Check Point Extends Zero-Day Protection

Network security firm Check Point Software Technologies has unveiled a new zero-day protection technology designed to keep endpoint devices secure across the enterprise, no matter where they are located.

The new Check Point SandBlast Agent, an evolution of the company’s SandBlast perimeter security and zero-day protection technology, leverages a remote sandbox and incorporates forensics capabilities to automate incident analysis. The remote sandbox can be run in the cloud as a service, or on in house appliances.

The agent lightweight adds protection directly on endpoints to detect and block advanced attacks from email, removable media and web-based threats such as spear phishing and watering hole attacks, Check Point said. The agent can also detect and block command and control communications, stop data exfiltration, and quarantine infected systems to limit spread of malware.

With minimal impact on local performance, Check Point says the agent will not interfere with other applications, and works in conjunction with Antivirus and security solutions from other vendors.

The automated incident analysis capability provides visibility into security events to minimize potential damages and related remediation costs.

“With its automated forensics capabilities, SandBlast Agent immediately builds actionable, interactive reports to fully understand the root cause, malware entry points and scope of damage,” Check Point explained. “This enables rapid remediation and limits the spread of malware and the damage it may cause.”

Check Point SandBlast Agent is available immediately.

Related Reading: Growth in Endpoint Threats Calls for A Proactive Mindset