Check Point has signed an agreement to acquire Lakera, an AI-native security platform specializing in agentic AI applications. Expected to close in Q4 2025 for an undisclosed sum, the deal is expected to boost Check Point’s AI security stack, strengthening enterprise defenses as organizations accelerate their adoption of AI.
Over the past 18 months, enterprises worldwide have rushed to embed large language models, generative AI, and autonomous agents into core workflows. The shift is fueling innovation but also widening the attack surface.
“Customers are already reporting risks such as prompt injection attacks that manipulate outputs, sensitive data leaks through LLMs and agents, model manipulation and poisoning, and new vulnerabilities introduced by multi-agent collaboration and autonomous decision-making,” Nataly Kremer, chief product officer at Check Point Software Technologies, told CSO. “Traditional cyber defenses weren’t designed to deal with these model-specific, real-time risks. Lakera addresses this gap with AI-native runtime protection, continuous red teaming, and multilingual defenses. Proven at scale, its technology already protects advanced enterprise AI deployments using its Gandalf adversarial engine, which leverages over 80 million attack patterns.”
The company claims Lakera has detection rates above 98% with sub-50ms latency and false positives below 0.5% to safeguard AI workloads without impacting speed or accuracy.
Embedding Lakera into the Infinity Platform
Check Point has already been addressing this shift with offerings such as GenAI Protect, SaaS and API security, advanced data loss prevention, and machine learning–driven defenses across applications, cloud, and endpoints.
The company is embedding Lakera’s technology directly into the Check Point Infinity architecture. The first integrations will appear in Check Point CloudGuard WAF, protecting AI-enabled applications, and Check Point GenAI Protect, securing user traffic to GenAI apps.
“Customers will immediately see real-time protection for LLMs and agents against prompt attacks and leaks, continuous red-teaming intelligence applied across their AI deployments, high detection accuracy with minimal false positives, and faster time-to-protection, leveraging the same Infinity Portal they already use for firewalls, endpoint, cloud, and email security. Over time, these AI-native defenses will extend across the full Infinity portfolio,” Kremer said.
Check Point’s existing Infinity customers will see AI security as an add-on capability inside their current deployments, whereas the new customers will be able to adopt the unified end-to-end AI security stack directly through Infinity, confirmed the company. Because Lakera’s platform is API-based and cloud-delivered (with on-prem options), time-to-protection is near immediate, she added.
Closing a critical gap
Experts call this acquisition significant and not merely adding just another tool to the stack. “This acquisition closes a real gap by adding AI-native runtime guardrails and continuous red teaming into Check Point’s stack,” said Amit Jaju, senior managing director at Ankura Consulting. “Customers can now secure LLMs and agents alongside their existing network, cloud, and endpoint controls.
The immediate benefit is reduced integration friction and unified policy/telemetry for AI use cases already spreading across enterprises especially where agents have tool access and handle sensitive data. Enterprises should immediately treat AI applications and agents as tier-one assets deploy runtime guardrails, enforce continuous red teaming, and integrate AI telemetry with existing policies.”
Dedicated AI security is still emerging, but the demand curve is going to be huge with more enterprises adopting large language models, agents, RAG (retrieval-augmented generation) systems, etc.
“Demand is there, especially from sectors with regulated data (finance, healthcare), tech firms building AI-powered products and companies at scale that cannot afford unknown unknowns. The strongest pull is coming from early adopters, like cloud providers, AI SaaS, large enterprises with mature security programs and organizations that are building AI in production (not just pilot),” said Devroop Dhar, co-founder and MD at Primus Partners.
Strong demand also comes from manufacturing and logistics, where agentic AI is used for automation, and government and critical infrastructure, where trust and compliance are paramount, noted Check Point.
Vendors race to secure AI
Security companies are rapidly reshaping their portfolios to address the risks introduced by artificial intelligence. Jaju acknowledged two clear themes are emerging – platformization and depth in LLM-specific risk. “Buyers want AI security integrated into existing suites for unified visibility and response, while vendors are doubling down on controls tailored to LLMs and agent workflows covering prompt injection, jailbreaks, unsafe tool use, data exfiltration, and supply chain risks.”
Vendors are moving beyond traditional network and endpoint protection to secure AI models, agents, and applications, for which, instead of building solutions from the scratch, many companies are opting for acquiring companies that can help them plug these gaps.
“SentinelOne acquired Prompt Security, Cato Networks picked up Aim and other firms are also investing heavily in startups that protect AI models, APIs and training data. The generative AI cybersecurity market is projected to grow fast, given how quickly adoption is rising and how new attack vectors will keep surfacing,” added Dhar.
No Responses