Check Point
Check Point Software Technologies Ltd. is an Israeli multinational corporation specializing in cybersecurity software, hardware, and services for enterprises and governments.[1][2]
Founded in 1993 in Ramat Gan, Israel, by Gil Shwed, Shlomo Kramer, and Marius Nacht, the company pioneered the first stateful inspection firewall technology with its FireWall-1 product, revolutionizing network security by inspecting packets in context rather than individually.[3][4][5]
Headquartered in Tel Aviv, Check Point operates globally, serving over 100,000 organizations across more than 80 countries with solutions encompassing network security, endpoint protection, cloud security, and threat intelligence powered by AI.[1][6][7]
The company reported total revenues of $2.565 billion for fiscal year 2024, reflecting a 6% year-over-year increase, driven by demand for its Infinity architecture integrating prevention-first security across hybrid environments.[8][9]
Check Point maintains a leadership position in the industry, consistently earning top rankings in independent tests for malware and phishing prevention efficacy, such as blocking 99.9% of malware in benchmarks, while its research arm contributes to global threat intelligence.[10][11][12]
Overview
Founding and Core Mission
Check Point Software Technologies Ltd. was founded in July 1993 in Ramat Gan, Israel, by Gil Shwed, Marius Nacht, and Shlomo Kramer.[13] Shwed, who became the company's first CEO, conceived the core technology of stateful packet inspection while working on early internet security challenges, addressing the limitations of existing packet filtering methods that lacked context awareness for network traffic.[14] The trio's venture capitalized on Israel's burgeoning tech ecosystem, with initial funding limited to approximately $150,000 from personal resources and early investors, reflecting a bootstrapped start amid rising demand for enterprise-grade network protection as internet adoption surged globally.[14] The company's inception stemmed from a recognition of vulnerabilities in nascent internet infrastructure, where traditional perimeter defenses failed against sophisticated threats; Shwed's innovation enabled firewalls to track connection states, improving efficiency and threat detection without excessive performance overhead.[3] This led to the 1994 launch of FireWall-1, the first commercially viable stateful inspection-based firewall, which set industry standards by integrating security into network gateways rather than relying on host-level measures alone.[3] Check Point's core mission, articulated consistently since founding, centers on securing digital operations by delivering prevention-focused cybersecurity architectures that protect organizations' internet-enabled business activities at the highest efficacy levels.[15] This entails pioneering unified platforms that consolidate threat intelligence, policy enforcement, and adaptive defenses against evolving cyber risks, prioritizing architectural simplicity to reduce complexity in multi-vector environments.[1] Over three decades, this purpose has driven innovations from firewalls to AI-enhanced prevention, emphasizing empirical threat data over reactive patching to enable secure scalability for enterprises worldwide.[16]Leadership and Corporate Governance
Check Point Software Technologies Ltd. was founded in 1993 by Gil Shwed, Shlomo Kramer, and Marius Nacht, with Shwed serving as the initial CEO and credited as the inventor of the modern computer firewall.[17] Shwed led the company for over three decades until December 16, 2024, when he transitioned to the role of Executive Chairman of the Board of Directors to focus on long-term strategy and innovation.[18] On the same date, Nadav Zafrir was appointed Chief Executive Officer and added to the Board, bringing expertise from co-founding the cybersecurity venture firm Team8 and prior service as a Brigadier General commanding Israel's Unit 8200 signals intelligence unit.[19] The executive team under Zafrir includes key roles such as Chief Revenue Officer Itai Greenberg, who joined in 2010 and oversees global sales; Chief Financial Officer Roei Golan, appointed in 2021 with prior experience at EY; and Chief Technology Officer Jonathan Zanger, formerly CTO at Trigo and a Unit 8200 alumnus.[19] Other senior leaders encompass Chief Product Officer and Head of R&D Nataly Kremer, Chief Services Officer Sharon Schusheim, and Chief Marketing Officer Brett Theiss, reflecting a blend of internal long-termers and external hires with backgrounds in technology, defense, and enterprise software.[19] The Board of Directors comprises Shwed as Executive Chairman, Zafrir as a director, and independent members including Ray Rothrock (chair of the Audit Committee) and Jerry Ungerman.[20] As an Israeli-incorporated company listed on NASDAQ, Check Point qualifies as a foreign private issuer, which permits flexibility in governance such as not requiring a majority of independent directors but mandates compliance with NASDAQ listing standards and Israeli Companies Law.[21] Corporate governance is guided by Board-adopted principles emphasizing ethical conduct, director independence in oversight, and risk management, with dedicated committees including the Audit Committee (focused on financial reporting and internal controls), Nominating and Sustainability Committee, and others addressing compensation and governance.[22][23] These structures support accountability, with the Board reviewing executive performance annually and maintaining policies against conflicts of interest.[24]Global Operations and Market Leadership
