Browse Check Point Software Technologies Reviews

Gartner defines cyber-physical systems (CPS) protection platforms as products that discover, categorize, map and protect CPS in production or mission-critical environments outside of enterprise IT. They do so by analyzing or interacting with industrial/industry-specific protocols and operational network traffic. They understand physical process asset behavior and do not interfere with CPS operations. They can be delivered from the cloud, on-premises or in a hybrid form. Gartner defines CPS as engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans). When secure, they enable safe, real-time, reliable, resilient and adaptable performance.

• Check Point Advanced Endpoint Threat Detection (Legacy)
  4.5

  31 Reviews

Cloud security posture management tools help in the identification and remediation of risks across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). These tools continuously assess the security posture across multi-cloud environments by maintaining a current inventory of the cloud assets for proactive analysis and risk assessment to detect any misconfigurations. Once these misconfigurations are identified, security controls are developed and implemented. CSPM solutions also integrate with DevOps tools, streamlining the incident response process and ensuring continuous compliance with regulatory requirements and security frameworks by providing visibility of the cloud environment’s security posture.

• Check Point Cloud Firewall
  4.6

  387 Reviews

Gartner defines cloud web application and API protection (WAAP) as a category of security solutions designed to protect web applications and APIs from different types of attacks, irrespective of the hosting location. Typically delivered as a service, cloud WAAP is a consolidation of multiple capabilities offered as a series of security modules and designed to protect against a broad range of runtime attacks. Core capabilities are web application firewalls (WAFs), distributed denial of service (DDoS) mitigation, protection against advanced API attacks and automated (bot) traffic management. A cloud WAAP solution must incorporate all four core capabilities within the same offering.

• Check Point WAF
  4.6

  234 Reviews

Digital forensics and incident response (DFIR) retainer services help organizations assess and manage the impact of a security incident. Digital forensics (DF) services assist with forensic response, aid in forensic information gathering and advise on proactive best practices for avoiding a breach. Incident response (IR) services assist with breach investigation, triage and impact classification. These capabilities are delivered as professional services, supported by technology services from the same provider.

• Check Point Infinity Global Services
  4.6

  80 Reviews

Gartner defines an email security solution as a product that secures email infrastructure. Its primary purpose is to protect against malicious messages (phishing, social engineering, malware) or unsolicited messages (spam, marketing). Other functions include email data protection; domain-based message authentication, reporting and conformance (DMARC); investigation; and remediation through a dedicated console. Email security solutions may also support nonemail collaboration tools, such as those for document management and instant messaging. Email security tools protect an organization’s email from spam, phishing, malware attacks, account takeover and data loss. They may provide capabilities for data loss prevention, encryption, domain authentication and security education, as well as advanced protections against business email compromise. Email security platforms give cybersecurity teams visibility into email-related security incidents, support investigation and automated remediation, and enable management of both inbound and outbound email delivery. Email security solutions often integrate with other network, identity and endpoint security controls, and may also support collaboration tools and email relay capabilities.

• Check Point Harmony Email & Collaboration
  4.7

  945 Reviews

Gartner defines the embedded security for Internet of Things (IoT) connectivity market as addressing the growing security risks associated with interconnected IoT devices. It offers solutions to protect IoT devices, networks, applications, platforms and data from cyberthreats. These solutions include device security, network security, edge security, data privacy and threat detection. They are delivered as software, hardware or cloud-based services. Users of this market are diverse, ranging from individuals to large enterprises across various industries, including healthcare, manufacturing and smart cities.

• Quantum IoT Protect
  5.0

  20 Reviews

Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, virtual desktops, mobile devices and, in some cases, servers — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles. EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections and file-less attacks using a combination of security techniques (such as static and behavioral analysis) and attack surface reduction capabilities (such as device control, host firewall management and application control). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the endpoint attack surface and minimize the risk of compromise. EPP detection and response capabilities are used to uncover, investigate and respond to endpoint threats that evade security protection, often as a part of broader threat detection, investigation and response (TDIR) capable products.

