cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Tools / Methods to Test SBA?

Hi All,

I am deploying SBA to all of our endpoints, but was curious to run some tests against it as I go. I recently downloaded and tried to run a tool called RanSim from the folks over at KnowBe4; The tool is supposed to simulate behaviors of various ransomware variants. When using this tool to execute its tests, SBA knocked it down as expected, generated an analysis, etc. etc... (before the tool could even run its tests Smiley Happy)

I thought this was a neat little test and was wondering if anyone does something like this on occasion, and what tools / methods do you use?

Thanks!

David

6 Replies
Admin
Admin

Re: Tools / Methods to Test SBA?

Let me move this to the ‌ specific space Smiley Happy

0 Kudos
Kim_Moberg
Silver

Re: Tools / Methods to Test SBA?

Dameon,

Could it be an idea to make a similar non harmfull tool on check point wiki, were one can test both antibot and antivirus blade?


Kim

Best Regards
Kim
0 Kudos
Highlighted
Admin
Admin

Re: Tools / Methods to Test SBA?

We do have test URLs already that serve non-harmful content for AV, Anti-Bot, and Threat Emulation.

You can find them on Threatwiki.checkpoint.com on the upper right hand corner of the page 

Kim_Moberg
Silver

Re: Tools / Methods to Test SBA?

Yes. Thats the one I was thinking of. But do you have similar url that simulate ransomware and crypto mining without harming the Customers machine?

Best Regards
Kim
0 Kudos
Admin
Admin

Re: Tools / Methods to Test SBA?

I'm not aware of any Check Point-produced tools that do this, but a quick Internet search brought up a few.

0 Kudos

Re: Tools / Methods to Test SBA?

Thanks Dameon! I will certainly check that out... I knew that there was an eicar file that could be downloaded from the Check Point site to test AV, but testing Anti-Bot at the gateway would be awesome also. However, we don't have TE at the gateway, only with endpoint SBA; Also, since our laptop endpoints are off network so often, I am interested in testing the endpoints on their own.. 

0 Kudos