Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
For exclusive access to the slides and videos from each presentation, please log into your Check Point CheckMates account
Videos for selected breakout sessions
will be added in the coming days
**If you are not a member yet, its easy (and free) to join, click here**
Cyber Talk Keynotes
| Topic | Speaker | Content | Description |
|
Securing the Hyperconnected World in the AI Era - REAL Security, For AI & Powered by AI |
Nadav Zafrir
|
Join Nadav Zafrir, our new CEO, Gil Shwed, now Executive Chairman of the Board, and Rupal Hollenbeck, President of Check Point, as they kick off CPX 2025. This keynote sets the stage for the event, exploring the latest trends, challenges, and innovations shaping the future of cybersecurity. |
|
| Fireside Chat with Dave DeWalt |
Dave DeWalt Nadav Zafrir |
|
|
| Strategy in Action |
Nataly Kramer |
Join Nataly Kremer, Chief Product Officer, as she shares how Check Point’s security products are driving our mission to deliver the most complete Zero Trust and threat prevention for enterprise cyber mesh networks. Learn how AI powers our innovative approach to securing complex environments while advancing our vision for the future of cybersecurity to stay protected and resilient in an evolving threat landscape. |
|
|
Zero Trust for the Hyperconnected World |
Itai Greenberg Paul Barbosa Amit Bareket Yochai Corem Industry-Leading Cybersecurity Executives |
As the world becomes increasingly hyperconnected, securing digital infrastructures requires innovative approaches that integrate diverse technologies and solutions. This keynote will delve into the critical architecture needed to protect the evolving landscape of hybrid mesh networks. We’ll explore how hybrid mesh network security is pivotal in providing scalable, resilient, and adaptive protection across distributed environments. The discussion will highlight the importance of unified security management in orchestrating seamless, centralized control over complex security operations, ensuring visibility and streamlined response across hybrid infrastructures. Additionally, we will focus on the necessity of collaborative threat prevention, emphasizing the power of shared intelligence and cooperative defences to identify, mitigate, and neutralize threats in real-time. This session will provide a roadmap for building secure, interconnected ecosystems that are both agile and fortified against the dynamic threat landscape of the future. |
|
| Accelerating the Future with AI - The Evolving Threat Landscape | Lotem Finkelsteen Director, Threat Intelligence and Research, Check Point |
||
| Harnessing AI to Stay Head of Email Cyber Attacks |
Gil Friedrich Industry-Leading Cybersecurity Executives |
||
| AI in Cyber Security and Beyond: Shaping the Future of Defense and Business | Dr. Dorit Dor Chief Technology Officer |
Artificial intelligence (AI) has firmly established itself as a critical player in the cyber security ecosystem, empowering both attackers and defenders. In this keynote, we will examine how AI is reshaping the threat landscape and redefining key pillars of security, with a specific focus on its transformative role in areas like email security. Looking beyond today’s applications, we will explore the broader implications of AI on the future of businesses. From revolutionizing operational efficiency to creating unprecedented opportunities in application development and branding, AI’s potential extends far beyond the cyber realm. This session will delve into the emerging challenges and opportunities AI presents—both within cyber security and across industries—providing insights into how we can harness its power responsibly to secure, innovate, and transform our organizations. |
|
| Innovation Sandbox Winners |
|
|
|
| Celebrating Innovation - Customer Awards Ceremony |
|
Cloud Native Security
| Topic | Speaker | Content | Description |
| Optimize Cloud Network Security Architecture with Check Point |
|
|
Join this session to learn how to implement advanced threat prevention, automation, and unified network security to cloud infrastructure. Learn best practices to:
|
| Check Point’s WAF & API Security: Maximum Security with Minimum Maintenance |
Check Point’s CloudGuard WAF is reshaping the future of Web Application and API Security. Unlike traditional WAF solutions, CloudGuard WAF leverages AI-powered technology to detect and mitigate complex threats in real time. By utilizing contextual AI, it continuously learns from vast threat data to block sophisticated attacks, including zero-day exploits like Log4j and MOVEit and helps organizations stay ahead of emerging risks. CloudGuard WAF provides the most accurate solution, offering the highest detection rates and nearly zero false positives, effectively blocking malicious activity while ensuring legitimate traffic remains unaffected. Giving organizations the power to stay ahead of evolving risks with minimal maintenance. We’ll begin by exploring the limitations of traditional WAF and API solutions and how Check Point’s advanced multi-layered AI approach addresses them. You will discover the capabilities and benefits of CloudGuard WAF and API Security, including seamless deployment, automation, simplified security management, improved incident response, and more. |
||
| AWS and Check Point: How to Secure Modern Cloud Applications | Join us for an in-depth session on the integration of AWS GWLB, Cloud WAN, and Check Point CloudGuard Network Security. Discover how this collaboration secures advanced AWS services, including Gen AI, with enterprise-grade solutions designed for optimal performance, scalability, and cost efficiency. Elevate your cloud security with confidence. | ||
| What Network Security Professional Need to Know About Cloud Adoption |
|
Join us for an insightful session where we introduce the "Security-Led Cloud Adoption" framework - a practical, phased approach designed to help organizations navigate the complexities of cloud adoption without compromising security. This session is essential for practitioners seeking to align cloud adoption with robust security strategies, ensuring a scalable, secure, and manageable cloud journey. Tailored for security practitioners and leaders, "Security-Led Cloud Adoption" challenges the overly simplistic picture promoted by Cloud Service Providers. Instead, it recognizes the messy reality of cloud adoption, where sprawling environments, shadow assets, compliance violations, and developer-driven tool choices often leave CISOs playing catch-up. Don’t miss the opportunity to see how a security-led approach empowers engineers to build within the guardrails set by security experts - paving the way for cloud success and discover how Check Point’s modular CloudGuard platform enables security teams to take control by guiding cloud adoption on their terms. Starting with foundational solutions like the cloud-adapted Quantum Firewall (CloudGuard Network Security) and a CSPM, and graduating with a full Cloud Native Protection Platform (CNAPP). | |
