SandBlast Threat Extraction

The SandBlast Threat Extraction technology is a capability of SandBlast Network and the SandBlast Agent endpoint protection solutions. It removes exploitable content, reconstructs files to eliminate potential threats, and delivers sanitized content to users in a few seconds to maintain business flow.

Remove Exploitable
Content

Reconstruct files with known safe elements in web-downloaded documents and emails.

Safe Content
Delivery

Immediate delivery of sanitized versions of potentially malicious files to maintain business flow.

Complete Threat
Visibility

Access to original files after background analysis of attack attempts.

SandBlast Threat Extraction Features

Prompt Delivery of Safe Content

SandBlast Network and SandBlast Agent utilize Threat Extraction technology to eliminate threats and promptly deliver safe, sanitized content to its intended destination. Original files are accessible after undergoing background analysis by the Threat Emulation engine.

Protects Common File Types

SandBlast Threat Extraction supports the most common document types used in organizations today, including Microsoft Office Word, Excel, and Power Point, and Adobe PDF documents. Administrators can select which of these document types will undergo Threat Extraction when entering the network via email or web download.

Easy Deployment and Flexible Protection Options

Installed as an additional software blade on the gateway as part of the SandBlast Network and SandBlast Agent solutions, Threat Extraction is integrated in Mail Transfer Agent-Mode to the email network. It can be applied across the organization, or implemented only for specific individuals, domains, or departments. Administrators can configure included users and groups based upon needs, and can use this to facilitate gradual organizational deployment. Document protection options can be selected depending on operational needs.

Proactive Protection

Traditional detection technologies take time to search for and identify threats before blocking them. Due to unacceptable delays, many solutions are deployed only in detect mode, leaving networks vulnerable to threats. SandBlast Network and SandBlast Agent solutions leverage the Threat Extraction capability to preemptively eliminate delays associated with traditional solutions, reduce risk, and enable real-world deployment in prevent mode.

Extended Protection to Endpoints

Using SandBlast Agent, the protections of Threat Extraction can now be extended to end-user systems, keeping users safe no matter where they go. For laptop users roaming beyond the perimeter, attacks originating as attachments within emails or web downloads undergo conversion to safe, reconstructed versions with minimal delay.

“We’ve had a really good experience with Check Point Next Generation appliances and SandBlast technology. We are now confident we are well protected against both known and unknown attacks. Our team can do more now that they’re not focused on mitigating. Thanks to Check Point’s advanced threat prevention, the company can feel safe while expending fewer resources on remediation.”

– Juan Muñoz, Assistant Director of Infrastructure, Grupo Financiero Multiva

READ THE STORY