Serious Discussion Harmony Endpoint by Check Point

[Trident]

Just did a test with harmony extension with 250 open pish links and only 2 crypto wallet pishing links and one fake Microsoft fake call center weren't blocked

Settings can be tweaked to block these too.

 

[Vitali Ortzi]

Settings can be tweaked to block these too.

i have set category blocking and unclassified .malicious script(can confirm unclassified is working as it blocked some unpopular sites as uncatagorized and category blocking is working well too but haven't found a way to test that malicious script is blocked )

Blocked Categories - Level: Custom​

Botnets	Critical Risk	High Risk
Phishing	Spam	Spyware / Malicious Sites

i can modify the settings via harmony browse trial (still have a few days and can create another if needed) as well but so far haven't seen an important setting missing for pishing detection that i cant enable in unmanaged clients is there anything missing ?

btw one of the none blocked sites(microsft fake call center ) didn't have a form so there was no way to activate zero phishing scanning for that specific site
anyway im going to probably purchase harmony in the future or zone alarm anyway as it seemed like it had low false positives even with cracks in my system (had many cracked software but zero false postives in zone alarm extreme)

 

[Vitali Ortzi]

Settings can be tweaked to block these too.

btw i have done tests before with threat emulation and it didn't do very well with scripts (worked perfectly with documents as i use extraction with emulation so any malicious document i have tried was extracted and some detected by emulation too )

 

[Vitali Ortzi]

Settings can be tweaked to block these too.

Sent the url with the blocked categories (urlf) and what checkpoint API saying including that it got 2 positives in virus total (safe browsing in brave blocks the site as well as eset I have on the system and other extensions like Symantec but unfortunately checkpoint didn't block it )



Not saying I'm not a checkpoint fanboy and that it isn't better then any other extension against pishing but it's obviously not perfect (had fake bank site and fake government in Artists Against 419 not blocked by checkpoint about a week ago with unclassified urlf blocking enabled but I can't send proof for those as one is blocked now and the other is offline)
But if you want I could send some unblocked sites in the future to show you that checkpoint although the best pishing extension and in my opinion by far over other extensions is still not perfect

urlf_blocked_cats": [
0,
31,
51000004,
51000005,
52000038,
55,
60530540,
65,
66,
67,
77
],

 

[Vitali Ortzi]

Settings can be tweaked to block these too.

Anyway for the endpoint harmony (not just the extension)
You have said you got some nice polices
Any chance you send me the json of your light , optimized(secure) configs ?

 

[simmerskool]

anyway im going to probably purchase harmony in the future or zone alarm anyway as it seemed like it had low false positives even with cracks in my system (had many cracked software but zero false postives in zone alarm extreme)

imo you will be happier with Harmony than ZA (at based on my last usage of ZA a few months ago)