• Harmony Endpoint
  4.6

  942 Reviews
• Check Point Capsule (Legacy)
  4.2

  20 Reviews
• 2 more products

Exposure assessment platforms (EAPs) continuously identify and prioritize exposures, such as vulnerabilities and misconfigurations, across a broad range of asset classes. They natively deliver or integrate with discovery capabilities, such as assessment tools, that enumerate exposures, like vulnerabilities and configuration issues, to increase visibility. EAPs use techniques like threat intelligence (TI) to analyze an organization’s attack surfaces and weaknesses, and prioritize treatment efforts for high-risk exposures by incorporating threat landscape, business and existing security control context. Through prioritized visualizations and treatment recommendations, EAPs help provide direction for mobilization, identifying the various teams involved in mitigation and remediation. EAPs are primarily delivered as self-hosted software or as a cloud service, and may use agents for exposure information collection.

• Check Point Exposure Management
  5.0

  4 Reviews

External Attack Surface Management (EASM) market refers to solutions that continuously discover, inventory, and monitor an organization’s internet‑facing digital assets from an attacker’s perspective. These platforms identify unknown or unmanaged assets, exposed services, misconfigurations, and vulnerabilities across cloud, SaaS, on‑premises, and third‑party environments. EASM solutions contextualize external exposures with risk scoring, threat intelligence, and business relevance to help organizations prioritize remediation efforts. The market exists to help cybersecurity teams proactively reduce exposure by maintaining visibility of their internet-facing assets. Who are the target users of External Attack Surface Management (EASM) Software? Typical users include cybersecurity teams, vulnerability management professionals, risk managers, and IT security leaders in organizations of all sizes. EASM solutions are especially valuable for enterprises with complex, distributed environments, frequent cloud adoption, or multiple subsidiaries and third-party relationships. Executives responsible for organizational risk and compliance also benefit from the enhanced visibility and reporting capabilities these platforms provide. What are the core capabilities of External Attack Surface Management (EASM) Software? Asset Discovery and Inventory: Identification of internet‑facing infrastructure (e.g., domains, subdomains, IPs, cloud assets, SaaS, APIs, certificates, shadow IT) Asset Attribution & Ownership Mapping Technology Fingerprinting (e.g., frameworks, CMS, web servers, open‑source components) Third‑Party and Subsidiary Mapping Continuous Monitoring & Change Detection: Change Detection (new services, DNS changes, IP reassignments, open ports) Asset Lifecycle Tracking (new, modified, decommissioned assets) Certificate Monitoring (expiration, weak cryptography, unauthorized issuance) Exposure & Vulnerability Identification: Open Port and Service Enumeration Configuration and Security Misconfiguration Detection Known Vulnerability Mapping (CVE/CWE) Insecure Protocol and Cipher Detection Unprotected Cloud Storage & APIs Expired or Weak Certificates Exposed Secrets (tokens, API keys) Risk Prioritization & Contextual Analysis Risk Scoring (asset‑level and organization‑level) Business Context Mapping (e.g., production vs dev, internet‑facing criticality) Exploitability Context Attack Path Visualization Integration with Threat Intelligence Feeds Attacker‑View Asset Mapping Known Attacker Techniques mapping (MITRE ATT&CK alignment) Remediation & Workflow Enablement Remediation Guidance (e.g., automated attack surface reduction suggestions) Integration with Ticketing Systems (e.g., ServiceNow, Jira) Security Tool Integrations (e.g., SIEM, SOAR, vulnerability scanners) Ownership Assignment & SLA Tracking Evidence and Verification of Fixes Reporting & Visualization Executive Dashboards Technical Analyst Views Asset and Risk Heatmaps Exposure Trends Over Time Custom Report Builder What are the benefits of External Attack Surface Management (EASM) Software? EASM software helps organizations proactively reduce their cyber risk by maintaining comprehensive visibility of all internet-facing assets and exposures. Security teams benefit from automated discovery, prioritized remediation, and streamlined workflows, enabling faster and more effective risk reduction. Executives and risk leaders gain confidence through real-time dashboards, trend analysis, and clear evidence of remediation, supporting stronger governance, compliance, and organizational resilience against external threats.

• Check Point Infinity External Risk Management
  4.8

  6 Reviews
• Infinity Platform
  4.8

  27 Reviews

A hybrid mesh firewall (HMF) is a multideployment mode firewall, including hardware, virtual appliance and cloud-based options, with a unified cloud-based management plane. HMF’s are designed to support hybrid environments and evolving use cases by offering mature continuous integration/continuous delivery (CI/CD) pipeline integration, native cloud integration, and advanced threat prevention capabilities extending to Internet of Things (IoT) devices and DNS-based attacks. With the adoption of hybrid environments, clients prefer the same firewall vendor with centralized management and visibility of firewall policies across environments to ease administration and reduce operational complexity. As a result, the demand and adoption of cloud firewalls from the same on-premises firewall vendor is growing. Hybrid mesh firewalls support this use case through hardware, virtual and dedicated cloud firewall deployment types, along with cloud-based centralized visibility and management capability.

