosec's technology include:

• Quick discovery and disconnection of malicious SaaS applications, completed in under 10 minutes
• Prevent third-party SaaS applications from communicating with an enterprise’s SaaS environment
• Provide full visibility into authorized and unauthorized SaaS applications
• Fix misconfigurations within SaaS applications such as publicly exposed repositories
• Enforce multi factor authentication (MFA) to access the application, and many more.

With Atmosec's technology, Check Point Infinity will offer SaaS security with continuous SaaS posture management, prevention of malicious communications (SSPM), and a full security stack for SaaS apps including threat prevention, data protection, and adaptative zero-trust access controls for both users and devices (CASB).

New capabilities will be incrementally released based on roadmap milestones, enabling organisations to utilize these critical enhancements from the same Check Point Infinity platform they already use today.

The acquisition of Atmosec is expected to close by mid-September 2023.

Check Point Software Technologies is a provider of cybersecurity solutions to corporate enterprises and governments globally. Check Point Infinity's portfolio of solutions protects enterprises and public organisations from fifth generation cyber attacks with an industry leading catch rate of malware, ransomware, and other threats.

Infinity comprises four core pillars delivering uncompromised security and generation V threat prevention across enterprise environments: Check Point Harmony, for remote users; Check Point CloudGuard, to automatically secure clouds; and Check Point Quantum, to protect network perimeters and datacentres, all controlled by the industrys most comprehensive, intuitive unified security management; Check Point Horizon, a prevention-first security operations suite.