Check Point Software Technologies maintains its primary headquarters in Tel Aviv, Israel, at 5 Shlomo Kaplan Street, and a key U.S. office in Redwood City, California, at 100 Oracle Parkway, Suite 800.[1] The company owns its Tel Aviv facility and leases office spaces in various global locations.[7] It operates subsidiaries including Check Point Software Technologies (Canada) Inc. and Check Point Software Technologies GmbH in Germany, supporting its presence across the Americas, Europe, the Middle East, Africa, and Asia-Pacific.[25] As of December 31, 2024, Check Point employed 6,669 people worldwide.[26] Revenue distribution reflects its international footprint, with approximately 50% generated from Europe, the Middle East, and Africa, 40% from the Americas, and 10% from Asia-Pacific.[27] The firm serves over 100,000 businesses and millions of users globally, delivering cybersecurity solutions to enterprises, service providers, and governments.[1] Check Point holds market leadership in network security, particularly firewalls, as evidenced by its designation as a Leader in the 2025 IDC MarketScape for Worldwide Enterprise Hybrid Firewalls, amid a $12.3 billion firewall market in 2024.[28] It was also positioned as a Leader in Gartner's 2025 Magic Quadrant for Hybrid Mesh Firewalls and recognized as the sole Outperformer in GigaOm's enterprise network security evaluation.[29][30] The company's Infinity Platform achieves a reported 99.8% threat prevention efficacy, underpinning its competitive edge.[1]Historical Development
Inception and Early Innovations (1993–1996)
Check Point Software Technologies was founded in 1993 in Ramat Gan, Israel, by Gil Shwed, Marius Nacht, and Shlomo Kramer.[31][13] Shwed, aged 25 at the time, conceived the company's core technology—stateful inspection—addressing limitations in existing packet-filtering approaches by tracking the context and state of network connections rather than inspecting packets in isolation.[17][32] This innovation emerged amid the rapid growth of internet connectivity, where traditional security methods proved inadequate against evolving threats.[33] In 1994, Check Point released FireWall-1 version 1.0, the industry's first commercial stateful inspection firewall, which integrated inspection at the application layer while maintaining high performance through kernel-level processing.[3][34] The technology enabled granular control over traffic by maintaining a state table of active connections, allowing legitimate packets to pass efficiently while blocking unauthorized ones based on session history, a significant advancement over stateless filters that treated each packet independently.[35][36] FireWall-1 version 2.0 followed in 1995, introducing enhancements such as improved management interfaces and support for additional protocols, further solidifying its position as a benchmark for enterprise security.[34] By 1996, Check Point had refined stateful inspection into a patented framework that became the de facto standard for firewall efficacy, emphasizing security without compromising network speed.[13][36] These early developments positioned the company to capitalize on the burgeoning demand for robust perimeter defenses as corporate networks expanded.[3]Initial Public Offering and Expansion (1996–2000)
In June 1996, Check Point Software Technologies Ltd. conducted its initial public offering (IPO) on the NASDAQ stock exchange under the ticker symbol CHKP, raising $67 million at an initial share price of $14.[31][37] This capital infusion enabled accelerated research and development, product diversification, and international market penetration following its recognition as the global firewall market leader with 40% share by IDC earlier that year.[13] Post-IPO, Check Point expanded its product portfolio beyond core firewall solutions, introducing network management software in 1997 to facilitate centralized security administration for enterprise customers.[38] The company also launched VPN-1 that year, providing secure remote access capabilities via virtual private networks, which addressed growing demand for encrypted connectivity amid internet proliferation.[37] Geographically, Check Point established a U.S. headquarters in Redwood City, California, and opened additional offices in Europe to support sales and operations in North American and European markets.[13] Financial performance reflected robust expansion, with revenues growing from approximately $38.7 million in net income implications of early scaling to $141.9 million in total revenues by 1998, $219.6 million in 1999, and $425.3 million in 2000, driven by increased adoption of its stateful inspection technology and OEM partnerships.[39] A pivotal 1998 partnership with Nokia integrated Check Point's software into Nokia's network security appliances, enhancing hardware-software bundling and distribution reach.[13][37] These developments solidified Check Point's position in the burgeoning cybersecurity sector during the late 1990s dot-com boom.Acquisition-Driven Growth (2000–2010)
