Check Point Software has announced Infinity AI Copilot, a new feature that lets security teams use natural language queries to ask for policy suggestions and assist in analyzing events. Infinity AI Copilot will be incorporated into, and accessed from, Check Point’s Smart-1 management software. Infinity AI Copilot has been trained on the company’s product documentation, administrator guides, and thousands of knowledge articles.
I was briefed by Check Point on the new product, and here’s what I took away from the conversation.
At present, the Copilot feature has two primary use cases:
1. Write security policies
Security administrators can ask Copilot to write a security policy to address a threat or add a control. Administrators can apply the policy as written, or use it as a starting point that they can edit or refine as needed.
Check Point says that because Copilot shares APIs with the Smart-1 management software, the AI has context about any Check Point products from the Infinity platform that are deployed in the organization, as well as how those products are configured. This should, in theory, produce policies that are suited to a customer’s specific environment.
Security teams can also ask questions about the effect of policies in place, such as “What percentage of traffic is being blocked by this rule?”
Check Point says that at present, this capability isn’t geared toward pruning or optimizing rules and policies, but that may be possible in a future release. Check Point says it also plans to incorporate APIs from third-party security products, but that’s a roadmap item.
2. Assist in event analysis
Copilot can also be used to help analyze events or respond to threats. For example, if a security team detects a host behaving suspiciously, they can query Copilot, again using natural language, to ask for information such as other hosts the suspect host may have interacted with, and anomalous traffic sent to or from that host.
Because customers can use natural language instead of having to learn a specific query language or syntax, Check Point says Copilot is easy to interact with and will speed up task execution.
Availability and Pricing
Infinity AI Copilot is currently in a preview release. Customers interested in participating in the preview can contact Check Point here. A full launch is expected some time in Q2. As for pricing, Check Point says it’s still to be determined if Infinity AI Copilot will require a separate license fee.
Competitive Landscape
Every network and security vendor that can type “AI” is putting out press releases about AI. Most recently, Juniper Networks extended its Marvis Virtual Network Assistant, which is available for the WLAN and campus LAN, to the data center. One new feature is that data center operators can query Marvis about the data center using natural language. The assistant has been trained on Juniper documentation, so if an admin has a question about a command or config, it can ask the VNA instead of digging through documents.
I expect we’ll see more virtual assistants like these from Juniper and Check Point. To my mind, an LLM-type assistant trained on reliable data sources (as opposed to, say, the entire Internet) could be valuable to IT folks who would otherwise have to search reams of documentation.
