Check Point Enables Email Security Telemetry to Flow into CrowdStrike Falcon Next-Gen SIEM

Rhea-AI Summary

Check Point (NASDAQ: CHKP) announced on March 17, 2026 that its Email Security telemetry can now flow into CrowdStrike Falcon Next‑Gen SIEM. The integration lets security teams ingest and correlate email activity with identity and endpoint signals to streamline investigations across inbox-to-endpoint workflows.

The connector is available today and extends Check Point's Open Garden strategy by unifying telemetry from Email & Collaboration Security, Hybrid Mesh, Exposure Management and Workspace products inside the CrowdStrike Falcon platform.

Market Reality Check

Price: $153.95 Vol: Volume 560,071 is 0.39x t...

low vol

$153.95 Last Close

Volume Volume 560,071 is 0.39x the 20-day average of 1,427,633, suggesting limited immediate reaction. low

Technical Shares trade below the 200-day MA, with price at 152.83 vs MA 193.96, sitting 34.79% below the 52-week high and 1.77% above the 52-week low.

Peers on Argus

CHKP is down 0.53% while close software infrastructure peers show mixed moves (e...

CHKP is down 0.53% while close software infrastructure peers show mixed moves (e.g., FFIV -1.93%, GEN -0.67%, but IOT +2.26%, NTNX +3.26%, GDDY +1.25%). With no peers in the momentum scanner and no same-day peer headlines, the reaction appears stock-specific rather than a broad sector move.

Historical Context

5 past events · Latest: Mar 05 (Positive)

Pattern 5 events

Date	Event	Sentiment	Move	Catalyst
Mar 05	AI advisory launch	Positive	+4.1%	Introduced Secure AI Advisory Service with governance and risk dashboard.
Feb 17	Industry recognition	Positive	-3.8%	Named Leader & Fast Mover in GigaOm Radar for cloud security.
Feb 12	Earnings results	Positive	-6.8%	Reported Q4 and 2025 revenue and EPS growth with strong cash position.
Jan 28	Threat landscape report	Neutral	-1.5%	Published 2026 Cyber Security Report showing higher global attack volumes.
Jan 27	Cyber partnership	Positive	-1.0%	Announced Hendrick Motorsports partnership for racing cyber protection.

Pattern Detected

Recent history shows several positive catalysts (earnings beat, leadership recognition, partnerships) followed by negative price reactions, with only the Secure AI Advisory launch seeing a clear positive move. This suggests a pattern where good news often met profit-taking or muted enthusiasm.

Recent Company History

Over the last few months, Check Point has reported stronger financials and expanded its security offerings. On Feb 12, 2026, Q4 and 2025 results showed revenue and EPS gains plus strategic M&A, yet shares fell 6.8%. Recognition as a Leader & Fast Mover in GigaOm’s cloud security report on Feb 17, 2026 also saw a 3.77% decline. By contrast, the Secure AI Advisory Service launch on Mar 5, 2026 drove a 4.07% gain. Today’s CrowdStrike SIEM integration continues the theme of deepening platform integrations and AI-aware security capabilities.

Market Pulse Summary

This announcement adds another integration to Check Point’s security ecosystem, feeding email securi...

Analysis

This announcement adds another integration to Check Point’s security ecosystem, feeding email security telemetry into CrowdStrike’s Next-Gen SIEM to connect inbox and endpoint investigations. It follows recent launches in AI advisory services and steady financial growth highlighted in 2025 results. Investors may track adoption of these integrations, evolving AI-related offerings, and subsequent financial disclosures to gauge how effectively these product moves translate into revenue momentum and competitive positioning over time.

Key Terms

telemetry, siem, endpoint, threat intelligence

4 terms

telemetry technical

"announced a new integration that enables email security telemetry from Check Point"

Telemetry is the automatic collection and transmission of measurements from remote devices, systems, or patients to a central system for monitoring and analysis—like a car sending engine, speed and location data back to a dashboard. For investors it matters because telemetry provides real-time evidence of product performance, safety and user behavior, helping assess revenue potential, operational risk, regulatory compliance and whether a product is meeting market demand.

siem technical

"to flow into CrowdStrike Falcon® Next-Gen SIEM."

SIEM (Security Information and Event Management) is a software system that gathers and analyzes security-related data from across a company's computers and networks to spot suspicious activity, like a central security dashboard that flags and explains alarms from many sensors. For investors it matters because a strong SIEM helps prevent costly breaches, supports regulatory compliance, and can reduce financial and reputational risk; for vendors it can be a key revenue and growth area.

endpoint technical

"correlate email-based activity with downstream identity and endpoint signals"

An endpoint in clinical research is the specific outcome investigators decide in advance to measure whether a treatment is effective or safe, such as symptom improvement, survival time, or a change in a lab value. For investors it matters because meeting or missing these pre-set goals is the main signal regulators and the market use to judge a drug’s prospects—like a race’s finish line that determines if a product can move forward, win approval, and generate revenue.

threat intelligence technical

"Check Point will provide advanced threat prevention, real-time threat intelligence, and unified"

Threat intelligence is actionable information about cyber risks—who might attack, how they operate, and what systems or data are vulnerable—gathered from monitoring networks, software behavior, and public reports. For investors it matters because strong threat intelligence helps a company prevent disruptions, avoid costly breaches and fines, and protect reputation, much like a weather forecast and neighborhood watch help a community prepare for storms and deter crime.

