New integration closes a long-standing Zero Trust gap by eliminating persistent permissions and enabling real-time, policy-driven access across cloud environments
Apono announced a new integration with Check Point Software Technologies that delivers an advanced SASE-based Zero Standing Privilege (ZSP) architecture designed to eliminate long-lived permissions and provide real-time access across modern cloud environments. This solution enables organizations to significantly reduce their attack surface while maintaining the agility required across engineering, distributed teams, and incident response operations.
Traditional SCIM-based identity synchronization can take 30–60 minutes, forcing organizations to rely on standing access to avoid operational delays. The new Apono–Check Point integration removes this dependency by enforcing temporary, event-driven access directly through Harmony SASE. Users receive only the permissions required for the specific task and time window, with access automatically revoked when the work is complete.
“Cloud environments are now operated not only by humans but by automated systems and AI-driven agents,” said Ofir Stein, Co-founder and CTO of Apono. “These systems react in milliseconds, and access must follow the same pace. Our integration with Check Point allows access to rise and fall dynamically alongside the infrastructure, ensuring real-time enforcement whether the actor is an engineer or an automated agent.”
Enterprises increasingly rely on SASE frameworks to secure distributed workforces. However, traditional provisioning approaches introduce friction and slow response times, particularly during high-urgency moments such as incident response.
Also Read: CIO Influence Interview with Duncan Greatwood, CEO at Xage Security
The joint approach removes these bottlenecks by:
- Eliminating persistent permissions
- Replacing slow SCIM or identity provider syncs
- Enforcing temporary, real-time least-privilege access at the SASE enforcement layer
“Organizations are under increasing pressure to enforce Zero Trust without slowing down their teams,” said Amit Bareket, VP of Security Service Edge at Check Point Software. “With Harmony SASE, our collaboration with Apono extends Zero Trust from identity to Just-In-Time & Just-Enough network access enforcement in a single, cloud-delivered control plane. By unifying policy and real-time enforcement across users, devices, and apps, we eliminate unnecessary complexity and let teams stay productive without compromising security.”
Key Capabilities
- Real-time identity provisioning: Instantly adds or removes users from Harmony SASE groups without waiting for SCIM or IdP cycles.
- Policy-driven Zero Standing Privilege (ZSP): All access is temporary, time-bound, and governed by policy. Permissions automatically expire when no longer needed.
- Context-aware access workflows: Access can be triggered by signals such as incident acknowledgement, change management events, or ITSM workflows.
- Access rightsizing enforcement: Automates detection of over-privileged users and adjusts permissions to ensure least-privilege access.
Apono and Check Point plan to further expand the integration with advanced automation capabilities, additional context triggers, and broader governance workflows. Both companies share a long-term vision for a unified, real-time Zero Trust architecture where access appears only when needed and disappears automatically.
“When we talk about deeper automation and richer context, we’re talking about an access model that can react on its own,” said Ben Avner, Head of Technology Partnerships at Apono. “Partnering with Check Point gives us the foundation to deliver an end-to-end, real-time system where privileges rise and fall automatically with the work itself.”
Catch more CIO Insights: Why Today’s Web Agent Benchmarks Don’t Reflect Real-World Reliability
[To share your insights with us, please write to psen@itechseries.com ]
