Cloud Services Prevent Zero-day and Targeted Attacks

Cloud Services Prevent Zero-day and Targeted Attacks

WOULD YOU OPEN THIS ATTACHMENT? 2

TARGETED ATTACKS BEGIN WITH ZERO-DAY EXPLOITS Duqu Worm Causing Collateral Damage in a Silent Cyber-War Worm exploiting zero-day vulnerabilities in a Word document 3

Exploiting Zero-day vulnerabilities New vulnerabilities Countless new variants nearly 200,000 new malware samples appear around the world each day - net-security.org, June 2013 4

Check Point Multi-Layered Threat Prevention IPS Antivirus Anti-Bot Stops exploits of known vulnerabilities WHAT ABOUT Block download of malware infested files NEW ATTACKS? Detect and prevent bot damage 5

Check Point introducing Check Point ThreatCloud Emulation Service PREVENTION OF ZERO-DAY ATTACKS! 6

INSPECT INSPECT FILE EMULATE SHARE PREVENT Stop undiscovered attacks with Check Point Threat Emulation 7

Identify files in email attachments and downloads over the web Requires no infrastructure change or adding devices INSPECT Send file to virtual sandbox Exe files, PDF and Office documents 8

EMULATE Emulating Multi OS environments WIN 7, 8, XP & user customized Open file and monitor abnormal behavior Monitored behavior: file system system registry network connections system processes 9

Emulation @ Work A STANDARD CV? 10

Emulation @ Work 11

Emulation @ Work Abnormal file activity Naive processes created Tampered system registry Remote Connection to Command & Control Sites File System Activity System Registry System Processes Network Connections 12

PREVENT Security Gateway Inline stopping of malicious files on any gateway 13

SHARE Immediate update of all gateways 14

INSPECT FILE EMULATE SHARE PREVENT Stop undiscovered attacks with ThreatCloud Emulation Service 15

Real Life Example Prevented 140 phishing emails targeting 4 customers in 2 days! New exploit variant of vulnerability (CVE-2012-0158) Installs a bot agent Opens network ports for bot communication Steals user credentials 16

Most Accurate and Fastest Prevention Zero false-positive in document emulation Optimize analysis by inspecting only files at risk THREAT EMULATION with ongoing innovation 17

ThreatCloud Emulation Service Branch Headquarters ThreatCloud Emulation Service Branch Agent for Exchange Server Single Global Solution For the entire organization 18

ThreatCloud Emulation Service Advantages Cloud based service works with your existing infrastructure. No need to install new equipment Control expenses with manageable lower monthly costs Organizations can choose from 5 subscription options for global file inspections, starting at 10,000 files per month and up 19

Anyone can submit files for THREAT EMULATION threats@checkpoint.com threatemulation.checkpoint.com 20

Check Point Threat Prevention Solution Multi-Layered Protection Against all Incoming Cyber Threats 21

Top Reasons customers pick Check Point Threat Emulation A Complete Threat Prevention Solution for Known and Unknown threats works with your existing infrastructure -- No need to install any new equipment 22

Other Threat Emulation Solutions Miss malicious files hiding in encrypted communication Require multiple appliances per each network Cannot prevent threats from infecting the organization. Emulating Win XP only leaves Windows 7 attacks vulnerable Don t have a protection against unknown threats 23

Summary Check Point Prevents Zero-day Attacks Stopping undiscovered malware Prevent infections from malicious documents & executables Simple deployment requires no Infrastructure change Part of Check Point multi-layered Threat Prevention 24

Thank You