| Harnessing the Power of Azure Virtual WAN and CloudGuard Network Security |
|
Discover how Azure Virtual WAN and CloudGuard Network Security work together to deliver secure, scalable cloud connectivity. This session highlights how advanced threat prevention and simplified architecture can protect your critical assets while enhancing performance and agility in the cloud. Don’t miss this opportunity to elevate your cloud security strategy! | |
| Check Point & Wiz: End to End Cloud Security |
|
Join us to learn more about Check Point new strategic partnership with Wiz and how we plan to change the way cloud network teams and CNAPP teams operate. |
Zero Trust and Hybrid Mesh Firewall Best Practices
| Topic | Speaker | Content | Description |
| Driving Innovation with Automation Across the Hybrid Network |
Aviv Abramovich |
As organizations embrace hybrid datacenter architectures to optimize performance and scalability, the complexity of securing these environments becomes paramount. This session delves into the challenges posed by today's most demanding hybrid networks and explores how enterprise firewalls play a pivotal role in safeguarding sensitive data and applications. Attendees will gain insights into strategies for seamlessly integrating and managing firewalls within hybrid infrastructures, ensuring robust security across on-premises and cloud environments. From threat detection to policy enforcement, this session provides actionable guidance on navigating the intricate landscape of modern datacenter security. Learn how to empower your organization to effectively cope with the dynamic nature of hybrid networks and fortify defenses against evolving cyber threats. |
|
| Unveiling the Future of Cybersecurity: R82 Top Recommended Features |
Join us for an exciting breakout session where we unveil Quantum R82, the innovative software designed to deliver top-notch security with unmatched simplicity, scalability, and efficiency. Discover how R82 boosts data center agility with its dynamic security layer, providing DevOps teams the flexibility and control they need over their resources. Explore the new virtual system architecture that offers a unified experience and the ability to deploy new virtual systems instantly. See how R82 simplifies operations with a new clustering mode that streamlines configuration across platforms. Discover our unique solution for HTTPS inspection, ensuring a smooth experience for end users while maintaining high security confidence for your teams. With over 50 innovative features, Quantum R82 is set to transform your security landscape. Don’t miss this opportunity to explore its powerful capabilities. |
||
| Sponsor Session by Veriti- Protecting Hybrid Mesh: Safe Remediation for Instant Risk Reduction - Oren Koren, CPO & Co-founder Veriti |
Oren Koren |
|
Your hybrid network is expanding - so are the risks you can’t see. Misconfigurations, unpatched vulnerabilities, and blind spots spanning cloud and on-prem, are leaving gaps attackers exploit. In this session, we’ll reveal how Check Point’s Hybrid Mesh Firewall and Veriti’s Exposure Assessment Platform team up to close those gaps fast - without downtime. See how proactive, one-click remediation stops threats before they spread. Instantly leverage virtual patches to secure critical assets in the network, slash MTTR, and reduce labor costs across your hybrid mesh. Securing your entire environment without breaking doesn’t have to feel impossible. |
| Spotlight on Enterprise & Hybrid Mesh Firewall Tested by 3rd Party Lab |
Hezi Chen |
Join us to recap the Miercom Enterprise & Hybrid Firewall, showcasing how Check Point works with the best prevention on-premise, in the cloud, and as-a-service. We will show Check Point superior Block Rate in Malware Protection, Intrusion Prevention, and SSE, covering all the hybrid firewall bases. |
|
| SASE Your Way with Quantum SD-WAN |
|
Discover how the Infinity Platform empowers you to seamlessly integrate SASE into your network strategy with Quantum SD-WAN, Harmony SASE, and a Hybrid Mesh Firewall framework. Accelerate internet and network connectivity while using different firewall form factors for your hybrid IT environment e.g. firewall-as-a-service, on-prem firewalls and cloud-native firewalls, while delivering consistent levels of security and connectivity across a remote, on-prem and hybrid workforce via the Infinity Portal. Join us to explore the future of secure access with Check Point. | |
| Introducing New AI-Powered Capabilities: AIOps, Policy Insights & Auditor and Infinity Identity |
Are you struggling to keep up with policy changes and ensure your security policies align with best practices? Do you face challenges in optimizing access to minimize risks or maintaining high uptime by proactively addressing issues before they occur? Join us for an insightful session where we unveil cutting-edge capabilities designed to address these challenges head-on. Discover how to: Optimize your security policies by removing unnecessary access and adhering to best practices. Align your security policies seamlessly with company guidelines for stronger governance. Proactively monitor your security environment to ensure maximum uptime and resilience. Leverage built-in playbooks to automate daily tasks and enhance operational efficiency. Transform how you manage security policies and firewalls, empowering your team to stay ahead of threats while achieving operational excellence. |
||
| Spark SMB Network Security – How MSPs can now do much MORE with LESS |
|
In today's fast-paced digital landscape, MSPs face unique challenges in maintaining robust network security for their SMB customers while doing so with minimal human resources. This session will explore how MSPs can leverage NEW advanced management capabilities of the Spark product line to achieve MORE with LESS. We will delve into how MSPs can utilize enhanced insights, automated tasks, and customized aggregated views to streamline operations for SMBs. These innovations not only reduce the manpower required to support a large MSP business but also significantly improve the customer experience. Join us to discover practical solutions that empower MSPs to maximize efficiency and security with minimal resources. | |
