Threat Emulation

Cyber-threats continue to multiply and now it is easier than ever for criminals to create new malware that can easily bypass existing protections. On a daily basis, these criminals can change the malware signature and make it virtually impossible for signature based products to protect networks against infection. Threat Emulation can protect your network against new malware, zero-day vulnerabilities and targeted attacks .

Threat Emulation gives networks the necessary protection against unknown threats in files that are downloaded from the Internet or attached to emails. When emulation is done on a file:

• The file is opened on more than one virtual computer with different operating system environments
• The virtual computers are closely monitored for unusual and malicious behavior, such as an attempt to change registry keys or run an unauthorized process
• Any malicious behavior is immediately logged and you can use Prevent mode to block the file from the internal network
• The cryptographic hash of a new malicious file is saved to a database and the internal network is protected from that malware
• Information about malicious files and malware is shared with Check Point and helps to protect all users