This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Paul_Warnagiris
Collaborator
‎2020-12-14 04:11 AM

Does Check Point have a response to the Solarwinds compromise as of yet?

 
Thanks,
Paul
0 Kudos
Reply
3 Replies
_Val_
Admin
Admin
‎2020-12-14 08:05 AM

AFAIK, the all publicly available IOCs are inserted to the ThreatCloud. All Check Point customers with NGTX enabled can benefit from that already.

We are working on the official response, please stand by.

Reply
schwilj
Explorer
‎2020-12-14 01:19 PM

What about customers using Sandblast Advanced Endpoint Protection? Will then Anti-Bot, Anti-Ransomware, Threat Emulation blades or any other blades be able to detect the malicious dll files or other IOC?

0 Kudos
Reply
PhoneBoy
Admin
Admin
‎2020-12-14 02:12 PM
In response to schwilj

As of this moment, there is a protection in Anti-Virus for this, with Anti-Bot and Threat Emulation protections coming shortly.
SBA uses the same ThreatCloud as our gateway and can leverage the same protections.
Official response: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos
Reply