Re: Dropping intruders specific active connection - Check Point CheckMates

Unleashing Performance & Stability
with Harmony Endpoint E88.70!

Register Now

It's Here!
CPX 2025 Content

Get It Now

Zero Trust: Remote Access and Posture
Help us with the Short-Term Roadmap

Take the Survey

The Future of Browser Security:
AI, Data Leaks & How to Stay Protected!

Watch now

CheckMates Go:
Recently on CheckMates

LISTEN NOW

Hi, Can someone confirm if SandBlast Threat Extraction can help dropping attacker's specific active connection? or we need to create a SAM rulebase by looking at active log connection that we want to block

2 Replies

it is not the purpose of threat extraction to be honest , you can achieve that with the antibot blade but this is post infection , threat extraction extract active code execution or similar from a file

If you want to block a specific active connection, you need to use SAM or fw samp.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

User

Count

16

14

12

7

4

3

3

2

2

2

Upcoming Events

Sort by:

In-Person

Tue 25 Mar 2025 @ 09:00 AM (CET)

CheckMates Live Paris: Harmony – Protection avancée de l’espace utilisateur

In-Person

Tue 25 Mar 2025 @ 09:00 AM (EDT)

Canada In-Person Cloud Security with Hands-On CloudGuard Workshops!

Virtual

Thu 27 Mar 2025 @ 03:00 PM (CET)

Be Your Own TAC Part Deux: Advanced Gateway Troubleshooting Commands - EMEA

Virtual

Thu 27 Mar 2025 @ 02:00 PM (EDT)

Be Your Own TAC Part Deux: Advanced Gateway Troubleshooting Commands - Americas

Virtual

Tue 01 Apr 2025 @ 11:00 AM (IDT)

Simplifying Zero Trust with Infinity Identity: Centralized, Scalable, Secure - EMEA

Virtual

Tue 01 Apr 2025 @ 06:00 PM (IDT)

Simplifying Zero Trust with Infinity Identity: Centralized, Scalable, Secure - Americas

Virtual

Thu 27 Mar 2025 @ 03:00 PM (CET)

Be Your Own TAC Part Deux: Advanced Gateway Troubleshooting Commands - EMEA

Virtual

Thu 27 Mar 2025 @ 02:00 PM (EDT)

Be Your Own TAC Part Deux: Advanced Gateway Troubleshooting Commands - Americas

Virtual

Tue 01 Apr 2025 @ 11:00 AM (IDT)

Simplifying Zero Trust with Infinity Identity: Centralized, Scalable, Secure - EMEA

Virtual

Tue 01 Apr 2025 @ 06:00 PM (IDT)

Simplifying Zero Trust with Infinity Identity: Centralized, Scalable, Secure - Americas

Virtual

Wed 02 Apr 2025 @ 03:00 PM (CEST)

The Power of SASE: Smarter Security, Stronger Network - EMEA

Virtual

Wed 02 Apr 2025 @ 02:00 PM (EDT)

The Power of SASE: Smarter Security, Stronger Network - Americas

In-Person

Tue 25 Mar 2025 @ 09:00 AM (CET)

CheckMates Live Paris: Harmony – Protection avancée de l’espace utilisateur

In-Person

Tue 25 Mar 2025 @ 09:00 AM (EDT)

Canada In-Person Cloud Security with Hands-On CloudGuard Workshops!

In-Person

Tue 08 Apr 2025 @ 12:00 PM (MDT)

Denver: CPX 2025 Recap

In-Person

Thu 10 Apr 2025 @ 10:00 AM (EEST)

CheckMates Live Sofia - Maintenance and Upgrade Best Practices

In-Person

Thu 10 Apr 2025 @ 12:00 PM (PDT)

Renton, WA: Golf and Learn!

In-Person

Wed 16 Apr 2025 @ 12:00 PM (PDT)

Hillsboro, OR: Golf and Learn!

CheckMates Events