During the first decade of the 2000s, Check Point Software Technologies shifted from organic innovation in firewall technology to an acquisition-led expansion strategy, aiming to broaden its capabilities in endpoint security, data protection, intrusion detection, and hardware appliances. This approach addressed emerging threats like mobile data leakage and Web 2.0 vulnerabilities, while integrating complementary technologies into its unified security architecture. By 2010, these moves had diversified Check Point's offerings, positioning it as a provider of comprehensive threat management solutions rather than a firewall specialist alone.[3] In December 2003, Check Point acquired MetaInfo, though details on its integration into core products remain limited; subsequent deals built on this momentum. The pivotal 2004 acquisition of Zone Labs Inc., developer of the popular ZoneAlarm personal firewall, for approximately $114 million in cash plus 5.3 million shares, strengthened endpoint security for consumer and enterprise markets, adding behavioral analysis and personal VPN features to Check Point's portfolio.[40] Key expansions in data and mobile security followed in 2006 with the acquisition of Protect Data Mobile, a Swedish firm specializing in encryption and secure data deletion for PDAs and laptops, valued at around €425 million (approximately $540 million at the time), which enhanced Check Point's offerings for protecting sensitive information on portable devices amid rising mobile workforce risks. In 2007, Check Point completed the $20 million purchase of NFR Security, a U.S.-based provider of real-time network intrusion prevention systems using pattern-matching and anomaly detection, bolstering defenses against sophisticated network attacks and integrating into Check Point's intrusion prevention software (IPS) blades.[41] By 2009, amid economic recovery, Check Point acquired Nokia's IP security appliance business for $161 million, gaining hardware platforms and a customer base exceeding 10,000 deployments, which allowed seamless migration to Check Point software while expanding into integrated security gateways. That year also saw the purchase of FaceTime Communications' application control database, incorporating visibility and controls for over 50,000 Web 2.0 widgets and 4,500+ internet applications to combat evolving social media and SaaS threats.[42][3] The decade closed with the June 2010 acquisition of Liquid Machines, a data loss prevention (DLP) specialist, for an undisclosed sum, adding policy-based encryption and content-aware protection for endpoints and networks, further unifying Check Point's data security stack. These acquisitions, totaling over a dozen in the period, drove product innovation through technology assimilation rather than greenfield development, with integrated "software blades" enabling modular deployments that appealed to enterprises seeking scalable, single-vendor solutions. Despite integration challenges and market competition, this strategy correlated with sustained revenue growth, from $506 million in 2000 to $1.043 billion by 2010, reflecting broader adoption of layered security paradigms.[43]Contemporary Advances and AI Focus (2010–2025)
In 2010, Check Point introduced ThreatCloud, a collaborative, cloud-based intelligence network designed to aggregate global threat data for real-time updates and enhanced prevention capabilities across its security gateways.[3] This marked an early pivot toward scalable, intelligence-driven defenses amid rising cloud adoption and sophisticated attacks. By 2015, the acquisition of Hyperwise bolstered CPU-level threat prevention through advanced behavioral analytics and machine learning, enabling proactive detection of zero-day exploits without performance degradation.[4] The launch of the Infinity architecture in 2017 consolidated Check Point's portfolio into a unified platform spanning networks, cloud, mobile, and endpoints, emphasizing prevention-first strategies with integrated threat intelligence sharing.