For the third consecutive year, Check Point ranked #1 for security effectiveness in all categories of the Miercom Enterprise and Hybrid Mesh Firewall Report. This report includes two new metrics: SSE/SASE Threat Prevention and Known Exploited Vulnerabilities (KEVs).
Miercom’s independent, head-to-head stress testing establishes how well a platform can detect and block the latest generations of cyber security threats in real-world scenarios. Blocking at least 99% of cyber attacks is a key objective, because even a 90% block rate can translate to hundreds of costly attacks. Organizations subject to these attacks can face data loss, credential theft, ransomware demands, and long term vulnerabilities, ultimately resulting in loss of trust by customers, vendors, and investors.
With consequences like these, there is little room for error, making network security one of today’s most important business decisions. When choosing security solutions, organizations also need to consider the real costs of using products with a history of security vulnerabilities or slow response for product patches.
In the first few hours of zero day attacks there are no known ‘signatures’ to immediately trigger threat intelligence alerts or inform firewalls of a stealth attack. Therefore, zero day campaigns are the most difficult to defend against in the first 24 hours that they are launched. This is when a firewall’s security effectiveness and AI engines are put to the test.
Miercom, a leading security testing and certification lab, challenged the top five firewalls with the latest generation of cyber-attacks including new Zero+1* day malware and phishing.
Key Testing Results
Check Point led in all categories, including a 99.9% malware block rate, a 99.7% phishing prevention rate, and scored the highest for its Intrusion Prevention System (IPS).
Compare the Top Firewalls – [Download Miercom Report]
“Check Point did exceptionally well at blocking attacks in the first 24 hours, which is the window of highest risk for enterprises”, said Rob Smithers, CEO at Miercom.
Rob Smithers adds, “Check Point’s industry-leading block rate enables enterprises to effectively prevent new malware from entering and spreading across their networks, servers, and endpoints – saving them time, money, stress, and resources”.
Miercom testing included verifying the effectiveness of antivirus, Intrusion Prevention System (IPS), anti-bot, URL Filtering (URLF), sandboxing, AI/ML and phishing protection engines.
To determine each vendor’s threat prevention capabilities, Miercom performed testing over a three month period by continuously downloading sets of 500 files from Virus Total. These samples included: DOCX, XLSX, PDFs, EXEs, PowerShell and Bash scripts, APKs, DLLs and archived files. Testing was conducted concurrently across all vendors to assess their effectiveness in blocking modern cyber threats.
New Categories for 2025 Miercom Report
This year’s Miercom report adds two new categories for head-to-head comparison:
SSE/SASE Threat Prevention
Check Point led in this category as well with a 99% malware block rate. In this year’s report, Miercom includes a security efficacy metric for the Secure Services Edge (SSE/SASE) use case. While previous reports dealt with on-premises and cloud network firewalls, this year’s assessment aligns with the evolution of the hybrid mesh firewall requirement. Miercom provides a comprehensive view across all three deployment models: On-premises, cloud, and firewall-as-a-service (SSE/SASE).
Known Exploited Vulnerabilities (KEVs)
By a large margin, Check Point had the best metric with only 1 KEV vs. 11, 16, and 21 for its competitors. In addition to advanced threat prevention metrics, Miercom also provides another important category for head-to-head comparison: KEVs. This report compares the number of Known Exploited Vulnerabilities (KEVs) that each vendor’s firewall solution has experienced, based on publicly available data. KEV’s reflect product vulnerabilities that have been exploited, providing an indication of firewall product security and quality.
From a customer/user perspective, KEVs reflect the susceptibility of each vendor’s firewall solution to be hacked or breached. KEVs also represent a direct monetary and operational costs to users because a) they need to spend expensive operational time to document, study, test, and apply a patch each time a KEV is reported to the industry, and b) hackers will immediately start targeting organizations globally that use firewall products with known exploited vulnerabilities.
The Importance of Continuous Innovation in Threat Prevention
The technical requirements for security platforms have changed dramatically. For example, the newest generation of firewalls incorporate AI/ML solutions to counter cunning and evasive AI-driven attacks. This has pushed firewall evolution greatly over the last few years, including incorporating AI-based threat prevention engines, real-time threat intelligence, and more sophisticated automation.
Similarly, AI-assisted security policy management tools including digital assistants and AI agents can quickly identify vulnerabilities in an enterprise’s complex security policies – and recommend updates or specific steps for policy hygiene. AI copilots can help security teams with rapid analysis of newly announced CVEs (Common Vulnerabilities and Exploits) with guidance for patching or remediation – in minutes vs. weeks of tedious, manual research.
Check Point’s continued leadership in advanced threat prevention is directly attributable to its aggressive investments in AI/ML development, technology R&D, as well as continuous global cyber security research. All of this serves our mission of providing the best cyber security on the market and empowering our customers to stay ahead of threats.
The Miercom report provides a comprehensive set of performance tests and results, as well as details on testing methodologies. Read the full report: Download Miercom report
Learn more about Check Point Firewalls and Security Gateways