Check Point Launches New Cybersecurity Framework for Agentic AI

Check Point introduced a prevention-first cybersecurity framework to address risks from autonomous AI agents as attacks scale faster than enterprise defenses. The model targets visibility gaps and alert overload affecting CISOs amid distributed, hybrid environments and evolving regulatory and data protection requirements.

Check Point Software Technologies has launched a restructured cybersecurity framework designed to counter the acceleration of threats driven by autonomous artificial intelligence agents. The strategy prioritizes a prevention-first architecture over the traditional accumulation of disparate security tools to maintain operational control.

The necessity for this architectural shift stems from an environment where AI innovation consistently outpaces the defensive capabilities of most enterprise security teams. Organizations face a fundamental imbalance as adversaries weaponize automated models to execute attacks with higher frequency and precision. Roi Karo, Chief Strategy Officer, Check Point, says that a systemic reconfiguration is the only viable path forward for the modern enterprise.

“As AI reshapes how work gets done, and how attacks are carried out, Check Point believes organizations need to rewire security for the AI era: not by adding more tools, but by rethinking how security is designed and operated when both attackers and defenders use AI,” says Karo. “It is a more coherent, prevention-first approach that enables organizations to innovate with AI, while staying firmly in control — and doing so in a way that is operationally practical for real security teams.”

The current cybersecurity landscape is defined by what industry analysts describe as an “AI Arms Race”. Adversaries are increasingly using AI as a force multiplier to launch attacks with unprecedented scale and effectiveness. In response, defenders have attempted to use the same technology to augment Security Operations Centers (SOCs), yet the rapid proliferation of autonomous agents has created new visibility gaps.

For many CISOs, the integration of AI into business workflows has resulted in increased complexity and a higher volume of security alerts. This phenomenon is particularly evident as cloud environments expand in minutes and shadow IT emerges without oversight. 

The traditional reactive model of vulnerability management is no longer sufficient to protect distributed enterprises that span data centers, hybrid clouds, and remote branch locations. Consequently, there is an urgent requirement to embed security at every stage of the AI transformation, from the network layer to the individual autonomous agent.

The Four Strategic Pillars of AI Security

To execute this transformation, Check Point is organizing its technological investments and innovation around four primary pillars. These pillars are designed to provide a unified, AI-powered control plane that ensures consistent enforcement across the entire digital footprint of an organization.

1. Hybrid Mesh Network Security

Securing the distributed enterprise encompasses the protection of data centers, the hybrid cloud, the internet, branch locations, and the Secure Access Service Edge (SASE). By utilizing a unified control plane, Check Point intends to eliminate the fragmentation that often characterizes large-scale network infrastructures. 

2. Workspace Security

The modern digital workspace is where human employees and AI entities interact most frequently. This pillar protects devices, browsers, email, Software as a Service (SaaS) applications, and remote access protocols. As productivity increasingly relies on AI-enhanced tools, the security framework must ensure that these interactions do not compromise corporate data. The objective is to maintain high levels of employee productivity while providing automated safeguards against phishing, credential theft, and unauthorized data access.

3. Exposure Management

Check Point is shifting the focus from reactive vulnerability scanning to continuous, intelligence-driven risk reduction. Organizations can visualize their full attack surface and prioritize risks based on business context. Instead of managing thousands of isolated alerts, security teams can identify which exposures pose the greatest threat to critical operations. 

4. Dedicated AI Security

The final pillar addresses the specific risks associated with the AI stack itself. This includes the monitoring of employee AI usage, enterprise applications, and the models, data, and infrastructure that power them. A critical component of this pillar is the governance of autonomous agents. These agents can process confidential data and take automated actions, which makes them powerful but dangerous if they are left unguided. Check Point aims to provide the necessary guardrails to allow for safe AI adoption at scale.

Strategic Acquisitions: Cyclops, Cyata, and Rotate

To accelerate the delivery of these pillars, Check Point has completed three strategic acquisitions. Although the company did not officially release financial details, industry reports from CTech by Calcalist estimate the total investment at approximately US$150 million. These acquisitions are not isolated purchases; they are integral components of the “Open Garden” platform that Check Point is building to support the broader security ecosystem.

Check Point acquired Cyclops Security for an estimated US$85 million to address the persistent challenge of visibility in hybrid environments. Founded in 2022, Cyclops specializes in Cyber Asset Attack Surface Management (CAASM). Its platform provides a continuously updated view of a digital footprint, including cloud, on-premises, and Internet of Things (IoT) assets.

Karo says that Cyclops does not merely list assets; it reveals how they connect and where real exposure lies. The platform includes a contextual security search engine that allows teams to query their environment using natural language. This capability enables security professionals to shift from evaluating raw vulnerability counts to assessing risk within a specific business context, which leads to quicker remediation decisions.

The acquisition of Cyata specifically strengthens the AI Security pillar. Cyata focuses on discovering and governing autonomous AI agents, chatbots, and copilots. 

The technology provided by Cyata offers deep visibility into the behavior of AI agents and the risks they pose. This allows security teams to implement appropriate guardrails without slowing down the pace of innovation. By understanding how agents interact with data, organizations can prevent unauthorized actions before they occur.

To expand the reach of its Workspace Security pillar, Check Point acquired the team from Rotate. Rotate provides a comprehensive, integrated platform specifically designed for Managed Service Providers (MSPs). Many organizations rely on MSPs to manage their email, endpoint, and cloud security; however, these environments are often fragmented.

The integration of Rotate allows for more consistent protection across all workspace components. For the customer, this translates into enhanced security and streamlined deployments through partner networks. It also improves safeguards in physical and digital locations where employees engage with AI technology.

The Future Outlook

The strategy implemented by Check Point emphasizes a move away from closed-stack architectures that lock customers into a single vendor. The “Open Garden” approach is designed to work alongside the existing security ecosystem, which provides enterprises with the flexibility to integrate various tools.

The commitment of Check Point is to ensure that this transformation occurs safely. By embedding security at the network, workspace, and AI system levels, the company aims to provide the clarity and efficiency that CISOs require.

In the coming months, the integration of these new technologies into the Check Point Infinity platform is expected to provide a more robust defense against the next generation of cyber threats.