[44] This evolution addressed fragmented security management by incorporating modular Software Blades for scalability, while laying groundwork for AI enhancements in subsequent years. Acquisitions like Avanan in 2021 extended cloud email and SaaS protections via API-based scanning and anomaly detection. From 2023 onward, Check Point intensified AI integration, debuting Harmony SaaS in March 2024 as an AI-powered solution for preventing threats in SaaS environments through continuous risk assessment and automated policy enforcement.[45] The Infinity Platform evolved to include AI-driven features like contextual threat prevention and autonomous zero-trust capabilities, recognized by Miercom in April 2025 as the top-ranked AI-powered cybersecurity platform for superior efficacy in blocking advanced attacks.[46] In 2025, acquisitions such as Veriti for AI risk management and Lakera for adversarial AI defenses further embedded machine learning into external threat hunting and application protection, while new appliances delivered 4x faster AI-accelerated prevention at network edges.[47][48] These advances prioritized empirical threat modeling over reactive signatures, yielding measurable reductions in breach windows as validated by independent benchmarks.[49]Products and Technologies
Network and Firewall Solutions
Check Point's foundational contribution to network security lies in pioneering stateful inspection technology with the 1993 release of FireWall-1, the industry's first firewall to track active connection states for context-aware filtering, surpassing stateless packet inspection by analyzing packet sequences and session data at the network layer.[3][50] This approach maintains state tables to validate traffic legitimacy, enabling enforcement of security policies based on full communication history rather than isolated packets.[51] The company's modern network and firewall solutions center on the Quantum series of AI-powered next-generation firewalls (NGFWs), which provide scalable protection up to 1 Tbps throughput with 99.999% resiliency via intelligent clustering for enterprise data centers, branches, and hyperscale environments.[52] These gateways integrate over 50 AI engines for real-time threat prevention, achieving a 99.9% block rate against zero-day attacks, alongside defenses for IoT vulnerabilities, DDoS floods, and sophisticated exploits through cloud-delivered intelligence.[52] Quantum NGFWs support comprehensive connectivity features including remote access VPN, secure access service edge (SASE), and software-defined wide area networking (SD-WAN), all managed via a unified console that enforces consistent policies across users, applications, and hybrid cloud infrastructures.[52] Performance metrics include up to 800 Gbps firewalling, sub-3μs latency, and 75 Gbps Layer 1-7 threat prevention, distinguishing them from traditional firewalls by emphasizing proactive AI-driven hyperscalability over reactive signature-based detection.[52] Core capabilities encompass multilayered threat prevention with intrusion prevention systems (IPS), sandboxing, anti-malware, and encrypted traffic inspection, complemented by identity-based controls using identity and access management (IAM) and role-based access control (RBAC) to align with zero trust principles.[53] Centralized security management offers unified visibility and automation across on-premises, cloud, and remote deployments, reducing operational complexity while independent benchmarks confirm superior efficacy, such as a 99.7% overall block rate compared to competitors' 72.7%.[52][53] For small to medium-sized businesses, the Quantum Spark appliances deliver simplified NGFW functionality with automatic threat updates, unified access policies covering firewall rules, application control, and URL filtering, ensuring accessible yet robust perimeter defense without extensive expertise.[52]Endpoint and Mobile Security
Check Point's endpoint security solutions center on Harmony Endpoint, a unified platform that integrates endpoint protection (EPP), endpoint detection and response (EDR), and extended detection and response (XDR) capabilities into a single agent to safeguard devices against advanced threats.[54] This solution supports diverse environments including Windows, macOS, Linux, servers, virtual desktop infrastructure (VDI), browsers, and mobile devices, leveraging Check Point's ThreatCloud AI network with over 60 AI engines for real-time zero-day threat prevention.[54] Key protections encompass ransomware and malware blocking, zero-phishing defenses, browser security, advanced data loss prevention (DLP) with full disk encryption, and automated vulnerability assessment paired with patch management, as enhanced in updates announced on May 11, 2023.[55] Harmony Endpoint also monitors generative AI tool usage for compliance risks and facilitates rapid incident resolution through automated responses, addressing a reported 38% year-over-year increase in cyberattacks targeting remote workforces.[54] For mobile-specific security, Check Point offers Harmony Mobile, a mobile threat defense (MTD) solution that secures corporate data on employee devices by defending against threats across applications, files, networks, and operating systems without compromising user experience or privacy.