Email alert for high risk device events to admin - Check Point CheckMates

Discover the Future of Cyber Security:
What’s New in Check Point’s Quantum R82

Register Now!

Pick the Best of the Best of
CheckMates 2024!

Vote Now!

Share your Cyber Security Insights
On-Stage at CPX 2025

Learn More

Simplifying Zero Trust Security
with Infinity Identity!

Watch Now

Zero Trust Implementation
Help us with the Short-Term Roadmap

Take the Survey

CheckMates Go:
What's New in R82

LISTEN NOW

In addition to the Email alerts for critical dashboard events introduced in v2.61, the system can now email alerts for high risk device events to dashboard administrators as they occur.

These are the high risk events that are viewable on the Events & Alerts tab in the SandBlast Mobile Dashboard.

High risk device events include any event that raises the device risk level to high, such as:

Event type	Event	Examples
Jailbroken/Rooted	Jailbroken/Rooted Device	Device is rooted; Device is Jailbroken
Application	Malicious Application Installed or Removed
Suspicious Behavior	Profile Provisioning Profile Added	malicious profile was detected any provisioning profile added, does not indicate malicious intent
Configuration	Suspicious Configuration	BlueBorne BT exploit attack ARP Poisoning Man-in-the-Middle attack malicious system configuration change
Profile (iOS)	Suspicious Profile	suspicious VPN or Wi-Fi/Proxy profile detected
Network Attack	SSL Stripping SSL Interception (Basic) SSL Interception (Advanced)	Types of Man-in-the-Middle attacks
Device	SMS Phishing Connectivity	Malicious URL detected in SMS message Device status changed to Active or Inactive

To enable email alerts:

Open the dashboard and click on the avatar icon
Click Edit.
Turn ON the ‘Email Alerts’.
Click Save.

Example of a high risk event email alert:

Originally introduced in v2.61, and enhanced to include High Risk device events in v2.66.

0 Replies

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

User

Count

3

1

Upcoming Events

Sort by:

Virtual

Mon 25 Nov 2024 @ 02:00 PM (EST)

(Americas) AI Series Part 3: Maximizing AI to Drive Growth and Efficiency

Virtual

Tue 26 Nov 2024 @ 10:00 AM (CET)

EMEA Session: Automated Collaborative Prevention with 3rd Party Endpoint Solutions

Virtual

Tue 26 Nov 2024 @ 03:00 PM (CET)

Navigating NIS2: Practical Steps for Aligning Security and Compliance

Virtual

Tue 26 Nov 2024 @ 05:00 PM (CET)

Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82

In-Person

Tue 03 Dec 2024 @ 10:00 AM (GMT)

UK Community CNAPP Training Day 1: Cloud Risk Management Workshop

Virtual

Tue 03 Dec 2024 @ 05:00 PM (CET)

Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint Solutions

Virtual

Mon 25 Nov 2024 @ 02:00 PM (EST)

(Americas) AI Series Part 3: Maximizing AI to Drive Growth and Efficiency

Virtual

Tue 26 Nov 2024 @ 10:00 AM (CET)

EMEA Session: Automated Collaborative Prevention with 3rd Party Endpoint Solutions

Virtual

Tue 26 Nov 2024 @ 03:00 PM (CET)

Navigating NIS2: Practical Steps for Aligning Security and Compliance

Virtual

Tue 26 Nov 2024 @ 05:00 PM (CET)

Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82

Virtual

Tue 03 Dec 2024 @ 05:00 PM (CET)

Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint Solutions

Virtual

Tue 03 Dec 2024 @ 02:00 PM (CST)

Americas Deep Dive: What's New in R82

In-Person

Tue 03 Dec 2024 @ 10:00 AM (GMT)

UK Community CNAPP Training Day 1: Cloud Risk Management Workshop

In-Person

Wed 04 Dec 2024 @ 10:00 AM (GMT)

UK Community CNAPP Training Day 2: Cloud Risk Management Workshop

CheckMates Events