| Nvidia Case Study-Securing AI Infrastructures |
Aviv Abramovich |
As AI adoption accelerates, organizations face growing challenges in securing their AI systems from threats. Join this session to discover AI Cloud Protect, Check Point's Security Solution engineered with NVIDIA BlueField-3 DPU and the DOCA software framework. This one-of-a-kind solution not only delivers unparalleled defense against AI-specific threats but also drives cost savings by seamlessly integrating security into existing AI platforms without compromising performance. Learn how Check Point and NVIDIA are redefining secure, high-performance AI ecosystems with a solution unmatched in the market today. | |
| R82 Performance Optimization Tips and Tricks |
Valeri Loukine |
In an era where network security is paramount, the efficiency of security gateways stands as a critical linchpin in safeguarding data and operations. Historically, optimizing network security gateway performance has been complex and arduous. With R82, the tables have been turned. In this presentation, we'll explore the innovative tools to optimize network security gateway performance to obtain flexible, adaptable, and effective performance tuning without compromising operational agility. |
SASE And Securing The Hybrid Workforce
| Topic | Speaker | Content | Description |
| Securing the Hybrid Workforce - Intro To Harmony Suite |
|
Delve into the dynamic landscape of cybersecurity, exploring the critical role of your endpoint, mobile and email security solutions. Learn how to safeguard your workforce and corporate data and environment against evolving threats. In this session we will unravel the intricate strategies to halt the rising tide of phishing and ransomware attacks, dissecting real life scenarios with actionable insights. We’ll learn how XDR is a pivotal component in orchestrating a unified defense, harmonizing these disparate security layers into a formidable shield against the ever-adaptive adversaries. | |
| Harnessing AI to Stay Ahead of Email Cyber Criminals |
|
Cyber criminals are always on the lookout for new ways to get to your data, encrypt your machines and get your money. As email remains the most common attack vector, BEC threats have evolved FAST, leaving legacy security solutions ineffective. Join this session to learn how Harmony Email & Collaboration prevents the most advanced email-based threats with innovative AI, all while keeping the onboarding process super simple - keeping our customers secure and allowing our partners to generate a lot of business consistently and fast. |
|
| Adopting GenAI Securely with Check Point | The generative AI revolution is here to stay. Join us to discover the latest innovations by Check Point for adopting GenAI safely. We will discuss the unique security challenges posed by GenAI, such as data exposure and compliance risks, and how Check Point GenAI Protect can assist you in governing and protecting your data in this new era. | ||
| Email Security - Reinvented: How is Check Point's Email Security different than the rest of the market? |
|
The Email service shifted to cloud-based solutions, mostly Microsoft 365 and Gmail. With it, new attacks targets and methods were born but also new methods to secure it. Come to learn how the threat landscape has change and how Check Point has been able to help customers address this challenge with the fastest growing Email Security solution on the market. |
|
| Hybrid³ SASE – Supercharge your network security |
|
Work happens everywhere: in browsers, on devices and over the cloud. Keeping your users and network safe mandates security measures throughout their journeys. Join us to learn how Check Point's hybrid SASE protects your workforce - wherever work takes it. |
|
| When SaaS Attacks: Exposing the Hidden Risks in Your SaaS Ecosystem |
|
As organizations increasingly rely on SaaS applications to store and process critical data, securing these environments has become crucial. Our revolutionary SaaS security solution, launched only a year ago, has seen unprecedented sales growth, underscoring its effectiveness and market trust. In this session, we'll reveal how our advanced threat detection, seamless integration, and quick time-to-value are redefining SaaS security. Discover how our solution not only safeguards your data and ensures compliance but can also protect Harmony Email & Collaboration and Harmony SASE customers. Join us to explore the future of SaaS security and learn why so many organizations have already put their trust in our solution. | |
|
Unleashing MSSP Excellence: The Harmony Power in the Infinity Portal |
|
A must-attend for MSSPs looking to elevate their service offerings and secure their workforce product line with cutting-edge solutions. Attendees will gain insights into effective cross-selling and upselling strategies, empowering them to maximize the potential of the Harmony product line. Join us to explore how the Infinity Portal provides a powerful management platform for MSSPs and their customers. Discover how easy it is to integrate Pay-As-You-Go (PAYG) offerings, enhancing flexibility and scalability for your clients, as well as cross-selling and up-selling throughout the Harmony product line. We will also delve into the future for MSSPs leveraging the Infinity Portal, highlighting upcoming features and innovations. |
|
| Securing the Edge: Holistic Strategies for Managing Device Security Posture | In today’s evolving threat landscape, achieving a robust security posture hinges on two key principles: Visibility and Precise Response. Organizations must go beyond traditional detection to gain a clear view of their environment and act swiftly with pinpoint accuracy. This session will highlight how leveraging effective attack surface management and advanced EDR capabilities provides the foundation for these principles. Discover how to minimize your attack surface, enhance real-time visibility, and execute precise automated responses to neutralize emerging threats. Learn how a strategic focus on these principles ensures resilient endpoint security and elevates your organization’s overall defense strategy. | ||
| Securing the Everywhere Workforce: How Harmony Keeps Remote Work Safe |
