Attackers are increasingly capable of modifying their existing malware to slip into a victim’s infrastructure undetected. Because traditional security solutions are reactive and can only protect against already known threat vectors this leaves a gap in defenses.
Security company Check Point is launching its new SandBlast product that uses CPU-level threat detection to uncover threats at the pre-infection level. It elevates threat defense with evasion-resistant malware detection and comprehensive protection, significantly reducing the risk of expensive breaches.
"Enterprises are at risk of falling victim to targeted attacks, but implementing proactive, preventative technologies to block malware from entering the network will protect your business without compromising efficiency. Check Point SandBlast provides an additional layer of security from even the most sophisticated attacks by catching more malware, with minimal impact on delivery times", says Gil Shwed, CEO and chairman of Check Point Software Technologies. "The growth of our Threat Prevention portfolio continues to extend our depth of technology to enable us to continue to arming our customers with innovative defensive strategies against cybercrime. Together with Check Point Mobile Threat Prevention announced at Black Hat last month, Check Point is moving quickly and aggressively to secure the future".
Among SandBlast's features are the ability to identify malware at the exploit phase, even before evasion techniques can be applied. It can't be bypassed by delay loops, attempts to determine if a virtualised OS is in use, or other methods aimed at circumventing the sandbox.
By combining the power of CPU-level detection with OS-level emulation it works with a broad range of file types, including MS Office, PDF, flash, executables, and archives. An integrated Threat Extraction capability allows it to deliver safe versions of files. This means Check Point SandBlast can be deployed in prevent mode, while traditional sandbox products are typically run only in detect mode to avoid delivery delays.
SandBlast is available as a cloud service or an on-premise appliance and is part of a new generation of threat prevention products. Find out more on the CheckPoint site.