- Products
- Learn
- Local User Groups
- Partners
- More
The State of Ransomware Q1 2026
Key Trends and Their Impact
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
Step Into the Future of
AI-Powered Cyber Security
Blueprint Architecture for Securing
The AI Factory & AI Data Center
Call For Papers
Your Expertise. Our Stage
CheckMates Go:
CheckMates Fest
As Dameon said there normally isn't a big patterns/signature database downloaded and used by AV/ABOT, unlike APCL and IPS. Constant interaction with the ThreatCloud keeps a memory cache up to date with all the latest AV/ABOT updates automatically, so there is no real need to "force" an update most of the time.
However a situation can arise where a value held in the AV/ABOT cache is improperly blocking something causing a false positive. In that case you can create an exception, or a Custom Threat Indicator matching the traffic set to "Inactive" to work around the issue. If you suspect this is a "bad" or malfunctioning entry you can force an immediate refresh of all items in the cache, hoping that Check Point has cleared the problem:
Anti-Virus: sed -i "1s/.*/100/" $FWDIR/amw_kss/update/next_update
Anti-Bot: sed -i "1s/.*/100/" $FWDIR/amw/update/next_update
Note that the "1s" in the sed commands above is a number 1 followed by the letter "s". See here for more detail: sk143972: How to trigger an update for Application Control / Anti-Virus /Anti-Bot / IPS
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
