Discussion Thread Harmony Endpoint by Check Point

Xeno1234

Level 11
Jun 12, 2023
514
I was testing checkpoint yesterday and I am wondering, why were some files not sent for threat emulation (the emulation outside of the extension) These files were under 50mb and were types that were supported by the engine.
 

Xeno1234

Level 11
Jun 12, 2023
514
According to AV Comparatives, Harmony lacks a hook for the Kernal Space, and cannot monitor API calls within the Kernel. Is this true, and if so, what impact does this have on its detection capabilities?
 
  • Like
Reactions: Dave Russo

Xeno1234

Level 11
Jun 12, 2023
514
How does Harmony handle ransomware?
Harmony utilizes many methods. You have threat emulation, threat reputation, Kaspersky /Sophos and CheckPoint Harmony local anti malware engines, and a anti-ransomware component which places honeypot files on the PC, and if they are modified, it remediates the infection.
The Honey Pot Component is the last line of defense, and is bypassed by anti-honeypot ransomware.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top