cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Employee
Employee

Context Aware Detection (CADET) is now in production !

 

Hello,

We are pleased to announce the release of Threat Emulation Engine Update 7

which features CADET (Context-Aware Detection and Elimination of Threats) :

our newest AI-based technology.

CADET harnesses Check Point’s unique visibility into all parts of the traffic in order to offer precise context-informed decisions.

We are currently utilizing the CADET technology to address one of the most complex threat prevention challenges: accurately identifying unknown malicious executables.

By utilizing AI-based machine learning, CADET evaluates the entire session context rather than a specific file or link: Did it come through email or as a web download? Who is the sender? When was his domain registered? By Whom? And so forth.

We extract thousands of parameters from the inspected element and from the transaction context, and using the CADET AI engine, we are able to reach a single accurate verdict.

The CADET technology significantly increases our detection rate, while at the same time dramatically lowering false positives.

This new innovative AI engine is part of our ongoing focus on delivering the best threat prevention in the industry.

 

Learn more:

Artificial Intelligence in Check Point

AI Is moving forward

Podcast on AI In Check Point

 

  • Note: CADET is working in production on our SandBlast Emulation Cloud environment and will be released to SandBlast TE appliances in coming weeks.

 

4 Replies

Re: Context Aware Detection (CADET) is now in production !

Dear Tal,

Couple of questions:

a) How do we will know when CADET will be active and applied to our TE appliances?

b) Is there going to be any fail save measurements in order to avoid false positives?

c) Any configuration from our site?

d) Any plans to extend this behaviour analytics to the SBA?

e) Any additions to the reporting or to forensics?

Thanks,

Charris

0 Kudos
Admin
Admin

Re: Context Aware Detection (CADET) is now in production !

A) CADET is in Engine version 57.990002566 and above. See: Threat Emulation Engine Update - What's New? 

B) The machine learning we are using has been tested and shown to decrease false negatives and false positives. If you encounter a false positive, please follow the process for reporting it: How to submit a False Positive case for Threat emulation? 

C) The Threat Emulation engine is typically updated automatically. We roll out updates gradually to all appliances. 

D) If you have SBA, it should also leverage CADET (if available).

E) We are enhancing the Threat Emulation reports separately from CADET: New Threat Emulation reports 

0 Kudos

Re: Context Aware Detection (CADET) is now in production !

If the threat emulation analysis location is locally setted, will cadet still useful?

Thanks.

0 Kudos
Admin
Admin

Re: Context Aware Detection (CADET) is now in production !

My guess is that SK will be updated with the version that applies to local emulations.