Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Igor_Freidin
Employee
Employee

CloudGuard SaaS new feature: Click-Time URL Protection (CTUP)

CheckMates_CGS_update_2_new_round.png

 

Dear SaaS community,

We are releasing these days CloudGuard SaaS Click-Time URL Protection (CTUP) feature.

Attackers use sophisticated attacks to include  initially benign links, to bypass security solutions, before switching the URL point to a malicious site after the fact. Click-time URL Protection (CTUP)  rewrites every link in incoming emails and evaluates URLs every time a user clicks on the rewritten link. If it is found to be malicious, the user will either be blocked from accessing it or be able to proceed according to company policy.

Full details can be found in the SK168190

 

Clean links rewriting:

ClickTime Protection link rewrite cleanClickTime Protection link rewrite clean

ClickTime Protection Benign link click eventClickTime Protection Benign link click event

 

Malicious links rewriting:

ClickTime Protection link rewrite maliciousClickTime Protection link rewrite malicious

 

ClickTime Protection malicious link Page BlockedClickTime Protection malicious link Page Blocked

 

ClickTime Protection malicious link click eventClickTime Protection malicious link click event

5 Replies
Julian_Sanchez
Collaborator

Good news. This feature can be configurated in mode detect or is in prevent? If one link is detected as malicius is possible do an exception?

Regards,

Julian S. 

0 Kudos
Igor_Freidin
Employee
Employee

The feature works in Prevent mode allowing user to either access or not original link  according to configured policy.  Exception can be configured at domain level.

0 Kudos
Igor_Freidin
Employee
Employee

We further improved  CTUP feature: now when mouse pointer is hovering over the link you'll have the ability to see original address pointed by link with added prefix "Protected by Check Point".  Clicking on link will actually follow replaced link, scanning  the real link in real time before allowing you to browse it.

CTUP_see_orig_link.png

SteveHernou
Explorer

Hi Igor

Just setup the click protection and I notice a difference between OWA and Outlook desktop app. While in OWA I do see the 'Protected by CheckPoint:' prefix to the original URL but in Outlook desktop (latest Monthly channel release 2009.13231.20262) I do not see this. Only the https://checkpoint.url-protection.com/v1/...... is showing.

Is this coming or a functionality discrepancy between OWA and Outlook desktop?

Cheers

Igor_Freidin
Employee
Employee

Hi Steve,

We'll investigate it, tnx for reporting

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events