Check Point Infinity gains IRAP clearance for government use

Check Point Software Technologies has completed an Information Security Registered Assessors Programme (IRAP) assessment for its cloud-based Infinity products at the Protected classification level, confirming its suitability for use by Australian government agencies and critical infrastructure providers.

IRAP process

The IRAP assessment, conducted by NJOY Security-an assessor accredited by the Australian Signals Directorate (ASD)-evaluated seventeen Check Point SaaS Infinity products. The assessment benchmarked these products against the March 2025 edition of the ASD Information Security Manual (ISM), with 1,003 security controls reviewed across key cloud environments including Amazon Web Services, Google Cloud Platform and Microsoft Azure. Of the controls reviewed, 791 were deemed relevant to the assessment. This resulted in 1,745 individual validation tasks, supported by the examination of over 4,000 pieces of evidence such as policies, configurations, workflows, and logs.

Government use

The completion of the IRAP assessment enables Check Point and its partners to offer Infinity, the company's AI-powered cloud security management platform, to Australian government departments and organisations operating critical infrastructure at the Protected level. This is a requirement before public sector agencies can procure external security tools or platforms.

The assessment was administered through the Australian Cyber Security Centre (ACSC), which oversees the IRAP framework. IRAP aims to ensure products and services used by government agencies meet national security standards set out in the ISM.

Security standards

The IRAP report found that Check Point Cloud Infinity meets a high level of assurance and governance maturity. This is underpinned by documented processes and the use of automated safeguards designed for cloud environments. The framework reviewed both technical and non-technical controls across administrative, production and cloud environments.

"This IRAP assessment reinforces our capacity to maintain a mature, globally standardised, and risk-aware security posture across administrative, production, and cloud environments. This formal assessment reinforces our prevention - first approach and helps government agencies leveraged trusted AI-powered security built to Australian standards," said David Caspari, Managing Director, Check Point Software Technologies Australia/New Zealand.

Channel opportunities

The company's Australian channel partners can now position the Infinity suite to serve public sector clients, potentially supporting faster and more informed cyber security procurement decisions. The IRAP status is anticipated to help government departments streamline their risk assessments and compliance processes when considering Check Point's offerings.

"We will now be able to further serve Australian government agencies with the robust security standards required in the public sector while at the same time our Australian channel partners also now have more market opportunities to strengthen the cyber defences of Australian government agencies with a suite of Check Point cyber security solutions which facilitate faster and more informed decisions," said Caspari.