Hi
I am checking the checkpoint sandboxing feature
While checking Reputation, signature, etc., I had a question about logs and exceptions.
1. If you check the Anti-Virus signature information on the smart console, more than 30 million cases are confirmed.
However, when trying to apply it in an exception rule, only up to 100,000 signature information can be retrieved.
Does anyone know how to make an exception rule for signature information that is not retrieved?'
(It is actually being blocked by the firewall, but the signature is not looked up_)
2. If I use the add-exception function after checking the signature name in the Anti-Virus log, the attached file, not the signature, will be treated as an exception.
I'm confused Whether the hash value of the signature identified in the log is correctly handled as an exception, or whether the exception is handled by other logic.
| User | Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
Thu 21 Nov 2024 @ 02:00 PM (MST)
Denver North: Infinity External Risk Management and Harmony SaaSMon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82Mon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82Thu 21 Nov 2024 @ 02:00 PM (MST)
Denver North: Infinity External Risk Management and Harmony SaaSTue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopWed 04 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 2: Cloud Risk Management Workshop