In an era where web-borne attacks are becoming increasingly sophisticated, organizations face an evolving array of threats, from phishing scams and data breaches to emerging risks associated with AI. This session explores how these attacks manifest and provide actionable strategies for mitigating their impact. In this session we will demonstrate how endpoint, browse and mobile security solutions play a critical role in defending against these challenges, empowering businesses to secure their digital assets effectively. |
AI-Powered Security Operations & Services
| Topic | Speaker | Content | Description |
|
Collaborative AI-Powered Threat Prevention in Action |
Join us to explore the latest features of Infinity XDR/XPR and how it delivers unparalleled value to your security operations. Learn how it seamlessly integrates with third-party security solutions to provide holistic threat detection and response, while offering unique advantages for Check Point Network customers with its advanced NDR capabilities. Discover how Infinity XDR/XPR empowers users with actionable insights, streamlined workflows, and enhanced visibility, creating a unified platform that strengthens your security posture and accelerates threat mitigation across your entire ecosystem. |
||
|
Hacking with AI: The Dark Side of Innovation |
|
In this presentation, we uncover the groundbreaking yet unsettling role of AI in reshaping the battlefield of cyber warfare. As AI evolves at breakneck speed, it’s not just revolutionizing industries—it’s empowering hackers to unleash advanced cyber weapons at unprecedented efficiency. These tools drastically cut down the time required for attacks, creating a new era of high-speed automated cybercrime. |
|
|
Holistic Security Operations: Leveraging External Threat Intelligence, Dark Web Insights, and Managing Detection & Response for Collaborative Prevention |
Yochai Corem |
Gain unmatched visibility and proactive defense with Check Point's advanced external threat intelligence, dark web monitoring, combined with MDR and IR services. This approach ensures rapid detection, effective response, and collaborative prevention of emerging threats. Experience how holistic security operations empower organizations to deal with a complex attack surface and stay ahead in an ever-evolving cyber threat landscape. |
|
|
ThreatCloud AI Under the Hood -2025 Innovations |
ThreatCloud AI is the brain behind all Check Point’s products, which combines the latest AI technologies with big data threat intelligence to prevent the most advanced attacks. This session will highlight the key innovations introduced over the past year, including the new AI engines in R82, such as TC Graph, Kronos, and more. Additionally, the session will outline the plans for 2025, featuring real-world use cases of these new AI engines, Threat Prevention dashboards, and other technologies designed to enhance security and prevent evolving threats. |
||
|
Infinity Cyber Risk and compliance manager: Your trusted solution for NIST, NIS2, DORA, ISO and evolving regulatory, compliance requirements and cyber insurance readiness |
This session will demonstrate how Check Point's Infinity Cyber Risk and compliance manager and expert advisory services enable organizations to conduct comprehensive risk and compliance assessments while leveraging a dedicated GRC platform for effective task management. Attendees will learn how to prioritize cybersecurity objectives, develop tailored policies to address identified gaps, and drive strategic alignment. The session will include a live demonstration of our risk management tools and showcase how frameworks such as NIS2 and NIST are utilized to communicate effectively with stakeholders, fostering a culture of proactive change and enhancing organizational resilience.This session will demonstrate how Check Point's vCISO and Expert Advisory Services enable organizations to conduct comprehensive risk and compliance assessments while leveraging a dedicated vCISO platform for effective task management. Attendees will learn how to prioritize cybersecurity objectives, develop tailored policies to address identified gaps, and drive strategic alignment. The session will include a live demonstration of our risk management tools and showcase how frameworks such as NIS2 and NIST are utilized to communicate effectively with stakeholders, fostering a culture of proactive change and enhancing organizational resilience. |
||
|
Reskill and Upskill Your Workforce: Building a Cyber-Savvy Team |
Empower your workforce to tackle cyber risks with Infinity Global Services' transformative training programs. This session highlights tailored solutions, from C-level education to hands-on hacking and cybersecurity awareness, designed to build resilience across all organizational levels. Learn how Check Point's Training team drives strategic learning journeys to elevate your team into cyber-savvy defenders of your organization’s future. |
||
|
Augment Your Team with Managed Security and Professional Services Expertise |
Learn how a customer’s security posture is continuously optimized with Infinity Global Services. Our expert teams seamlessly integrated with our customer’s organization to Unify Security Operations with 24/7 managed services and professional services. This allowed us to continuously respond to detections, remediate issues and provide expert engineering and consulting projects with a collaborative approach. |
||
|
AI - The Future Ahead: DeepSeek, Energy, and AI Agents |
Developing homegrown Generative AI solutions is a challenge that requires balancing cutting-edge technology with practical constraints. In this talk, we will explore the main lessons learned from creating the Infinity AI Copilot and we will also share our own AI predictions for 2025. |
cp<r> - The Latest Check Point Research
| Topic | Speaker | Content | Description |
| 2025 Security Report Highlights | Sergey Shykevich |
|
In this session, we will present key findings from the 2025 Security Report, offering a comprehensive overview of the evolving cyber threat landscape. We will share data stats that illustrate notable shifts in the attack ecosystem over the past year. Additionally, we will provide an in-depth analysis of trends in ransomware and infostealer activities, shedding light on their impact. The talk will also highlight how the Cyber Wars of 2024 -2025 look like. |
| Breaking Boundaries: Investigating Vulnerable Drivers and Mitigating Risks | Jiri Vinopal |
|
