CheckMates Go: Cyber Security Podcast from Check Point

PhoneBoy interviews Cyber Security Technologist and Evangelist Marc Davidson discussing his recent blog posts on Hybrid Mesh and credential theft, more specifically on Identity Awareness in Hybrid Mesh. Also, join us for CheckMates Fest 2026 on January 14th and vote on the best in the community in 2025! 1990s Marketing Graphic

PhoneBoy interviews Cyber Security Technologist and Evangelist Marc Davidson discussing his recent blog posts on Hybrid Mesh and credential theft when a question was asked: how do you ensure policies are implemented consistently across vendors. We also talk about the release of R82.10, which we did a TechTalk on a few weeks back.

PhoneBoy interviews Cyber Security Technologist and Evangelist Marc Davidson discussing his recent blog post on How Hybrid Mesh Defeats Credential Attacks, the fourth in a series on credential theft. (We discuss the third one in a future episode)

PhoneBoy interviews Cyber Security Technologist and Evangelist Marc Davidson discussing his recent blog post on Why Defenses Fail: The Fragmentation Problem, the second in a series on credential theft. PhoneBoy also highlights a new feature in Infinity Playblocks called IOC Enforcement Connector.

PhoneBoy interviews Cyber Security Technologist and Evangelist Marc Davidson discussing his recent blog post on Defending Against Credential Attacks with a Hybrid Mesh Architecture. This episode discusses what credentials actually are and why letting them get out might be dangerous. We also highlight a series of posts by Chris Atkinson providing tips on Dynamic Routing, specifically Router ID, Default Originate, Bidirectional Forwarding Detection, Protocol Rank, and Connection Persistence.

In this episode of CheckMates Go, we'll play an excerpt from our recent Access Control and Threat Prevention Best Practices session that focuses on a key service that drives both: ThreatCloud AI.

In this episode of CheckMates Go, we’ll talk about Infinity AIOps, Infinity Playblocks, Early Availability of Policy Advisor, updates on Harmony Browse, and some how-to videos on Harmony SASE. AIOps TechTalk October 2025AI-Powered Security for the Hyperconnected WorldPlayblocks Highlights: Powerful Automations You Might Have MissedInfinity Policy Auditor EATechTalk: Improve Your Security Posture with Threat Prevention and Policy InsightsHarmony Browse Product UpdatesDLP Redact Feature Demo VideoRemote Access and SASE Best PracticesHarmony SASE How-To Videos

On this episode, we’ll follow up on how Threat Prevention blades work without HTTPS Inspection enabled, more about the Public R82.10 Early Availability program, enabling MFA for administrators, and more Maestro discussions and best practices. What real protection do we get from Threat Prevention if HTTPS inspection is disabled?sk184185: Software Blade effectiveness with and without HTTPS InspectionSoftware Blade effectiveness with and without HTTPS Inspection - sk184185R82.10 Public EA Programsk183058: Check Point Early Availability (EA) ProgramsMFA for admin access for checkpoint firewall on Gaia and Smartconsolesk181854: Two-Factor Authentication for Gaia OS loginCreating an Administrator Account with SAML Authentication LoginMaestro Best Practices October 2025Maestro Connection Synchronization During a FailoverMaestro Flush and AckMaestro LicensingClusterXL vs ElasticXLElasticXL vs MaestroMaestro Dual-Site Active/Active

On this episode of CheckMates Go, we’ll answer some questions about the community itself from our recent Learn About CheckMates session, the announcement of Public Early Availability of R82.10, and an errata about the Dynamic URL List feature mentioned in the last episode. See also our Events calendar and the upcoming Deep Dive on Troubleshooting 101 for EMEA.

