Check Point® Software Technologies Ltd.(link is external) announced that its Quantum Firewall Software R82 — the latest version of Check Point’s core network security software delivering advanced threat prevention and scalable policy management — has received Common Criteria EAL4+ certification, further reinforcing its position as a trusted security foundation for critical infrastructure, government, and defense organizations worldwide.
Apiiro introduced Risk Detection at Design Phase, a new, AI-driven capability that automatically analyzes feature requests to identify risks and proactively initiate security reviews or threat models at the earliest stage of the application development lifecycle.
With this new capability, application security (AppSec) practitioners can now scale their secure software development lifecycle (SSDLC) processes by mitigating security and compliance risks before a single line of code is written.
Apiiro customers can proactively address security, data privacy, infrastructure, compliance, and other risks at the onset of development, saving significant time and costs while minimizing rework and accelerating secure software delivery.
Apiiro’s detection of risky feature requests is built on cutting-edge AI technology, including Apiiro’s native private LLM. This model, not accessible by ChatGPT or any other public LLM services, ensures customer privacy and compliance by automatically analyzing feature requests and proactively identifying potential risks associated with:
- Architecture design and security controls: requests for changes in APIs, network, databases, web servers, web clients, logging, serialization and other component configurations, architecture designs, and deployment of new or changed components.
- Sensitive data handling: storing and/or processing sensitive information like PII, PHI payment data fields as part of the application data flow, changing encryption mechanisms, data migrations, writing sensitive data to logs, and using sensitive data as an API return type.
- User permissions and access management: user authentication and authorization, login or registration processes, and changing user permissions.
- Generative AI technology: adding or changing generative AI tools, frameworks, technologies, and the data that is exposed to them.
- Third-party integrations, and open source dependencies: changing or adding open source dependencies and integrations with third-party services.
For each risky feature request, enriched by the code architecture generated by its Deep Code Analysis (DCA) technology, Apiiro’s native private LLM model automatically generates contextual questions for a security review and produces threat stories using the STRIDE model. This automation eliminates the need for manual security processes, accelerating development velocity and deployment of secure code to the cloud, ultimately driving business growth. In addition, Apiiro enhances design risk context by automatically mapping to specific code commits, repositories, and pull requests, providing deeper insight into how potential risks may manifest in the actual codebase.
“Amidst the ever-changing complexity of modern software development processes and application architectures, Apiiro is committed to delivering complete risk-based visibility and protection from design to runtime,” said Moti Gindi, chief product officer at Apiiro. “Building secure software starts with secure design, and the new AI-Driven Risk Detection at Design Phase from Apiiro takes the ‘shift left’ approach a step further, addressing risks even before a single line of code is written. This first-of-its-kind functionality leverages the power of AI to ensure customers have the context required to facilitate efficient security reviews and evolve from a reactive to a proactive approach to application security.”
Industry News
Postman announced full support for the Model Context Protocol (MCP), helping users build better AI Agents, faster.
Opsera announced new Advanced Security Dashboard capabilities available as an extension of Opsera's Unified Insights for GitHub Copilot.
Lineaje launched new capabilities including Lineaje agentic AI-powered self-healing agents that autonomously secure open-source software, source code and containers, Gold Open Source Packages and Gold Open Source Images that enable organizations to source trusted, pre-fixed open-source software, and a software crawling and analysis engine, SCA360, that discovers and contextualizes risks at all software development stages.
Check Point® Software Technologies Ltd.(link is external) launched its inaugural AI Security Report(link is external) at RSA Conference 2025.
Lenses.io announced the release of Lenses 6.0, enabling organizations to modernize applications and systems with real-time data as AI adoption accelerates.
Sonata Software has achieved Amazon Web Services (AWS) DevOps Competency status.
vFunction® announced significant platform advancements that reduce complexity across the architectural spectrum and target the growing disconnect between development speed and architectural integrity.
Sonatype® introduced major enhancements to Repository Firewall that expand proactive malware protection across the enterprise — from developer workstations to the network edge.
Aqua Security introduced Secure AI, full lifecycle security from code to cloud to prompt.
Salt Security announced the launch of the Salt Model Context Protocol (MCP) Server, giving enterprise teams a novel access point of interaction with their API infrastructure, leveraging natural language and artificial intelligence (AI).
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of in-toto, a software supply chain security framework developed at the NYU Tandon School of Engineering.
SnapLogic announced the launch of its next-generation API management (APIM) solution, helping organizations accelerate their journey to a composable and agentic enterprise.
Apiiro announced Software Graph Visualization, an interactive map that enables users to visualize their software architectures across all components, vulnerabilities, toxic combinations, blast radius, data exposure and material changes in real time.
Check Point® Software Technologies Ltd.(link is external) and Illumio, the breach containment company, announced a strategic partnership to help organizations strengthen security and advance their Zero Trust posture.