[56] It blocks malicious app and file downloads, prevents man-in-the-middle network attacks via on-device controls, detects OS vulnerabilities (including CVEs), jailbreaking or rooting attempts, and phishing via SMS or other vectors, with version 4.0 released on May 19, 2022, introducing industry-leading malicious file protection capabilities.[57][58] Harmony Mobile integrates seamlessly with Harmony Endpoint and broader Harmony SASE for unified management, enabling scalable oversight of mobile workforces amid rising threats like misinformation and advanced persistent threats.[56] These offerings evolved from earlier products like SmartEndpoint, which reaches end-of-support on December 31, 2025, with migration paths to Harmony Endpoint's web management console for continued functionality.[59] Both endpoint and mobile solutions emphasize prevention over detection, incorporating Check Point's Infinity Architecture for consolidated policy enforcement and reduced complexity in hybrid work environments.[54] Independent evaluations, such as those highlighting its automated EDR for breach minimization, underscore its effectiveness against exploits and sophisticated malware.[60]Cloud and Data Center Protections
Check Point Software Technologies delivers cloud security through its CloudGuard platform, a comprehensive solution designed to prevent threats and manage risks across multi-cloud, hybrid, and data center environments.[61] CloudGuard functions as a prevention-first Cloud Native Application Protection Platform (CNAPP), incorporating AI-powered threat detection to secure applications from code to cloud deployment, while addressing misconfigurations, known threats, and zero-day attacks.[61] It supports unified management of cloud network security, including web application firewalls that achieved a 99.7% block rate in Miercom benchmarks and a 99.8% catch rate in CyberRatings evaluations.[61] The platform protects over 821 million cloud assets daily and is utilized by 50% of the top 50 Fortune 500 companies, yielding an 84% reduction in risks and a 169% return on investment according to Forrester analysis.[61] For data center protections, Check Point employs Quantum Security Gateways, such as the Quantum 26000, 28000, and the 28600 model, which is the fastest 1U security gateway available.[62] These gateways integrate SandBlast Network for advanced threat prevention against fifth-generation attacks, delivering up to 1.5 Tbps in hyperscale performance and 30 Gbps of threat prevention per unit.[62] Features include telco-grade reliability, 100% SSD storage, high port density with modular expansion to 16 x 100 GbE interfaces, and 2.5 times greater power efficiency compared to competitors.[62] They enable zero-touch provisioning and unified policy management across hybrid cloud setups, ensuring consistent security enforcement for data center workloads transitioning to or integrated with public clouds.[62] CloudGuard and Quantum solutions interoperate within Check Point's Infinity architecture to bridge cloud and data center defenses, with recent enhancements including a 100% block rate for cloud firewalls in the Q1 2025 CyberRatings test and recognition in the 2025 Gartner Market Guide for Cloud Web Application and API Protection.[61] This integration facilitates automated governance, compliance monitoring, and risk prioritization in environments combining on-premises data centers with AWS, Azure, and Google Cloud infrastructures.[61]AI-Integrated Management Platforms
Check Point's Infinity Platform serves as the core AI-integrated management framework, providing unified security operations across network, endpoint, cloud, and mobile environments through cloud-delivered architecture. Launched as an evolution of earlier management systems like SmartConsole, it incorporates machine learning for real-time threat intelligence and automation, enabling centralized policy enforcement and visibility for hybrid infrastructures. The platform's AI capabilities aim to simplify operations by reducing manual configurations and integrating predictive analytics to anticipate vulnerabilities.[63] In February 2024, Check Point introduced Infinity AI Copilot, a generative AI tool embedded within the platform to automate administrative tasks such as policy optimization and incident triage via natural language queries. This copilot functions as both an analytical assistant, generating proactive security recommendations based on threat data, and an automation engine for complex workflows, thereby enhancing operational efficiency without requiring deep expertise in rule syntax. Independent evaluations, including a Miercom benchmark in April 2025, rated Infinity as the top AI-powered cybersecurity platform for its superior threat prevention efficacy and unified management integration compared to competitors.