Is it possible to use the Check Point gateway to retrospectively analyse a pcap/tcpdump file to detect threats in the same way you might use the security checkup on "live" data?
There's not a built-in tool for this.
That said, I assume you could replay the packet capture using an external system with something like tcpreplay.
If you happen to own a box that can read PCAP then you can learn from the replay.
I sometimes put a PCAP file in my labs Security Analytics box with 3 AV scanner and so on and it can show some interresting things. But most PCAP files in a firewall are too small to learn much.
Retrieving data ...