Today's threat environment is a challenging one. Perimeter protection is no longer enough; 75% of organisations access a malicious site every 23 minutes, and 100 000 new malware strands are created, on average, each day.
Itai Greenberg, product line manager at Check Point Software Technologies, speaking at the Check Point Security Tour in Johannesburg this morning, said the company is expanding its threat prevention vision and its security services by adding Managed Security Services, 24/7 security monitoring assisted by the company's experts, and Incident Response Services to fight major network attacks with Check Point's 'A-Team' of experts.
To prevent attacks from happening, the company has introduced a Threat Emulation Software Blade that prevents infections from undiscovered exploits, as well as zero-day and targeted attacks.
According to Greenberg, traditional solutions have focused on detection, providing notifications after a threat has breached the network. Check Point's Threat Emulation technology blocks new threats, so infection does not occur. This removes the headaches caused by infection remediation.
Last year, he says the company introduced 3D security that redefines security as a three-dimensional business process that combines policies, people and enforcement for stronger protection across all layers of security - including network, data and endpoints.
The new release builds on this approach, and quickly inspects suspicious files, emulates how they run to discover malicious behaviour, and completely prevents malware from entering the network.
It then instantly reports new threats to Check Point's ThreatCloud service and automatically shares the newly identified threats with other customers. "There are over 2 500 gateways worldwide already contributing attack information."
Threat Emulation includes IPS Software Blade that stops exploits of known vulnerabilities, the Anti-Bot Software Blade that detects and prevents bot damage, and the Antivirus Software Blade that blocks downloads of malware-infested files.
Unknown exposures and zero-day exploits are top attack vectors in today's network environments, mainly as they can avoid traditional malware detection, making it tricky for businesses to keep up with the sheer volume of threats, he said.
The new release prevents threats by vetting downloaded files and common e-mail attachments such as Adobe PDFs and Microsoft Office files. Suspicious files are opened inside a sandbox, or secure environment for running untrusted apps, and are simultaneously monitored for unusual system behaviour, including abnormal system registry changes, network connections or system processes - providing real-time assessment of the file's behaviour.
Any malicious files found are blocked inline at the gateway.
Threat Emulation offers customers flexible deployment options within either dedicated appliances or through a cloud-based service.
Share