Check Point Checkmates Cyber Security Podcasts

PhoneBoy features the following posts from the CheckMates community:Certificate and CRL validation fails from March 1, 2026Effective Network Management with SD-WAN January 2026: Video, Slides, and Q&ANano Agent / Nano Services in Quantum SD-WAN: the Control PlaneTech Tip - log ingestion problem (change log level to reduce log data)Session logs not showing Xlate informationCVE-2025-53057 and Check PointGA Announcement: API Request Step & Webhook Trigger are now available in PlayblocksR82.10 Video SeriesTroubleshooting Logging

PhoneBoy discusses the recent CheckMates Fest and a bunch of community-driven topics.CheckMates Fest 2026: Video and Q&ACongratulations to our first MVP Diamond members: Heiko and Andy!Time synchronization between orchestrator and its SGMs - does it matter?Mini Concept SeriesUse API to determine what JHF is installedNAT Rules not matching with new R82 gateway in place.Zero Phishing in R82.10 - What's New?This Month’s Spotlight - 3 Features You Should Start Using Today

PhoneBoy discusses AI Risk Mapping, AI Security Masters, and some great posts from the CheckMates community you may have missed.AI Risk MappingAI Security Masters SeriesAI Security Masters Session 1: How AI is Reshaping Our WorldHow to Chat with Your Check Point Gateways using Claude DesktopCheck Point MCP ServersThis Month’s Spotlight - 3 Revisions Features You Should Start Using Today - October 2025Session Flow for AdministratorsVideos for Configuring Access Control and Threat PreventionHTTPS Inspection Inbound With More Than One CertificateConfiguring an AWS to Onsite VPNCan We Disable the HTTP Protocol ParserSSH Inspected by HTTPS InspectionConfiguring SSH Inspection in Threat PreventionPerformance Limitations of Virtual Switches with Legacy VSX?Upcoming events:CheckMates Fest 2026 on 14 January 2026Quantum SD-WAN Monitoring TechTalk on 21 January 2026AI Security Masters Session 2: Hacking with AI, The Dark Side of Innovation on 22 January 2026

PhoneBoy interviews Cyber Security Technologist and Evangelist Marc Davidson discussing his recent blog posts on Hybrid Mesh and credential theft, more specifically on Identity Awareness in Hybrid Mesh.Also, join us for CheckMates Fest 2026 on January 14th and vote on the best in the community in 2025!1990s Marketing Graphic

PhoneBoy interviews Cyber Security Technologist and Evangelist Marc Davidson discussing his recent blog posts on Hybrid Mesh and credential theft when a question was asked: how do you ensure policies are implemented consistently across vendors. We also talk about the release of R82.10, which we did a TechTalk on a few weeks back.

PhoneBoy interviews Cyber Security Technologist and Evangelist Marc Davidson discussing his recent blog post on How Hybrid Mesh Defeats Credential Attacks, the fourth in a series on credential theft. (We discuss the third one in a future episode)

PhoneBoy interviews Cyber Security Technologist and Evangelist Marc Davidson discussing his recent blog post on Why Defenses Fail: The Fragmentation Problem, the second in a series on credential theft.PhoneBoy also highlights a new feature in Infinity Playblocks called IOC Enforcement Connector.

PhoneBoy interviews Cyber Security Technologist and Evangelist Marc Davidson discussing his recent blog post on Defending Against Credential Attacks with a Hybrid Mesh Architecture. This episode discusses what credentials actually are and why letting them get out might be dangerous.We also highlight a series of posts by Chris Atkinson providing tips on Dynamic Routing, specifically Router ID, Default Originate, Bidirectional Forwarding Detection, Protocol Rank, and Connection Persistence. 

In this episode of CheckMates Go, we'll play an excerpt from our recent Access Control and Threat Prevention Best Practices session that focuses on a key service that drives both: ThreatCloud AI.

In this episode of CheckMates Go, we’ll talk about Infinity AIOps, Infinity Playblocks, Early Availability of Policy Advisor, updates on Harmony Browse, and some how-to videos on Harmony SASE.AIOps TechTalk October 2025AI-Powered Security for the Hyperconnected WorldPlayblocks Highlights: Powerful Automations You Might Have MissedInfinity Policy Auditor EATechTalk: Improve Your Security Posture with Threat Prevention and Policy InsightsHarmony Browse Product UpdatesDLP Redact Feature Demo VideoRemote Access and SASE Best PracticesHarmony SASE How-To Videos