AI-generated analysis. Not financial advice.

REDWOOD CITY, Calif., March 17, 2026 (GLOBE NEWSWIRE) -- Check Point Software Technologies Ltd. (NASDAQ: CHKP) today announced a new integration that enables email security telemetry from Check Point Email Security to flow into CrowdStrike Falcon® Next-Gen SIEM.

The integration allows security teams to ingest and correlate email-based activity with downstream identity and endpoint signals during investigations, helping connect activity from inbox to endpoint within a single workflow.

“Email remains a primary entry point for credential theft and account takeover,” said Jonathan Gold Shalev, Head of Product Management for Email Security at Check Point Software Technologies. “By making telemetry from our Email & Collaboration Security product available within the CrowdStrike Falcon platform, we’re extending visibility across the attack chain and supporting more efficient investigations as part of our Open Garden strategy.”

The new connector enhances Check Point’s existing integrations across its broader security portfolio, including Check Point Hybrid Mesh, Exposure Management and Workspace solutions. It enables telemetry from these products to flow directly into the CrowdStrike Falcon platform, unifying these insights with other security signals.

Availability
The Check Point Email Security connector for CrowdStrike Falcon Next-Gen SIEM is available today.

For more information, visit our website.

Follow Check Point on LinkedIn, X (formerly Twitter), Facebook, YouTube and our blog.

About Check Point Software Technologies Ltd. 
Check Point Software Technologies Ltd. (www.checkpoint.com) is a global cyber security leader protecting more than 100,000 organizations worldwide. Its mission is to secure enterprises’ AI transformation. With a prevention-first approach and an open ecosystem architecture, Check Point helps organizations block advanced threats, prioritize exposures, and automate security operations across complex digital environments. The unified architecture simplifies protection across hybrid networks, multi-cloud environments, digital workspaces, and AI systems. Structured around four strategic pillars, Hybrid Mesh Network Security, Workspace Security, Exposure Management, and AI Security, Check Point delivers consistent protection and visibility across multivendor environments, enabling organizations to reduce risk, improve efficiency, and accelerate innovation without increasing complexity.


Legal Notice Regarding Forward-Looking Statements
This press release contains forward-looking statements. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding our products and solutions and Lakera’s products and solutions, our ability to leverage Lakera’s capabilities and integrate them into Check Point, our ability to deliver end-to-end AI security stack, our foundation of the new Check Point’s Global Center of Excellence for AI Security, and the consummation of the acquisition. Our expectations and beliefs regarding these matters may not materialize, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on March 17, 2025. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law.

MEDIA CONTACT:                                        Emilie Beneitez Lefebvre   Check Point Software Technologies        press@us.checkpoint.com

INVESTOR CONTACT: Kip E. Meintzer Check Point Software Technologies         ir@us.checkpoint.com

FAQ

What does the Check Point (CHKP) integration with CrowdStrike Falcon enable?

It enables email security telemetry from Check Point to flow into CrowdStrike Falcon for unified investigations. According to Check Point, teams can correlate email, identity, and endpoint signals within one workflow to speed threat detection and response across the attack chain.

Is the Check Point Email Security connector for CrowdStrike Falcon available now (March 17, 2026)?

Yes — the connector is available today. According to Check Point, the Email Security connector for CrowdStrike Falcon Next‑Gen SIEM is live and can be deployed to forward telemetry from Email & Collaboration Security into the Falcon platform.

How does the CHKP–CrowdStrike integration affect incident investigations?

It helps investigators connect inbox activity to endpoint and identity signals within one investigation workflow. According to Check Point, this unified telemetry aims to extend visibility across the attack chain and improve efficiency in tracing credential theft and account takeover attempts.

Which Check Point products feed telemetry into CrowdStrike Falcon through the new connector?

Telemetry from Email & Collaboration Security, Hybrid Mesh, Exposure Management and Workspace can flow into Falcon. According to Check Point, the connector extends existing integrations across its broader security portfolio to unify insights with other security signals.

Will the Check Point integration with CrowdStrike Falcon require additional licensing for CHKP customers?

The announcement does not specify licensing changes or costs. According to Check Point, the connector is available today, and customers should consult Check Point product documentation or sales channels for deployment and licensing details.