https://community.checkpoint.com/t5/General-Topics/Does-Check-Point-have-a-response-to-the-Solarwinds-compromise-as/m-p/105414#M20223 <P>What about customers using Sandblast Advanced Endpoint Protection? Will then Anti-Bot, Anti-Ransomware, Threat Emulation blades or any other blades be able to detect the malicious dll files or other IOC?</P> Mon, 14 Dec 2020 21:19:12 GMT schwilj 2020-12-14T21:19:12Z https://community.checkpoint.com/t5/General-Topics/Does-Check-Point-have-a-response-to-the-Solarwinds-compromise-as/m-p/105355#M20219 <BLOCKQUOTE><DIV><A title="https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network" href="https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network" target="_blank" rel="noopener">https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network</A>&nbsp;or&nbsp;<A title="https://isc.sans.edu/forums/diary/SolarWinds+Breach+Used+to+Infiltrate+Customer+Networks+Solarigate/26884/" href="https://isc.sans.edu/forums/diary/SolarWinds+Breach+Used+to+Infiltrate+Customer+Networks+Solarigate/26884/" target="_blank" rel="noopener">https://isc.sans.edu/forums/diary/SolarWinds+Breach+Used+to+Infiltrate+Customer+Networks+Solarigate/26884/</A></DIV><DIV>&nbsp;</DIV><DIV>Thanks,</DIV><DIV>Paul</DIV></BLOCKQUOTE> Mon, 14 Dec 2020 12:11:31 GMT https://community.checkpoint.com/t5/General-Topics/Does-Check-Point-have-a-response-to-the-Solarwinds-compromise-as/m-p/105355#M20219 Paul_Warnagiris 2020-12-14T12:11:31Z https://community.checkpoint.com/t5/General-Topics/Does-Check-Point-have-a-response-to-the-Solarwinds-compromise-as/m-p/105393#M20221 <P>AFAIK, the all publicly available IOCs are inserted to the ThreatCloud. All Check Point customers with NGTX enabled can benefit from that already.</P> <P>We are working on the official response, please stand by.</P> Mon, 14 Dec 2020 16:05:17 GMT https://community.checkpoint.com/t5/General-Topics/Does-Check-Point-have-a-response-to-the-Solarwinds-compromise-as/m-p/105393#M20221 _Val_ 2020-12-14T16:05:17Z https://community.checkpoint.com/t5/General-Topics/Does-Check-Point-have-a-response-to-the-Solarwinds-compromise-as/m-p/105414#M20223 <P>What about customers using Sandblast Advanced Endpoint Protection? Will then Anti-Bot, Anti-Ransomware, Threat Emulation blades or any other blades be able to detect the malicious dll files or other IOC?</P> Mon, 14 Dec 2020 21:19:12 GMT https://community.checkpoint.com/t5/General-Topics/Does-Check-Point-have-a-response-to-the-Solarwinds-compromise-as/m-p/105414#M20223 schwilj 2020-12-14T21:19:12Z https://community.checkpoint.com/t5/General-Topics/Does-Check-Point-have-a-response-to-the-Solarwinds-compromise-as/m-p/105420#M20226 <P>As of this moment, there is a protection in Anti-Virus for this, with Anti-Bot and Threat Emulation protections coming shortly.<BR />SBA uses the same ThreatCloud as our gateway and can leverage the same protections.<BR />Official response:&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk171000&amp;partition=Basic&amp;product=Anti-Bot," target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk171000&amp;partition=Basic&amp;product=Anti-Bot,</A></P> Mon, 14 Dec 2020 22:12:43 GMT https://community.checkpoint.com/t5/General-Topics/Does-Check-Point-have-a-response-to-the-Solarwinds-compromise-as/m-p/105420#M20226 PhoneBoy 2020-12-14T22:12:43Z