AI-based malware detection

August 2019 Perimeter Security, Alarms & Intruder Detection, Cyber Security

Check Point Software Technologies has introduced a new artificial intelligence-based malware detection engine to its SandBlast Network threat prevention solution, to enable faster, more accurate prevention of malicious attacks. The new Malware DNA engine classifies new forms of malware into known malware families, accelerating the ability to identify and block zero-day threats before they can cause any damage.

Malware DNA scans each malware variant that passes through the Check Point SandBlast Network sandbox to find code patterns and behavioural similarities that match existing, known malware families. As the overwhelming majority of malware is built using existing blocks of malicious code, Malware DNA accelerates identification of new, previously undiscovered malware and reduces response times to further strengthen organisations’ security postures.

Malware DNA’s AI and machine-learning processes are supported by intelligence on the millions of malware samples already detected by Check Point’s ThreatCloud. The new engine augments SandBlast Network’s detection, inspection and safe content delivery capabilities to deliver complete protection against the most dangerous zero-day and targeted attacks on enterprise networks.

“For hackers, reusing existing code that is already proven to work saves them time and effort, so the overwhelming majority of malware is created this way. The lines of code that make up malware are the DNA of cyber threats, and the new Malware DNA engine enables the code used in even brand-new malware to be quickly matched to existing families of threats,” said Maya Horowitz, head of threat intelligence research at Check Point. “By quickly tracing the origins of even new, zero-day threats, response times are accelerated even further, reducing the risks to organisations.”

SandBlast Network is a complete network threat prevention solution. It detects evasion-resistant malware to keep organisations’ networks threat-free, and ensures shared content is safe to use throughout your organisation, maximising users’ productivity. SandBlast Network is an integral component of Check Point’s consolidated cybersecurity architecture, Infinity, which protects all facets of modern IT, including the network, endpoints, cloud, and mobile. It uses real-time threat intelligence from Check Point’s ThreatCloud knowledge database to continually monitor for threats across all platforms through a single pane of glass.

NSS Labs, a trusted source for independent, fact-based cybersecurity testing, gave a ‘recommended’ rating to Check Point’s SandBlast solution for detecting 100% of HTTP and email threats, and 100% of malware using sophisticated evasion techniques, while giving zero false positives.

For more information, go to

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Check Point appoints new regional director for Africa
September 2019 , News, Cyber Security
Check Point Software Technologies has appointed Pankaj Bhula as regional director for Africa.

ISO standard for protecting personal data
September 2019 , News, Cyber Security
Tackling privacy information management head on: first ISO standard for protecting personal data has been published.

The hunt for the Carbanak group
September 2019 , Editor's Choice, Cyber Security, News
Tomorrow Unlocked has released a free four-part documentary that tells the story of the notorious Carbanak APT group and its $1 billion bank heist.

Building automation vulnerable to hacks
September 2019 , News, Cyber Security
New vulnerability revealed in Internet-connected building automation devices at the DEF CON IoT Village that could impact critical building systems.

Securing Savannah Hills Estate
August 2019, Rhyco Risk Projects , CCTV, Surveillance & Remote Monitoring, Perimeter Security, Alarms & Intruder Detection
Savannah Hills Estate in Midrand planned a security upgrade which was awarded to Rhyco Risk Projects. The project started in March 2019 and was completed in May 2019.

Multiple methods for motion detection
August 2019, Axis Communications SA , Perimeter Security, Alarms & Intruder Detection
There are strengths and weaknesses with all motion detection solutions, and their effectiveness will be dictated by the environment and the components they are being used with.

Ensuring your electric fence is compliant
August 2019, Stafix , Perimeter Security, Alarms & Intruder Detection, Security Services & Risk Management
A challenge facing both existing and potentially new perimeter electric fence installations is how to economically meet the legal requirements required in the SANS 10222-3:2016 standards document.

From fog to foxes
August 2019, Axis Communications SA , Perimeter Security, Alarms & Intruder Detection, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
What makes radar devices so valuable is the fact that they can provide a high range of accurate data while barely relying on external factors, such as weather or light.

Inundated with cyberattacks from all directions
August 2019 , Editor's Choice, Cyber Security, Security Services & Risk Management
IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up-to-date technology.

Patient critical – healthcare’s cybersecurity pulse
August 2019, Wolfpack Information Risk , News, Cyber Security, Healthcare (Industry)
The healthcare industry has become one of the leading cybersecurity attack vectors worldwide for several reasons.