Have you ever wondered why there are so many vulnerable drivers and what might be causing them to be vulnerable? Do you want to understand why some drivers are prone to crossing security boundaries and how we can stop that? Vulnerable drivers not only put the system where they are installed at risk, but they can also be carried by malware as standalone components and then abused for their operations. That’s why it is especially alarming that the number of observed vulnerable drivers keeps increasing steadily every week, with several new vulnerabilities being discovered regularly. This talk presents the findings of our research, which reveal that the majority of known vulnerable drivers share certain characteristics. Interestingly, these vulnerabilities are often not complex and can easily be addressed. Using the same methodology, we conducted a mass hunt for new drivers that may be vulnerable, uncovering thousands of potentially at-risk drivers. |
| Tales of a Malspam Campaign from a Threat Actor's Perspective | Eli Smadja |
|
Have you ever wondered about the “hard work” that threat actors put into executing a malware campaign? This talk explores the intricate efforts, time, and financial resources needed to target thousands of email addresses and infect businesses and organizations globally. We will delve into the behind-the-scenes steps taken by a threat group that targeted over 62,000 business email addresses in the United States and Australia. |
| Initial Access to Corporations – The Biggest Crime Facilitator in the Darkweb | Sergey Shykevich |
|
Over the past years, Initial Access Brokers (IABs) have emerged as key facilitators of cybercrime, employing various methods to gain initial access to corporate networks and resources. In this session, we will delve into how IABs operate, the primary techniques they use to achieve initial access, and the resulting implications for organizations. Additionally, we will examine the infostealers ecosystem, focusing on how these threats target BYOD devices and supply IABs with high-value information. |
| The Evolution of Sharp Dragon - a Chinese APT | Amitai Ben Shushan Erlich |
|
Tracking Sharp Dragon’s activities over the years provides valuable insights, even though the group is using quite traditional tools affiliated to Chinese nexus groups. In this talk, we will explore the evolution of key aspects of Sharp Dragon’s activities, which reflect broader trends in the Chinese APT ecosystem among similar groups. |
| From Data Theft to Influence: Operations by Iran’s Emennet Pasargad | Alexandra Gofman |
|
Emennet Pasargad is an Iranian cyber group that has for years conducted cyber-enabled information operations around major global events, including the 2020 U.S. elections, the 2024 Olympics in France, and the Israeli-Hamas conflict, often acting on behalf of the Iranian government. We will provide a deep-dive analysis of the group's motives, activities, tools, and techniques used in these campaigns. |
| The Moniker Link Vulnerability and the untold story | Eli Smadja |
|
During this session, we will discuss CVE-2024-21413, the infamous Monikerlink bug, and its implications. Hear the untold story of a critical vulnerability found by Check Point’s research team and discover why it's not just a vulnerability but a new attack vector. |
| Lying Pigeon: Pro-Russian Disinformation Campaigns Across Europe | Alexandra Gofman |
|
From August to November, Check Point Research tracked an email-based disinformation campaign against Moldova aimed at influencing the outcome of Moldova's October presidential elections and the national referendum on potential EU membership. The same threat actor, dubbed Lying Pigeon, has been observed conducting operations across Europe since at least 2023, targeting major geopolitical events such as the NATO 2023 summit in Vilnius and the 2023 general elections in Spain. |
| Rhadamnthyses (Plural) - Clustering a Stealers Activities | Amitai Ben Shushan Erlich |
|
Since its emergence in late 2022, Rhadamanthys has been adopted by a diverse range of actors, from cybercriminals to state-sponsored groups. This widespread use complicates tracking and attributing attacks involving the stealer. In this talk, we’ll delve into the techniques we use to identify, map, and attribute activities linked to Rhadamanthys, shedding light on its complex and varied usage. |
| Bad Karma, No Justice: Void Manticore Destructive Activities in Israel | Eli Smadja |
|
Void Manticore, an Iranian threat actor linked to the Ministry of Intelligence and Security (MOIS), is known for carrying out destructive cyberattacks and influence operations. Void Manticore operates under several online personas, with the most prominent being Homeland Justice, which targets Albania, and Karma, which has been involved in attacks on Israel. One key aspect of Void Manticore’s operations is its overlap with another Iranian threat group, Scarred Manticore. In this talk, we’ll explore Void Manticore's methods, targets, and strategic relationship with Scarred Manticore, offering insights into their broader geopolitical goals and their threat to global cybersecurity. |
| Wezrat, Advanced Iranian APT, intelligence, tool analysis and an hunting story | David Driker |
|
In late 2024, the FBI, the US Department of Treasury, and the Israeli National Cybersecurity Directorate resealed a joint Cybersecurity Advisory, reporting an activity by the Iranian cyber group Emennet Pasargad, a group that for many years conducted cyber-enabled information operations around major events such as the US elections in 2020, the 2024 Olympics, and the Israeli-Hamas war. Check Point Research takes a deep dive into the motives, activities, tools, and techniques used by the group in several recent cyber operations in the US, France, Sweden, and Israel. |
AI-in-Action, SASE, & Cloud Security Best Practices Workshops
| Topic | Speaker | Content | Description |
| Best Practices for SSE - Internet and Private Access |
|
Find out how companies achieve 2X faster internet security, deploy Zero Trust private access in minutes, not days, and benefit from optimized connectivity with our leading threat prevention solution. | |
