Can SandBlast Block Unknown Attacks? Challenge Accepted, Network World!

Recently, David Strom and Network World decided to put our zero-day protection technology to the test, literally. Now, after in-depth security analysis, we are excited to share the findings with you. In short, Strom found SandBlast to be a comprehensive yet easy to manage solution, which is worth the cost for effective protection against unknown malware.


Challenge No. 1: Can Zero-Day Attacks Be Detected?

No matter what virus package we tried, SandBlast caught it, cleaned it, and stopped the exploit from propagating.”

In his extensive testing, David lodged multiple attacks against our SandBlast Threat Prevention Solutions. And guess what! SandBlast stopped all of them. This conclusion actually matches what we hear from our customers, and what we see in other tests we’ve participated in. Just recently, NSS Labs acknowledged our zero-day protection solution and rated it “Recommended” for the second consecutive year. You’re invited to read the latest NSS report to learn why. In their 2016 NSS Breach Detection Systems test, SandBlast proved 100% effective against all evasion techniques.


Challenge No. 2: Can Advanced Attacks Be Blocked Before They Happen?

In his product review, Strom examines the technologies behind SandBlast’s success, Threat Emulation and Threat Extraction, and how they contribute to the broader Check Point offering. Emulation (sandboxing only) can be a cat-and-mouse game between malware authors and security vendors. For exactly this reason he found the duo of detection together with prevention (Threat Emulation and Threat Extraction) extremely effective. Together, they work hand in hand to block attacks, proactively isolate potential exploits and eliminate the cat-and-mouse chase.

The review touched on both SandBlast for the network and for endpoints, emphasizing how effectively each of them work to “handle a wide variety of zero-day exploits across your entire enterprise.” This is an advantage Check Point has over other vendors as it takes a lot of experience both in the network and endpoint space, which few others except us have.

As David put it: “SandBlast covers email-based attachments, phished emails, embedded links in documents, bad websites and malware already installed on your endpoints. This is very comprehensive, and why the product has merit.”


Challenge No. 3: How Easily Can It Be Managed?

We have always invested in the management of our products and we see this as one of our key differentiators. In our view, one of the keys to effective security is the ability to set up and manage your solutions easily. During his evaluation Strom examined the policy section within our management console and what you need to do to get the product running, and was pleasantly surprised to find that all you need is one rule. As he concluded: “…keeping it running on a daily basis is a no-brainer”.

Diving in deeper, David examines the different customizations and integration options available through the Check Point management console. Management and usability have always been areas in which we heavily invest, and we continue to do so with R80.


Challenge No. 4: Is There a High Return on Cost? 

Strom ended his review by pointing out that SandBlast is worth the cost of effective zero-day protection. This is consistent with the latest NSS Breach Detection Systems (BDS) Test, which also demonstrated our low TCO compared to other vendors.

To summarize, it’s always a proud moment when your hard work is recognized by such an expert, and it surely motivates us to continue investing in SandBlast to make it even better for our customers. SandBlast is available on each and every Check Point Gateway – offering value to businesses of all sizes. If you are interested in learning more about SandBlast, here’s the link to Network World’s full review and to our SandBlast page.


For over 20 years David Strom has been one of the most prominent writers in the security industry. He has significant professional knowledge in the IT and computing industries, and serves as the founding editor-in-chief of Network Computing magazine, as well as a contributor to industry leading media outlets.