Check Point Threat Emulation

In February, 2013 the Check Point company announced release of a program blade of Threat Emulation which is capable to prevent infection of computer systems from unknown before exploits, vulnerabilities of zero day and the target attacks. This innovative solution quickly and carefully checks suspicious files, executing emulation of their behavior in a system in time to reveal potential injuriousness and to prevent penetration of undesirable components into network. Check Point Threat Emulation immediately announces again detected threats in online service Check Point ThreatCloud, and this information becomes at once available to other clients.

To bypass protection, cybercriminals resort to new technologies and also constantly alter already used. Every day them from 70 to 100 thousand new samples of the malware are created and extends on networks on average. At the heart of the traditional solutions applied to fight against threats the detection method lies, i.e. notifications on invasion into network appear when it already occurred. The Check Point Threat Emulation technology goes further, blocking new threats and preventing infection. It allows to avoid dead times and efforts and also saves from a set of other problems which often arise at a treatment stage.

"Unknown before vulnerability and exploits of zero day are principal directions of the attack in today's network environments — Dorit Dor, the vice president for products of Check Point Software Technologies company says. — It occurs first of all because through them it is possible to bypass easily traditional means of protecting from malware. The organizations often just cannot cope with a huge flow of threats. Our new program blade Threat Emulation not only reveals invasions, but also is the first solution capable to prevent infection at initial contact. Clients have an opportunity to block the attacks unknown before before they begin to pose security risk or to the usual course of business.

Check Point Threat Emulation prevents the attacks by careful verification of the files loaded from the Internet and such widespread investments in e-mail messages as files of Adobe of PDF and Microsoft Office. Suspicious files open in Threat Emulation "sandbox", and check whether are initiated at start of the file any non-standard actions — for example, emergency changes in the system registry, network connections or system processes is at the same time made. It is controlled in real time. If it becomes clear that the file has harmful character, it is blocked on a network gateway. Its signature at once goes to online service Check Point ThreatCloud™ and further extends on gateways of all her subscribers, automatically organizing protection against just detected threat.

"Cyber attacks become more and more sophisticated — Charles Kolodgy, the vice president of IDC company for researches in the field of security emphasizes. — Cybercriminals make considerable efforts for that malware could not be detected by standard methods. Wednesday complete of threats complicates protection of valuable information for the organizations. Decision makers, ensuring network security, realize that in the industry there is a pent-up demand for them, and develop the advanced methods allowing to detect and block earlier imperceptible hacker attacks. The program blade of Threat Emulation provided by Check Point company considerably complicates to cybercriminals life, reliably protecting the data which are in the organizations from theft".