News
Check Point Sandboxing Technology Tops Zero-Day Malware Block Rates
March 2014 by Marc Jacob
Check Point announced that its Check Point Threat Emulation Service, which protects organisations against new, unknown and targeted attacks before they infect a network, has the highest catch rate of malicious files in recent benchmark testing.
In the test, 600 malicious files were scanned through Check Point Threat Emulation and other competitive products. The results found that Check Point outperformed all of the others in this test, with a malicious file catch rate of 99.83%. The competitive products detected an average of 53% of the files as malicious, with the highest competitor’s catch rate at 75%.
Check Point Threat Emulation accelerates detection and increased awareness of new threats. For example, it typically takes anti-virus and IPS detections nearly three days to detect unknown malware, while some malware can be left undetected for months or even years. Check Point’s global research found that a typical organization downloads an unknown malware every 27 minutes. An integral part of Check Point’s multi-layered Threat Prevention solution, Threat Emulation discovers and prevents infections from undiscovered exploits, new variants of malware, and targeted attacks by dynamically emulating files within a virtual sandbox.
Once identified, Check Point researchers immediately evaluate the behaviors and properties of these unknown threats and quickly develop protections. These protections are automatically distributed across all Check Point gateways globally utilising ThreatCloud, Check Point’s collaborative threat intelligence network, which provides for automatic, real-time protection to the company’s worldwide customers.
“In the past 30 days alone, Check Point Threat Emulation detected over 53,000 previously undiscovered malware threats through emulation of over 8.8 million files. This is an example of the ever-increasing rate at which organisations are facing advanced and unknown attacks,” said Gabi Reish, vice president of product management at Check Point Software Technologies. “With a malicious file catch rate of over 99%, Threat Emulation provides our customers with the quickest protections against undiscovered malware in the industry’s most comprehensive multi-layered security solution available.”
Amongst the 53,000 previously undiscovered malware threats, Check Point researchers recently published the discovery and analysis of a new malware variant designed to deliver the DarkComet remote access Trojan onto targeted systems. An EXE file hidden within a RAR archive file, this malware employed a sophisticated combination of techniques to avoid detection by anti-malware solutions. At the time it was detected by Check Point’s Threat Emulation, this malware was not detected by any of the major antivirus engines.
