Israeli security vendor Check Point Software Technologies used this week’s RSA Security conference in San Francisco to launch a new Threat Emulation Software Blade.
According to Check Point, the blade prevents infections from undiscovered exploits, zero-day and targeted attacks by quickly inspecting suspicious files and emulating how they run to discover malicious behavior before they enter the network.
The vendor said that while traditional solutions have focused on detection, providing notifications after a threat has breached the network, with Check Point Threat Emulation technology new threats are blocked and infection does not occur.
“Unknown exposures and zero-day exploits are top attack vectors in today’s network environments, primarily because they have the ability to avoid traditional malware detection – making it hard for organizations to keep up with the sheer volume of threats,” said Paul Comessotti, Canadian regional director for Check Point, in a statement. “Our new Threat Emulation software blade not only detects, but is the first solution to prevent infections from the initial contact, empowering our customers to block undiscovered malware attacks, before they threaten network security or disturb the flow of business.”
The solution vets downloaded files and common email attachments such as Adobe PDFs and Microsoft Office files. Suspicious files are opened inside the Threat Emulation sandbox and are simultaneously monitored for unusual system behavior, including abnormal system registry changes, network connections or system processes – providing real-time assessment of the file’s behavior. If files are found to be malicious they are blocked inline at the gateway.