Check Point Acquires Veriti
AI-fueled attacks and hyperconnected IT environments have made threat exposure one of the most urgent cybersecurity challenges facing enterprises today. In response, Check Point Software Technologies has announced a definitive agreement to acquire Veriti Cybersecurity, the first fully automated, multi-vendor pre-emptive threat exposure and mitigation platform.
'The acquisition of Veriti marks a significant step toward realizing our hybrid mesh security vision,' said Nadav Zafrir, CEO at Check Point Software Technologies. 'It strengthens the Infinity Platform's open-garden approach, enabling seamless, multi-vendor remediation across the entire security stack. With Veriti, we're advancing preemptive, prevention-first security – an imperative in today's AI-driven threat landscape.'
AI has brought cyber security to a tipping point, enabling the launch of attacks at scale. At the same time, enterprises are hyperconnected, with assets spread across clouds, datacenters, and endpoints, vastly expanding their attack surface. Traditional reactive security is too slow. Veriti continuously identifies, prioritizes, and remediates risk across your multi-vendor environment through automated patching and collaborative threat intelligence, all without disrupting business.
Founded in 2021, Veriti pioneered the Preemptive Exposure Management (PEM) category—actively discovering and mitigating risks across siloed tools. Veriti continuously monitors logs, threat indicators, and vulnerabilities identified across the environment and propagates protections in real time. With integrations into over 70 vendors, it empowers security teams to detect, understand, and prevent attacks without delay.
Core capabilities Veriti brings to the Check Point Infinity Platform: Automated, cross-vendor virtual patching: Veriti instantly applies risk-free, non-disruptive protections across dozens of third-party tools, based on vulnerabilities identified by platforms like CrowdStrike, Tenable, and Rapid7, dramatically reducing patching time from weeks to minutes.
Veriti instantly applies risk-free, non-disruptive protections across dozens of third-party tools, based on vulnerabilities identified by platforms like CrowdStrike, Tenable, and Rapid7, dramatically reducing patching time from weeks to minutes. Real-time threat intelligence enforcement: Veriti verifies threat indicators from any connected tool and automatically orchestrates protection across firewalls, endpoints, WAFs, and cloud platform, enabling fast, coordinated, multi-vendor threat response.
Veriti verifies threat indicators from any connected tool and automatically orchestrates protection across firewalls, endpoints, WAFs, and cloud platform, enabling fast, coordinated, multi-vendor threat response. Seamless integration with 70+ security vendors: Built with a fully API-based architecture, Veriti integrates into existing environments without agents or disruption, supporting the broadest security ecosystem in the market.
Built with a fully API-based architecture, Veriti integrates into existing environments without agents or disruption, supporting the broadest security ecosystem in the market. Stronger synergy with Wiz: Veriti ingests Wiz's cloud exposure insights, such as vulnerable, unpatched cloud servers or applications, and enables automatic, safe virtual patching of those assets through Check Point gateways (and other vendors' as well), enhancing Check Point's ability to execute on its strategic partnership with Wiz.
Veriti ingests Wiz's cloud exposure insights, such as vulnerable, unpatched cloud servers or applications, and enables automatic, safe virtual patching of those assets through Check Point gateways (and other vendors' as well), enhancing Check Point's ability to execute on its strategic partnership with Wiz. Safe, context-aware remediation: Veriti analyzes each customer's environment, including exposures, configurations, and existing protections, to apply the right controls safely, and without operational impact.
'Security teams today suffer from a lack of action: exposures aren't just detected, they're compounding, hiding in the gaps between tools, teams, and timelines,' said Adi Ikan, CEO and co-founder of Veriti. 'We founded Veriti to help organizations not just see risk, but remediate it safely, at scale, and most importantly – without disruption. By joining Check Point, we're accelerating that mission. Together, we'll help organizations reduce their exposure faster through the security tools they already trust.'