In this episode, we talk about the Spark Management Portal, Cloud Workshops, troubleshooting legacy geo policy, Network Groups and Updatable Objects, Dynamic URL Lists for Application Control and URL Filtering, and the best way to upgrade a NIC to a higher speed while minimizing the work. Quantum Spark Management Unleashed TechTalk September 2025: Video, Slides, and Q&AGlobal Cloud Workshop RoadshowTroubleshooting Legacy Geo PolicyTarget version does not support Network Group objects that contain inner groups with Data Center objectsCreating Application Control and URL Filtering RulesClusterXL – Changing MGMT and eth2 from 1Gb to 10GbFirewall Uptime, Reimagined: How AIOps Simplifies Operations and Prevents Outages

Wel talk about our latest integration with Wiz, more management features you may not be using, various tips and tricks related to VPNs, and an invitation to Check Point’s Usability Lab. Video: Wiz + Check Point: Cloud Security Integration | Visibility + Prevention in ActionUnifying Cloud Risk and Network Defense: Wiz and Check PointThis Month’s Spotlight - 3 Features You Should Start Using Today - September 2025PSA: Check Point and Palo Alto - GCM Phase 1HowTo: Configure a VPN between FortiGate & Check Pointsk108600: VPN Site-to-Site with 3rd partyBlock VPN Traffic by CountryIssue with DNS resolution in browser when connected via Check Point Mobile clientCheck Point Usability Lab

We have an excerpt from our recent Future of SD-WAN session and how Check Point products protect against BRICKSTORM.

This week, we’ve got some Maestro content, how well does Threat Prevention work without https inspection enabled, rad errors, improvements to Application Control signatures, a way to find IPS Signatures with the API, CloudGuard WAF updates, and a good reason not to run debugs on a production firewall. Check Point Acquires LakeraIntroducing Lakera - Securing the AI Frontier TechTalkMaestro Best Practices FAQMaestro and Asymmetric ConnectionsWhat real production do we get from Threat Prevention Without HTTPS InspectionHow to Deal with RAD ErrorsAdvanced Technical Resource Guide: RADImproved App Control Detection Without HTTPS InspectionHow to filter for IPS signatures with a space in the name via the APICloudGuard WAF: Product News September 2025Run Debugs in a Maintenance Window

In this episode, PhoneBoy talks about the DigiCert issue, an excerpt from our External Cyber Risks session, four features you should be using, a SmartConsole extension to help you find zero hit-count rules, and new API calls in R82 JHF 38. Upcoming Sessions the week of September 8 2025: The Future of SD-WANManagement API Best PracticesQuantum Spark Management UnleashedRemote Access and SASE Best Practices

PhoneBoy plays an excerpt from the recent State of Ransomware Q2 2025 session as well addressing a bunch of questions on Web Filtering! Web Filtering Best Practices August 2025Not showing last matched layer in logsApp Control/URLF Rules and ClassificationUnified Column-Based Rule MatchingBest Practices for Websites and ApplicationsProduct & Feature SuggestionsExternal RFE Ideas Portal (Pilot)

PhoneBoy plays an excerpt from our SharePoint CVEs Deep Dive, 3 Features You Should Start Using, different DNS servers per domain, using dnsmasq prior to R82, interpreting fwaccel stat output, ordered versus inline layers, and a SmartConsole cheat cheat.

PhoneBoy discusses Check Point's announcement of the Quantum Force 3900 Series Appliances, sk183199, Hotfix Installation Order, R82.10 Production Early Availability, and new updatable objects (including one for MCP Servers). Make sure to register for our upcoming TechTalk showing off Veriti, a.k.a. Threat Exposure Management.

PhoneBoy discusses the latest TechTalk on AI Agents, Threat Prevention Performance Boost in R82, R82 JHF 25, SAML and Secondary Connect, SSH to a given VS, and the generic-object API.

We have a few TechTalks planned: 18 June 2025: Integrating Check Point Security Management with AI Tools2 July 2025: New products for Superior Branch User Experience plus Higher Threat Prevention ThroughputVeritiI also discuss how to filter "wildcard domains" for web access and how to build your own Check Point lab.

Some recent discussions on the CheckMates community: IKEv2 Benefitssk166415Harmony Email and Collaboration and Microsoft DirectSendShow NAT Tablesfwxalloc top usersfw up_executeMaestro Masters Architectures and Optimizationhttps://community.checkpoint.com/t5/Maestro/Maestro-Q-amp-A-R82-Highlights-and-Common-Questions/td-p/247980Check Point Quantum Management MCP Server