Upload files using polling, the service supports Microsoft Office files, as well as PDF, SWF, archives and executables. Active content will be cleaned from any documents that you upload (Microsoft Office and PDF files only). Query on existing IOCs, file status, analysis, reports. Download files from the database. Supports both appliance and cloud. Supported Threat Emulation versions are any R80x.
Check Point Threat Emulation (SandBlast) Pack
What does this pack do?
- Uses Threat Emulation to perform remote analysis on a sandbox.
- Uploads files to a virtual sandbox.
- Opens files and monitors them in multiple OS versions and Microsoft Office versions.
- Saves malicious files in the ThreatCloud.
- Provides a safe file without active content while the original file is inspected by Threat Emulation. If it is safe it can be downloaded.