IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Check Point launches AI tool to test exploitability
Cloud Security SOCs LLMs

Check Point launches AI tool to test exploitability

Fri, 29th May 2026 (Today)
Sean Mitchell
SEAN MITCHELL Publisher

Check Point has launched Agentic Exposure Validation for its Exposure Management platform, designed to assess whether vulnerabilities are actually exploitable.

The launch comes as security vendors and corporate security teams grapple with the growing use of advanced AI models in cyber offence and defence. Check Point positioned the product around a shift away from patching based on severity ratings alone and toward validating which weaknesses could be used in practice against a specific organisation.

Agentic Exposure Validation, or AEV, sits within the company's Exposure Management offering and is aimed at Continuous Threat Exposure Management programmes. It uses AI agents to analyse an organisation's external environment, correlate exposure data with asset context and threat intelligence, and test whether existing controls would block an attack path.

Exposure validation

The process is intended to move beyond static scoring systems such as CVE severity rankings. According to Check Point, the tool analyses a relevant asset or vulnerability, adds live threat intelligence, checks existing protections, and then builds a targeted validation designed to mirror attacker reasoning without using disruptive methods.

If the route appears viable, the system is designed to provide evidence that an exposure can be exploited. If controls block the route, it can shift to another path. If the risk does not stand up to validation, it can be discarded.

The product has been introduced alongside what Check Point described as Tactical Intelligence innovations within the same platform, though the company focused its detailed disclosure on the validation technology. The broader message is that security teams need more precise evidence about real-world exploitability as the volume of reported vulnerabilities continues to rise.

AI escalation

That challenge has intensified with the rapid development of large AI models. Check Point pointed to frontier systems including Anthropic's Mythos and OpenAI's GPT-5.5, arguing that such models are increasingly able to identify exploitable weaknesses across browsers and operating systems with less human input.

For large organisations, this creates a practical triage problem. Security teams already face large backlogs of alerts, configuration issues, and software flaws, and many struggle to determine which findings present an immediate route to compromise. Tools that can narrow those lists to vulnerabilities with a realistic attack path are becoming a more visible part of cyber security budgets.

Check Point said early customer engagements showed the system could generate novel exploits for dozens of vulnerabilities with no known exploit. That points to a more aggressive form of defensive testing, in which software analyses whether publicly documented weaknesses could be turned into working attack methods within a given environment.

AEV reviews an organisation's digital surface from the outside and uses threat intelligence context to validate exposures. The aim is to give security teams evidence to support remediation decisions, especially when resources are limited and patching every issue immediately is not practical.

Threat landscape

Yochai Corem, General Manager of Exposure Management at Check Point, set out the company's view of the threat landscape.

"The era of autonomous, AI-driven exploitation is here. Frontier AI models are attacking critical vulnerabilities at scale, without human steering," said Yochai Corem, General Manager of Exposure Management at Check Point.

He also outlined the company's case for using AI in defensive validation.

"Security teams are already inundated and cannot effectively address that emerging threat. Agentic Exposure Validation is our answer: AI agents that reason like attackers, reviewing your organization digital surface from the outside with our unique threat intelligence context and prove what is actually exploitable and provides security teams the evidence and the remediation to act smartly and effectively before attackers do," said Corem.

Market focus

Exposure management has become a more competitive area of cyber security as vendors try to combine attack surface management, vulnerability prioritisation, and threat intelligence into a single workflow. The core pitch is that companies need a continuous view of internet-facing assets, cloud systems, identities, and software weaknesses, along with a way to rank them by likely business risk rather than raw volume.

AEV is available now as part of Check Point's Exposure Management platform. Check Point said it protects more than 100,000 organisations worldwide.

Image: Yochai Corem
Related stories
AppOmni launches Marlin AI for SaaS security teams
Geordie links Claude Enterprise to security controls
SailPoint links Claude Enterprise to identity governance
Tenable launches Hexa AI to automate exposure fixes
Check Point launches agentic network security platform
Top stories
Qualcomm launches Snapdragon C for entry-level laptops
RevEng.AI raises USD $15 million to secure software
ACCA survey finds finance workers drawn to social impact
AMD names Vinay Awasthi Senior Vice President for APJ
Bitget launches Reality for tokenised US stocks & ETFs