Check Point SandBlast Zero-Day Attack Protection
HomePartnersCheck Point — Check Point SandBlast Zero-Day Attack Protection

Hackers constantly modify their strategies and techniques to evade detection and reach corporate resources. Check Point SandBlast Zero-Day Attack Protection provides a deeper level of inspection so you can prevent more malware and zero-day attacks, while ensuring quick delivery of safe content to your users. Zero-day and advanced persistent threats use the element of surprise to bypass traditional security, making these threats difficult to protect against — and very popular with hackers. Traditional sandboxing was designed to help with these types of threats, but cybercriminals have evolved their techniques, creating evasive malware that can avoid detection by many sandbox solutions. As a result, many organizations find themselves taking reactive steps to counteract infection, rather than preventing it in the first place.

Enterprises need a multi-faceted prevention strategy that combines proactive protection that eliminates threats before they reach users, and state-of-the-art CPU-level exploit detection to expose even the most highly camouflaged threats. For enterprise networks at risk of targeted attacks, such as spear phishing and Advanced Persistent Threats, Check Point SandBlast provides industry-leading network protection from even the most sophisticated malware and zero-day threats. Using Threat Emulation sandboxing and Threat Extraction technologies, SandBlast Network prevents unknown malware and zero-day attacks from reaching users. Unlike traditional solutions that are subject to evasion techniques, introduce unacceptable delays, or let potential threats through while evaluating files, Check Point SandBlast stops more malware from entering your network, while maintaining the rapid pace of modern business.

Check Point SandBlast Network Security

Hackers are increasingly targeting enterprise networks using sophisticated tools such as new zero-day threats. A more proactive security approach is required to identify and stop such attacks. SandBlast Zero-Day Protection elevates network security to the next level with evasion-resistant malware detection, and complete protection from even the most dangerous attacks – ensuring quick delivery of safe content to your users. Stop hackers from evading detection and infiltrating your network, reducing risk of expensive breaches or downtime. Detect and block new or previously undiscovered threats, across a wide range of file types. Unique CPU-level inspection identifies the most dangerous targeted threats in their infancy, before malware has an opportunity to deploy and evade detection. Unlike static and behavioral analysis, or solutions based on heuristics, evaluation of potential malware occurs at the instruction level, where exploits cannot hide.

Check Point SandBlast Agent

As emerging threats increasingly target endpoints, organizations require proactive security that can keep up with the pace modern business demands. SandBlast Agent defends endpoints with a complete set of real-time advanced protection technologies, including Threat Emulation, Threat Extraction, Anti-Ransomware, Anti-Bot, Zero Phishing and Automated Incident Analysis. Protect endpoints from sophisticated attacks and zero-day threats. Leverage Check Point’s evasion-resistant sandbox with the highest malware catch rate to block attacks from email, removable media and web-downloads. Quickly deliver safe, sanitized versions of common document formats to provide real-time protection and maintain uninterrupted business flow. Block and remove evasive ransomware infections. Detect and quarantine the most advanced and evasive ransomware. Automatically recover any encrypted data.

Check Point SandBlast Cloud — Office 365 Email Security

Dramatic growth in the use of cloud-based email for the enterprise brings with it an array of security risks, including susceptibility to sophisticated attacks such as ransomware and APTs which use email as a primary entry point. Check Point SandBlast Cloud provides industry-leading security for Microsoft Office 365 email to prevent known threats and unknown malware from reaching end-users. Complete protection for cloud-based email environments from known and unknown threats. Extend industry-leading zero-day protection with the highest malware catch rates and evasion resistant CPU-level technology to your cloud email environments. Threat Emulation and Threat Extraction proactively prevent new, unknown and zero-day threats delivered via emails and file attachments. Antivirus and URL Reputation leverage information from ThreatCloud intelligence ecosystem to block the latest signature-based threats.

Check Point SandBlast Threat Emulation (Sandboxing)

As part of the Check Point SandBlast Zero-Day Protection solution, Threat Emulation prevents infections from new malware and targeted attacks. This innovative zero-day threat sandboxing capability within the SandBlast solution delivers the best possible catch rate for threats, and is virtually immune to attackers’ evasion techniques. Highest catch rate to protect your organization from unknown malware, zero-day and targeted attacks. Detect and block new, unknown malware and targeted attacks found in email attachments, downloaded files, and URLs to files within emails. Provide protection across one of the widest range of file types including, MS Office, Adobe PDF, Java, Flash, executables, and archives, as well as multiple Windows OS environments. Uncover threats hidden in SSL and TLS encrypted communications. Stop hackers from evading detection and infiltrating your network, reducing risk of expensive breaches.

