Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Olga_Botero
Explorer

High Risk Applications

Can someone explain why Checkpoint flags an application as High Risk?

For example, Dashlane is a password manager with the highest rating found in PC Magazine and other Password Manager ratings give it a 9.9. Back in February 2017, they discover flaws in the password managers but these were fixed by the vendors. Could it be that the rating is due to these findings almost 2 years ago? (9 Popular Password Manager Apps Found Leaking Your Secrets ) 

0 Kudos
5 Replies
_Val_
Admin
Admin

You can always submit a re-classification request, if you see a need. 

0 Kudos
Aidan_Luby1
Participant

I think high risk could also imply the type of application that while used and supported by high staff is not high risk but could be high risk when used without the IT Departments permission.

0 Kudos
Olga_Botero
Explorer

Thank you for your comments. I am trying another password manager BLUR and never got any high-risk messages.

I attribute that to the fact that Blur has never been hacked therefore there are no statistics on security issues with the app. Adam, your comment is very helpful and I am going to explain that to the manager, also Valery, you are right, I can submit a reclass for the product if we decide to use it.

0 Kudos
ED
Advisor

Hi Olga,

You can check the risk level and category on this CP site: https://appwiki.checkpoint.com/appwikisdb/public.htm

Dashlane is under category browser plugin, making it extra vulnerable. Just like LastPass. Both with risk high (4). So it looks like all password managers that works as a browser plugin is marked as high risk. BLUR is not on the list of Check Point AppWiki. 

For IPS protections, to get the severity of high this is required:

  • Vulnerability may lead to non-privileged remote code execution 
  • Vulnerability may affect important company assets 
  • Vulnerability can be easily exploited
  • The vulnerable software is significantly deployed in corporate environments
0 Kudos
PhoneBoy
Admin
Admin

Password Managers are in general considered a high-risk application for the following reason: They can be used to store organizational credentials in a repository not controlled by the organization.

If your organizations trusts a particular one, then explicitly allow it in the App Control policy.

It is currently not possible to reclassify the risk of a given application.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events