[64][46] Further advancements occurred in February 2025 with the release of two AI management bundles tailored for hybrid environments, focusing on enhanced visibility, automated compliance checks, and risk prioritization through AI-driven analytics. These bundles leverage Infinity's AI to process vast datasets from security gateways, correlating events across silos to reduce mean time to resolution for incidents. Additionally, the platform's AI-enabled security management handles repetitive tasks like log analysis and anomaly detection, scaling prevention mechanisms while minimizing false positives via adaptive learning models.[65][66][67] The Infinity Platform also integrates with external AI tools via features like the MCP Server, introduced in July 2025, which facilitates secure data exchange between generative AI models and Check Point's infrastructure for customized threat exposure management. This modular approach allows enterprises to extend AI capabilities without compromising core security controls, though it requires careful configuration to mitigate risks from third-party AI integrations. Overall, these elements position Infinity as a consolidated management layer that prioritizes prevention over reaction, supported by Check Point's proprietary threat intelligence feeds.[68][69]Research and Innovation
Check Point Research Division
The Check Point Research Division, also known as Check Point Research (CPR), serves as the cybersecurity intelligence arm of Check Point Software Technologies, delivering threat intelligence derived from analysis of global cyber attack data collected through the company's ThreatCloud network.[70] Comprising over 200 analysts, malware reverse engineers, and researchers, the division employs advanced techniques including machine learning modules for anomaly detection, reverse engineering of malicious code, and proactive campaign hunting to identify emerging threats.[70] This team collaborates with external security vendors, law enforcement agencies, and computer emergency response teams (CERTs) to share findings and enhance collective defenses.[70] The division's primary mission focuses on dissecting cybercriminal operations, vulnerabilities, and malware to inform product updates and protect Check Point's customer base, which spans over 100,000 organizations worldwide.[70] It leverages data from billions of daily security events processed by ThreatCloud to produce actionable intelligence, including monthly threat bulletins, quarterly cyber attack trend reports, and annual security reports that quantify attack volumes—such as documenting a 75% surge in global cyber attacks in Q3 2024, with manufacturing sectors facing elevated risks.[71] CPR's outputs emphasize empirical metrics, like average weekly attacks per organization (e.g., 3,828 in the education/research sector during Q3 2024), to highlight causal patterns in threat evolution rather than unsubstantiated narratives.[71] Key contributions include pioneering disclosures of sophisticated threats, such as the infrastructure supporting the Cerber ransomware in 2016 and the Nuclear Exploit Kit, which targeted vulnerabilities in browsers and plugins.[70] More recently, CPR uncovered the YouTube Ghost Network in October 2025, a coordinated malware distribution scheme using hijacked YouTube accounts to propagate infostealers and remote access trojans.[72] The division has also exposed ransomware operations like LockBit variants affecting dozens of organizations and vulnerabilities in systems such as IIS servers via exposed ASP.NET machine keys, enabling unauthorized access.[73][74] These findings have driven mitigations, including patches and indicators of compromise shared publicly, contributing to the broader cybersecurity ecosystem without reliance on centralized academic or media interpretations prone to institutional biases.[75] Through regular publications and podcasts, CPR fosters industry-wide awareness of causal threat dynamics, such as the role of open-source malware in lowering barriers for novice actors (e.g., Yurei ransomware group) and the intensification of AI-related risks amid a 46% ransomware surge in September 2025.[76][77] Its work prioritizes verifiable, data-driven insights over speculative trends, enabling organizations to address root causes like exploited supply chains and unpatched endpoints.[78]Threat Intelligence Outputs