| AI-in-Action Best Practices | During the hands-on workshop, attendees will experience the full power of Check Point's innovative AI-powered solutions: ThreatCloud AI, Gen AI Protect, and Infinity AI Co-Pilot. ThreatCloud AI will showcase its unparalleled ability to predict, prevent, and neutralize advanced cyber threats in real time. Leveraging over 50 AI engines and analyzing billions of data points, this solution demonstrates how it proactively protects organizations with industry-leading threat prevention rates and adaptive intelligence. Gen AI Protect empowers businesses to safely adopt generative AI technologies. This solution highlights real-time data loss prevention, compliance assurance, and insights into generative AI tool usage, ensuring sensitive information remains secure while maximizing the productivity benefits of AI. Infinity AI Co-Pilot will exhibit how it boosting security operations by automating complex tasks, delivering actionable insights, and enabling security teams to focus on strategic priorities. Participants will see first-hand how it integrates seamlessly to reduce operational overhead and enhance decision-making efficiency. Together, these solutions provide a comprehensive demonstration of how AI transforms cybersecurity, offering customers unparalleled protection, operational efficiency, and confidence to stay ahead in an evolving digital landscape. | ||
| Defending Against Sophisticated Email-Borne Threats: A Live Demo of Harmony Email & Collaboration |
|
Email remains the primary attack vector for advanced cyber threats, from Business Email Compromise (BEC) and phishing to zero-day malware and account takeovers. Traditional security solutions struggle to keep pace with evolving tactics, often leading to costly breaches. Join us for a hands-on workshop where we’ll demonstrate how AI-powered, API-inline security can proactively detect and neutralize even the most sophisticated email-borne threats—without disrupting business operations. Through a live demo, you’ll discover how to:
Designed for IT security leaders, SOC teams, and email security professionals, this workshop will equip you with the latest strategies to defend against modern email threats. See the technology in action and learn how to strengthen your email security posture today! |
|
| Cloud Network Security Blueprint - Lessons, Tips and Best Practices Learned while Deploying Cloud Solutions | Join us as we discuss “tips and tricks” that impact cloud security deployments. On this workshop we will cover “real world examples” such as step by step procedures for upgrading scale sets in AWS and Azure with zero downtime, an in-depth demo of GCP’s new packet intercept architecture, a look at our Equinix capabilities and a tour of the CloudGuard Controller | ||
| AI-WAF Workshop Deep Dive | Web APIs and applications can expose potential vulnerabilities, providing attackers opportunities to infiltrate cloud environments, compromise servers, and access sensitive data. That’s why having a highly accurate WAF is essential—and CloudGuard WAF leads the industry in precision and protection. In this session, we’ll demonstrate how our AI-powered technology preemptively blocks even the most advanced attacks with unmatched accuracy and reliability. You’ll also see just how simple it is to deploy and configure. Plus, we’ll explore how CloudGuard supports seamless SaaS deployments and API discovery to deliver comprehensive, state-of-the-art cloud security. | ||
| Email Security Best Practices Workshop |
|
Zero Trust and Network Security Best Practices Workshops
| Topic | Speaker | Content | Description |
|
Check Point R82 Automation Best Practices |
This workshop will guide you through best practices and key considerations for automating Check Point R82 infrastructure, both on-premises and in the cloud. Starting with the Check Point APIs homepage, you’ll learn how to begin automating your infrastructure. We’ll cover zero-touch APIs and cloud-init for seamless deployment, applicable to lab and production environments. We’ll explore the pros and cons of using Ansible versus Terraform for automation and delve into Check Point’s integration with Terraform to build a secure and scalable infrastructure-as-code environment. We’ll also cover best practices for automating tasks and managing configurations with Ansible to maximize Check Point R82 orchestration. Finally, you’ll gain hands-on experience by automating key tasks on Check Point R82 using Ansible and Terraform in real-world scenarios. Join us for a comprehensive session to equip you with the knowledge and tools to streamline and enhance your Check Point R82 automation workflows! |
||
|
Maestro & Infrastructure as Code |
Since you last visited us at CPX 2024, we have been busy at delivering on our promise of simplicity – streamlining Maestro operations, providing Insights – literally – into your system’s health and status, making the management interface more accessible and clear, and enabling advanced automation when an idea became a powerful operational tool – not only achieving all of the above objectives, but also creating new opportunities for you to manage your network cluster configuration backups, disaster recovery and more, in the most innovatively simple way. Come see us and watch how it is done and take with you some food for thought – and ideas to action. |
||
|
R82 - ElasticXL and VSNext Generation Under the Hood |
In this workshop, you will explore another innovative solution brought to you in the Quantum Firewall R82 software release – VSNext. VSNext is built on the foundations of two important technologies: ElasticXL and the Single Management Object paradigm. You will understand how VSNext streamlines operations by embracing the full potential of API, WebUI, and CLI-driven management concepts. Experience how fast you build multiple virtual security gateways sharing the same appliance resources allowing scale and simplified network integration. You will perform actions like creating new virtual systems, virtual switches, virtual links, changing configuration, assigning or deleting interfaces, and more, and end with the Insights tool available to monitor and enhance your experience using virtual systems. Make sure to be familiar with ElasticXL as this clustering technology is the foundation of VSNext and join our session. |
||
|
R82 - TLS inspection Enhancements |
In a world where 90% of all traffic is encrypted, it is of vital importance applying security especially on this encrypted traffic. Malicious actors are hiding their attacks and other potentially harming activities inside encrypted traffic because they know they have a better chance of getting through. In this workshop – allowing 80 participants running a hands-on lab – you will learn how R82 eases the configuration of HTTPS inspection and understand the improvements made to the security engine to achieve a best-in-class experience for the end users. In Quantum Firewall R82 software release, Check Point has overcome traditional challenges when inspecting HTTPS traffic such as negative end user experience caused by applications based on Certificate Pinning. The optimized deployment method introducing innovative ‘Learning Mode’ allows seamless activation in production environments, as it is accompanied by ‘Bypass Under Load’ preempting potential performance issues. The SmartView HTTPS Inspection Dashboard provides visibility for administrators maintaining control throughout all deployment phases. |
