As threats evolve, best practices dictate that organizations prevent attacks at every level, and respond quickly to limit damages. SandBlast Agent defends endpoints with a complete set of advanced endpoint protection technologies, both on premise and remote. Forensic analysis accelerates understanding of the full attack, to maximize response team productivity.

 

 

Benefits

Protect endpoints from today’s most sophisticated attacks and zero-day threats

  • Leverage Check Point’s state-of-the-art protection directly on the endpoint to detect and block attacks from email, removable media and web-based threats such as spear phishing and watering holes
  • Proactive threat prevention quickly delivers safe, sanitized versions of common document formats to maintain uninterrupted business flow
  • Non-intrusive, low-overhead deployment utilizes SandBlast remote sandbox with the highest malware catch rate resulting in minimal impact on local performance and full compatibility with installed applications

Neutralize the impact of malware infections contracted through unprotected channels, minimizing potential damages

  • Detect and block command and control communications, even when working remotely
  • Stop data exfiltration to prevent disclosure of sensitive information, and quarantine infected systems to limit spread of malware
  • Get unparalleled visibility into specific endpoint and processes to enable faster recovery post-infection

Enable deep understanding of security events for faster response

  • Actionable forensics continuously collects data on user systems to reveal a comprehensive view of the attack flow
  • Correlate network events with endpoint attack details to improve overall security posture
  • Accelerate remediation by empowering security teams with full understanding of root cause, malware entry points and scope of damage

Simple, low overhead deployment optimizes existing investments in network security, endpoint tools and management infrastructure

  • Enhance the value of other security solutions, on both the endpoint and network, by automatically triggering incident analysis report generation when events are detected
  • Enable integrated monitoring and investigation of security events through SmartEvent and SmartLog