Check Point's threat intelligence outputs encompass a range of publications and data feeds derived from its global sensor network and research efforts, aimed at disseminating insights on emerging cyber threats. These include weekly Threat Intelligence Bulletins that summarize recent discoveries, such as the October 20, 2025, edition covering global cyber attack trends and top attacks.[79] Annual reports provide broader analyses, exemplified by the 2025 Cyber Security Report, which details prevalent threats like ransomware, infostealers, and cloud vulnerabilities based on data from over 1 billion daily security events.[80] The company's AI Security Report, released in April 2025, highlights AI-driven cyber threats, including AI-assisted detection evasion and generative AI for phishing, drawing from empirical observations of attack patterns to recommend defensive strategies.[81] Specific intelligence reports address targeted campaigns, such as the October 2025 disclosure of a large-scale YouTube malware distribution network involving stealthy operations across multiple regions.[82] These outputs prioritize actionable data over narrative framing, leveraging Check Point's proprietary telemetry rather than unverified third-party claims. Central to these outputs is the ThreatCloud service, a collaborative intelligence platform aggregating data from thousands of sensors worldwide to deliver real-time threat feeds, including indicators of compromise (IOCs) and behavioral signatures updated dynamically.[83] Infinity ThreatCloud AI extends this by integrating over 50 AI technologies for novel threat detection, feeding prevention engines with insights from big data analytics on evasion tactics.[84] Outputs are disseminated via customer portals, APIs, and public research portals, enabling organizations to prioritize feeds through customizable collections that filter and aggregate IOCs for integration into security operations.[85] Check Point Research also publishes ad-hoc alerts on high-impact threats, such as September 2025 identifications of LockBit ransomware variants affecting multiple victims, supported by forensic analysis of attack artifacts.[73] This output model emphasizes empirical validation through sensor-derived evidence, contrasting with less rigorous industry reports that may amplify unconfirmed incidents for visibility. While Check Point's data reflects its product ecosystem, cross-verification with independent scans underscores the reliability of shared IOCs in disrupting campaigns.[82]Benchmarks and Industry Contributions
Check Point's products have demonstrated superior performance in independent benchmarks evaluating threat prevention efficacy. In Miercom's 2025 Next-Generation Firewall Benchmark, Check Point achieved the highest scores across all categories, blocking 99.9% of malware and 99.7% of phishing attacks, securing top ratings for the third consecutive year.[86] Similarly, in the 2024 MITRE ATT&CK Evaluations for enterprise security, Check Point's Infinity Platform recorded a 100% detection rate against tested threats without alerts.[87] For email security gateways, independent testing reported 100% phishing prevention and 99.8% block rate for new malware variants.[88] Analyst evaluations position Check Point as a leader in key categories. Gartner named it a Leader in the 2025 Magic Quadrant for Hybrid Mesh Firewalls, citing strengths in AI-powered prevention and unified management.[89] In the Q3 2025 Evaluation for Zero Trust Platforms by an independent firm, Check Point was recognized for comprehensive platform capabilities.[90] Peer reviews on Gartner Peer Insights average 4.5 out of 5 stars from over 2,100 users for network firewalls, highlighting reliability and feature depth.[91] Check Point has contributed to cybersecurity standards through foundational innovations and shared intelligence. The company developed stateful packet inspection in 1993, a core technology enabling context-aware firewalling that underpins modern network security architectures. Its Research division produces annual threat reports, such as the 2025 Cyber Security Report, analyzing global attack trends including ransomware surges and cloud exploits, which inform industry defenses and policy.[92] Recent advancements include AI engines for zero-day threat detection, achieving 99.8% prevention rates in controlled tests, advancing proactive security paradigms.[93] These outputs, disseminated via public reports and partnerships, enhance collective threat visibility without reliance on proprietary data silos.Business Strategy
Strategic Acquisitions
Check Point has executed a series of strategic acquisitions to bolster its cybersecurity portfolio, focusing on areas such as cloud security, email and SaaS protection, secure access service edge (SASE), threat intelligence, and AI-driven defenses. These moves aim to integrate innovative technologies into its Infinity architecture, addressing evolving threats like remote work vulnerabilities, cloud migrations, and generative AI risks. By acquiring specialized firms, often Israeli startups, Check Point has expanded beyond traditional firewalls into unified platforms for hybrid environments.[3] In 2009, Check Point acquired Nokia's security appliance business, enhancing its hardware capabilities for network security gateways, and FaceTime Communications' application database, which added controls for over 4,500 internet applications and 50,000 Web 2.0 widgets. These early deals strengthened application-layer visibility and prevention. In October 2018, the company purchased Dome9 for cloud security, enabling safer management of cloud deployments during IT infrastructure transitions.