Serious Discussion Harmony Endpoint by Check Point

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,552
Settings can be tweaked to block these too.
i have set category blocking and unclassified .malicious script(can confirm unclassified is working as it blocked some unpopular sites as uncatagorized and category blocking is working well too but haven't found a way to test that malicious script is blocked )

Blocked Categories - Level: Custom​

BotnetsCritical RiskHigh Risk
PhishingSpamSpyware / Malicious Sites





i can modify the settings via harmony browse trial (still have a few days and can create another if needed) as well but so far haven't seen an important setting missing for pishing detection that i cant enable in unmanaged clients is there anything missing ?

btw one of the none blocked sites(microsft fake call center ) didn't have a form so there was no way to activate zero phishing scanning for that specific site
anyway im going to probably purchase harmony in the future or zone alarm anyway as it seemed like it had low false positives even with cracks in my system (had many cracked software but zero false postives in zone alarm extreme)
 
  • Like
Reactions: simmerskool

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,552
Settings can be tweaked to block these too.
btw i have done tests before with threat emulation and it didn't do very well with scripts (worked perfectly with documents as i use extraction with emulation so any malicious document i have tried was extracted and some detected by emulation too )
 

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,552
Settings can be tweaked to block these too.
Sent the url with the blocked categories (urlf) and what checkpoint API saying including that it got 2 positives in virus total (safe browsing in brave blocks the site as well as eset I have on the system and other extensions like Symantec but unfortunately checkpoint didn't block it )



Not saying I'm not a checkpoint fanboy and that it isn't better then any other extension against pishing but it's obviously not perfect (had fake bank site and fake government in Artists Against 419 not blocked by checkpoint about a week ago with unclassified urlf blocking enabled but I can't send proof for those as one is blocked now and the other is offline)
But if you want I could send some unblocked sites in the future to show you that checkpoint although the best pishing extension and in my opinion by far over other extensions is still not perfect
Code:
urlf_blocked_cats": [
0,
31,
51000004,
51000005,
52000038,
55,
60530540,
65,
66,
67,
77
],
 
Last edited:

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,552
Settings can be tweaked to block these too.
Anyway for the endpoint harmony (not just the extension)
You have said you got some nice polices
Any chance you send me the json of your light , optimized(secure) configs ?
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,729
anyway im going to probably purchase harmony in the future or zone alarm anyway as it seemed like it had low false positives even with cracks in my system (had many cracked software but zero false postives in zone alarm extreme)
imo you will be happier with Harmony than ZA (at based on my last usage of ZA a few months ago)
 
  • Like
Reactions: Zero Knowledge

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top