Check Point has introduced a threat extraction service that it claims strips malware from documents to ensure documents are delivered to a network ‘with zero malware in zero seconds’.
The service, which Check Point dubs ‘a radical new security approach’, is aimed at the growing issue of email-borne malware, hidden within apparently innocuous attachments, and which can often herald a spear phishing attack.
Check Point says the threat extraction service deconstructs documents at the Check Point gateway, before they hit the network, and extracts active content, embedded objects and other exploitable content. The document is then reconstructed without the potential threats to provide ‘100% safe content’.
The security vendor, which says documents still pose one of the highest risks of infection for organisations, says the action is done in real time and preemptively removes threats by reconstructing documents with known safe elements.
Kurt Hansen, Check Point Software Technologies ANZ regional managing director, says the traditional approach of protecting against infected documents by looking for malware and blocking it does not provide absolute protection.
“Organisations need a way to preemptively remove the threat of malware altogether,” Hansen says.
“With Check Point Threat Extraction, organisations can now defend their networks against threats with a radical new technology that delivers 100% safe documents immediately.”
The vendor cites statistics from its 2014 Security report suggesting that globally 84% of companies downloaded an infected document in 2013. In ANZ, 98% of organisations have ‘high risk’ applications running on their networks, including remote administration (91%), file storage and sharing (88%), P2P file sharing (82%) and anonymisers (91%).
Check Point says the offering enables organisations to protect themselves against both known and unknown threats.
Check Point Threat Extraction will be made available as part of the new Next Generation Threat Prevention package, NGTX, in Q2 2015.