[3][3] Subsequent acquisitions targeted email and SaaS threats. In August 2021, Check Point acquired Avanan, a cloud email security firm specializing in API-based scanning for Office 365 and other platforms, reported at around $300 million; this integrated post-delivery protection against phishing and malware into Check Point's offerings. In February 2022, it bought Spectral Cyber Technologies, focusing on developer-centric secrets detection to secure code from insider leaks. April 2017's acquisition of ForceNock added web application and API protection using machine learning and behavioral analytics.[94][7][3] To address SASE and zero-trust needs, Check Point announced the $490 million acquisition of Perimeter 81 in August 2023, completing it in September, which provided secure network access for remote users, sites, and clouds, accelerating unified SASE deployment. In August 2024, it acquired Cyberint Technologies for enhanced threat intelligence and external attack surface management, integrating automated SOC capabilities. These deals supported Check Point's shift toward comprehensive, prevention-first platforms amid rising hybrid work threats.[95][96][97] Recent acquisitions emphasize AI and exposure management. In May 2025, Check Point acquired Veriti Security for $100 million, an AI-driven platform for vulnerability assessment and remediation, reducing cyber attack surfaces through continuous exploitability scoring. In September 2025, it purchased Lakera for $300 million, establishing an AI-native security platform to protect AI model lifecycles from prompt injection and data poisoning, with Lakera's Zurich team forming Check Point's global AI R&D center. These moves position Check Point to counter AI-specific risks in enterprise environments.[98][99][100]Partnerships and Ecosystem Building
Check Point maintains an extensive partner ecosystem to enhance its cybersecurity offerings through integrations and collaborative solutions. The company's Channel Partner Program, revamped in January 2024, simplifies tiering from six levels to four—based on annualized bookings and partner training completion—to foster growth and specialization. This structure provides transparent pricing, cumulative discounts, incentives, and free certifications, resulting in a reported 100% increase in deal registrations and protections for renewals via an incumbent partner initiative.[101][102] The program extends to managed service providers (MSPs) and MSSPs, with a dedicated MSSP Portal launched on September 3, 2024, streamlining service delivery, billing, and support without deployment risks. In June 2025, Check Point expanded its portfolio availability on the Pax8 marketplace, enabling global MSP partners to access AI-powered, cloud-delivered security suites for broader deployment. Partner momentum has accelerated, with significant growth in engagements following the program's introduction, as evidenced by increased bookings and ecosystem participation by March 2025.[103][104][105] Technology alliances form a core of ecosystem building, uniting Check Point with leading vendors for cohesive security architectures. CloudGuard solutions integrate natively with Amazon Web Services (AWS) for infrastructure-as-a-service protections, while partnerships with Google Cloud and Microsoft Azure enable unified network security across hybrid environments. A deepened strategic alliance with Wiz, announced September 29, 2025, combines Check Point's cloud network security with Wiz's cloud-native application protection platform (CNAPP) for integrated threat prevention. These collaborations, part of the broader Technology Partner Alliance, allow third-party developers to build on Check Point's Infinity platform via open APIs and joint go-to-market strategies, expanding solution interoperability.[106][107][108][109]Financial Metrics and Performance
Check Point Software Technologies reported total revenues of $2.565 billion for fiscal year 2024, marking a 6% increase from $2.414 billion in 2023.[8] For the second quarter of 2025, revenues reached $665 million, reflecting a 6% year-over-year rise, with security subscriptions contributing $533 million (up 4%) and products and licenses at $132 million (up 12%).[110] Trailing twelve-month revenues as of June 30, 2025, stood at $2.642 billion, a 6.27% increase from the prior period.[9] The company maintained strong profitability, with a gross margin of 88.01% on a trailing twelve-month basis, an operating margin of 33%, and a net margin of 32.48%.[111] In Q2 2025, net income was $202.8 million, up 2.7% year-over-year, though the profit margin dipped slightly to 31% from 32%.[112] Earnings per share for fiscal 2024 was $7.65, an improvement from $7.19 in 2023.[113] Check Point's return on assets stood at 9.67% over the trailing twelve months.[111]| Metric | Fiscal 2024 Value | Year-over-Year Change |
|---|---|---|
| Total Revenues | $2.565B | +6% |
| Calculated Billings | $2.658B | +9% |
| EPS | $7.65 | +6.4% |
| Gross Margin (TTM) | 88.01% | N/A |