Following the closure of the transaction, Veriti's capabilities will be integrated into the Check Point Infinity Platform as part of the Threat Exposure and Risk Management offering. Combined with the recently added External Risk Management (ERM) solution, Veriti enhances Check Point's ability to deliver complete risk lifecycle coverage—proactively managing both internal and external exposures across the entire attack surface.
The closing of the transaction is subject to the customary closing conditions and is expected to occur by the end of Q2 2025. 0 0
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Khaleej Times
3 days ago
- Khaleej Times
Tenable research finds rampant cloud misconfigurations exposing critical data and secrets
Tenable®, the exposure management company, today released its 2025 Cloud Security Risk Report, which revealed that 9% of publicly accessible cloud storage contains sensitive data. Ninety-seven percent of such data is restricted or confidential, creating easy and prime targets for threat actors. Cloud environments face dramatically increased risk due to exposed sensitive data, misconfigurations, underlying vulnerabilities and poorly stored secrets – such as passwords, API keys and credentials. The 2025 Cloud Security Risk Report provides a deep dive into the most prominent cloud security issues impacting data, identity, workload and AI resources and offers practical mitigation strategies to help organisations proactively reduce risk and close critical gaps. Key findings from the report include: Secrets found in diverse cloud resources, putting organisations at risk: Over half of organisations (54%) store at least one secret directly in Amazon Web Services (AWS) Elastic Container Service (ECS) task definitions — creating a direct attack path. Similar issues were found among organisations using Google Cloud Platform (GCP) Cloud Run (52%) and Microsoft Azure Logic Apps workflows (31%). Alarmingly, 3.5% of all AWS Elastic Compute Cloud (EC2) instances contain secrets in user data — major risk given how widely EC2 is used. Cloud workload security is improving, but toxic combinations persist: While the number of organisations with a 'toxic cloud trilogy' – a workload that is a publicly exposed, critically vulnerable, and highly privileged – has decreased from 38% to 29%, this dangerous combination still represents a significant and common risk. Using Identity Providers (IdPs) alone doesn't eliminate risk: While 83% of AWS organisations are exercising best practices in using IdP services to manage their cloud identities, overly-permissive defaults, excessive entitlements, and standing permissions still expose them to identity-based threats. "Despite the security incidents we have witnessed over the past few years, organisations continue to leave critical cloud assets, from sensitive data to secrets, exposed through avoidable misconfigurations,' said Ari Eitan, director of cloud security research, Tenable. "The path for attackers is often simple: exploit public access, steal embedded secrets or abuse overprivileged identities. To close these gaps, security teams need full visibility across their environments and the ability to prioritise and automate remediation before threats escalate. The cloud demands continuous, proactive risk management, and not reactive patchwork." The report reflects findings by the Tenable Cloud Research team based on telemetry from workloads across diverse public cloud and enterprise environments, analysed from October 2024 through March 2025.
Tahawul Tech
4 days ago
- Tahawul Tech
Cloud misconfigurations expose critical data and secrets, says Tenable
9% of publicly exposed cloud storage hold sensitive data, 97% classified as restricted or confidential Dubai — Tenable, the exposure management company, released its 2025 Cloud Security Risk Report, which revealed that 9% of publicly accessible cloud storage contains sensitive data. Ninety-seven per cent of such data is restricted or confidential, creating easy and prime targets for threat actors. Cloud environments face dramatically increased risk due to exposed sensitive data, misconfigurations, underlying vulnerabilities and poorly stored secrets – such as passwords, API keys and credentials. The 2025 Cloud Security Risk Report provides a deep dive into the most prominent cloud security issues impacting data, identity, workload and AI resources and offers practical mitigation strategies to help organizations proactively reduce risk and close critical gaps. Key Findings From The Report Include: ● Secrets Found in Diverse Cloud Resources, Putting Organizations at Risk: Over half of organizations (54%) store at least one secret directly in Amazon Web Services (AWS) Elastic Container Service (ECS) task