From 1,300 known viruses in 1997 to over 100,000 new malware variants created each day in today’s world, the business of threats has become an industry operating at a dizzying velocity. Combatting today’s industrial production of threats requires a unified, multi-layer threat prevention solution with an integrated sandbox. A multilayer solution makes it more difficult for attackers to get through, because there are more mechanisms and means to catch malicious content at different stages of the malware’s operation. The essential layer against the unknown and zero-day attacks is the sandbox, like Check Point’s Threat Emulation. Threat Emulation inspects files in a safe, virtual sandbox to discover malicious behavior before it enters the network, especially unknown and zero-day attacks.
Check Point’s Next Generation Threat Prevention with Threat Emulation Cloud Service was tested in the recent NSS Labs’ Breach Detection System (BDS) group test and delivered superb results earning the NSS ‘Recommended’ recognition for security effectiveness and value. Additionally, this test revealed some important insights:
Threat Emulation was perfect in the two most important measures of sandbox fidelity
- 100% on malware detection
- 100% resistant to sandbox evasion
Validates Threat Emulation Leadership
- These results further validate the Unknown 300 test and the Miercom Advanced Threat Prevention test where Check Point Threat Emulation delivered the best protection vs. the leading competitors. Together, these tests reinforce Check Point’s leadership in protecting against advanced threats.
Our 10th NSS Recommended
- We are proud to say this is our 10th NSS Recommended since 2011 including FW, IPS, NGFW and now BDS. It is also clear evidence we do not rest on our success but keep driving forward with security innovation and continual improvement.
As such, our Threat Emulation product has already moved forward from what was tested in the recent NSS BDS test. We’ve raised the bar further by being the first to introduce CPU-level sandboxing as part of our Threat Emulation product. CPU-level sandboxing is fast and more evasion resistant because it analyzes and detects exploits at the CPU and memory level – before the malware can even execute, attempt to evade and infect the target machine and spread throughout the network.
Cybercriminals have become adept at evading standard security layers, especially sandboxes but CPU-level detection catches their activity at the lowest level – the exploit at the CPU level – before they have a chance to camouflage and conduct their illicit actions. Completely transparent without performance impact to the end user, CPU-level sandboxing advances Check Point’s Threat Emulation to a new level of protection. This is an important new innovation and addition to Threat Emulation. We look forward to participating in future NSS Labs and other 3rd party tests to show the increased protection this unique new function will provide to our customers.