Endpoint Protection
and Threat Prevention
1 “Cybercrime: The Credential Connection,” IDC
Webinar: "Endpoints at the Edge: The Stakes are Rising"
Innovative Threat Prevention Technologies
Uses static, dynamic, and behavioral detection and prevention technologies with advanced artificial intelligence to provide high catch rates and low false positives
Insightful Detection and Response
Assures continuous collection of comprehensive and complete raw forensics data, employing full attack remediation capabilities
Complete Endpoint Security Solution
Integrates into Check Point Infinity to get maximum prevention across all attack surfaces, shared intelligence, and a single point of management (cloud service or on premise)
Forrester Research Names Check Point a Leader in Endpoint Security Suites
Key Product Benefits
- Mature endpoint capabilities to protect against known and unknown cyberattacks
- Industry best practices elevate endpoint security to combat targeted and evasive attacks
- High catch rates and low false positives ensure efficient security efficacy and effective prevention
- Automated forensics data analysis offers detailed insights into threats
- Full attack containment and remediation quickly restore any infected systems
SandBlast Agent Features
SandBlast Agent is a complete endpoint security solution offering a fleet of advanced endpoint threat prevention capabilities so you can safely navigate today’s menacing threat landscape.
It provides a comprehensive system to proactively prevent, detect, and remediate evasive malware attacks.
Additional Features
Protects endpoints from known viruses, worms, and Trojan horse malware and it serves as the baseline endpoint threat prevention engine against known attacks using signature and heuristics.
Protects data stored on the computers by encrypting removable media devices and allowing tight control over computers’ ports (USB, Bluetooth, and so on).
Provides secure, seamless, and remote access to corporate networks.
Stops unwanted traffic, prevents malware, and blocks targeted attacks, ensuring protected computers comply with security requirements; assigns different security levels according to the compliance state of the endpoint computer.
Cloud Management or On-premise
SandBlast Agent offers unified, scalable, and granular management available as a cloud service or installed on your premise.
- Unified – Manage all your endpoint security needs from a single console
- Scalable – Use one management infrastructure to manage your endpoints, from a few to hundreds of thousand devices
- Granular – Choose the management granularity that fits your needs. Relay product best practices based on defaults; go deeper by configuring everything on your system, or anywhere in between
SandBlast Agent cloud management service is fully deployed,maintained, and optimized by Check Point enabling rapid deployment, elastic growth, continuous updates and location independent.
SandBlast Agent Options and Specifications
|
Features |
Data Protection |
Basic |
Advanced |
Complete |
Unified Endpoint Security Advanced |
Unified Endpoint Security Complete |
|---|---|---|---|---|---|---|
| Deployment | ||||||
| Agent | ||||||
| Browser Extension | ||||||
| Mobile App | ||||||
| Reduce Attack Surface | ||||||
| Endpoint Firewall | ||||||
| Application Control | ||||||
| Endpoint Compliance | ||||||
| Port Protection (Peripheral control) | ||||||
| Remote Access VPN | ||||||
| Data Protection: Full disk and removable storage encryption | ||||||
| Prevent Attacks Before They Run | ||||||
| Endpoint Anti-Virus: Known signatures, heuristics | ||||||
| Static Analysis: Machine learning-based prevention | ||||||
| Anti-Exploit | ||||||
| Zero-Phishing: Anti-phishing, credentials reuse prevention | ||||||
| Threat Emulation (SandBox) | ||||||
| Threat Extraction (Document sanitization) | ||||||
| Runtime Detection and Protection | ||||||
| Anti-Ransomware | ||||||
| Behavioral Guard: Mutations of known malware, generic unknown malware | ||||||
| Behavioral Guard: File-less attacks | ||||||
| Anti-Bot: Malicious Command and Control (C&C) traffic detection | ||||||
| Anti-Evasion: Evasion techniques detection | ||||||
| Contain and Remediate | ||||||
| Block traffic to Command and Control (C&C) servers | ||||||
| Lateral movement prevention and infected machine isolation | ||||||
| Process termination and file quarantine | ||||||
| Encrypted file restoration | ||||||
| Full attack chain sterilization | ||||||
| Attack Investigation and Response (EDR) | ||||||
| Forensics collection | ||||||
| Automated event forensics analysis report | ||||||
| Threat hunting | ||||||
| Multi-surface attack immunization (IoC and IoA sharing) | ||||||
| Cloud Management | ||||||
| SandBlast Mobile (iOS and Android threat prevention) |
SandBlast Agent earns NSS "Recommended" status in Advanced Endpoint Protection (AEP) test
- 100% HTTP block rate
- 100% Email block rate
- 100% Offline threats block rate
- 100% Evasions block rate
- 0% False positives
Unified Security Infrastructure
SandBlast Agent is a core product of Check Point Infinity, a fully consolidated cyber security architecture providing unprecedented protection against Gen V mega-cyberattacks across network, endpoint, cloud, and mobile. The architecture is designed to resolve the complexities of growing connectivity and inefficient security.
Start your SandBlast Agent proof-of-concept today.
“The anti-ransomware blade is an amazing piece of technology. Not only does it protect you from ransomware but it doesn’t rely on signatures to do it. That means that even if you lose your internet connection you are still protected from unknown variants”
-Russell Walker, Chief Technology Officer, Mississippi Secretary of State.
Additional Resources
Downloads
SandBlast Agent Solution Brief
Check Point SandBlast Agent: Earns NSS “Recommended” Status in AEP Test
Whitepaper: Enterprise Security Performance
Report: The Forrester Wave™: Endpoint Security Suites, Q2 2018
Endpoints at the Edge: The Stakes Keep Rising
Hybrid Threat Prevention: A Practical Approach to Cyber Security