CheckMates Community Use-Cases
| Topic | Speaker | Content | Description |
|
Be your own TAC Part Deux: Advanced Gateway Troubleshooting Commands |
Tim Hall |
The "Be Your Own TAC" series continues with a follow-up to last year's standing-room only presentation at CPX. All-new advanced gateway troubleshooting commands that are frequently employed by Mr. Hall in his consulting engagements are presented, many of which are undocumented and not widely known outside of Check Point. |
|
| Taking Flight: How EL AL Defeated Web DDoS Attacks with Check Point Infinity |
Chen Amram Ron Meyran |
EL AL Israeli Airlines faced in November 2024 an intensive DDoS attack campaign that included a hard-to-detect Web DDoS attack vector. The attack disrupted severely their critical online applications including tickets sales. In this session, we’ll discuss why standard mitigation solutions fail to detect the Web DDoS attack, and explore the practical steps taken to implement Check Point’s DDoS Protector to successfully mitigate the DDoS threat. We will then present a 5-steps DDoS response plan helping companies to protect their online application against the full spectrum of DDoS threats using Check Point Infinity. | |
| Mastering Email Security in Microsoft 365: Insights and Lessons from TV2 | Alf Morten Fjæreide IT Security Architect, TV2 |
TV2 is a long-time customer of Check Point on our Firewalls and have invested in Harmony Email & Collaboration in 2024. This presentation invites cybersecurity professionals, IT leaders, and partners to gain actionable insights on using Harmony Email & Collaboration to secure email environments effectively. The presentation seeks to inspire, teach, and equip attendees with the strategies, tools, and techniques required to counter evolving cyber threats in Microsoft 365. |
|
| Building Scalable Networks | Magnus Holmberg Security Architect, Tele2 |
One of the biggest benefit that Check Point have is the scalability and ability to start off small and grow in to a larger deployment. This session will focus on how you are able to go from a SMS and a firewall cluster and scale to a MDS with 50 CMA and 100 Firewalls using the same tech, same look and feel. The ability to use different type of installations (VM, OpenServers, Appliances) but still have the same look and feel. Scale on the same type of hardware using VSX, ElasticXL by offloading traffic to multiple boxes. |
|
| ElasticXL: Maestro for Everyone |
Danny Jung |
Discover how Check Point's ElasticXL and Maestro redefine cluster technology. ElasticXL offers simplified management and automatic configuration, eliminating the need for hardware orchestrators. Maestro adds advanced HyperScale features. | |
| Elevating Cybersecurity: Infinity External Risk Management | Danny Jung Cyber Security Evangelist, SITS Group |
Discover how Infinity External Risk Management revolutionizes cybersecurity by providing comprehensive threat intelligence, digital risk protection, and continuous monitoring across the web. Learn how this integrated solution mitigates external cyber risks, protects brand assets, and enhances overall security operations. | |
| Unmasking the Unknown: Visualizing Attack Surface Management in a Hyper-Connected World | Daniel Eberhorn Lead Architect Cyber Security, Bechtle AG |
As organizations strengthen their on-premises defenses, the growing complexity of cloud environments and internet-connected assets often leaves critical blind spots. What about systems that resemble your infrastructure but aren't yours—or assets you don’t even know exist? This session explores how to visualize and understand your true attack surface, bridging the gaps between traditional on-premises coverage and the often-overlooked risks in cloud and external environments. Discover strategies to identify hidden vulnerabilities, manage shadow assets, and protect what’s yours—while staying ahead of threats in a hyper-connected world. | |
| A Hybrid Approach to Policy Management | Kishin Fatnani Owner / Trainer, K-Secure |
Centralized policy management has always been a cornerstone of Check Point’s solu ons, offering advantages like efficiency, scalability, and centralized visibility. However, with the ever-evolving nature of network environments, par cularly in large and distributed infrastructures, a new approach is needed to enhance and automate security policy management alongside tradi onal centralized methods. Check Point has consistently led the way in providing flexible and dynamic policy management through features like dynamic/updateable objects, network feeds, and generic data center objects. With the release of R82, this approach is taken to the next level with the introduction of Dynamic Layers in Access Control Policies. |
|
| "It's OT Jim but not as we know it" - OT visibility and protection activities | Mark Shaw Senior Security Consultant, Sapphire |
OT assets and environments can be hard to secure, often with visibility being one of the hardest initial challenges. Hear how you can leverage discovery techniques to identify assets and strategies to secure and protect your critical operations. The talk will cover techniques to align to Purdue model and practical examples of security discovery and maturity development. | |
| Elevating Web3 Security for Cardano: Check Point’s First-of-Its-Kind Web3 Threat Detection System |
Giorgio Zinetti Dan Danay |
Cardano is a multi-billion dollar, top-10 blockchain, known for its technical rigor and innovation. In a first-of-its-kind partnership, Check Point and Cardano have collaborated to develop a cutting-edge web3 security system, uniquely designed to secure Cardano’s blockchain. This initiative represents one of the largest funded projects in Cardano's history and is poised to drive new business adoption by providing unparalleled real-time security. Attendees will gain insights into how this solution leverages Check Point’s threat intelligence to address blockchain vulnerabilities and protect Cardano’s assets, fostering a new era of secure, large-scale institutional participation. | |
| Network Segmentation – A How-To Guide | Morten Sørensen CEO - Omnisec |
