A bot is malicious software that allows cyber criminals to remotely control computers and execute illegal activities such as stealing data, spreading spam and distributing malware. Check Point Anti-Bot detects bot-infected machines, prevents bot damages by blocking bot C&C communications, and continually updates from ThreatCloud, the first collaborative network to fight cyber crime.
Discover bot outbreaks, detect Advanced Persistent Threats (APT) and stop bot damage
Real-time security intelligence delivered from ThreatCloud
First integrated Anti-Bot network solution
Our Check Point solution integrates all the security blades we need, such as Anti-Bot and DLP, so we don’t have to pay $20,000 or more to purchase separate security products. Also, we don’t have to manage devices. Instead, we get a complete view of
the security in one place.
Director of Network Security
SF Police Credit Union
Complete Anti-Bot solution integrated into the Check Point Infinity Architecture
Using Multi-Tier Bot Detection Engine discovers infections by correlating multiple detection methods
Malware reports and dashboards are integrated with SmartEvent with infection summaries and trends to provide better visibility to organizational malware threats and risks
Inline bot prevention – block bot communications from infected hosts.
ThreatCloud is a collaborative network and cloud-driven knowledge base that delivers real-time dynamic security intelligence to security gateways. The security intelligence identifies emerging outbreaks and threat trends. ThreatCloud powers Anti-Bot, allowing gateways to investigate always-changing IP, URL and DNS addresses where Command and Control Centers are known. Since processing is done in the cloud, millions of signatures and malware protection can be scanned in real time.
The ThreatCloud knowledge base updates dynamically using feeds from a network of global threat sensors, attack information from worldwide gateways, Check Point research labs and the industry’s best malware feeds. Correlated security threat information is then shared among all gateways collectively.
Forensics provides administrators and security teams with the information they need to analyze security events, investigate infections and assess damages.
Anti-Bot capabilities are also available in the optional SandBlast Agent, extending post-infection protection to end-user systems, to keep users safe no matter where they go. Malware contracted while roaming outside the network perimeter will be detected, and Command & Control activity blocked. With the addition of SandBlast Agent, more information is available for Anti-Bot detections, including the specific system and process demonstrating suspicious behavior, even when behind a NAT router.