Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Sandblast Battle Card

    Hochgeladen von

    Leonardo Pereira
    365 Ansichten3 Seiten
    Sandblast Battle Card

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Sandblast Battle Card

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    365 Ansichten3 Seiten

    Sandblast Battle Card

    Hochgeladen von

    Leonardo Pereira
    Sandblast Battle Card

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 3

    Q3 2016

    SANDBLAST ZERO-DAY PROTECTION

    OVERVIEW THE CHECK POINT ADVANTAGE MARKET LEADERSHIP


    Modern malware has become much more sophisticated, New CPU-level detection catches even the Check Point SandBlastTM is named a Leader in
    making it critical for organizations to implement most sophisticated attacks -- including The Forrester Wave: Automated Malware
    protections against attacks hidden in regular documents unknown zero day threats and those using Analysis (AMA), Q2 2016. Forrester evaluates
    evasion techniques each vendors strengths and weaknesses in
    and web pages. A new approach to threat prevention is
    Current Offering, Strategy and Market Presence.
    needed to protect organizations against known Best catch rate of both known and unknown
    Highest score for AMA strategy: 4.18 out of 5.0
    malware, unknown malware and new zero-day attacks, malware, fastest time to verdict (up to 4 4.25 score for product strategy
    min), and fastest update of Threat Top overall score of 3.94 out of 5 (tied)
    while delivering safe documents to users quickly to Intelligence feeds Perfect score of "5" in two key categories
    maintain the flow of business.
    Unlike other sandboxing solutions that are NSS Labs is a recognized leader in independent
    often deployed in detection mode to avoid security research and testing. NSS Labs 2016
    delays, SandBlast provides practical Breach Detection Systems tests named Check
    prevention capabilities, combining the Point a top-scoring Recommended vendor.
    fastest evaluation times with Threat 100% catch-rate for Drive-By exploits
    Extraction to promptly deliver a clean 100% catch-rate for E-mail unknown malware
    version of files 100% Sandbox evasion resistance
    100% catch-rate for Social exploits
    Integrated architecture leverages existing 100% catch-rate of SSL encrypted malware
    infrastructure, reducing capital costs and
    implementation time, and providing a single, 99.4% over all breach detection rate
    consistent view into events & alerts

    Need more info? Contact Threat_Prevention_Sales@checkpoint.com


    ELEVATOR PITCH TOP 3 SELLING POINTS SALES ENABLEMENT RESOURCES

    Check Point OS and CPU-level Threat Emulation evaluates Success Stories Third Party Analysis Videos
    documents by launching them in a virtual sandbox, GIMV Customer Testimonial Zero-Day Protection
    Boston Properties Testimonial 2016 Forrester Wave CPU-Level Threat
    to identify new, obfuscated, or evasion-based attacks Report Protection
    2016 NSS BDS Test
    Check Point Threat Extraction delivers a clean version of
    Report
    documents immediately, with access to the original only Product Information 2015 Gartner Market
    White Papers
    Customer Presentation Sandboxing: Expose
    after it has been deemed safe (internal, partners)
    Guide
    the Unknown
    2014 Miercom
    Product Page (public, PartnerMAP) Zero Second
    Up and running quickly, with flexible deployment options Test Report
    Test Plan (internal, partners) Unknown 300
    as standalone appliances, software blades RFP Template (internal, partners) TCO - Nick Lippis
    in existing gateways, or a cloud service
    2015 Check Point Software Technologies Ltd. 1
    [Q3 2016 [Confidential] for designated groups and individuals
    Q3 2016

    SANDBLAST ZERO-DAY PROTECTION

    Proofpoint
    Websense
    Key

    Sourcefire

    TrendMicro
    HOW TO COMPETE AGAINST...

