I think high risk could also imply the type of application that while used and supported by high staff is not high risk but could be high risk when used without the IT Departments permission.

Thank you for your comments. I am trying another password manager BLUR and never got any high-risk messages.

I attribute that to the fact that Blur has never been hacked therefore there are no statistics on security issues with the app. Adam, your comment is very helpful and I am going to explain that to the manager, also Valery, you are right, I can submit a reclass for the product if we decide to use it.

Hi Olga,

You can check the risk level and category on this CP site: https://appwiki.checkpoint.com/appwikisdb/public.htm

Dashlane is under category browser plugin, making it extra vulnerable. Just like LastPass. Both with risk high (4). So it looks like all password managers that works as a browser plugin is marked as high risk. BLUR is not on the list of Check Point AppWiki. 

For IPS protections, to get the severity of high this is required:

• Vulnerability may lead to non-privileged remote code execution 
• Vulnerability may affect important company assets 
• Vulnerability can be easily exploited
• The vulnerable software is significantly deployed in corporate environments

Password Managers are in general considered a high-risk application for the following reason: They can be used to store organizational credentials in a repository not controlled by the organization.

If your organizations trusts a particular one, then explicitly allow it in the App Control policy.

It is currently not possible to reclassify the risk of a given application.