• Check Point Quantum
  4.5

  1808 Reviews
• Harmony Endpoint
  4.3

  10 Reviews
• 5 more products

IT Infrastructure and IoT refers to the products and services that support the deployment, management, and optimization of core technology systems and connected devices across enterprise environments. This category includes markets that focus on enabling organizations to build and operate resilient, scalable, and intelligent infrastructure. It encompasses solutions for data center management, network infrastructure, and IoT connectivity—spanning on-premises, cloud, edge, and hybrid models.

• Quantum Spark Security Management Portal
  4.6

  96 Reviews

IT Security refers to products and services that protect digital systems and data from cyber threats and unauthorized access. This category includes markets that focus on network security, identity management, data protection, and cloud security, enabling organizations to reduce risk, ensure compliance, and operate securely in a digital world.

• Check Point Harmony SaaS
  4.7

  71 Reviews

Gartner defines managed detection and response (MDR) services as those that provide customers with remotely delivered security operations center (SOC) functions. These functions allow organizations to perform rapid detection, analysis, investigation and response through threat disruption and containment. They offer a turnkey experience, using a predefined technology stack that commonly covers endpoints, networks, logs and cloud. Telemetry is analyzed within a provider’s platform using a range of techniques. The MDR provider’s analyst team then performs threat hunting and incident management to deliver recommended actions to their clients. MDR offers outcome-driven security incident management that is predicated on the detection, analysis and investigation of potentially impactful security events and the delivery of active threat disruption and containment actions to respond to and mitigate the impact of cyber breaches.

• Check Point Infinity Global Services
  4.6

  13 Reviews

MSSs provide organizations with a variety of management and operational services specific to security technologies and business outcomes for security. Capabilities include security monitoring, detection and response, exposure assessment and management as well as security consulting and security technology implementation. MSSs are delivered in a variety of modes, in the providers’ cloud infrastructure, as consultative engagements or through staff augmentation and on-premises. MSS providers offer a variety of different engagement models. These include heavily customized and consultancy-led models and commoditized technology management-driven experiences.

• Check Point Infinity Global Services
  4.7

  89 Reviews

Mobile threat defense (MTD) products protect organizations from malicious threats on iOS and Android devices, at the device, network and application levels. To successfully attack a mobile device, mobile malware must circumvent the controls built into mobile OSs, such as those for app store curation and native mobile OS hardening. MTD products tend to focus on preventing and detecting anomalous behavior by collecting and analyzing indicators of compromise, as well as expected behavior. MTD products gather threat intelligence from the devices they support, as well as from external sources, and use an analysis engine that resides in the cloud, on-premises or on an MTD app installed on devices.

• Harmony Mobile
  4.4

  195 Reviews

Network-based sandboxing is a proven technique for detecting malware and targeted attacks. Network sandboxes monitor network traffic for suspicious objects and automatically submit them to the sandbox environment, where they are analyzed and assigned malware probability scores and severity ratings. Sandboxing technology has been used for years by malware researchers at security companies and even in some large enterprises that are highly security conscious. Traditionally, using a sandbox has been an intensive effort requiring advanced skills. The malware researcher manually submits a suspicious object into the sandbox and analyzes it before flagging it as malware or not. By adding automated features to sandboxing technology (automatically submitting suspicious objects and automatically generating alerts). (Retired as of Mar-12-2026).

• R80 Security Management
  4.6

  241 Reviews
• Check Point Intrusion Prevention System (IPS)
  4.7

  154 Reviews
• 1 more product

Secure access service edge (SASE) platforms deliver converged network and security-as-a-service capabilities, such as software-defined WAN (SD-WAN) and secure access to the web, cloud services and private applications regardless of the user’s location, the device used or where that application is hosted. These offerings primarily use a cloud-centric architecture delivered as a platform by one vendor. SASE securely connects users and devices with applications, services and other users. It supports branch office and remote worker connectivity and on-premises general internet security, private application access and public cloud service provider access use cases.

