This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
TCarrigan
Employee
Employee
a week ago

GA: Authentication Enforcement for Check Point WAF

Now GA: Authentication Enforcement for API Protection 

APIs are the backbone of modern apps and keeping them secure means more than just spotting bad traffic. You also need to make sure the right clients are connecting in the first place. That’s exactly why we built Authentication Enforcement for Check Point WAF, a new way to make sure only authenticated clients get through to your protected APIs and applications. 

Think of it this way. Schema enforcement gives you a positive model of what your API should look like, the request structure, the fields and formats you expect, and blocks anything that doesn’t match. It’s hugely effective at stopping accidental misuse and a wide range of attacks like injections or malformed payloads because anything outside the approved schema simply isn’t allowed. 

Authentication Enforcement goes a step further upstream: it doesn’t just check the structure of a  request, it checks the identity behind it. Before letting a request get near your sensitive endpoints, it verifies that a valid authentication token is present, that it hasn’t expired, and that its signature checks out. Currently, this is done using JWTs, the standard bearer token used by most modern APIs - with support for additional authentication methods planned in the future. Screenshot 2026-02-13 at 10.54.33.png

 Here’s why this matters.  

An API can look structurally correct, match the schema but still come from an unauthorized or malicious client. Without identity validation, attackers can still probe your API, scrape data, or abuse endpoints that weren’t meant to be public. Authentication Enforcement closes that gap. By understanding who is making the call, it stops unauthorized traffic in its tracks, aligning with zero trust principles that are becoming the baseline for secure API ops. 

Best of all, from the defender’s standpoint, this is a natural extension of schema enforcement. Schema rules ask “does this request belong here?” Authentication Enforcement asks “who is at the door?” and demands that they present valid credentials. Working together, they give you both structural and identity-based assurance. It’s a one-two punch that makes your API security far stronger than either check on its own. 

Authentication Enforcement is now GA and it’s a big step toward making API access control more robust, integrated, and seamless. Plus, it helps ensure the right clients get access, protects your backend from unauthorized use, and lets you build confidence knowing both intent and identity are part of your security model. It’s just one more way that we are pushing the best WAF on the market to get even better in 2026. 

1 Reply
the_rock
MVP Diamond
MVP Diamond
a week ago

Great!

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 24 Feb 2026 @ 04:30 PM (EST)

    Las Vegas: MDR/XMDR
    In-Person

    Wed 25 Feb 2026 @ 04:30 PM (MST)

    Tempe, AZ: MDR/MXDR
    In-Person

    Fri 06 Mar 2026 @ 08:00 AM (COT)

    Check Point R82 Hands‑On Bootcamp – Comunidad DOJO Panamá
    In-Person

    Wed 11 Mar 2026 @ 12:00 PM (MDT)

    CheckMates Live Denver!
    CheckMates Events