Check Point is claiming to offer 100% malware-free emails with a new threat protection service that strips away any unsafe content in real-time.
Threat Extraction is the firm’s response to the growing problem of email-borne threats, many of which are part of a spear phishing raid – often the first stage of a targeted attack campaign.
Malware is typically hidden in an innocuous looking attachment which the user is often tricked into opening via social engineering techniques.
The download then begins without their knowledge and an organization without advanced anti-APT tools could be infected for months or even years – all the time while sensitive data is being exfiltrated.
“Conventional antivirus is fast, but only catches known malware at 93% accuracy. Sandboxing identifies new malware and APTs but can be time consuming, taking several minutes per document with 95% accuracy,” Check Point product manager Noam Green told Infosecurity by email.
“We’ve developed Threat Extraction to provide 100% malware-free documents at sub one-second speed, to pre-emptively remove threats.”
Threat Extraction inspects suspicious looking emails and removes active content, embedded objects and other exploitable content before rebuilding the original message, according to the firm.
The extracted content is then quarantined for later inspection, which can help the organization better understand the nature of the threats facing it, and therefore better protect itself in the future.
Threat Extraction also gives IT admins granular control over which file types to allow in the organization and which users should be able to view selected file types.
Stats cited by Check Point from its 2014 Security Report claim that 84% of firms downloaded an infected document in 2013.
Check Point Threat Extraction will apparently go on sale in Q2 this year as part of a new Next Generation Threat Prevention package (NGTX ).
It also complements the vendor’s Threat Emulation, Anti-Bot, Intrusion Prevention and Antivirus products to provide comprehensive malware protection and visibility into online threats, Check Point said.