On this episode, we’ll follow up on how Threat Prevention blades work without HTTPS Inspection enabled, more about the Public R82.10 Early Availability program, enabling MFA for administrators, and more Maestro discussions and best practices.What real protection do we get from Threat Prevention if HTTPS inspection is disabled?sk184185: Software Blade effectiveness with and without HTTPS InspectionSoftware Blade effectiveness with and without HTTPS Inspection - sk184185R82.10 Public EA Programsk183058: Check Point Early Availability (EA) ProgramsMFA for admin access for checkpoint firewall on Gaia and Smartconsolesk181854: Two-Factor Authentication for Gaia OS loginCreating an Administrator Account with SAML Authentication LoginMaestro Best Practices October 2025Maestro Connection Synchronization During a FailoverMaestro Flush and AckMaestro LicensingClusterXL vs ElasticXLElasticXL vs MaestroMaestro Dual-Site Active/Active

On this episode of CheckMates Go, we’ll answer some questions about the community itself from our recent Learn About CheckMates session, the announcement of Public Early Availability of R82.10, and an errata about the Dynamic URL List feature mentioned in the last episode.See also our Events calendar and the upcoming Deep Dive on Troubleshooting 101 for EMEA.

In this episode, we talk about the Spark Management Portal, Cloud Workshops, troubleshooting legacy geo policy, Network Groups and Updatable Objects,  Dynamic URL Lists for Application Control and URL Filtering, and the best way to upgrade a NIC to a higher speed while minimizing the work.Quantum Spark Management Unleashed TechTalk September 2025: Video, Slides, and Q&AGlobal Cloud Workshop RoadshowTroubleshooting Legacy Geo PolicyTarget version does not support Network Group objects that contain inner groups with Data Center objectsCreating Application Control and URL Filtering RulesClusterXL – Changing MGMT and eth2 from 1Gb to 10GbFirewall Uptime, Reimagined: How AIOps Simplifies Operations and Prevents Outages

Wel talk about our latest integration with Wiz, more management features you may not be using, various tips and tricks related to VPNs, and an invitation to Check Point’s Usability Lab.Video: Wiz + Check Point: Cloud Security Integration | Visibility + Prevention in ActionUnifying Cloud Risk and Network Defense: Wiz and Check PointThis Month’s Spotlight - 3 Features You Should Start Using Today - September 2025PSA: Check Point and Palo Alto - GCM Phase 1HowTo: Configure a VPN between FortiGate & Check Pointsk108600: VPN Site-to-Site with 3rd partyBlock VPN Traffic by CountryIssue with DNS resolution in browser when connected via Check Point Mobile clientCheck Point Usability Lab

We have an excerpt from our recent Future of SD-WAN session and how Check Point products protect against BRICKSTORM.

This week, we’ve got some Maestro content, how well does Threat Prevention work without https inspection enabled, rad errors, improvements to Application Control signatures, a way to find IPS Signatures with the API, CloudGuard WAF updates, and a good reason not to run debugs on a production firewall.Check Point Acquires LakeraIntroducing Lakera - Securing the AI Frontier TechTalkMaestro Best Practices FAQMaestro and Asymmetric ConnectionsWhat real production do we get from Threat Prevention Without HTTPS InspectionHow to Deal with RAD ErrorsAdvanced Technical Resource Guide: RADImproved App Control Detection Without HTTPS InspectionHow to filter for IPS signatures with a space in the name via the APICloudGuard WAF: Product News September 2025Run Debugs in a Maintenance Window

In this episode, PhoneBoy talks about the DigiCert issue, an excerpt from our External Cyber Risks session, four features you should be using, a SmartConsole extension to help you find zero hit-count rules, and new API calls in R82 JHF 38.Upcoming Sessions the week of September 8 2025:The Future of SD-WANManagement API Best PracticesQuantum Spark Management UnleashedRemote Access and SASE Best Practices 

PhoneBoy plays an excerpt from the recent State of Ransomware Q2 2025 session as well addressing a bunch of questions on Web Filtering!Web Filtering Best Practices August 2025Not showing last matched layer in logsApp Control/URLF Rules and ClassificationUnified Column-Based Rule MatchingBest Practices for Websites and ApplicationsProduct & Feature SuggestionsExternal RFE Ideas Portal (Pilot)

PhoneBoy plays an excerpt from our SharePoint CVEs Deep Dive, 3 Features You Should Start Using, different DNS servers per domain, using dnsmasq prior to R82, interpreting fwaccel stat output, ordered versus inline layers, and a SmartConsole cheat cheat.

PhoneBoy discusses Check Point's announcement of the Quantum Force 3900 Series Appliances, sk183199, Hotfix Installation Order, R82.10 Production Early Availability, and new updatable objects (including one for MCP Servers).Make sure to register for our upcoming TechTalk showing off Veriti, a.k.a. Threat Exposure Management.