As threats evolve, best practices dictate that organizations prevent attacks at every level, and respond quickly to limit damages. SandBlast Agent defends endpoints with a complete set of advanced endpoint protection technologies, both on premise and remote. Forensic analysis accelerates understanding of the full attack, to maximize response team productivity.
Note:
- The full product specifications below are from the manufacturer and may contain information related to other package quantities that will not apply to the product that you are reviewing. Please confirm the actual content and/or package quantity from the main product specifications page.
- These specifications may represent the entire product series/model/line to which this product belongs with specific configuration differences between the individual products stated.
- These specifications may have been copied from the same product in other region/country in which case there might be minor differences in region-specific data such as Input Voltage, Terms of Warranty etc.
System Requirements:
Operating System:
- Windows 7, 8, and 10
Others:
- Supported Browsers (For SandBlast Browser Extension) Chrome and Internet Explorer 10 and above
THREAT EMULATION AND THREAT EXTRACTION
Supported Content Channels:
- SandBlast Browser Extension
- File-System monitor (Threat Emulation only)
Supported File Types – Threat Extraction:
- Adobe PDF
- Microsoft Word, Excel, and PowerPoint
Supported File Types – Threat Emulation Over 40 file types, including:
- Adobe PDF
- Microsoft Word, Excel, and PowerPoint
- Executables (EXE, COM, SCR)
- Shockwave Flash - SWF
- Rich Text Format – RTF
- Archives
Threat Emulation and Extraction Deployment Options:
- SandBlast Cloud
- SandBlast Appliance
ANTI-BOT
Enforcement Modes:
- Detect and alert
- Block (background & hold modes)
FORENSICS
Analysis Triggers:
- Anti-Bot detection on the network
- Anti-Bot detection on the endpoint
- Threat Emulation detection on the network
- Check Point Antivirus detection on the endpoint
- Third-party Antivirus detection on the endpoint
- Manual Indicators of Compromise (IoCs)
Damage Detection: Automatically identify: Data exfiltration, data manipulation or encryption, key logging
Root Cause Analysis: Automatically trace and identify root cause across multiple system restarts
Malware Flow Analysis: Automatically generated interactive graphic model of the attack flow
Malicious Behavior Detection:
- Over 40 malicious behavior categories
- Hundreds of malicious indicators