Check Point Checkmates Cyber Security Podcasts

This week, we’ve got some Maestro content, how well does Threat Prevention work without https inspection enabled, rad errors, improvements to Application Control signatures, a way to find IPS Signatures with the API, CloudGuard WAF updates, and a good reason not to run debugs on a production firewall.Check Point Acquires LakeraIntroducing Lakera - Securing the AI Frontier TechTalkMaestro Best Practices FAQMaestro and Asymmetric ConnectionsWhat real production do we get from Threat Prevention Without HTTPS InspectionHow to Deal with RAD ErrorsAdvanced Technical Resource Guide: RADImproved App Control Detection Without HTTPS InspectionHow to filter for IPS signatures with a space in the name via the APICloudGuard WAF: Product News September 2025Run Debugs in a Maintenance Window

In this episode, PhoneBoy talks about the DigiCert issue, an excerpt from our External Cyber Risks session, four features you should be using, a SmartConsole extension to help you find zero hit-count rules, and new API calls in R82 JHF 38.Upcoming Sessions the week of September 8 2025:The Future of SD-WANManagement API Best PracticesQuantum Spark Management UnleashedRemote Access and SASE Best Practices 

PhoneBoy plays an excerpt from the recent State of Ransomware Q2 2025 session as well addressing a bunch of questions on Web Filtering!Web Filtering Best Practices August 2025Not showing last matched layer in logsApp Control/URLF Rules and ClassificationUnified Column-Based Rule MatchingBest Practices for Websites and ApplicationsProduct & Feature SuggestionsExternal RFE Ideas Portal (Pilot)

PhoneBoy plays an excerpt from our SharePoint CVEs Deep Dive, 3 Features You Should Start Using, different DNS servers per domain, using dnsmasq prior to R82, interpreting fwaccel stat output, ordered versus inline layers, and a SmartConsole cheat cheat.

PhoneBoy discusses Check Point's announcement of the Quantum Force 3900 Series Appliances, sk183199, Hotfix Installation Order, R82.10 Production Early Availability, and new updatable objects (including one for MCP Servers).Make sure to register for our upcoming TechTalk showing off Veriti, a.k.a. Threat Exposure Management.

PhoneBoy discusses the latest TechTalk on AI Agents, Threat Prevention Performance Boost in R82, R82 JHF 25, SAML and Secondary Connect, SSH to a given VS, and the generic-object API.

We have a few TechTalks planned:18 June 2025: Integrating Check Point Security Management with AI Tools2 July 2025: New products for Superior Branch User Experience plus Higher Threat Prevention ThroughputMid-July: Veriti (exact date to be finalized)I also discuss how to filter "wildcard domains" for web access and how to build your own Check Point lab.

Some recent discussions on the CheckMates community:IKEv2 Benefitssk166415Harmony Email and Collaboration and Microsoft DirectSendShow NAT Tablesfwxalloc top usersfw up_executeMaestro Masters Architectures and Optimizationhttps://community.checkpoint.com/t5/Maestro/Maestro-Q-amp-A-R82-Highlights-and-Common-Questions/td-p/247980Check Point Quantum Management MCP Server

Professional Services Consultant Lari Luoma gives an introduction to Maestro and how it is different from ElasticXL, launched as part of the R82 release.Quantum Maestro Introduction sessionQuantum Maestro Architectures and Optimization sessionJoin us for Maestro Migration and Upgrade Best Practices on June 3rd: EMEA, AMER

Product Manager Amit Navon discusses discusses the four ways Check Point provides a hybrid SASE solution.

Product Manager Bar Yassure discusses what we did to improve performance and stability in the E88.70 release of Harmony Endpoint.

A talk given by Morten Sørensen on Network Segmentation at CPX 2025 in Vienna.

An except from Tim Hall's Be Your Own TAC Part Deux session on User-Space Performance Pack (UPPAK) for Quantum Security Gateways.

An excerpt from a session with Danny Jung, Cyber Security Evangelist at SITS Group at CPX 2025 Vienna: Maestro for Everyone!

I talk about the highlights from CPX 2025 and include a mention to our upcoming Be Your Own TAC Part Deux session for EMEA and Americas on 27 March 2025!

Some recent threads on CheckMates worth further discussion.Properly defining the Internet within a security policy, let's discuss!NAT TipAnyDesk - on DHS Compliant versionsk182752: Harmony Endpoint Client blocks AnyDeskvpnconfig alternativeR81.20 High CPU being reported by Solarwinds and TOPsk101878: CPView Utilitysk178566: Skyline Deploymentsk92402: How to query utilization of individual CPU cores via SNMP2M DNS Queries Per DaySingle Domain SolutionIntroducing CheckMatesAI

An excerpt of our No Suits No Ties session on recovering from a Ransomware outbreak.

An excerpt of our Infinity Identity TechTalk done back at the end of October.

An excerpt from our GenAI Security TechTalk from September.GenAI Security from Check PointUnveiling the Future of Network Security in the Era of AI

An excerpt from our recent No Suit No Ties session from Incident Response called Vulnerabilities and Workarounds, where we explore a compelling case study in which attackers exploited vulnerabilities in an internet-facing device to gain initial access, escalate privileges, conduct reconnaissance, and infiltrate the internal network.