I admit to CheckMe is the easiest and fastest assessment tool.
We are using all Threat Prevention blades with Optimized Profile excluding Threat Extraction. Today I used to CheckMe(Network) assessment tool in environment. But the result is a disaster. We blocked Anonymizer, Critical Risk, Botnets, Tunnels and Phishing Application/Site_Group using Application Control Blade with URLF.
Maybe I'm doing something wrong?
Hi Elad Goldenberg,
I reviewed remediation steps from report. Such as BROWSER EXPLOIT.
Remediation Guide:
The IPS is part of the NGTX and NGTP and it blocks cross-site scripting attack with its recommended / optimized profile. In case that IPS protections are not updated, enable cross-site scripting attempt in your IPS policy to protect your computer from this threat.
Reviewed Firewall Configs:
1. IPS Blade is active
2. I am using Optimized Profile on Threat Prevention.
3. Cross-Site Scripting Scanning Attempt protection must to prevent(default-config) on Optimized Profile.
4. IPS Blade is Up-to-date
Another thing: I used CheckMe again without any changes. Result is different.....
| User | Count |
|---|---|
| 39 | |
| 12 | |
| 9 | |
| 7 | |
| 6 | |
| 6 | |
| 5 | |
| 5 | |
| 5 | |
| 4 |
Thu 20 Feb 2025 @ 11:00 AM (EST)
Tips and Tricks 2025 #2 - Controlling Access to SaaS Apps with Harmony SASETue 04 Mar 2025 @ 04:00 PM (CET)
Check Point | WIZ : Powering the Next Era of Cloud Security - AMERICASTue 11 Mar 2025 @ 05:00 PM (CDT)
Under the Hood: Configuring Site to Site VPN with Azure Virtual WAN and CloudGuard Network SecurityThu 20 Feb 2025 @ 11:00 AM (EST)
Tips and Tricks 2025 #2 - Controlling Access to SaaS Apps with Harmony SASETue 04 Mar 2025 @ 04:00 PM (CET)
Check Point | WIZ : Powering the Next Era of Cloud Security - AMERICASTue 11 Mar 2025 @ 05:00 PM (CDT)
Under the Hood: Configuring Site to Site VPN with Azure Virtual WAN and CloudGuard Network Security
.png "Kaushal_Varshne"){kind=avatar}
