Check Point Software’s planned acquisition of
Veriti Cybersecurity will expand its capabilities in preemptive threat exposure (PEM), an automated approach to addressing the threats arising from the use of AI and the increasingly distributed nature of modern IT environments.
Check Point executives this week announced the acquisition of the Israeli startup to bolster the exposure management features in its AI-powered and
cloud-based Infinity Platform security management offering. Veriti’s technology automatically detects and remediates threats across multi-vendor environments, which stretch from on-premises data centers out to the cloud and edge.
“Veriti adds the ability to connect all of those disparate solutions into one singular surface. It ingests the countless threat signals and leverages the insights across dozens of vendors to vastly reduce the attack surface,”
Yochai Corem, vice president of threat exposure and risk management at Check Point, told MSSP Alert.
“The reality today is that organizations manage dozens of security products,” Corem said. “Those products, unfortunately, are usually working in silos, with each one trying to do its best. But hackers know security tools are fragmented and are now utilizing AI from social engineering to sophisticated malware to take advantage of these weak areas. Veriti enables proactive risk discovery and mitigation across fragmented security tools.”
Another Brick in the Wall
Check Point didn’t release financial details of the deal, which is expected to close by the end of the second quarter, though Calcalist estimated the
price tag at more than $100 million.
The PEM space is part of a fast-growing exposure management market that is expected to grow from $2.2 billion last year to
$7.6 billion by 2029.
Morphisec is a cybersecurity company with a platform based on a preemptive cybersecurity approach called Automated Moving Target Defense (AMTD), which moves beyond traditional static defense by continuously and automatically changing the attack surface through steps like shifting IP addresses, altering network paths, or frequently changing system configurations.
“As cyber threats continue to evolve in complexity, traditional and reactive approaches like detection and response are no longer enough,” Brad LaPorte, chief marketing officer for the Israeli company,
wrote in a blog post in January. “Security leaders now face a new frontier: preemptive cyber defense. This emerging approach prioritizes stopping threats before they materialize.”
LaPorte said that though the adoption of preemptive cyber defense is in early stages, he pointed to a Gartner report that said that by 2030, such technologies will be included in 75% of security solutions that now are centered on detection and response.
A Clear Choice
Check Point’s Corem said that while analyzing the market, executives found myriad advantages to what Veriti offered, including an open ecosystem that includes integrations with more than 70 security vendors like CrowdStrike, Tenable, and Rapid7, along with Wiz, a
Check Point partner that is being
bought by Google for $32 billion.
“In the same way that navigation apps harness the countless insights on multiple different vehicles driving on the road in real-time, Veriti ingests the countless threat signals already available in the security products you’ve deployed,” he wrote in a blog post. “But instead of operating in a siloed, product-specific manner, it leverages those insights across dozens of vendors to vastly reduce your attack surface.”
It also uses an API-based architecture, allowing the integration into environments without agents or other disruptions, according to Check Point.
Corem said Veriti’s broad integration “was an important factor for us. It’s also unique in its ability to detect and safely remediate vulnerabilities without disrupting business operations or generating false positives.”
Growing the Platform
Check Point, an Israeli company with U.S. headquarters in Redwood City, California, in October 2024
bought Cyberint Technologies, which brought with it external risk management capabilities.
“It gets really exciting when you bring Veriti and Cyberint … together,” Corem said. “When you add the Veriti solution to Cyberint’s solution, organizations will have access to external attack surface management, threat intelligence and remediation on the outside, and you get what we call threat exposure and remediation.”
Veriti’s capabilities meshes well with Check Point’s tools, he said.
“We have multiple AI engines that are trying to identify new vulnerabilities and the best way to remediate them,” he said. “Veriti has real-time threat intelligence enforcement. This means it verifies threat indicators from any connected tool and automatically orchestrates protection across firewalls, endpoints, WAFs [web application firewalls], and cloud platforms, enabling fast, coordinated, multi-vendor threat prevention.”
A Boon for MSSPs, MSPs
Such benefits also will be available to MSSPs and MSPs, which Check Point works closely with, according to Corem.
“With Veriti, our MSSP and MSP partners will have access to a tool that allows them to provide much better service at a lower cost,” he said. “They will be able to deliver complete risk lifecycle coverage for their customers – proactively managing both internal and external exposers across the entire attack surface.”
