GigaOm names Check Point leader in app & API security

GigaOm has named Check Point a Leader and Fast Mover in application and API security, marking the third consecutive year the company has held a leadership position in the analyst firm's radar report.

GigaOm assessed 17 application and API security suppliers and placed Check Point in the Maturity and Platform Play quadrant. The report cited its web application firewall, or WAF, for detection accuracy and for protecting web applications and APIs without blocking legitimate traffic.

The assessment comes as businesses rely more heavily on APIs, microservices and AI-led applications, increasing the number of systems security teams must monitor. As attacks increasingly target software connections rather than only networks or endpoints, application and API protection has become a more prominent part of cyber security spending.

GigaOm highlighted the product's dual AI engine architecture, which combines pattern recognition with contextual and behavioural analysis. According to Check Point, this approach is designed to detect zero-day threats and other attacks without relying on signatures or extensive manual tuning.

The platform also includes automated API discovery, schema validation and defences against common forms of API abuse, including broken object level authorisation and broken object property level authorisation. It is integrated with CI/CD workflows, Terraform and an API-first architecture, allowing security controls to be added during software development.

Testing results

In 2026 comparison testing, Check Point said its WAF achieved a 99.3% detection rate with a 0.81% false positive rate. It also said the product scored above the market average in machine learning, security event management and core protection.

Those figures matter because buyers of application security products often weigh detection strength against the operational impact of false alarms. A high false positive rate can disrupt access to websites, digital services and internal business tools, particularly in sectors such as banking, government and retail.

Check Point said the product is integrated with its Hybrid Mesh Network Security architecture, which is intended to give customers a single approach to policy and protection across network, cloud and application layers. It argued that a unified platform can reduce the operational burden for security teams managing hybrid and multi-cloud environments.

Kirk Ryan, Analyst at GigaOm, described the product's performance in environments where precision is essential. "Our evaluation shows that Check Point delivers precise, reliable protection against sophisticated automated attacks, zero-day exploits and emerging API threats," Ryan said. "Check Point WAF performs exceptionally well in high security environments where accuracy is critical and false positives must remain low, while still preserving the performance and availability that digital businesses depend on."

AI focus

Check Point is also linking the result to the growth of AI-based applications, which introduce additional interfaces and data flows that organisations need to secure. It said its WAF extends beyond traditional web application and API protection to cover AI-enabled applications and services.

Paul Barbosa, Vice President of Cloud Security at Check Point Software Technologies, said the company sees prevention and simplicity as central to the product's positioning. "Applications and APIs are the backbone of modern digital businesses," Barbosa said. "GigaOm's recognition highlights how Check Point WAF enables customers to operate in prevention mode from day one, delivering accurate protection with the simplicity needed for modern and AI-driven applications. This approach allows us to stop emerging threats early, as seen when Check Point WAF protected customers from React2Shell before it was exploited in the wild."

Check Point said its WAF is used to protect applications supporting online banking, public services, retail systems, critical infrastructure and AI workloads. The product is designed to allow legitimate users to continue accessing services while blocking zero-day attacks and advanced API abuse.