Check Point® Software Technologies Ltd. (Nasdaq: CHKP) today announced Check Point SandBlast™ Agent, an evolution of the company’s advanced perimeter security and zero-day protection technology SandBlast, designed to keep endpoint devices and the data stored on them safe no matter where they go. In addition to the proactive protection provided by sandboxing and threat extraction, SandBlast Agent incorporates forensics capabilities to automate incident analysis, providing organizations confidence in effectively responding to current and future threats.
In an increasingly connected world, enabling workers to access corporate information through a variety of devices – whether on the office network or from a remote location – can dramatically increase innovation, productivity and growth opportunities. But despite their importance, protection for these devices is limited by traditional, signature-based, anti-virus agents that only detect known threats. Given this, hackers are now increasingly targeting devices, especially those at the endpoint, with more sophisticated zero-day attacks such as new evasive variants of cryptowall and cryptolocker malware.
“Those of us on the front lines of enterprise security, we see the reality of modern hacking techniques, where anti-virus solutions are becoming less dependable against these newer threats. It is critical not only to do the best job possible detecting the latest malware, but also to respond rapidly as events occur,” said Michael Brine, infrastructure manager, Community Newspaper Group. “By preventing more attacks from reaching our users, and then empowering our team to quickly contain threats before they can impact operations, we allow our highly mobile workforce to manage their business with confidence.”
To defend against these modern attacks, businesses need to take a new approach to improve endpoint security. SandBlast Agent is the only solution that integrates zero-day protection for the endpoint with automated forensics and incident response capabilities. Key features include:
- Endpoint security designed for today’s business demands. SandBlast Agent implements protection directly on the endpoint to detect and block advanced attacks from email, removable media and web-based threats such as spear phishing and watering holes. Based on a remote sandboxing model, the non-intrusive, low-overhead deployment has minimal impact on local performance, while maintaining full compatibility with installed applications. Individuals are able to work with a safe, sanitized version of common document formats, while thorough file analysis is underway.
- Next-generation technology to identify, contain infections. SandBlast Agent detects suspicious communication activity generated by infected devices, blocks attempts to exfiltrate sensitive data from the organization and quarantines infected endpoints to prevent the spread of the infection. SandBlast Agent is built on Check Point’s next-generation threat prevention solution, SandBlast, which received a “recommended” rating in the most recent NSS Labs Breach Detection Systems (BDS) group test, and was among the top scoring solutions in security effectiveness and value.
- Comprehensive, automated analysis for actionable reporting. The automated incident analysis capability in SandBlast Agent provides full visibility into security events to minimize potential damages and related remediation costs. With its automated forensics capabilities, SandBlast Agent immediately builds actionable, interactive reports to fully understand the root cause, malware entry points and scope of damage. This enables rapid remediation and limits the spread of malware and the damage it may cause.
“Organizations face significant challenges as hackers aggressively target end-user systems with a range of advanced threats aimed at bypassing signature-based antivirus security products,” said Nathan Shuchami, head of threat prevention, Check Point. “With SandBlast Agent, we are able to prevent attacks based on the latest and most advanced malware techniques, whether users are inside or outside the network perimeter.”
Follow Check Point via:
Check Point Blog: https://blog.checkpoint.com/