This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
ld3d
Participant
‎2023-01-26 03:13 AM

Threat Emulation always emulate same files

Hello CheckMates,

My colleagues are usnig a webiste which deals with researching subjects. Every day, colleagues have to download a couple of documents in pdf format from that website. Nothing special: pdf-s are approximately up to 5 MB in size and contain various PowerPoint presentations.

However, the problem is the following:

Each time, the same document is subject to emulation - even though it was previously emulated. So, every time a new MD5 / SHA1 is created for the pdf, which causes colleagues to wait unnecessarily. (for every document from that web site)

With other web-sites, this is not the case. ThreatEmulation works correctly, and when a document is downloaded, it remains in the cache and the same MD5 remains written for it (for a certain time as configured).

Do you have experience with this problem?

Please note that we do not have any other options set for this specific website, and no exceptions. They are subject to the inspection and profile we use for other websites.

Thanks in advance!

0 Kudos
8 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events