Check Point® Software Technologies Ltd.(link is external) announced that its Quantum Firewall Software R82 — the latest version of Check Point’s core network security software delivering advanced threat prevention and scalable policy management — has received Common Criteria EAL4+ certification, further reinforcing its position as a trusted security foundation for critical infrastructure, government, and defense organizations worldwide.
Apiiro announced Software Graph Visualization, an interactive map that enables users to visualize their software architectures across all components, vulnerabilities, toxic combinations, blast radius, data exposure and material changes in real time.
By replacing static, manual self-attestation reports with autonomous, clear, contextual insights and analysis, this new visualization feature helps security teams understand their fast changing software architecture and pinpoint threats with a visual inventory of critical software components.
"Without a continuous view of software architecture across design, development, and runtime, it’s impossible to effectively identify, prioritize, remediate and prevent application risks,” said Idan Plotnik, co-founder and CEO of Apiiro. “Apiiro is committed to equipping customers with security insights that are intuitive, actionable, and focused, rather than overwhelming. Software Graph Visualization eliminates the need to interview developers or use self-based attestation questionnaires that make it hard to identify how software components connect and where security risks emerge. By using AI agents to generate a visual map of the entire software inventory—along with contextual security review questions and threat model stories—security teams can quickly identify, prioritize, remediate, and communicate risks, all backed by clear, data-driven insights that support faster, more informed decisions.”
Software Graph Visualization delivers question-driven, dynamic graphs that map risk exposure, attack surfaces, and sensitive data flow in an intuitive, real-time format. It is automatically and continuously updated, using deep code analysis to analyze the context and relationships of software components in real time to uncover risk exposure, enabling customers to address the following use cases:
- Threat modeling: Achieve the visibility to proactively assess risk and vulnerabilities in designs and evaluate how sensitive data moves across boundaries, ensuring all communication and access points are secure and appropriately guarded.
- Pen-test scoping: Attain comprehensive understanding of attack surfaces to successfully scope tests. The graph visualizes API architecture and data flow, highlighting risky entry points, potential vulnerabilities, and business critical areas of the system that are more prone to exploitation, allowing security teams to focus efforts on the most vulnerable parts of the system and ensure a more targeted and effective pen-test.
- Change impact assessment: Effectively assess risk introduced by new code changes by comparing pre-release and post-release states of the application. By showing how material changes affect systems over time, the graph highlights new technologies, exit points, endpoints, dependencies, and sensitive data added. This enables security teams to ask smarter, more in-depth questions about the specific changes that occurred, moving beyond self-attestation and ensuring new risks are identified and addressed with greater precision.
- Privacy review: Streamline the identification of privacy risks with sensitive data, allowing users to track where personal and confidential data is moving and whether it’s being shared or exposed. Key questions like “Am I sending PII to GenAI?” or “Should I obfuscate this data?” are addressed through the graph, offering a clear overview of potential privacy risks.
- Blast radius analysis: Ability to measure potential spread and impact of security breaches. The graph visualizes not just where sensitive data is used, but also the dependencies within open-source software and infrastructure, enabling assessment of the wider impact and scope of security incidents, helping users prioritize risk mitigation efforts effectively.
- Toxic combinations: Effectively identify dangerous combinations across the application.
- Vulnerability management: Efficiently prioritize and remediate vulnerabilities with complete context.
Industry News
Postman announced full support for the Model Context Protocol (MCP), helping users build better AI Agents, faster.
Opsera announced new Advanced Security Dashboard capabilities available as an extension of Opsera's Unified Insights for GitHub Copilot.
Lineaje launched new capabilities including Lineaje agentic AI-powered self-healing agents that autonomously secure open-source software, source code and containers, Gold Open Source Packages and Gold Open Source Images that enable organizations to source trusted, pre-fixed open-source software, and a software crawling and analysis engine, SCA360, that discovers and contextualizes risks at all software development stages.
Check Point® Software Technologies Ltd.(link is external) launched its inaugural AI Security Report(link is external) at RSA Conference 2025.
Lenses.io announced the release of Lenses 6.0, enabling organizations to modernize applications and systems with real-time data as AI adoption accelerates.
Sonata Software has achieved Amazon Web Services (AWS) DevOps Competency status.
vFunction® announced significant platform advancements that reduce complexity across the architectural spectrum and target the growing disconnect between development speed and architectural integrity.
Sonatype® introduced major enhancements to Repository Firewall that expand proactive malware protection across the enterprise — from developer workstations to the network edge.
Aqua Security introduced Secure AI, full lifecycle security from code to cloud to prompt.
Salt Security announced the launch of the Salt Model Context Protocol (MCP) Server, giving enterprise teams a novel access point of interaction with their API infrastructure, leveraging natural language and artificial intelligence (AI).
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of in-toto, a software supply chain security framework developed at the NYU Tandon School of Engineering.
SnapLogic announced the launch of its next-generation API management (APIM) solution, helping organizations accelerate their journey to a composable and agentic enterprise.
Apiiro announced Software Graph Visualization, an interactive map that enables users to visualize their software architectures across all components, vulnerabilities, toxic combinations, blast radius, data exposure and material changes in real time.
Check Point® Software Technologies Ltd.(link is external) and Illumio, the breach containment company, announced a strategic partnership to help organizations strengthen security and advance their Zero Trust posture.