A secure network by design is the most basic (but often neglected) feature for any organization. This is a guide on how to do a segmentation of your network in order to secure the fundamentals of your infrastructure. | |
| Integrating CloudGuard CNAPP with Native AWS Controls | Bart Coddens Cloud Security Engineer, Cloudar |
This session will show how CloudGuard can be integrated with AWS GuardDduty and AWS Detective for more inclusive Cloud Security Monitoring. With the integration of CloudGuard as a CNAPP platform with the native AWS services described above, the customer can benefit from the best of both worlds for AWS detection and response. | |
| Innovative Network Segmentation and Security: A Case Study of Multi-Domain VPN and Advanced Threat Prevention | Dawid Dudek Expert Network Engineer, Fiberhost |
Explore a cutting-edge network security transformation leveraging Check Point Secure Gateways. This presentation details a complex corporate division project featuring innovative routing with ISIS protocol, advanced VPN configurations across multiple community domains, and comprehensive security implementation. Discover how we implemented full-layer security including IPS/IDS, Anti-Virus, Anti-Bot protection, and real-time threat analysis using MITRE ATT&CK framework. Learn practical strategies for network segmentation, secure communication between corporate entities, and advanced threat prevention techniques. | |
| A day in the life of someone new to the cybersecurity industry using Check Point: Real-Life Scenarios with Check Point R81.10 SmartConsole | Kelley Perez Security Analyst, Old Republic Title Co. |
In an era where cybersecurity threats evolve daily, network security is more critical than ever, even for those new to the field. This presentation is designed to offer insights into managing Check Point Firewalls using SmartConsole from the perspective of a newcomer. Through real-world scenarios, attendees will discover how SmartConsole’s intuitive interface makes it possible for even those new to cybersecurity to learn firewall management. I would like to talk about the ways Check Point minimizes the learning curve, allowing managers to execute complex tasks with confidence and efficiency. | |
| Securing the cloud with CloudGuard and ensuring PCI compliance | Alain Deberdt Information Security Director, Corpay |
Corpay has a complex cloud environment and needed to have more visibility, increase the level of security and ensure PCI compliance in this environment. By using CloudGuard, it was possible to address these needs, providing a unique solution for cloud security. | |
| Check Point Support and you: Best Practices | Eli Fashka CEO, Soluciones Seguras |
This presentation explores how to integrate Check Point’s support services into a Partner’s customer support framework, emphasizing strategies to maximize efficiency and customer satisfaction. Key topics include identifying events and contextual details that external agents may lack, effectively communicating and clarifying these nuances to customers, and crafting tailored presentations that align with customer expectations. Attendees will gain insights into when to prioritize a recommendation, best practices, and the particular context of an event. The session will also cover best practices for balancing technical accuracy with clear, approachable communication, avoiding potential confusion during high-stakes support scenarios, by blending Check Point’s robust resources with a Partner’s personalized service approach. |
|
| Implementing Autonomous Threat Prevention | David Leonard Director of Engineering & Professional Services, Mission Critical Systems |
This presentation covers the implementation of Check Point’s Autonomous Threat Prevention (ATP) to automate and streamline cybersecurity operations. We’ll explore ATP’s capabilities for zero-maintenance threat management through pre-configured protections and real-time policy adjustments. Key topics to possibly include are ATP setup, policy customization, and integration with centralized monitoring systems. Additionally, we’ll discuss how ATP was successfully implemented for a university with 10,000 students to stop an active botnet attack. |
|
| Check Point Technology Refresh | Rodrigo Rocha SE Manager, CG One |
Our customer has a large Check Point firewall environment with 81 physical appliances, 5 virtual firewalls and cloud manager. These firewalls needed to be refreshed. We proposed a technology refresh of part of the appliances (2 23500 clusters and 1 15600 cluster) for a Maestro cluster with 9 x 9100 appliances, and the renew of the rest of the appliances. | |
| How to secure your remote developers without sinking your company | Pablo Barrera Cybersecurity Services Director, ES Consulting |
The presentation highlights the challenges of securing your remote workers, specially developers, and how Check Point SASE and other products help you by integrating zero trust network access (ZTNA), cloud-delivered security, and real-time threat prevention, while maintaining productivity and agility. I will address remote collaboration challenges, implementing least-privilege access, and leveraging advanced threat intelligence to safeguard development code and workflows. Attendees will gain actionable insights and best practices to create a seamless, secure environment for remote development teams, fostering collaboration without compromising security. Helping the company to comply with customer cybersecurity requirements. | |
| Leveraging Ansible in Check Point Environments | Ron Pristera Cybersecurity Solutions Architect, Swish Data |
Utilizing time and manpower effectively to manage network infrastructure is crucial to operational success. This presentation covers strategies and best practices for leveraging the automation platform Ansible in a Check Point environment. We discuss tips and best practices for leveraging Ansible to perform routine tasks, implement uniform configurations across firewall instances, and monitor changes to prevent drift. Additionally, we’ll discuss methods for integrating Ansible playbooks for continuous compliance and examine case studies demonstrating practical applications of Ansible for enhancing firewall management. Ideal for administrators and network engineers looking to more efficiently perform daily tasks and improve security posture through automation. |
Partners Track (only available to Employees and Partners)
| Topic | Speaker | Content | Description |
|
Partners Sessions |
|
Topics:
|
