- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Nice Tip!,
but it would definitely be great if Check Point enable a service to quickly validate the reputation assigned to an URL/domain/IP by ThreatCloud, especially for TS
Hi Frank_Yao1, thank you for your response.
The two link you mentioned not currently show the URL Reputation that Check Point ThreathCloud defines or handles for a given URL/domain/IP in real time.
with https://threatpoint.checkpoint.com/ThreatPortal/emulation you need to upload a file and with https://www.checkpoint.com/urlcat/main.htm you only get the categorization of a given domain/URL.
Nice Tip!,
but it would definitely be great if Check Point enable a service to quickly validate the reputation assigned to an URL/domain/IP by ThreatCloud, especially for TS
If you visit the Check point Research site, under Tools, there are a few other tools you can utilize.
https://research.checkpoint.com/
So you are looking for domain or IP reputation lookup?
Hi Team,
Still i can find the website for IP reputation checking.
Please share the Web link if any available.
Thanks,
Harsha S.
There are internal tools for employees that can't be discussed here, another option would be a Horizon (Infinity) SOC trial.
Hi all, I realize this is an older post, but this caught my eye. Can anyone else confirm it works this way? I wasn't sure if you upload a document to the emulation if it sees if the document itself is malicious, or if there are any malicious links included in the document if it will scan the links themselves too. As an example, I created a Word doc including a link to a "simulated" malicious download link from eicar.org the emulation did not find anything malicious (unless Check Point happens to know it's not "really" malicious, but I don't know).
How are you uploading the document exactly?
From memory with the TP API for example you specify if the request type is TE vs AV, typically the latter would be most appropriate for Eicar detection.
Documents containing Links (URLs) - reputation will be checked using Check Point ThreatCloud per sk95235 / sk112312.
Hi,
I was using this URL: https://threatpoint.checkpoint.com/ThreatPortal/emulation
The only option is to upload a file, no granularity beyond that. Is there a better URL or tool to use for something like Eicar?
Anything else on my last reply?
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 19 | |
| 17 | |
| 14 | |
| 11 | |
| 11 | |
| 7 | |
| 7 | |
| 7 | |
| 6 | |
| 4 |
Tue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionTue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionThu 30 Oct 2025 @ 03:00 PM (CET)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - EMEAThu 30 Oct 2025 @ 02:00 PM (EDT)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - AMERAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY