Serious Discussion Harmony Endpoint by Check Point

oldschool

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,613
piquiteco said:
Exactly this post that came out the discussion, I was trying to remember @Kongo if you judged me, let me tell you, you are not a friend lol, I should have posted when @cruelsister commented, I would have already liquidated in the first move. I think she got tired of waiting. BTW, thank you very much! ;)
Click to expand...
Thanks to you and @Kongo I checked that thread, which I missed when traveling. (y) @SeriousHoax I like seeing consumer-grade AVs in action.(y)
 
Last edited:
  • Like
  • Applause
  • Thanks
Reactions: Nevi, [correlate], Gandalf_The_Grey and 4 others
ErzCrz

ErzCrz

Level 22
Verified
Top Poster
Well-known
Aug 19, 2019
1,170
piquiteco said:
Wait there you got it wrong, I used the proactive configuration, and it failed, so it was my fault, not the CF, bad configuration on my part and operator fault. I have to admit. More I did not use it in the configuration @cruelsister I talked to her just now, she shared with me the screenshots of the CF, everything was contained, the C&C connections were all blocked, minutes later the malware died in the sandbox.
Click to expand...
That's great.
piquiteco said:
I talked to @ErzCrz yesterday he used CF for years, he told me it never failed and found it strange my tests failed his status is ONLINE for me at the moment, if he sees the notification he will comment here. I told him that the configuration he used in CF is safe if it was @cruelsister's, because I did not use that configuration, it was probably a mistake on my part.
Click to expand...
Thanks. @cruelsister 's setup is simple yet super effective. I's all good, CF/CIS works great when tweaked.

Harmony Endpoint is looking like a great product.
 
  • Like
  • Hundred Points
Reactions: Nevi, [correlate], piquiteco and 3 others
Trident

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Testing Threat Emulation against documents Phishing.
1687848844978.png
1687848894379.png
1687848966439.png
1687849312958.png
1687849354709.png
 
Last edited:
  • Like
  • +Reputation
Reactions: Fel Grossi, [correlate], simmerskool and 5 others
Trident

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Shadowra said:
@Trident « Trojan.GenericKD » a Bitdefender signature Oo
Click to expand...
Yes, Threat Emulation in the cloud uses Bitdefender engine as well, together with all their engines. It also uses the Kaspersky reputation feeds.
Before that the DHS-compliant anti-malware blade used to be Bitdefender instead of Sophos. Afterwards they moved Bitdefender to the emulation and changed local anti-malware from Bitdefender to Sophos.
 
Last edited:
  • Like
Reactions: Nevi, [correlate], simmerskool and 2 others
Andrew3000

Andrew3000

Level 11
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
537
  • Like
Reactions: piquiteco, [correlate], simmerskool and 1 other person
piquiteco

piquiteco

Level 14
Verified
Top Poster
Well-known
Oct 16, 2022
624
Trident said:
How and why was the configuration bad?
Click to expand...
BTW Good Morning, Good Afternoon or Good Evening! Is everything ok with you? Now answering your question, because I was a dry ear lol, I literally parachuted into @Kongo's post, despite mentioning and leaving Kongo credits in another post, when I tested it, I should have at least asked his permission if I could share it in another post, but by referencing his post and leaving his credits in the post, @Kongo would have been aware if there were later any discussions on which I had posted, and he would have remedied it when the discussion about the stealer malware started, at least it would have avoided some unnecessary discussions on my part. Regarding the bad configuration I said, was that I enabled HIPS and everything maybe that there was no need in CF, firewall was in custom settings, when I ran the malware then several pop-pus appeared in HIPS and firewall when the malware started its execution, I had to make the decisions alone what I allowed or what I blocked, I must have allowed something that I shouldn't have, that ended up infecting the machine, too many settings that I adjusted, unnecessary rules created that culminated in a CF failure, who was to blame? Mine. Did you understand? I hope I understood. I apologize for the misunderstanding, I have a great admiration, respect and affection for you, since the first day I started talking to you here at MalwareTips. ;)
 
  • Like
  • Wow
  • Thanks
Reactions: kylprq, Nevi, [correlate] and 2 others

Similar threads

Trident
    • +Reputation
    • Thanks
New Update Announcing End of Life for Kaspersky Engine in Harmony Endpoint
Replies
14
Views
1,252
Other security for Windows, Mac, Linux
Trident
Trident
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review CheckPoint Harmony Endpoint Security 2024
Replies
40
Views
3,491
Video Reviews - Security and Privacy
Vitali Ortzi
Vitali Ortzi
Vitali Ortzi
    • Like
    • +Reputation
Serious Discussion [Extension]Checkpoint harmony web protection
Replies
20
Views
1,098
Web Extensions
Vitali Ortzi
Vitali Ortzi

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top