Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

CheckMe: FREE and Instant Network Security Assessment

Check Point’s CheckMe is a free and instant network security assessment tool. Using a series of simulations, CheckMe instantly identifies security risks on your network, and provides you with a detailed report on network vulnerabilities and recommendations.

To learn more watch this 3-minute video - CheckMe: FREE and Instant Network Security Assessment - YouTube

7 Replies
Highlighted
Nickel

CheckMe is a great tool. In fact it only checks if, in case of zero day analysis, it is allowed to download a malware file. I know we have the link to the malware file it tries to download in a SK, however, is this file a real malware?

Some customers are saying that if the file is downloaded, their endpoint solution should block the infection. I wanna know if I can ask the customer to download the malware file at their own risk to test their antimalware solutions.

Thanks!

0 Kudos
Highlighted
Admin
Admin

The point of the CheckMe test is to validate the efficacy of your existing security controls.

Which means it's entirely possible existing endpoint and/or network security controls will block the files.

The files in question exhibit behaviors that are consistent with malicious files.

0 Kudos
Highlighted

Hi Danilo, keep in mind that CheckMe assess only the network so their endpoint solutions are not "part of the game" and they can't block CheckMe tests.

Highlighted

I admit to CheckMe is the easiest and fastest assessment tool. 

We are using all Threat Prevention blades with Optimized Profile excluding Threat Extraction. Today I used to CheckMe(Network) assessment tool in environment. But the result is a disaster. We blocked Anonymizer, Critical Risk, Botnets, Tunnels and Phishing Application/Site_Group using Application Control Blade with URLF. 

Maybe I'm doing something wrong?

0 Kudos
Highlighted

Hi Gomboragchaa, 

Are you sure that all blades are activated?

Did you review all the remediation steps in the report?

0 Kudos
Highlighted

Hi Elad Goldenberg‌,

I reviewed remediation steps from report. Such as BROWSER EXPLOIT.

Remediation Guide:

The IPS is part of the NGTX and NGTP and it blocks cross-site scripting attack with its recommended / optimized profile. In case that IPS protections are not updated, enable cross-site scripting attempt in your IPS policy to protect your computer from this threat. 

Reviewed Firewall Configs: 

1. IPS Blade is active

2. I am using Optimized Profile on Threat Prevention.

3. Cross-Site Scripting Scanning Attempt protection must to prevent(default-config) on Optimized Profile.

4. IPS Blade is Up-to-date

Another thing: I used CheckMe again without any changes. Result is different.....

0 Kudos
Highlighted

Gomboragchaa Jamganjav‌, can you confirm that the your traffic go through this GW?

Did you install policy?

let's continue the thread via emails. my email is eladgo@checkpoint.com