This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
David_Levine
Contributor
‎2018-03-23 10:59 AM

Tools / Methods to Test SBA?

Hi All,

I am deploying SBA to all of our endpoints, but was curious to run some tests against it as I go. I recently downloaded and tried to run a tool called RanSim from the folks over at KnowBe4; The tool is supposed to simulate behaviors of various ransomware variants. When using this tool to execute its tests, SBA knocked it down as expected, generated an analysis, etc. etc... (before the tool could even run its tests Smiley Happy)

I thought this was a neat little test and was wondering if anyone does something like this on occasion, and what tools / methods do you use?

Thanks!

David

6 Replies
PhoneBoy
Admin
Admin
‎2018-03-23 10:34 PM

Let me move this to the https://community.checkpoint.com/community/threat-prevention/sandblast-agent-endpoint?sr=search&sear...‌ specific space Smiley Happy

0 Kudos
Kim_Moberg
Advisor
‎2018-03-24 03:41 AM

Dameon,

Could it be an idea to make a similar non harmfull tool on check point wiki, were one can test both antibot and antivirus blade?


Kim

Best Regards
Kim
0 Kudos
PhoneBoy
Admin
Admin
‎2018-03-24 01:23 PM
In response to Kim_Moberg

We do have test URLs already that serve non-harmful content for AV, Anti-Bot, and Threat Emulation.

You can find them on Threatwiki.checkpoint.com on the upper right hand corner of the page 

Kim_Moberg
Advisor
‎2018-03-24 01:28 PM
In response to PhoneBoy

Yes. Thats the one I was thinking of. But do you have similar url that simulate ransomware and crypto mining without harming the Customers machine?

Best Regards
Kim
0 Kudos
PhoneBoy
Admin
Admin
‎2018-03-24 01:42 PM
In response to Kim_Moberg

I'm not aware of any Check Point-produced tools that do this, but a quick Internet search brought up a few.

0 Kudos
David_Levine
Contributor
‎2018-03-24 01:41 PM
In response to PhoneBoy

Thanks Dameon! I will certainly check that out... I knew that there was an eicar file that could be downloaded from the Check Point site to test AV, but testing Anti-Bot at the gateway would be awesome also. However, we don't have TE at the gateway, only with endpoint SBA; Also, since our laptop endpoints are off network so often, I am interested in testing the endpoints on their own.. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events