This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Eric_Knopp
Participant
‎2025-07-23 05:43 AM

Auditing File Uploads (with view to block using Application Rule)

Gateway version - R81.20 T99; SMS management - R82, including Log Server and Smart Event.

We have an audit finding that would like us to "research ways to enhance controls preventing data uploads to unauthorized websites." There's a great Tag called "File Uploads" that we can use in a Block rule, but I want to be able to audit which sites are currently being used in our organization that would fit into the File Uploads category. I want to research which business approved sites would be blocked using this category, so we can create specific accepts above the block rule. We currently block most File Storage and Sharing sites across the organization.

I've tried searching the logs for category:"File Upload", tags:"File Upload" and cannot find any logs in our log server that match those categories. I thought I could add an Accept Rule for that tag/category in the App Control rulebase, but that may allow users to upload to file storage sites we do not want them to access.

 

Labels
2 Replies
the_rock
MVP Diamond
MVP Diamond
‎2025-07-23 06:18 AM

Very interesting question. Let me play around with this in my lab and see how far I get.

Andy

Best,
Andy
0 Kudos
PhoneBoy
Admin
Admin
‎2025-07-23 07:23 AM

You can see what apps we include as part of File Upload on AppWiki by simply searching for the tag "File Upload" of which there appear to be 250.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events