Press Release

As AI Floods Security Teams with Alerts, New Check Point Exposure Management Research Finds Critical Vulnerabilities Have Doubled, Yet Fewer Than 1 in 12 Demand Urgent Action

Under Pressure: The 2026 Exposure Gap Report reveals that as AI-driven attacks compress the window to respond, the defining security capability is no longer detection, it is knowing which exposures can actually be exploited

PARIS, July 2, 2026 /PRNewswire/ — Check Point Software Technologies Ltd. (NASDAQ: CHKP), a pioneer and global leader in cyber security solutions, today released Under Pressure: The 2026 Exposure Gap Report, which finds that the proportion of critical vulnerability exposures more than doubled over the past year, even as fewer than one in twelve proved urgent enough to require immediate action.

LOGO

Automation and AI-assisted attack tools are reshaping both the scale and pace of exposure. Threat actors can now test exposed systems, credentials, phishing infrastructure, and known weaknesses across more organizations and at greater speed than manual triage can match. The result is a widening exposure gap, the distance between visibility, prioritization, and safe remediation, and a shorter window for defenders to act before exposure becomes impact.

Key findings from the 2026 Exposure Gap Report:

  • Vulnerabilities surged: 42.6% of all critical exposures were vulnerabilities, more than double the 18.7% recorded a year earlier, making them the single largest category of critical exposure in 2026.
  • The prioritization gap: Only 7.8% of vulnerability alerts warranted Critical or High attention after exploitability validation, meaning more than 90% did not require the same immediate remediation focus.
  • Risk concentration: 76% of all critical exposures came from just two categories, vulnerabilities and internal information disclosure, concentrating risk around exploitable weaknesses and exposed information assets.
  • Phishing on the rise: Phishing websites grew to 10.5% of critical exposures, up sharply from 1.0% a year earlier, one of the fastest-growing exposure types of the year.
  • Action at scale: Organizations acted on 85.9% of recommended fixes across the industries analyzed, showing that exposures are being closed at scale when prioritization and response workflows are in place.

“Attackers are now testing more exposures, across more organizations, at greater speed than security professionals can manually keep pace with. The organizations that stay ahead are the ones that can quickly separate the small set of genuinely exploitable risks from the noise, then remediate them safely without disrupting operations. That is what exposure management delivers, and it is fast becoming a core measure of operational readiness,” said Yochai Corem, VP and General Manager of Exposure Management at Check Point Software Technologies.

The report also shows that fast, safe remediation is achievable. A meaningful share of organizations resolved critical exposures within one hour, led by Utilities at 30%, and the fastest sector posted a median remediation time of just 12.6 hours, evidence that even sensitive, high-stakes environments can close exposures quickly.

Exposure profiles varied sharply by sector. Vulnerabilities dominated in Utilities and Government, accounting for 78.2% and 56.4% of critical exposures respectively, while internal information disclosure led in healthcare at 63.6% and Financial Services at 42.7%. Healthcare proved the most challenging environment, recording the slowest median remediation time at 158.8 hours despite a strong fix-implementation rate, reflecting the constraints of legacy systems, clinical uptime requirements, and change control. These differences underline why exposure management priorities must be tailored by industry.

Check Point Exposure Management connects discovery, evidence-based prioritization, exploitability validation, control assessment, and safe remediation in a single workflow, helping organizations close the exposure gap before attacker opportunity becomes business impact.

Under Pressure: The 2026 Exposure Gap Report was unveiled today at Check Point Engage in Paris. The full report is available to download at Exposure Management Gap Report – Check Point Exposure Management.

Follow Check Point on LinkedIn, X, Facebook, YouTube and our Corporate Blog. 

About Check Point Software Technologies Ltd.  
Check Point Software Technologies Ltd. (www.checkpoint.com) is a pioneer and global leader in cyber security solutions, protecting more than 100,000 organizations worldwide. Its mission is to secure enterprises’ AI transformation. With a prevention-first approach and an open ecosystem architecture, Check Point helps organizations block advanced threats, prioritize exposures, and automate security operations across complex digital environments. The unified architecture simplifies protection across hybrid networks, multi-cloud environments, digital workspaces, and AI systems. Structured around four strategic pillars, Hybrid Mesh Network Security, Workspace Security, Threat Exposure Management, and AI Security, Check Point delivers consistent protection and visibility across multivendor environments, enabling organizations to reduce risk, improve efficiency, and accelerate innovation without increasing complexity. 

Notes to Editors: Q&A

What is the 2026 Exposure Gap Report?
Under Pressure: The 2026 Exposure Gap Report is Check Point Software Technologies’ research study into how organizations discover, prioritize, and remediate security exposures. It was released on July 2, 2026, and unveiled at Check Point Engage in Paris.

What is the “exposure gap”?
The exposure gap is the distance between visibility, prioritization, and safe remediation — the gap between when a security exposure becomes known and when it is actually fixed. As AI-assisted attacks accelerate, that window is shrinking.

What did the report find about critical vulnerabilities?
Vulnerabilities made up 42.6% of all critical exposures in 2026, more than double the 18.7% recorded the year before, making them the single largest category of critical exposure.

How many vulnerability alerts actually require urgent action?
Only 7.8% of vulnerability alerts — fewer than 1 in 12 — warranted Critical or High attention after exploitability validation. More than 90% did not require immediate remediation focus.

What are the biggest sources of critical exposure?
76% of all critical exposures came from just two categories: vulnerabilities and internal information disclosure.

Is phishing a growing exposure category?
Yes. Phishing websites grew to 10.5% of critical exposures in 2026, up sharply from 1.0% the year before — one of the fastest-growing exposure types measured.

Are organizations able to keep up with remediation?
Yes. Organizations acted on 85.9% of recommended fixes across the industries analyzed, showing exposures can be closed at scale with the right prioritization and workflows in place.

How fast can organizations remediate critical exposures?
The fastest sector posted a median remediation time of 12.6 hours. Utilities led in same-hour resolution, with 30% of critical exposures resolved within one hour.

Which industry is slowest to remediate, and why?
Healthcare recorded the slowest median remediation time, at 158.8 hours, despite a strong fix-implementation rate — reflecting legacy systems, clinical uptime requirements, and change control constraints.

What does Check Point recommend organizations do?
Move from detection-first to exposure-first security: validate which exposures are genuinely exploitable, prioritize based on evidence rather than alert volume, and remediate safely without disrupting operations.

What is Check Point Exposure Management?
A capability within Check Point’s Exposure Management pillar that connects discovery, evidence-based prioritization, exploitability validation, control assessment, and safe remediation in a single workflow.

Legal Notice Regarding Forward-Looking Statements 
This press release contains forward-looking statements. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding our products and solutions, our expectations regarding future growth, the expansion of Check Point’s industry leadership, the enhancement of shareholder value and the delivery of an industry-leading cyber security platform to customers worldwide. Our expectations and beliefs regarding these matters may not materialize, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on March 31, 2026. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law. 

 

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/as-ai-floods-security-teams-with-alerts-new-check-point-exposure-management-research-finds-critical-vulnerabilities-have-doubled-yet-fewer-than-1-in-12-demand-urgent-action-302816720.html

SOURCE Check Point Software Technologies

Author

Leave a Reply

Related Articles

Back to top button