What happens to enterprise security when the attack surface is no longer the network perimeter but the browser tab your employee has open?
Check Point is answering that question with its acquisition of Rotate, a Tel Aviv-based startup founded in 2023 that built a platform for centrally managing security across fragmented digital work environments. The deal, announced alongside Check Point's purchases of Israeli startups Cyclops and Cyata, is part of CEO Nadav Zafrir's broader push to consolidate cybersecurity under one operational roof.
But it is the Rotate acquisition that tells us the most about where Check Point thinks the real vulnerability lies.
Why Workspace Security Matters Now
The traditional cybersecurity model was built for a world where employees worked inside a defined corporate network. Firewalls, endpoint detection, and VPNs were designed to protect that perimeter. That model has been eroding for years, but AI-powered threats are accelerating the collapse.
Attackers are no longer just trying to breach a network. They are targeting collaboration tools, SaaS applications, email platforms, and browser-based workflows. These are the tools employees use every day, often outside the protection of legacy security infrastructure. The threat surface has shifted from the server room to the workspace itself.
Consider the scale of the problem. The global managed security services market stands at roughly $38 billion in 2025 and is forecast to reach nearly $70 billion by 2030. The SaaS security market alone was valued at approximately $11.2 billion in 2024 and is expected to more than double to $24.7 billion by 2033. That growth is not driven by hype. It is driven by a structural reality: enterprises now manage an average of 110 or more SaaS applications each, and every single one of those applications represents a potential entry point that traditional perimeter security was never designed to cover.
Check Point's response is to create an entirely new division called "Workspace Security," with Rotate's team forming the foundation. This is not a minor product update. It is a structural bet that the next phase of enterprise security will be defined by unified protection across every tool an employee touches, from email to cloud storage to SaaS platforms to remote access environments.
"This acquisition will allow us to accelerate toward a consolidated, unified ability to work with MSPs,"
Zafrir explains, framing the move around the reality that AI-powered attacks are becoming increasingly automated and are targeting daily workflows rather than traditional network infrastructure.
Who Built Rotate and What They Bring
Rotate was founded by CEO Ro'ee Margalit and CTO Avidan Barak, both veterans of Israel's Unit 8200 and the Prime Minister's Office. The company raised approximately $8 million from investors including at.inc, Treasury, UpWest, G20, and Torch.
What made Rotate distinct was its focus on building a purpose-built platform for managing security across scattered digital work environments from a single pane of glass. Instead of stitching together point solutions, Rotate designed for unified protection from the ground up.
Margalit was an early employee at Bonobo AI. Barak held senior roles at Datto and Kaseya, companies deeply embedded in the managed service provider ecosystem. That operational experience with MSP workflows and their specific security gaps is a direct asset for Check Point as it expands its channel presence. MSPs and channel partners represent a growing distribution layer for Check Point, and Rotate's familiarity with that ecosystem should help accelerate product development for those partners.
"Our goal is to make unified, AI-driven protection accessible to millions of organizations worldwide," Margalit said of the transition into Check Point.
The Bigger Picture
The cybersecurity industry has been consolidating for years, but the logic behind each deal varies. Some acquisitions are about adding features to a product suite. Others are about entering a new market. This one is about building a category.
Workspace security, as Check Point is defining it, does not have a clear market leader yet. The problem it addresses, protecting the fragmented collection of SaaS tools, browsers, email clients, and collaboration platforms that constitute the modern workplace, has mostly been handled by layering multiple point solutions on top of each other. That approach creates complexity, gaps, and operational overhead.
Check Point is betting that a unified protection layer, one that consolidates security across devices, browsers, email, SaaS platforms, and remote access, will become the standard. If that bet is correct, the Rotate deal positions Check Point at the front of a category that barely existed two years ago.
For small and mid-sized organizations that rely on MSPs for their security needs, this matters directly. These businesses often lack the internal resources to manage multiple security vendors. A consolidated platform that their MSP can operate from a single interface reduces cost and, more importantly, reduces the gaps between tools that attackers exploit.
Final Thoughts
The interesting part of this deal is not the acquisition itself. Cybersecurity companies acquire startups constantly. What is interesting is the category creation.
Check Point is not just adding Rotate's platform to its existing product line. It is using Rotate's team and operational DNA to build a Workspace Security division from scratch. That is a statement about where the company believes the next generation of threats will concentrate, and it suggests that Check Point sees the workspace, not the network, as the primary battleground for the next several years.
Whether that bet pays off depends on execution. But the logic is sound. AI-driven attacks are moving faster than legacy security architectures can adapt. Unified protection across fragmented workspaces is not a feature request. It is becoming a structural requirement.
Don’t forget to like and share the story!
This author is an independent contributor publishing via our