• Check Point Harmony SASE with Quantum SD-WAN
  4.9

  84 Reviews

Gartner defines software-defined WAN (SD-WAN) as products used to connect branch locations to other enterprise and cloud locations. SD-WAN products provide dynamic path selection based on business or application policy, routing, centralized orchestration of policy and management of appliances, virtual private network (VPN) and zero-touch configuration. SD-WAN products are WAN transport/carrier-agnostic and create secure paths across physical WAN connections.

• Quantum SD-WAN
  4.7

  132 Reviews

Gartner defines a secure enterprise browser (SEB) as a solution that delivers enterprise security policies and controls through a centrally managed browser extension, and optionally, a full-stack custom web browser. SEBs provide security and policy enforcement for web, SaaS and private applications, as well as browser hardening delivered through the browser rather than at the endpoint OS or network level. SEBs also enable visibility, control, and auditability of web application data accessed by end users from managed, lightly managed or unmanaged devices without the need for in-line decryption of web traffic.

• Harmony Browse
  4.5

  151 Reviews

Gartner defines security service edge (SSE) as an offering that secures access to the web, cloud services and private applications regardless of the location of the user, the device they are using or where that application is hosted. SSE protects users from malicious and inappropriate content on the web and provides enhanced security and visibility for the SaaS and private applications accessed by end users. Security service edge provides a primarily cloud-delivered solution to control access from end users and devices to applications, as well as websites and the internet. It provides a range of security capabilities, including adaptive access based on identity and context, malware protection, data security and threat prevention, as well as the associated analytics and visibility. It enables more direct connectivity for hybrid users by reducing latency and providing the potential for improved user experience. Capabilities that are integrated across multiple traffic types and destinations allow a more seamless experience for both users and administrators while maintaining a consistent security stance.

• Check Point Capsule (Legacy)
  4.0

  1 Review
• Check Point SASE
  4.5

  208 Reviews

The security threat intelligence products and services market refers to the combination of products and services that deliver knowledge (context, mechanisms, indicators, implications and action-oriented advice), information and data about cybersecurity threats, threat actors and other cybersecurity-related issues. The output of these products and services aims to provide or assist in the curation of information about the identities, motivations, characteristics and methods of threats, commonly referred to as tactics, techniques and procedures (TTPs). The intent is to enable better decision making and improve security technology capabilities to reduce the likelihood and impact of a potential compromise. Threat intelligence (TI) products and services support the different stages of a TI process life cycle. In particular, this involves defining the aims and objectives, collecting and processing intelligence originating from various sources, analyzing and disseminating it to different stakeholders within the organization, and regularly providing feedback on the entire process. These products and services support ongoing security investigations and assist in preventing future breaches by prioritizing infrastructure hardening. TI tools and services are most commonly cloud-based products and services, but can also be delivered “as a service.”

• Infinity Platform
  4.8

  31 Reviews

VA solutions identify, categorize and prioritize vulnerabilities as well as orchestrate their remediation or mitigation. Their primary focus is vulnerability and security configuration assessments for enterprise risk identification and reduction, and reporting against various compliance standards. VA can be delivered via on-premises, hosted and cloud-based solutions, and it may use appliances and agents. Core capabilities include: - Discovery, identification and reporting on device, OS, software vulnerabilities and configuration against security-related criteria - Establishing a baseline for systems, applications and databases to identify and track changes in state - Reporting options for compliance, control frameworks and multiple roles Standard capabilities include: - Pragmatic remediation prioritization with the ability to correlate vulnerability severity, asset context and threat context that then presents a better picture of true risk for your specific environment - Guidance for remediating and configuring compensating controls - Management of scanner instances, agents and gateways - Direct integration with, or API access to, asset management tools, workflow management tools and patch management tools

• Veriti
  4.6

  4 Reviews

Workspace Security Platform is designed to protect modern hybrid workers, including their endpoints, mobile devices, collaboration channels, and end-user application access. These solutions are primarily delivered as cloud-native platforms and offer tight integration of security components, including unified agents, centralized deployment and policy administration, data lakes, reporting, and security event aggregation. They include features like multi-factor authentication, real-time risk assessment, and AI-powered threat defenses to prevent unauthorized access and data breaches. By combining user education, well-defined security policies, and modern technology, Workspace Security Platform helps organizations maintain a robust security posture and respond swiftly to potential threats. The key customers typically include large enterprises, financial institutions, healthcare providers, and government agencies, all of which require stringent security measures to protect sensitive data and ensure compliance with regulatory standards.

• Harmony Workspace
  4.6

  25 Reviews