24 May 2023

Checkpoint adds vulnerability and automated patch management to Endpoint Protection


Checkpoint Harmony Endpoint

Check Point Software Technologies has introduced posture management on their Harmony Endpoint Protection solution to address the increasing number of cyberattacks that exploit unpatched system vulnerabilities.

Checkpoint has integrated Ivanti into Harmony Endpoint to automatically detect, prioritize, and patch vulnerabilities to minimize attack surfaces. With Harmony Endpoint, you can perform custom scans on endpoints for Common Vulnerabilities and Exposures (CVE) in applications.

Endpoint vulnerabilities serve a direct entry point for cyberattackers to gain unauthorized access to an organization's network and sensitive data. But managing those vulnerabilities is extremely challenging.

The Check Point Harmony Endpoint Protection now optimizes your endpoint posture management by providing full visibility of existing vulnerabilities, risk assessment and remediate with the risk with automatic patch management. You can choose to patch vulnerabilities Automatically or Manually. This will minimize the attack surface on endpoints. 

Harmony Endpoint Posture Management provides the following:

  • Automatically scan enterprise endpoints with minimal performance impact.
  • Comprehensive overview of the status of all devices, saving time for IT and security teams
  • Automatically remediate vulnerabilities and enforce security policies to ensure secure and uninterrupted workflow


  • Patch management is supported only for Windows-based endpoints.
  • Patch management is supported with the Endpoint Security client version E87.10 and higher.
  • For macOS, this feature is available only to customers in the Early Availability (EA) program.

To enable and configure posture Management, Go to Policy > Access & Compliance > Compliance.
Scroll-down to Posture Assessment Settings.
Select the Enable Vulnerability assessment checkbox.
Configure other options like the scan type etc and click Save then install policy

To manage vulnerabilities, Go to Asset > Posture Management