natali_mis - stock.adobe.com
CPX 2025: Check Point CEO talks up hybrid mesh security
At CPX 2025 in Bangkok, Check Point CEO Nadav Zafrir outlined a vision for network security centred on hybrid mesh architecture and AI-powered capabilities
Check Point’s newly minted CEO, Nadav Zafrir, kicked off the company’s CPX 2025 conference in Bangkok this week with a bold vision for the future of network security, centred on the “hybrid mesh architecture” and artificial intelligence (AI)-powered security.
Speaking at the event’s opening keynote, Zafrir, a veteran in the cyber security industry, underscored the importance of “real security” in a world saturated with buzzwords and hype. He noted that while AI presents both opportunities and challenges, Check Point’s core mission remains the same – that is, to protect critical infrastructure and sensitive data from increasingly sophisticated attacks.
“We live in a hyperconnected world, rapidly evolving with the emergence of AI,” said Zafrir. “This new dimension demands a shift in our approach to security. It’s no longer enough to solely rely on cloud-based solutions. We need a flexible, adaptable framework that empowers organisations to consume security where and when it’s needed.”
This framework, he said, is the hybrid mesh architecture. A departure from the cloud-only secure access service edge (SASE) approach, it allows organisations to integrate on-premise and cloud security offerings. This flexibility allows for a better user experience, enhanced security and better control over cloud costs.
Zafrir noted that the hybrid mesh will allow organisations to adapt their security posture to their specific needs, adding that it’s about creating a security fabric which encompasses all endpoints and connections, ensuring consistent protection regardless of location or device.
Nataly Kremer, Check Point’s chief product officer, said the hybrid mesh architecture lets organisations move beyond the confines of cloud-centric SASE offerings.
“Instead of forcing all traffic through the cloud, the hybrid mesh allows businesses to dictate the inspection point for each use case,” she said. “This means organisations can leverage the power of the cloud when needed, while retaining the flexibility to secure traffic locally on-premise, ensuring optimal performance, cost efficiency and, most importantly, security.”
Read more about cyber security in APAC
- CrowdStrike CTO Elia Zaitsev explains how the company’s multi-agent AI architecture can help enhance analyst efficiency and tackle cyber security challenges.
- Sophos found three distinct clusters of activity targeted at a high-level government organisation that appeared to be tied to Chinese interests in the South China Sea.
- The National University of Singapore’s Safe initiative has strengthened the security of IT systems and end-user devices while prioritising user experience through passwordless access.
- The chairman of Ensign InfoSecurity traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem.
Zafrir noted that while Check Point had been late to the SASE market, the company was able to learn from the mistakes of others and develop the right architecture. “When you think about a hybrid mesh, sometimes you want to connect from your branch office to the internet, and you’d want to go through a SASE infrastructure to get the security in the cloud,” he said.
“But other times, you want flexibility, because you want to go directly from your datacentre to your cloud environment and you don’t want to go through a SASE architecture. And many times, your users need connectivity to the internet, but it’s not always through SASE.”
At the event, attended by customers and partners across the Asia-Pacific region, Check Point executives also dived deeper into the company’s product roadmap, including innovations in its Quantum, CloudGuard and Harmony product lines, along with advancements in AI-driven security for both on-premise and cloud environments.
These include the launch of AIOps, a new cloud service designed to predict and prevent network issues before they arise, and enhancements to Check Point’s web application firewall, boasting a 90% reduction in false positives through advanced AI engines.
Check Point also envisions the rise of the autonomous firewall, where AI makes real-time security decisions based on contextual awareness. “Instead of having thousands of predefined rules, we want to have AI that makes decisions in real time based on context,” said Kremer.
Addressing the growing concern of AI-driven threats, Zafrir acknowledged the nefarious potential of AI in the hands of malicious actors, citing the potential for AI-driven malware and the automation of sophisticated attacks.
He also pointed to threats around deepfakes, the expanding attack surface, as well as threats to AI models. “[Attackers] can go after your models, steal them and poison the data that feeds your models, which makes it incredibly hard to understand where the output stems from,” said Zafrir, adding that Check Point is developing capabilities to counter such threats, including tools to safeguard AI models and protect against AI-driven attacks.
