Securing AI agents through integrated detection, governance and runtime protection

Check Point® Software Technologies Ltd., a pioneer and global leader in cybersecurity solutions, is integrating its AI Defense Platform into Google Cloud’s Gemini Enterprise Agent Platform. The integration combines centralised agent management with contextual intelligence and real-time behavioural protection to provide comprehensive security for organisations deploying AI agents at scale.

AI in the enterprise is evolving from chat assistants to autonomous agents that invoke tools, query data and execute workflows. For this reason, traditional security controls are no longer sufficient. Security is no longer just about who has access, but also about what the AI is permitted to do. Organisations need protective measures in the areas where AI risks become a reality: at runtime, in production, and during live agent interactions.

“The evolving architecture for agent-based security requires three layers: a control layer for identity and connectivity, a governance layer for policy enforcement, and a runtime intelligence layer to protect against behavioural patterns,” says David Haber, VP of AI Security at Check Point Software Technologies. “Google Cloud’s Enterprise Agent Platform provides the control layer. Check Point complements the other two layers. We determine which agents, tools and connections are permitted, and we review every action at runtime to decide whether it should be executed, because in agent-based systems, access alone does not guarantee the correct outcome.”

This integration offers three layers of agent security:

• Full visibility into the agent structure: Automatically discovers all agents deployed in Google Cloud environments, including their components, tools and server connections, via the Google Cloud Model Context Protocol (MCP).
• Pre-deployment enforcement of controls: Enables security teams to define and enforce policies: whitelists and blacklists for MCP servers, tools and skills; agent security posture policies that flag or block risky configurations; and centralised policy management for the entire agent estate.
• Runtime security measures in production: provides additional context-aware real-time protection directly via the Agent Gateway. These include the detection and prevention of prompt injection attacks in agent inputs, tool responses and multi-step conversations; the prevention of sensitive data loss through agent responses and tool actions; and the verification of agent-tool calls prior to execution.

“Google Cloud is committed to providing the most open cloud in the industry and helping customers drive their digital transformation,” explains Vineet Bhan, Director of Security and Identity Partnerships at Google Cloud. “As part of this new partnership, Check Point will leverage Google Cloud’s infrastructure to develop new capabilities that can improve operational workflows and deliver real value to businesses.”