Artificial Intelligence is transforming business processes in all sectors, from the automation of customer service to autonomous decision systems. However, this advancement also expands the attack surface. Generative AI applications introduce risks that traditional solutions cannot address, such as prompt injection, inadvertent exposure of sensitive information, generation of harmful content, or manipulation of usage patterns. These challenges stem from the open, language-based nature of AI models, which allows cybercriminals to bypass conventional defenses without adequate detection and security mechanisms in place.

In order to add a security focus, the company Check Point Software has announced the expansion of its protection capabilities for applications based on generative Artificial Intelligence by integrating CloudGuard WAF with Lakera’s advanced technology, already incorporated into Check Point Software. This combination offers a hardened prevention system for AI-powered applications, APIs, and agents without the need for additional administration, leveraging the protection of web application firewalls (WAF).

Double layer security architecture

The CloudGuard WAF GenAI Security extension, powered by WAF, incorporates a two-tier architecture specifically designed to protect AI applications with maximum adaptability and without manual adjustments, strengthening end-to-end security:

Supervised learning engine, trained with millions of benign and malicious prompts to achieve advanced detection rates.

Unsupervised learning engine, which adapts in real time to the specific behavior of each application or API, fine-tuning protection as models evolve.

Given the complexity of cyber threats, security testing, together with the right WAF solution, can make a difference

This approach provides high threat detection and reduces false positives, protecting against current and emerging risks with security levels that automatically adjust to each environment.

First layer: four engines dedicated to key GenAI risks

The first layer analyzes more than 90% of the traffic generated by AI applications, with engines specialized in:

  • Prompt injection prevention, blocking crafted prompts and jailbreak techniques.
  • Prevention of data leaks, avoiding the exposure of sensitive information in the model responses.
  • Content control, filtering inappropriate content or content that violates internal policies.
  • Usage control, detecting abuses, anomalies or abnormal consumption of resources.

This layer, based on monitored models and a scalable approach, is strengthened by Lakera technology to improve resilience and security against known and emerging threats.

Second layer: real-time contextual analysis

The second layer delves into the specific behavior of each application using four refinement engines:

  • User behavior, comparing activity against expected patterns.
  • Group behavior, learning from legitimate interactions to adjust protection.
  • Trusted users, accelerating validation through allowlists of verified entries.
  • Semantic engine (patent pending), which identifies valid prompts through unsupervised semantic analysis.

These capabilities allow maintaining high precision with a minimum number of false positives, reinforcing security with each new interaction.

As Eusebio Nieva, technical director of Check Point Software for Spain and Portugal, explains, “the expansion of CloudGuard WAF GenAI Security marks a decisive step in our strategy to offer a comprehensive security platform for AI. By incorporating Lakera’s advanced capabilities, we provide leading prevention, adaptable in real time and ready to protect applications, APIs and agents from day one. We offer security capable of understanding more than a hundred native languages, with precision with practically no false positives and without the need for adjustments. Our goal is that organizations can innovate with generative AI with maximum confidence, from the interaction of your employees to the deployment of autonomous agents.”

Choosing a correct WAF

With cyber threats on the rise, organizations are increasingly concerned about their security. An area of ​​particular concern is web applications and APIs that drive key business processes. To protect critical applications, efficient web application firewalls (WAFs) that block malicious traffic are required. A well-configured WAF acts as the first line of defense against external threats, maintaining trust, ensuring regulatory compliance and ensuring continuity of operations.

Resource-constrained security teams often don’t have the time to proactively test the security capabilities of their networks and applications. Check Point Software understands this challenge and recently released the results of its WAF 2025 Benchmark Project, which evaluates the effectiveness of leading WAF solutions in real-world conditions.

Testing ensures that organizations select solutions that are not only effective in detecting threats, but also minimize false positives, thereby maintaining smooth operations. A well-designed WAF protects critical assets without compromising business workflows, ensuring that security measures improve, rather than hinder, operational efficiency. With cyber threats becoming more complex, security testing, along with the right WAF solution, can make the difference between resilience and vulnerability.

Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.