Check Point Unveils Revolutionary Orchestration Platform to Transform Enterprise Security
In a significant development for cybersecurity, Check Point has introduced an innovative agentic orchestration platform designed to address the long-standing challenges that have hampered enterprise security teams for decades. This product aims to eradicate issues such as policy drift, stalled Zero Trust initiatives, and backlogs of manual configurations that have frustrated organizations striving to maintain robust cybersecurity measures.
The heart of this initiative is Check Point’s Agentic Network Security Orchestration Platform, which leverages autonomous AI agents. These advanced agents are capable of translating business intent directly into firewall policy, executing real-time configuration adjustments, and responding to threats within multi-vendor environments—all without requiring human intervention. This leap into automated orchestration promises to significantly streamline the security operation landscape.
Check Point’s assessment of existing problems within enterprise security is compelling. It is not uncommon for a single network change request to take anywhere from two to four weeks, enduring a process of analysis, security review, and policy dependency checks. This drawn-out procedure often yields further complications, sending teams back to the drawing board and causing additional delays. Meanwhile, critical segmentation projects can end up lingering on roadmaps for years, while policies tend to drift, struggling to keep pace with fast-evolving workloads. Consequently, Zero Trust strategies often remain just theoretical constructs, never progressing to actual deployment.
Charlotte Wilson, Check Point’s head of enterprise for the UK and Ireland, emphasized the transformative potential of this new platform. She stated, “Security teams can operate entirely at the level of business intent. Everything below that, from rule creation to policy tightening and virtual patching, is executed autonomously by AI agents, who operate within predefined guardrails and are subject to continuous human oversight. We are transforming projects that used to take months into days of auditable action.”
At the core of the Agentic orchestration platform lies the Network Knowledge Graph. This is a live, continually updated relational model of a customer’s actual network environment, which encompasses various factors including topology, traffic flows, asset dependencies, and real-time configuration data. Unlike traditional models that rely on generic training data, the AI agents work with a real-time representation of the specific network they are protecting. This context is crucial for effective cybersecurity measures.
Additionally, the platform employs a semantic intelligence layer capable of interpreting not just the explicit syntax of existing firewall policies, but also the underlying business intent associated with them. This feature is particularly valuable for rules that may have been created years or even decades ago—often without adequate documentation.
The platform boasts four primary capabilities designed to enhance security operations:
-
Intent-to-Policy: This feature translates natural language business requirements into validated, risk-adjusted firewall rules across multidisciplinary vendor environments.
-
Zero Trust and Policy Tightening: This capability continuously analyzes active traffic to spot over-permissive configurations. It autonomously applies validated policy adjustments while minimizing connectivity disruptions.
-
Autonomous Troubleshooting: This function simplifies problem resolution by performing multi-step reasoning across network topology, policy history, and logs, drastically reducing the mean time to resolution from hours to mere minutes.
- Continuous Compliance: This capability maps all rule and configuration changes in real-time to regulatory standards such as DORA, PCI-DSS, and NIST, thereby transforming the traditional scramble for annual audits into a seamless, automated process.
Despite the automation, security teams maintain approval authority over high-impact changes and can review a comprehensive execution trace of each action taken by the AI agents.
In addition to launching its new platform, Check Point also announced its intention to acquire Deepchecks, a sophisticated platform focused on Large Language Model (LLM) evaluation, observability, and monitoring. The acquisition will enhance Check Point’s ability to build a reliable evaluation layer, crucial for ensuring that autonomous agents can be trusted in production environments. Ofir Korzenyak, VP of AI Technologies at Check Point, noted, "Any multi-agent system must include a robust evaluation layer that enables continuous measurement, tuning, and improvement over time."
Some features of the agentic orchestration platform, such as Policy Auditor, Policy Insights, and AI Assist, are already available. The broader Playblocks Agents platform remains in early access, with an expanded preview expected in the latter half of 2026. These agent models benefit from over 30 years of operational data collected from more than 100,000 customer organizations, positioning them well to handle a range of potential security edge cases.
Industry analysts are taking note of this significant shift. Frank Dickson from IDC remarked on the critical role of the platform, saying, “Agentic approaches like Check Point’s ground autonomous execution in a live understanding of the actual network environment, representing a meaningful architectural shift in how organizations can structurally close that gap.”
For enterprises besieged by configuration backlogs and stagnant Zero Trust projects, Check Point’s new platform may offer the long-awaited solution, making a compelling case for its adoption in the ever-evolving landscape of cybersecurity.