Check Point SandBlast

Antivirus

The enhanced Check Point Antivirus Software Blade uses real-time virus signatures and anomaly based protections from ThreatCloud, the first collaborative network to fight cybercrime, to detect and block malware at the gateway before users are affected. ThreatCloud is a collaborative network and cloud-driven knowledge base that delivers real-time dynamic security intelligence to security gateways. That intelligence is used to identify emerging outbreaks and threat trends.

ThreatCloud powers the Antivirus Software Blade allowing gateways to investigate always-changing malware signatures. Since processing is done in the cloud, millions of signatures and malware protection can be scanned in real-time. ThreatCloud’s knowledgebase is dynamically updated using attack information from worldwide gateways, feeds from a network of global threat sensors, Check Point research labs and the industry’s best malware feeds. Correlated security threat information is then shared among all gateways collectively.

Mobile Security

Using smartphones and tablets to access critical business information on the go has many benefits, but can expose your sensitive data to risk. Check Point’s SandBlast Mobile protects your devices from advanced mobile threats, ensuring you can deploy and defend devices with confidence. Check Point SandBlast Mobile is the industry’s only unified, cross-platform solution to protect enterprises from mobile breaches. An extension of Check Point’s SandBlast family of products, SandBlast mobile detects and blocks attacks before they become widespread.

Only Check Point provides a complete mobile security solution that protects devices from threats on the device (OS), in apps, and in the network, and delivers the industry’s highest threat catch rate for iOS and Android. Check Point SandBlast Mobile uses malicious app detection to find known and unknown threats by applying threat emulation, advanced static code analysis, app reputation and machine learning.

Sandboxing

As part of the Check Point SandBlast Zero-Day Protection solution, Threat Emulation prevents infections from new malware and targeted attacks. This innovative zero-day threat sandboxing capability within the SandBlast solution delivers the best possible catch rate for threats, and is virtually immune to attackers’ evasion techniques. Highest catch rate to protect your organization from unknown malware, zero-day and targeted attacks. Detect and block new, unknown malware and targeted attacks found in email attachments, downloaded files, and URLs to files within emails.

Provide protection across one of the widest range of file types including, Microsoft Office, Adobe PDF, Java, Flash, executables, and archives, as well as multiple Microsoft Windows OS environments. Uncover threats hidden in SSL and TLS encrypted communications. Stop hackers from evading detection and infiltrating your network, reducing risk of expensive breaches. Identify even the most dangerous attacks in their infancy using unique CPU-level inspection.

Threat Prevention

The Next-Generation Threat Prevention software bundles provide organizations of all sizes — from small, midsize and large enterprises with comprehensive protection against known and unknown threats using two simple packages: Next Generation Threat Extraction (NGTX) and Next-Generation Threat Prevention (NGTP). Comprehensive threat protection is available in two simple packages for Check Point appliances. Next-Generation Threat Extraction (NGTX): Includes multi-layered protection from known threats AND zero-day attacks using SandBlast Threat Emulation, SandBlast Threat Extraction, Antivirus, Anti-bot, IPS, App Control, URL Filtering and Identity Awareness.

Next-Generation Threat Prevention (NGTP): Includes multi-layered protection from known, signature-based threats including Antivirus, Anti-Bot, IPS, App Control, URL Filtering and Identity Awareness. Supported on small, midsize and large-scale data center appliances, the NGTX and NGTP software bundles provide advanced threat protection against known threats, zero-day malware and even the most sophisticated attacks.

URL Filtering

The Check Point URL Filtering Software Blade provides optimized web security through full integration in the gateway to prevent bypass through external proxies. Integration of policy enforcement with Application Control means enhanced Web and Web 2.0 protection, and UserCheck technology empowers and educates users on web usage policy in real-time. The URL Filtering Software Blade is a key component of the Secure Web Gateway.

Utilize a dynamically updated database of over 200 Million Websites to allow, block or limit website access in real-time — all web site traffic, clear and SSL-encrypted. Choose from 64 pre-defined content categories. Scan and secure SSL encrypted traffic passing through the gateway. When traffic is passing through, the gateway decrypts the traffic with the sender’s public key, inspects and protects, then re-encrypts, sending the newly encrypted content to the receiver. Granularly define exceptions for SSL inspection to protect user privacy and comply with corporate policy.