Anti-virus, Next Generation Firewalls, and other core security solutions focus only on known threats, those with existing signatures or profiles. With an ever-growing number of new forms of malware hitting every hour, how do you protect against what you do not know? Traditional sandbox solutions identify “new” and unknown malware, but take time, risking potential exposure to network infection before detection and blocking occurs. Unfortunately, they are also vulnerable to evasion techniques capable of bypassing traditional sandbox detection technology.
Check Point SandBlast Zero-Day Protection employs Threat Emulation and Threat Extraction capabilities to elevate network security to the next level with evasion resistant malware detection, and comprehensive protection from the most dangerous attacks such as ransomware, spyware, Trojans and file-less malware – and at the same time ensures quick delivery of safe content to your users. Threat Emulation performs deep CPU-level inspection, stopping even the most dangerous attacks before malware has an opportunity to deploy and evade detection. SandBlast Threat Emulation uses OS-level inspection to examine a broad range of file types, including executables and data files. With its unique inspection capabilities, SandBlast Threat Emulation delivers the best possible catch rate for threats, and is virtually immune to attackers’ evasion techniques. SandBlast Threat Extraction complements this solution by promptly delivering safe content, or clean and reconstructed versions of potentially malicious files, maintaining uninterrupted business flow. By eliminating unacceptable delays created by traditional sandboxes, Threat Extraction makes real-world deployment in prevent mode possible, not just issuing alerts, but blocking malicious content from reaching users at all. Check Point SandBlast Zero-Day Protection provides complete detection, inspection, and protection against the most dangerous zero-day and targeted attacks at the network.