Check Point, Cisco Boost AI Investments With Latest Deals

Cybersecurity infrastructure giants aren't letting up on their investments in artificial intelligence (AI) even as the dog days of summer wind down.

This week, Check Point Software and Cisco separately announced agreements to acquire startups specializing in AI threat detection and risk management. Check Point has agreed to acquire external risk management provider Cyberint, while Cisco said it is buying Robust Intelligence, which offers technology that discovers and assesses the risks found in AI applications and models.

Neither company disclosed the terms of their respective acquisitions, which are set to close imminently. Cisco's Robust Intelligence deal pales in magnitude to last fall's $28 billion agreement to acquire Splunk, which has since closed. In June, Cisco launched a $1 billion investment fund to "expand and develop secure, reliable and trustworthy AI solutions." 

Although, the Cisco or Check Point deals are not material investments, Enterprise Strategy Group analyst Dave Gruber says both companies are acquiring startups that will bolster their use and protection of AI. "Both will drive new revenue streams in their own right, but both are more important as a move to strengthen the overall platform portfolio for each as a top cyber security platform provider," Gruber says.

Robust Intelligence for Cisco Security Cloud

Harvard researchers Yaron Singer and Kojin Oshiba, who specialize in machine learning, founded Robust Intelligence in 2019. Cisco, an early investor in Robust Intelligence, is also a customer, along with CrowdStrike, Deloitte, Expedia, Hitachi, Honda IBM, JP Morgan Chase, MongoDB and SurveyMonkey.

Its core offering, the Robust Intelligence Platform, provides what the company describes as "algorithmic red teaming," which creates threat intelligence pipelines and policy mappings. Its model engine detects vulnerabilities in models and applications. According to the company, this ongoing process is utilized by Robust Intelligence's AI Validation and AI Protection products.

The AI validation tool uses Robust Intelligence's algorithmic red teaming technology to assess the risk of vulnerabilities by using AI to jailbreak large language models (LLMs). After sending thousands of inputs to each model, the tool evaluates hundreds of attack techniques to assess those risks' susceptibility and likely impact. The AI Protection tool can enforce those recommendations in real-time, which the company describes as an AI Firewall.

Tom Gillis, senior VP and general manager of Cisco's Security Business Group, said in a blog post to announce the deal that Robust Intelligence's expertise in AI model security and governance will accelerate the Cisco Security Cloud roadmap.

"We can deliver advanced AI security processing seamlessly into the existing data flows by inserting it into Cisco security and networking products," Gillis noted. "This will provide Cisco with unparalleled visibility into all of a customer's AI traffic, enabling customers to build, deploy, and secure AI applications with confidence."

ESG's Gruber notes that adding Robust Intelligence supports what Cisco calls its "Security for AI" initiative. Businesses are racing to deploy AI-enabled applications in their environment, but these applications also introduce many new risks for potential compromise and data theft. "Robust Intelligence provides a solution to help businesses securely develop and deploy these AI-enabled applications, providing a safety net for AI development," Gruber says.

Cyberint Brings Threat Intelligence to Check Point Portfolio

Meanwhile, Check Point's intent to acquire Cyberint is the first deal announced since longtime CEO and founder Gil Shwed last month said he would step aside and become executive chairman. His handpicked successor, Nadav Zafrir, will take over as CEO in December. Zafrir is a co-founder of the Israeli investment fund Team8. The move signals Check Point's plans to accelerate its expansion efforts.

The acquisition of Cyberint aims to significantly expand Check Point's security operations center (SOC) capabilities, broadening its managed threat intelligence portfolio. Like Check Point, Cyberint is Israeli-based and specializes in attack surface management, dark web threat intelligence, phishing detection, supply chain intelligence and tools to detect fake websites and social media accounts.

"Cyberint will add attack surface management and digital risk protection to [Check Point's] Infinity platform to help customers learn of external exposures and reputational risks," notes IDC research director for security and trust Michelle Abraham. "The acquisition underlines that attack surface management has many use cases beyond discovering shadow IT."

Adds ESG's Gruber, Cyberint's threat-informed attack surface management will fill a gap in Check Point's portfolio, which currently is only available through its services organization. "As cybersecurity platform vendors focus more on proactive security strategies, it's good that Check Point is filling this gap, as other platform vendors already have this," he says. "Check Point is planning on making this available as both a product and as a managed service offering, enhancing their existing assessment offering."

Cyberint founder and CEO Yochai Corem believes that the combination of Cyberint and Check Point "will offer a more comprehensive SOC offering that covers both internal and external threats and can automatically detect, analyze and mitigate a wide array of cyber threats by executing a variety of modern threat prevention tools across the network, cloud, workspace and external third parties."