Proactive mobile threat prevention for iOS and Android
With SandBlast, Check Point has achieved the industry's highest catch rate for threats to iOS and Android.
The SandBlast solution is a complete mobile security suite, providing detection and prevention for threats to the device operating system, to applications and to the network. And it works whether your data is at rest, or in transit through the cloud.
- The Behavioral Risk Engine (BRE) tracks and analyses patterns of activity, on the device, in applications and over the network, to protect against day-zero and advanced persistent threats.
- Dynamic Application Risk Assessment and Scoring analyses the way applications are used to detect new malware and targeted exploits, and to refine the accuracy of risk assessments.
- Mobile Anti-Virus Detection protects against known in-app threats and runs real-time compliance checks to maintain the safety of the applications and the network.
- Real-Time Vulnerability Assessments detect and prevent threats such as advanced rootkits and side-loaded attacks, by continuously monitoring device file systems, applications, and configurations.
- Behavior-based Device and Network Anomaly Detection overcomes time-bomb threats, like botnets and other malware, by correlating patterns of behaviour on devices, networks and applications.
- Accurate Risk Classifications enable dynamic policy enforcement, using real-time device risk scores mapped to appropriate defence mechanisms.
These functions, and the unifying architecture of the solution, establish an approach to mobile threat detection and prevention that reflects the realities of the way organisations and users treat data, devices and networks these days.
Intuitive Threat Anticipation
Bring-your-own, COPE and COBO policies all embrace the idea of the personalised, highly mobile user experience. But they also create a new breed of threat that falls outside the traditional approach to IT security.
With so many different devices, operating systems and applications connecting and disconnecting constantly to and from the network, the security response has to be as flexible and randomised as the threats they face.
Check Point SandBlast detects malicious activity by using threat emulation, advanced static code analysis, app reputation and machine learning to find known and unknown threats. It analyses the way traffic moves across the network, and how users habitually work with their devices and applications, to isolate unusual patterns of activity.
Risk Reduced from Day-Zero
So you don’t have to wait until the day after day-zero to find your infrastructure under attack. Your risk is significantly reduced because SandBlast runs real-time risk assessments at the device OS level to detect attacks, vulnerabilities and changes in configurations, as well as advanced rooting and jailbreaking.
Compromised devices are prevented from accessing your network, and you can set adaptive policy controls, based on the unique thresholds that you choose for mitigation and elimination of threats. Devices are secured against unprotected Wi-Fi network access and Man-in-the- Middle attacks, and the corporate network is protected from devices that pose a risk.
- Confidently deploy iOS or Android mobile devices on your network
- Protect mobile devices and sensitive information against cyber spies
- Integrate advanced mobile threat protection easily into your existing infrastructure, including MDM, MAM, NAC and SIEM
- Enhance Microsoft Exchange and container/wrapper security solutions with additional capabilities
- Respond rapidly to cross-platform advanced persistent threat (APT) attacks
- Provide safe access to corporate data and services from unmanaged devices, for guests or contractors
- Maintain privacy and the user experience, while ensuring compliance with corporate policies
As a cloud solution, Check Point SmartEvent management integrates easily with your existing security information and event (SIEM) management platform, as well as your MDM or EMM solutions. You manage SandBlast through a cloud-based dashboard, which gives you real-time risk intelligence and complete visibility of the threats that users or the organisation may be facing.
Users are warned immediately of any threats so they can delete malicious apps or disconnect from unsafe networks. MDM integration means secure container access can be restricted, and real-time, risk-based policy adjustments can be made to compromised devices that MDM solutions alone cannot make.
SandBlast can also activate VPNs on-demand, to keep users connected while diverting traffic away from unauthorised users, and avoiding data exfiltration.
Scalable Protection And Privacy
The close integration of SandBlast with existing MDM or EMM deployments makes the solution highly scalable and enables significant operational efficiencies.
Devices can be deployed and managed automatically through the MDM, ensuring adoption and reducing overall operational costs. Enrolment and removal from the management regime are simple even in highly dynamic environments.
At the same time, end-user privacy is preserved by anonymising the state and context metadata used for analysis. Users’ files, browser histories, or application data are excluded from the analysis. The impact on device performance is minimised because the analysis is conducted in the cloud and the protection runs completely in the background.
Check Point SandBlast introduces a new level of integrated, scalable and intuitive protection for today’s mobile first organisations. Our consultants can show you how it can work for you.