Check Point Software Technologies, a cybersecurity company, said on Tuesday it launched Agentic Exposure Validation for Exposure Management, or AEV, to help defenders respond on equal footing against AI-based attackers.

The company said Check Point AEV uses AI agents that reason like attackers across an organisation’s environment. It correlates exposure data, asset context, real-time exploit validation results, threat intelligence and protection coverage to determine whether exposed vulnerabilities can actually be exploited. Instead of relying on static severity scores, AEV follows a secure validation loop as follows.

AEV uses AI agents that reason like attackers across an organisation’s environment. It correlates exposure data, asset context, real-time exploit validation results, threat intelligence and protection coverage to determine whether exposed vulnerabilities can actually be exploited. Instead of relying on static severity scores, AEV follows a validation loop that includes analysis of related assets or CVEs, enriching results through Check Point’s real-time threat intelligence, checking whether existing security policies block attack paths, non-invasive target validation that reflects attacker methods without affecting services, proving exposures through direct validation, or shifting to new attack paths and excluding threats.

Yochai Corem (요하이 코렘), head of the Exposure Management division at Check Point, said, "The era of autonomous AI-based attacks has arrived. Frontier AI models are attacking critical vulnerabilities at scale without human intervention." He added, "Security teams are already overloaded, and it is virtually impossible to respond effectively to these new threats. Check Point Agentic Exposure Validation provides the answer. AEV uses AI agents that think like attackers and leverage Check Point’s proprietary threat intelligence context to review an organisation’s attack surface from the outside, identify vulnerabilities that can actually be exploited, and provide evidence and solutions so security teams can respond smartly and effectively before attackers."