    Palo Alto

    Bluecoat

    Lastline
    Fortinet
    FireEye

    McAfee
    Capability

    Check

    Cisco
    Point
    Infrastructure Overhead: Requires 2 or 3 additional by Vendor
    appliances at the organization - for email, for web and for Advanced Threat Prevention Matrix
    central management
    Real-Time 1 1
    Partial visibility to incoming files: No SSL / TLS inspection, Prevention-
    Unknown
    allowing files in encrypted communications to get into Malware
    organization 6
    Files Supported
    Poor results in NSS labs BDS test
    The solution doesnt prevent malware but notifies the
    OS Support
    administrator about the malicious files retroactively (up to 15
    mins)
    Protocols
    No solution for archive files other than zip
    PDF File size limited to 1MB & Doc (office) file size limited System Activity
    WildFire to10MB Detection

    Three separate management consoles needed (FW, NGFW, Deployment


    Options
    4 4

    SWG)
    Inspect
    Unable to perform preemptive actions (threat extraction) to Encrypted 3 3 4 3 3

    remove active content and prevent threats in documents Communica-


    tions (SSL TLS)
    AMP
    The solution doesnt prevent malware but notifies the
    4 4 1
    administrator about the malicious files retroactively Anti-Evasion

    No prevention capabilities can only detect threats after the Endpoint: Zero-
    5
    fact with SPAN port deployment Day Detection &
    Forensics
    Zero visibility to incoming files: No SSL inspection, allowing Summary
    files
    Deep in encrypted communications to get into the organization A Complete
    Threat
    Discovery Can be easily evaded as it is based on commercial Prevention
    Solution
    hypervisor Virtual Machine
    1) Only on email 4) Commercial hypervisor
    2) only SPAN port 5) No sandboxing on endpoint
    3) needs a separate appliance 6) No archives support (except ZIP)

    Need more info? Contact Threat_Prevention_Sales@checkpoint.com Need more info about the matrix ratings? Check out the Heat Map
    (internal only)
    [Q3 2016 [Confidential] for designated groups and individuals
    Q3 2016

    SANDBLAST ZERO-DAY PROTECTION

    TARGET AUDIENCE AND QUESTIONS TO ASK OBJECTION HANDLING


    I am in charge of Can you refer me to the right person in your
    DIRECTOR of SECURITY network security and company? Is there someone who responds to
    CIO or CISO
    IT / INFOSEC MANAGERS firewalls only. I dont cyber incidents or helps the organization deal
    deal with other security with complex, new attacks?
    How has your What are you running How often do your
    aspects.
    organization prepared today that would users click on links or
    for a targeted attack prevent a sophisticated open attachments, We already have full AV AV and IPS products can only protect from
    such as spear phishing zero-day threat from resulting in a need for deployment on the known attacks (based on signatures).
    or APTs? breaching your you to remediate a network and all of the Determined attackers can easily develop
    network? malware infection? end points. Why do we custom zero-day attacks that will not be
    need more? detected. This is why many companies are
    turning to sandboxing/emulation solutions.
    What level of threat How do you correlate Does running separate
    visibility do you have events between threat prevention We are already have a All existing sandboxing products can be easily
    across your separate threat products make it hard sandboxing solution bypassed using simple evasion techniques,
    organization? prevention products? to consolidate alerts? from XYZ and we are such as timing delays or VM detection. Only
    quite happy with it. Check Point offers a revolutionary CPU-level
    sandboxing technology that detects exploits
    What preemptive threat How long does it take How does your current BEFORE evasion code can run.
    protection do you have to identify threats in sandbox solution
    in place? your network? handle advanced I dont have the Check Point offers a pain-free POC process.
    evasion techniques and resources/bandwidth We can leverage a tap or span port on your
    encrypted HTTP now to start an network to show you the products in action on
    traffic? evaluation. your network without disrupting any services or
    changing your architecture.

    SUMMARY ENSURING THE WIN TOP POSITIONING TIPS FROM THE FIELD

    For enterprises at risk of targeted attacks such as spear phishing and APTs, 1. Highlight the proven (NSS) best catch rate and evasion resistant
    detection capabilities, especially with the CPU-level engine
    Check Point Zero-Day Threat Emulation, with its unique CPU-level detection,
    provides an additional layer of security from even the most sophisticated 2. Stress out the importance of practical prevention Check Point offers
    vs. detection only with the other players
    hackers. Unlike traditional sandboxing solutions that are subject to evasion
    3. For existing customers elaborate on their ability to capitalize on their
    techniques, Check Point catches more malware, with minimal impact on investment with Check Point and add Threat Emulation capabilities
    delivery times. with minimal effort, into integrated alert and management consoles
    4. Push for POC for customers who are aware of the APT problem, if not,
    Promote the Security Checkup (internal, partners) to demonstrate our value proposition. offer a security checkup
    2015 Check Point Software Technologies Ltd. 3
    [Q3 2016 [Confidential] for designated groups and individuals

    Das könnte Ihnen auch gefallen