ANSecurity has helped a major UK customer within the manufacturing sector to strengthen its security posture through new Check Point SandBlast technology which examines activity at a CPU level to detect signs of potential malware including hard to spot ‘Zero Day’ threats. As a highly-respected security specialist and one of Check Point’s fastest growing partners, ANSecurity’s work with the manufacturer on the deployment of SandBlast will help to protect several thousand desktop and mobile users within the organisation. The deployment will cover over 50 global locations as part of a multi-million pound overhaul of security.
“SandBlast’s cutting-edge CPU-level exploit detection engine is uniquely capable of identifying the most dangerous, zero-day threats in their infancy, before malware has an opportunity to deploy and even attempt to evade detection. The innovative approach significantly raises the bar in terms of IT security and the integration with Check Point’s blade architecture offers a lot of potential for organisations that are targets for crafted attacks that are often missed by traditional signature based approaches,” says Giles Barford, senior security consultant for ANSecurity.
SandBlast is an evolution of earlier Threat Emulation technology that ANSecurity has successfully deployed since 2013 for several customers including UK blue light services. “We have been examining the updated technology in our own labs since July but this proof of concept project which will go live in January of 2016 has allowed us to gain more real world insight into SandBlast. The addition of the new Threat Extraction technology is a significant step forward in countering the threat posed by hackers. The solution pre-emptively removes threats by reconstructing documents with known safe elements, extracting active content, embedded objects and other exploitable content eliminating potential threats. This allows a business to continue to receive docs while eliminating risks and speeding up inspection when opening common Word and PDF documents,” Barford adds.
Although an innovative addition to the toolbox, Barford maintains that no one technology is ever a magic bullet when it comes to mitigating risk, detecting threats and counteracting attacks, “The recent proof of concept uses eight multi-layered Check Point Software blade modules including Anti-bot, App Control and Identity Awareness. The threat landscape is continually evolving and diversifying so any solution that helps organisations stay ahead of the latest threats without impacting operational efficiency is critical in maintaining robust network security. However to remain effective, technology must be underpinned with good processes and education of users to ensure the highest standards of security are achieved.”
Michael Wakefield, Head of Channel, UK for Check Point added, “Working with our partners like ANSecurity and end customers on these exciting projects further highlights the challenges organisations face in staying secure and the need for proactive prevention technologies that block malwares and protect against sophisticated and persistent attacks.” “By working with a portfolio of technologies that are all architected to work together on the same blade platform, both our expert partners like ANSecurity and end-customers are able to run proof of concepts and then full deployment much quicker with the assurance that each element will work together – this speed to market is another vital aspect as organisations endeavour to strengthen IT security strategies,” Wakefield adds.