CloudGuard Network NGFW & Wiz CNAPP
Bridge the gap between risk detection and risk prevention in cloud environments.
Introducing A Cloud Security Revolution
Our partnership unifies cloud risk visibility with network-layer prevention and exposure management orchestration, enabling organizations to cut through noise, block threats instantly, and remediate responsibly without leaving critical workloads exposed during remediation efforts.
- Focus on the real risks Automatically separate theoretical vulnerabilities from the ones that are truly exposed and exploitable.
- Close exposure gaps instantly When critical risks are discovered, protection is applied in real time – shrinking the window attackers can exploit.
- Stay protected while you fix issues Vulnerable systems remain shielded from attacks, allowing your teams to remediate safely and on their schedule.
- Work smarter, not harder Reduce alert fatigue and enable faster, confident decisions with a clear view of what matters most.
Closing the Cloud Security Gap
Together, Wiz and Check Point transform cloud security from fragmented detection and delayed fixes into a unified and closed-loop cycle of visibility, validation, and prevention, leveraging a suite of tools that bridge the gap between risk detection and risk prevention.
- See What Matters Most Surface only truly exploitable risks with Wiz’s visibility enriched with CloudGuard gateway context.
- Validate And Virtually Patch in Real Time Mitigate risks with Threat Exposure Management, correlating Wiz findings and CloudGuard policies.
- Prevent Instantly, Fix on Your Schedule Allow DevOps and engineers to remediate while CloudGuard virtually patches vulnerable assets.
- Work Smarter Across Teams Shorten investigation cycles and minimize handoffs with one-click context-aware remediation.
- Stay Compliant and Resilient Provide evidence for auditors with Wiz posture, CloudGuard prevention, and CTEM remediation.
Fewer False Alarms, Faster Prevention, Safer Clouds
Learn more about this new joint offering.
The New Cloud Security Trinity
Check Point and Wiz deliver cloud security without gaps. Wiz uncovers risks across your environment, CloudGuard Network Security blocks attackers from exploiting them, and Infinity Threat Exposure Management connects the two to ensure protection is applied instantly and accurately.
Wiz CNAPP
Detect & Prioritize
Wiz delivers agentless visibility across code, workloads, identities, and data, mapping risks into real attack paths. Wiz pinpoints vulnerabilities by analyzing cloud topology with additional visibility into CloudGuard placement and rules, eliminating issues from showing up as critical.
Infinity Threat Exposure Management
Inspect & Decide
Infinity Threat Exposure Management connects detection with prevention, analyzing Wiz findings against CloudGuard policies in real time. It automatically validates coverage, closes exposure gaps, and applies protections at machine speed, turning insights into action without adding complexity.
CloudGuard Network Security NGFW
Enforce & Prevent
CloudGuard Network Security is the enforcement layer that blocks attackers from exploiting vulnerable assets, applying advanced threat prevention instantly across clouds and hybrid networks, keeping workloads safe while teams remediate at their own pace.
Check Point & Wiz Solution Stack Overview
CloudGuard Network Security: Threat Prevention Outperforming Any Other Cloud Firewall
Miercom Security Report Q1 2025
99.8% Intrusion Prevention
Topping all other vendors in CVE coverage and malicious URL blocking.
CyberRating.org Report Q1 2025
100% Overall Security Effectiveness
Unmatched perfect score across routing, TLS, exploits, evasions, and stability.
Multi/Hybrid Cloud Agnostic Policy Enforcement and Threat Prevention
Key Features & Capabilities
CloudGuard Network Security
- Threat Prevention That Buys You Time To Patch
Stops zero-days and exploits with a full NGFW stack: IPS, Anti-Bot, AV, sandboxing, CDR, and HTTPS Inspection, independently validated at 99.9% prevention and 100% accuracy. - Consistent Multi-Cloud Coverage Without Policy Drift
Applies the same firewall, IPS, and application control policies across AWS, Azure, GCP, OCI, Nutanix, and more, ensuring unified protection everywhere. - Security That Keeps Pace With DevOps
Deploys directly into cloud environments with CI/CD pipelines and APIs; policies adapt automatically to cloud objects and tags as resources scale in and out. - Enforcement That Structures Dynamic Robust Segmentation
Protects north-south ingress/egress and east-west lateral movement by enforcing NAT, access rules, and threat prevention inline, relying on cloud objects and tags rather than IPs. - Centralized Management & Visibility That Simplifies Compliance
Managed through Smart-1 Cloud, giving one console for unified logs, events, and policy across all gateways, with SIEM/SOAR integration for enterprise visibility.
Infinity Threat Exposure Management
Infinity Threat Exposure Management is the connective tissue of the joint solution, transforming raw cloud findings into actionable prevention. By continuously validating Wiz exposures against CloudGuard policies, it filters noise, prioritizes what’s exploitable, and applies safe, automated fixes at machine speed.
- Unified Exposure Visibility
See every gap across clouds, networks, and tools in one consolidated exposure map. - Smart Prioritization
Cut through false positives by focusing only on reachable, high-risk exposures. - Safe, Automated Remediation
Apply one-click virtual patches or rule updates that are impact-checked to avoid disruption. - Cross-Vendor Orchestration
Seamlessly integrate with 70+ security platforms to maximize value from existing tools. - Time-to-Prevention, Not Remediation
Shrink the exposure window from weeks to minutes by enforcing protections instantly while fixes are underway.
Wiz Cloud Native Application Protection Platform
Wiz brings unified cloud visibility and contextual risk prioritization to the joint solution. By surfacing the attack paths and toxic combinations that matter most, Wiz ensures security teams and developers know exactly where to act, while Check Point enforces protections instantly to close exposure gaps.
- Unified Visibility
Comprehensive coverage across workloads, identities, and data, including CloudGuard gateways and policies. - Contextual Risk Mapping
Correlates vulnerabilities, misconfigurations, secrets, access paths, and protection measures into real attack scenarios. - Noise Reduction
Eliminates false positives by showing only exploitable risks, discounting those already shielded by CloudGuard’s network rules. - Developer-Friendly
Connects risks back to code, enabling durable fixes, while CloudGuard Network Security virtually patches issues. - Proven at Scale
Helps organizations achieve zero critical risks across complex multi-cloud environments.
Explore More About Cloud Security
Check Point & Wiz Reimagining Cloud Security
Risk, Exposure, and Threat Prevention in Modern Cloud Environments
Unifying Cloud Security with Wiz and Check Point
The solution stack that bridges the gap between risk detection and risk prevention.