definitions — creating a direct attack path. Similar issues were found among organizations using Google Cloud Platform (GCP) Cloud Run (52%) and Microsoft Azure Logic Apps workflows (31%). Alarmingly, 3.5% of all AWS Elastic Compute Cloud (EC2) instances contain secrets in user data — major risk given how widely EC2 is used. ● Cloud Workload Security Is Improving, But Toxic Combinations Persist: While the number of organizations with a 'toxic cloud trilogy' – a workload that is a publicly exposed, critically vulnerable, and highly privileged – has decreased from 38% to 29%, this dangerous combination still represents a significant and common risk. ● Using Identity Providers (IdPs) Alone Doesn't Eliminate Risk: While 83% of AWS organizations are exercising best practices in using IdP services to manage their cloud identities, overly-permissive defaults, excessive entitlements, and standing permissions still expose them to identity-based threats. 'Despite the security incidents we have witnessed over the past few years, organizations continue to leave critical cloud assets, from sensitive data to secrets, exposed through avoidable misconfigurations,' said Ari Eitan, Director of Cloud Security Research, Tenable. 'The path for attackers is often simple: exploit public access, steal embedded secrets or abuse overprivileged identities. To close these gaps, security teams need full visibility across their environments and the ability to prioritize and automate remediation before threats escalate. 'The cloud demands continuous, proactive risk management, and not reactive patchwork.' The report reflects findings by the Tenable Cloud Research team based on telemetry from workloads across diverse public cloud and enterprise environments, analyzed from October 2024 through March 2025.
Web Release
5 days ago
- Web Release
Tenable Research Finds Rampant Cloud Misconfigurations Exposing Critical Data and Secrets
Tenable®, the exposure management company, today released its 2025 Cloud Security Risk Report, which revealed that 9% of publicly accessible cloud storage contains sensitive data. Ninety-seven percent of such data is restricted or confidential, creating easy and prime targets for threat actors. Cloud environments face dramatically increased risk due to exposed sensitive data, misconfigurations, underlying vulnerabilities and poorly stored secrets – such as passwords, API keys and credentials. The 2025 Cloud Security Risk Report provides a deep dive into the most prominent cloud security issues impacting data, identity, workload and AI resources and offers practical mitigation strategies to help organizations proactively reduce risk and close critical gaps. Key Findings From The Report Include: ? Secrets Found in Diverse Cloud Resources, Putting Organizations at Risk: Over half of organizations (54%) store at least one secret directly in Amazon Web Services (AWS) Elastic Container Service (ECS) task definitions — creating a direct attack path. Similar issues were found among organizations using Google Cloud Platform (GCP) Cloud Run (52%) and Microsoft Azure Logic Apps workflows (31%). Alarmingly, 3.5% of all AWS Elastic Compute Cloud (EC2) instances contain secrets in user data — major risk given how widely EC2 is used. ? Cloud Workload Security Is Improving, But Toxic Combinations Persist: While the number of organizations with a 'toxic cloud trilogy' – a workload that is a publicly exposed, critically vulnerable, and highly privileged – has decreased from 38% to 29%, this dangerous combination still represents a significant and common risk. ? Using Identity Providers (IdPs) Alone Doesn't Eliminate Risk: While 83% of AWS organizations are exercising best practices in using IdP services to manage their cloud identities, overly-permissive defaults, excessive entitlements, and standing permissions still expose them to identity-based threats. 'Despite the security incidents we have witnessed over the past few years, organizations continue to leave critical cloud assets, from sensitive data to secrets, exposed through avoidable misconfigurations,' said Ari Eitan, Director of Cloud Security Research, Tenable. 'The path for attackers is often simple: exploit public access, steal embedded secrets or abuse overprivileged identities. To close these gaps, security teams need full visibility across their environments and the ability to prioritize and automate remediation before threats escalate. The cloud demands continuous, proactive risk management, and not reactive patchwork.' The report reflects findings by the Tenable Cloud Research team based on telemetry from workloads across diverse public cloud and enterprise environments, analyzed from October 2024 through March 2025. To download the report today, please visit:
