SlideShare a Scribd company logo

Check Point vs competition security effectiveness

Download as PPTX, PDF
Moti Sagey מוטי שגיא
Moti Sagey מוטי שגיא

This document summarizes Check Point's performance in NSS Labs security tests over time. It shows that Check Point has consistently achieved high recommended ratings, with a recommended rating in 95% of tests against Palo Alto, 86% against Fortinet, 94% against Cisco, and 93% or higher when compared against all four vendors together. Various graphs and tables demonstrate Check Point's leading coverage of CVEs and applications compared to other vendors.

1 of 26
1©2019 Check Point Software Technologies Ltd. [Protected] Distribution or modification is subject ©2017 Check Point Software Technologies Ltd. Q1 2020 Check point Security Effectiveness- THE FACTS
©2019 Check Point Software Technologies Ltd. 2 ©2019 Check Point Software Technologies Ltd. 2 “IN GOD WE TRUST ALL OTHERS MUST BRING DATA“ W. Edwards Deming
©2019 Check Point Software Technologies Ltd. 3 IPS Recommended – Jan 2011 Best integrated IPS Security Score of 97.3%! NGFW Recommended – April 2011 World’s first NSS Recommended NGFW! FW Recommended – April 2011 Only vendor to pass the initial test! NGFW Recommended – Jan 2012 Continued NGFW Leadership and Excellence! IPS Recommended – July 2012 Leading integrated IPS Security Score of 98.7%! FW Recommended – Jan 2013 Best Security + MGMT score of 100%! IPS Recommended – Nov 2013 100% Management score and Best annual Management Labor Cost NGFW Recommended – Feb 2013 Best Security + MGMT Score of 98.5%! NGFW Recommended – Sept 2014 4th NGFW Recommended BDS Recommended – Aug 2015 1st time tested - 100% unknown malware catch-rate NSS Labs- Check Point’s track record of security leadership and excellence! NGFW Recommended (follow-on test) – Aug 2018 Follow-on test - 99.62 overall Exploit Block-Rate AEP Recommended – March 2019 96.6 overall Block-Rate NGFW Recommended – Jul 2019 98.42 Exploit Catch-Rate BPS Recommended – Aug 2019 98.4 Security Effectiveness NGFW Recommended – Mar 2016 99.8% Catch rate and 5th NSS NGFW Recommended! BDS Recommended – Aug 2016 2nd NSS BDS Recommended! - 100% evasion free NGIPS Recommended – Oct 2016 Highest Catch-rate 99.95% lowest TCO NGFW Recommended – Jun 2017 99.56% overall Exploit Block-Rate BDS Recommended – Oct 2017 99.7% overall Breach Detection Score BPS Recommended – Dec 2017 Top Right Dot - 100% Block-rate Score AEP “AA” rating – Mar 2020 99.12 Block-Rate and #1 vendor in the test
4©2019 Check Point Software Technologies Ltd. 1 3 18 12 CHECK POINT PROVEN TRACK RECORD OF SECURITY EXCELLENCE * Recommended: 18/19=95% Recommended: 63% [Protected] Distribution or modification is subject to approval Neutral Caution Recommended Source: http://tiny.cc/nss_stats NSS Labs Security tests (FW/NGFW/IPS/NGIPS/BDS/BPS/AEP) 2020 AEP A & AA rating considered as Recommended Based on NSS Labs tests where Check Point and Palo Alto Participated together 4
5©2019 Check Point Software Technologies Ltd. 1 2 21 19 CHECK POINT PROVEN TRACK RECORD OF SECURITY EXCELLENCE Recommended: 21/22=95% Recommended: 86% [Protected] Distribution or modification is subject to approval Neutral Caution Recommended Source: http://tiny.cc/nss_stats NSS Labs Security tests (FW/NGFW/IPS/NGIPS/BDS/BPS/AEP) 2020 AEP A & AA rating considered as Recommended Based on NSS Labs test where Check Point and Fortinet Participated together 1
6©2019 Check Point Software Technologies Ltd. 1 6 16 9 CHECK POINT PROVEN TRACK RECORD OF SECURITY EXCELLENCE * Recommended: 16/17=94% Recommended: 53% [Protected] Distribution or modification is subject to approval Neutral Caution Recommended Source: http://tiny.cc/nss_stats NSS Labs Security tests (FW/NGFW/IPS/NGIPS/BDS/BPS/AEP) AEP 2020 no report for cisco yet Based on NSS Labs tests where Check Point and Cisco Participated together 2
7©2019 Check Point Software Technologies Ltd. 13 1 3 2 4 12 9 8 CHECK POINT PROVEN TRACK RECORD OF SECURITY EXCELLENCE * Recommended: 13/14=93% Recommended: 57% Recommended: 64% Recommended: 86% [Protected] Distribution or modification is subject to approval Neutral Caution Recommended Source: http://tiny.cc/nss_stats NSS Labs Security tests (FW/NGFW/IPS/NGIPS/BDS/BPS/AEP) Based on NSS Labs tests where all four vendors participated together 1 1 2
8©2019 Check Point Software Technologies Ltd. 14 1 3 2 4 13 9 9 CHECK POINT PROVEN TRACK RECORD OF SECURITY EXCELLENCE * Recommended: 14/15=93% Recommended: 60% Recommended: 64% Recommended: 86% [Protected] Distribution or modification is subject to approval Neutral Caution Recommended Source: http://tiny.cc/nss_stats NSS Labs Security tests (FW/NGFW/IPS/NGIPS/BDS/BPS/AEP) 2020 AEP A & AA rating considered as Recommended Based on NSS Labs tests where all four vendors participated together 1 1 2
©2019 Check Point Software Technologies Ltd. 9 Check Point SandBlast Recommended for Security Effectiveness and Value 2019 NSS Breach Prevention Systems Test ©2016 Check Point Software Technologies Ltd. 100% Block Rate 100% Protection against HTTP Malware 100% Protection against Email Malware 98.4% Overall Security Effectiveness 0.0% False Positives A Leading TCO: $19 Price/protected Mbps 100% Exploit Resistant 100% catch-rate in post infection
10©2019 Check Point Software Technologies Ltd. NSS Security Value Map Breach Prevention System (BPS) Test – 2019 Check Point comes out on top ! TCO per Protected Mbps SecurityEffectiveness 1 BPS 2 NGFW+AEP 3 NGIPS+AEP
©2019 Check Point Software Technologies Ltd. 11 ©2019 Check Point Software Technologies Ltd. 11 4512 4343 4152 3416 4284 1447 1177 1104 1177 1268 1554 1518 1801 1579 1112 # CVE's Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS (2014-2019) Last 5 Years Information is current as of Dec 2014 – Dec 22, 2019 | Source: Check Point Advisories| Palo Alto ThreatVault |Fortinet FortiGuard|Mcafee Threat Intelligence|Tipping Point Digital Vaccine|SourceFire Advisories
©2019 Check Point Software Technologies Ltd. 12 ©2019 Check Point Software Technologies Ltd. 12 4512 4343 1447 1177 1554 1518 # CVE's Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS(2015-2019): Check Point vs. Palo Alto Networks Last 5 Years Information is current as of Dec 2014 – Dec 2019 | Source: Palo Alto ThreatVault https://threatvault.paloaltonetworks.com/
©2019 Check Point Software Technologies Ltd. 13 ©2019 Check Point Software Technologies Ltd. 13 4512 4472 4222 1447 1541 # CVE's Strict Optimized Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS(Dec 2014-Dec 2019): Check Point Strict & Optimized vs. Palo Alto Networks “ALL Signatures” -Last 5 Years- Information is current as of Dec 2014 – Dec 2019 | Source: Palo Alto ThreatVault https://threatvault.paloaltonetworks.com/ 4343 1176 1518
©2019 Check Point Software Technologies Ltd. 14 ©2019 Check Point Software Technologies Ltd. 14 4512 4152 1447 1104 1541 1425 # CVE's Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS(2015-2019) Check Point vs. Fortinet Information is current as of Dec 13 2014 – Dec 13, 2019 | Source: FortiGuard Center https://fortiguard.com/updates/ips
©2019 Check Point Software Technologies Ltd. 15 ©2019 Check Point Software Technologies Ltd. 15 4512 4284 1447 1268 1541 1112 # CVE's Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS(2015-2019) Check Point vs. Cisco SourceFire Information is current as of Dec 13, 2014 – Dec 13, 2019 | Source: Cisco SourceFire Advisories http://www.snort.org/vrt/advisories/
©2019 Check Point Software Technologies Ltd. 16 ©2019 Check Point Software Technologies Ltd. 16 4512 3375 1447 13931541 1160 # CVE's Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS 2015-2019 Check Point vs. McAfee Information is current as of Dec 13 – Dec 13, 2019 | Source: McAfee Threat Intelligence http://www.mcafee.com/threat-intelligence/vulnerability/latest.aspx
©2019 Check Point Software Technologies Ltd. 18 ©2019 Check Point Software Technologies Ltd. 18 4512 4343 4152 4284 8012 3158 4200 3507 772 32 51 Check Point NGFW One Step Ahead – Visibility into risks Information of IPS is current as of Dec 13, 2014 – Dec 13, 2019 | Source: Check Point Advisories| Palo Alto ThreatVault |Fortinet FortiGuard|Mcafee Threat Intelligence|Tipping Point Digital Vaccine|SourceFire Advisories IPS - Total number of CVE’s covered Applications -Total number of Apps DLP – number of Data types (patterns, file types )
©2019 Check Point Software Technologies Ltd. 19 Check Point One Step Ahead in Detection and Prevention of Threat Focused Apps [Internal Use] for Check Point employees​ Potentially Risky Apps Check Point Palo Alto Networks Fortinet Cisco # of Anonymizers proxy/tunnel apps (e.g. TOR, UltraSurf, HideMyAss…) 222 115 169 41 # of P2P apps (e.g. Bitorrent, WinMX…) 343 146 64 54 # of File sharing apps (e.g. Dropbox, Google Drive, Mega…) 945 348 178 155 # of Remote Admin apps (e.g. TeamViewer, LogMeIn…) 147 98 84 71 Total number of apps 8,067 3,197 4,090 3,528 Source: Check Point AppWiki, PAN Applipedia, Fortinet FortiGuard, Cisco FirePower , as of March 10, 2020 [Protected ] Non-confidential content
©2019 Check Point Software Technologies Ltd. 20 Vendors Check Point R80.x Palo Alto Networks V9.x Fortinet v6 Cisco V6.2.1 IPS (CVEs covered) – Dec 2014-Dec 2019 4,512 4,343 4,152 4,284 Application Control 8,067 3,197 4,090 3,528 DLP File Types over 500 10 51 - Patterns 739 22 2 - URL Filtering Categories 164 71 88 84 [Protected ] Non-confidential content Source: Check Point AppWiki, ThreatWiki, PAN Applipedia, Threat Vault, PA-VM, Fortinet FortiGuard, FG-VM, Cisco FirePower , as of March 2020 Check Point One Step Ahead in Detection and Prevention of Threat Focused Apps
21©2020 Check Point Software Technologies Ltd. Source: vendors security advisories web pages & http://tiny.cc/urgency TO MAKE SURE YOUR SYSTEMS ARE NOT EXPOSED… 172 94.5118 234 128 159 136.6 Total of SW Vulnerabilities(2016- 2019)Average fix time (days) Mature SW Code Swift response to SW vulnerabilities
©2019 Check Point Software Technologies Ltd. 22 ©2019 Check Point Software Technologies Ltd. 22 Source: vendors security advisories web pages & http://tiny.cc/urgency 109min TOP VULNERABILITIES AVERAGE RESPONSE TIME 108days 2days 64min 10days 54days 20min 2days 1day 3days 5days 6days 5days BlueKeep CVE-2019-0708
©2019 Check Point Software Technologies Ltd. 23 ©2019 Check Point Software Technologies Ltd. 23 9 hours Check Point Cisco 2 days Fortinet 5 days Heartbleed Shellshock Poodle-TLS Venom 22 hours Check Point 18 hours Check Point 30 hours Check Point Palo Alto 29 days Fortinet 14 days Palo Alto 56 days Fortinet 10 days Palo Alto 10 days Fortinet 9 days Sense of Urgency is in Our DNA Full references at http://tiny.cc/dna-cp
©2019 Check Point Software Technologies Ltd. 24 ©2019 Check Point Software Technologies Ltd. 24 Patch Tuesday 2015-2017 AVERAGE RESPONSE TIME FOR TOP VULNERABILITIES(IPS) Apache Struts 2 35 minutes Check Point Palo Alto 377 min. Cisco 110 min. 29 hours Check Point 13 hours Check Point Palo Alto 6 days Fortinet 4 days Palo Alto 22 hours Fortinet 44 hours Flash (0day) CVE-2017-11292 48 hours Check Point Palo Alto 12 days Fortinet 5 days Disdain EK CVE-2017-0037 CVE-2017-0059 CVE-2017-9805 CVE-2017-9791 Source: vendors security advisories web pages & http://tiny.cc/urgency
©2019 Check Point Software Technologies Ltd. 25 ©2019 Check Point Software Technologies Ltd. 25 Patch Tuesday 2015,2016 AVERAGE RESPONSE TIME FOR TOP VULNERABILITIES(IPS) SSL Drown Attack 50 minutes Check Point Palo Alto 900 min. Cisco 98 min. 0 hours Check Point 13 hours Check Point Palo Alto 10 days Fortinet 9 hours Palo Alto 5 days Fortinet 5 days Flash (In The Wild) 0days 2016 Full references at http://tiny.cc/dna-cp 11 Minutes Check Point Palo Alto 9 hours Fortinet 1 hour BADLOCK
26©2019 Check Point Software Technologies Ltd. Patch Tuesday 2017 AVERAGE RESPONSE TIME FOR TOP VULNERABILITIES(IPS) Apache Struts 2 40 minutes Check Point Palo Alto 8.3 Hours Cisco 110 min. 29 hours Check Point 43 minutes Check Point Palo Alto 6 days Fortinet 4 days Palo Alto 35 Days Fortinet 30 Days 48 hours Check Point Palo Alto 12 days Fortinet 5 days Disdain EK CVE-2017-0037 CVE-2017-0059 CVE-2017-9805 CVE-2017-9791 Source: vendors security advisories web pages & http://tiny.cc/urgency WannaCry & NotPetya Key Competitive Point: Such response time is unacceptable
27©2019 Check Point Software Technologies Ltd. Patch Tuesday 2017 AVERAGE RESPONSE TIME FOR TOP VULNERABILITIES(IPS) 40 minutes Check Point Palo Alto 8.3 Hours Fortinet 3.6 hours. 12.3 hours Check Point 43 minutes Check Point Palo Alto 36.3 hours Fortinet 32 hours Palo Alto 30 Days Fortinet 30 Days CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 WannaCry & NotPetya CVE-2017-0144 Apache Struts 2 29 hours Check Point Palo Alto 6 days Fortinet 4 days CVE-2017-9805 CVE-2017-9791

More Related Content

Check Point vs competition security effectiveness

  • 1. 1©2019 Check Point Software Technologies Ltd. [Protected] Distribution or modification is subject ©2017 Check Point Software Technologies Ltd. Q1 2020 Check point Security Effectiveness- THE FACTS
  • 2. ©2019 Check Point Software Technologies Ltd. 2 ©2019 Check Point Software Technologies Ltd. 2 “IN GOD WE TRUST ALL OTHERS MUST BRING DATA“ W. Edwards Deming
  • 3. ©2019 Check Point Software Technologies Ltd. 3 IPS Recommended – Jan 2011 Best integrated IPS Security Score of 97.3%! NGFW Recommended – April 2011 World’s first NSS Recommended NGFW! FW Recommended – April 2011 Only vendor to pass the initial test! NGFW Recommended – Jan 2012 Continued NGFW Leadership and Excellence! IPS Recommended – July 2012 Leading integrated IPS Security Score of 98.7%! FW Recommended – Jan 2013 Best Security + MGMT score of 100%! IPS Recommended – Nov 2013 100% Management score and Best annual Management Labor Cost NGFW Recommended – Feb 2013 Best Security + MGMT Score of 98.5%! NGFW Recommended – Sept 2014 4th NGFW Recommended BDS Recommended – Aug 2015 1st time tested - 100% unknown malware catch-rate NSS Labs- Check Point’s track record of security leadership and excellence! NGFW Recommended (follow-on test) – Aug 2018 Follow-on test - 99.62 overall Exploit Block-Rate AEP Recommended – March 2019 96.6 overall Block-Rate NGFW Recommended – Jul 2019 98.42 Exploit Catch-Rate BPS Recommended – Aug 2019 98.4 Security Effectiveness NGFW Recommended – Mar 2016 99.8% Catch rate and 5th NSS NGFW Recommended! BDS Recommended – Aug 2016 2nd NSS BDS Recommended! - 100% evasion free NGIPS Recommended – Oct 2016 Highest Catch-rate 99.95% lowest TCO NGFW Recommended – Jun 2017 99.56% overall Exploit Block-Rate BDS Recommended – Oct 2017 99.7% overall Breach Detection Score BPS Recommended – Dec 2017 Top Right Dot - 100% Block-rate Score AEP “AA” rating – Mar 2020 99.12 Block-Rate and #1 vendor in the test
  • 4. 4©2019 Check Point Software Technologies Ltd. 1 3 18 12 CHECK POINT PROVEN TRACK RECORD OF SECURITY EXCELLENCE * Recommended: 18/19=95% Recommended: 63% [Protected] Distribution or modification is subject to approval Neutral Caution Recommended Source: http://tiny.cc/nss_stats NSS Labs Security tests (FW/NGFW/IPS/NGIPS/BDS/BPS/AEP) 2020 AEP A & AA rating considered as Recommended Based on NSS Labs tests where Check Point and Palo Alto Participated together 4
  • 5. 5©2019 Check Point Software Technologies Ltd. 1 2 21 19 CHECK POINT PROVEN TRACK RECORD OF SECURITY EXCELLENCE Recommended: 21/22=95% Recommended: 86% [Protected] Distribution or modification is subject to approval Neutral Caution Recommended Source: http://tiny.cc/nss_stats NSS Labs Security tests (FW/NGFW/IPS/NGIPS/BDS/BPS/AEP) 2020 AEP A & AA rating considered as Recommended Based on NSS Labs test where Check Point and Fortinet Participated together 1
  • 6. 6©2019 Check Point Software Technologies Ltd. 1 6 16 9 CHECK POINT PROVEN TRACK RECORD OF SECURITY EXCELLENCE * Recommended: 16/17=94% Recommended: 53% [Protected] Distribution or modification is subject to approval Neutral Caution Recommended Source: http://tiny.cc/nss_stats NSS Labs Security tests (FW/NGFW/IPS/NGIPS/BDS/BPS/AEP) AEP 2020 no report for cisco yet Based on NSS Labs tests where Check Point and Cisco Participated together 2
  • 7. 7©2019 Check Point Software Technologies Ltd. 13 1 3 2 4 12 9 8 CHECK POINT PROVEN TRACK RECORD OF SECURITY EXCELLENCE * Recommended: 13/14=93% Recommended: 57% Recommended: 64% Recommended: 86% [Protected] Distribution or modification is subject to approval Neutral Caution Recommended Source: http://tiny.cc/nss_stats NSS Labs Security tests (FW/NGFW/IPS/NGIPS/BDS/BPS/AEP) Based on NSS Labs tests where all four vendors participated together 1 1 2
  • 8. 8©2019 Check Point Software Technologies Ltd. 14 1 3 2 4 13 9 9 CHECK POINT PROVEN TRACK RECORD OF SECURITY EXCELLENCE * Recommended: 14/15=93% Recommended: 60% Recommended: 64% Recommended: 86% [Protected] Distribution or modification is subject to approval Neutral Caution Recommended Source: http://tiny.cc/nss_stats NSS Labs Security tests (FW/NGFW/IPS/NGIPS/BDS/BPS/AEP) 2020 AEP A & AA rating considered as Recommended Based on NSS Labs tests where all four vendors participated together 1 1 2
  • 9. ©2019 Check Point Software Technologies Ltd. 9 Check Point SandBlast Recommended for Security Effectiveness and Value 2019 NSS Breach Prevention Systems Test ©2016 Check Point Software Technologies Ltd. 100% Block Rate 100% Protection against HTTP Malware 100% Protection against Email Malware 98.4% Overall Security Effectiveness 0.0% False Positives A Leading TCO: $19 Price/protected Mbps 100% Exploit Resistant 100% catch-rate in post infection
  • 10. 10©2019 Check Point Software Technologies Ltd. NSS Security Value Map Breach Prevention System (BPS) Test – 2019 Check Point comes out on top ! TCO per Protected Mbps SecurityEffectiveness 1 BPS 2 NGFW+AEP 3 NGIPS+AEP
  • 11. ©2019 Check Point Software Technologies Ltd. 11 ©2019 Check Point Software Technologies Ltd. 11 4512 4343 4152 3416 4284 1447 1177 1104 1177 1268 1554 1518 1801 1579 1112 # CVE's Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS (2014-2019) Last 5 Years Information is current as of Dec 2014 – Dec 22, 2019 | Source: Check Point Advisories| Palo Alto ThreatVault |Fortinet FortiGuard|Mcafee Threat Intelligence|Tipping Point Digital Vaccine|SourceFire Advisories
  • 12. ©2019 Check Point Software Technologies Ltd. 12 ©2019 Check Point Software Technologies Ltd. 12 4512 4343 1447 1177 1554 1518 # CVE's Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS(2015-2019): Check Point vs. Palo Alto Networks Last 5 Years Information is current as of Dec 2014 – Dec 2019 | Source: Palo Alto ThreatVault https://threatvault.paloaltonetworks.com/
  • 13. ©2019 Check Point Software Technologies Ltd. 13 ©2019 Check Point Software Technologies Ltd. 13 4512 4472 4222 1447 1541 # CVE's Strict Optimized Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS(Dec 2014-Dec 2019): Check Point Strict & Optimized vs. Palo Alto Networks “ALL Signatures” -Last 5 Years- Information is current as of Dec 2014 – Dec 2019 | Source: Palo Alto ThreatVault https://threatvault.paloaltonetworks.com/ 4343 1176 1518
  • 14. ©2019 Check Point Software Technologies Ltd. 14 ©2019 Check Point Software Technologies Ltd. 14 4512 4152 1447 1104 1541 1425 # CVE's Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS(2015-2019) Check Point vs. Fortinet Information is current as of Dec 13 2014 – Dec 13, 2019 | Source: FortiGuard Center https://fortiguard.com/updates/ips
  • 15. ©2019 Check Point Software Technologies Ltd. 15 ©2019 Check Point Software Technologies Ltd. 15 4512 4284 1447 1268 1541 1112 # CVE's Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS(2015-2019) Check Point vs. Cisco SourceFire Information is current as of Dec 13, 2014 – Dec 13, 2019 | Source: Cisco SourceFire Advisories http://www.snort.org/vrt/advisories/
  • 16. ©2019 Check Point Software Technologies Ltd. 16 ©2019 Check Point Software Technologies Ltd. 16 4512 3375 1447 13931541 1160 # CVE's Microsoft CVE's Adobe CVE's Number of CVE’s covered by IPS 2015-2019 Check Point vs. McAfee Information is current as of Dec 13 – Dec 13, 2019 | Source: McAfee Threat Intelligence http://www.mcafee.com/threat-intelligence/vulnerability/latest.aspx
  • 17. ©2019 Check Point Software Technologies Ltd. 18 ©2019 Check Point Software Technologies Ltd. 18 4512 4343 4152 4284 8012 3158 4200 3507 772 32 51 Check Point NGFW One Step Ahead – Visibility into risks Information of IPS is current as of Dec 13, 2014 – Dec 13, 2019 | Source: Check Point Advisories| Palo Alto ThreatVault |Fortinet FortiGuard|Mcafee Threat Intelligence|Tipping Point Digital Vaccine|SourceFire Advisories IPS - Total number of CVE’s covered Applications -Total number of Apps DLP – number of Data types (patterns, file types )
  • 18. ©2019 Check Point Software Technologies Ltd. 19 Check Point One Step Ahead in Detection and Prevention of Threat Focused Apps [Internal Use] for Check Point employees​ Potentially Risky Apps Check Point Palo Alto Networks Fortinet Cisco # of Anonymizers proxy/tunnel apps (e.g. TOR, UltraSurf, HideMyAss…) 222 115 169 41 # of P2P apps (e.g. Bitorrent, WinMX…) 343 146 64 54 # of File sharing apps (e.g. Dropbox, Google Drive, Mega…) 945 348 178 155 # of Remote Admin apps (e.g. TeamViewer, LogMeIn…) 147 98 84 71 Total number of apps 8,067 3,197 4,090 3,528 Source: Check Point AppWiki, PAN Applipedia, Fortinet FortiGuard, Cisco FirePower , as of March 10, 2020 [Protected ] Non-confidential content
  • 19. ©2019 Check Point Software Technologies Ltd. 20 Vendors Check Point R80.x Palo Alto Networks V9.x Fortinet v6 Cisco V6.2.1 IPS (CVEs covered) – Dec 2014-Dec 2019 4,512 4,343 4,152 4,284 Application Control 8,067 3,197 4,090 3,528 DLP File Types over 500 10 51 - Patterns 739 22 2 - URL Filtering Categories 164 71 88 84 [Protected ] Non-confidential content Source: Check Point AppWiki, ThreatWiki, PAN Applipedia, Threat Vault, PA-VM, Fortinet FortiGuard, FG-VM, Cisco FirePower , as of March 2020 Check Point One Step Ahead in Detection and Prevention of Threat Focused Apps
  • 20. 21©2020 Check Point Software Technologies Ltd. Source: vendors security advisories web pages & http://tiny.cc/urgency TO MAKE SURE YOUR SYSTEMS ARE NOT EXPOSED… 172 94.5118 234 128 159 136.6 Total of SW Vulnerabilities(2016- 2019)Average fix time (days) Mature SW Code Swift response to SW vulnerabilities
  • 21. ©2019 Check Point Software Technologies Ltd. 22 ©2019 Check Point Software Technologies Ltd. 22 Source: vendors security advisories web pages & http://tiny.cc/urgency 109min TOP VULNERABILITIES AVERAGE RESPONSE TIME 108days 2days 64min 10days 54days 20min 2days 1day 3days 5days 6days 5days BlueKeep CVE-2019-0708
  • 22. ©2019 Check Point Software Technologies Ltd. 23 ©2019 Check Point Software Technologies Ltd. 23 9 hours Check Point Cisco 2 days Fortinet 5 days Heartbleed Shellshock Poodle-TLS Venom 22 hours Check Point 18 hours Check Point 30 hours Check Point Palo Alto 29 days Fortinet 14 days Palo Alto 56 days Fortinet 10 days Palo Alto 10 days Fortinet 9 days Sense of Urgency is in Our DNA Full references at http://tiny.cc/dna-cp
  • 23. ©2019 Check Point Software Technologies Ltd. 24 ©2019 Check Point Software Technologies Ltd. 24 Patch Tuesday 2015-2017 AVERAGE RESPONSE TIME FOR TOP VULNERABILITIES(IPS) Apache Struts 2 35 minutes Check Point Palo Alto 377 min. Cisco 110 min. 29 hours Check Point 13 hours Check Point Palo Alto 6 days Fortinet 4 days Palo Alto 22 hours Fortinet 44 hours Flash (0day) CVE-2017-11292 48 hours Check Point Palo Alto 12 days Fortinet 5 days Disdain EK CVE-2017-0037 CVE-2017-0059 CVE-2017-9805 CVE-2017-9791 Source: vendors security advisories web pages & http://tiny.cc/urgency
  • 24. ©2019 Check Point Software Technologies Ltd. 25 ©2019 Check Point Software Technologies Ltd. 25 Patch Tuesday 2015,2016 AVERAGE RESPONSE TIME FOR TOP VULNERABILITIES(IPS) SSL Drown Attack 50 minutes Check Point Palo Alto 900 min. Cisco 98 min. 0 hours Check Point 13 hours Check Point Palo Alto 10 days Fortinet 9 hours Palo Alto 5 days Fortinet 5 days Flash (In The Wild) 0days 2016 Full references at http://tiny.cc/dna-cp 11 Minutes Check Point Palo Alto 9 hours Fortinet 1 hour BADLOCK
  • 25. 26©2019 Check Point Software Technologies Ltd. Patch Tuesday 2017 AVERAGE RESPONSE TIME FOR TOP VULNERABILITIES(IPS) Apache Struts 2 40 minutes Check Point Palo Alto 8.3 Hours Cisco 110 min. 29 hours Check Point 43 minutes Check Point Palo Alto 6 days Fortinet 4 days Palo Alto 35 Days Fortinet 30 Days 48 hours Check Point Palo Alto 12 days Fortinet 5 days Disdain EK CVE-2017-0037 CVE-2017-0059 CVE-2017-9805 CVE-2017-9791 Source: vendors security advisories web pages & http://tiny.cc/urgency WannaCry & NotPetya Key Competitive Point: Such response time is unacceptable
  • 26. 27©2019 Check Point Software Technologies Ltd. Patch Tuesday 2017 AVERAGE RESPONSE TIME FOR TOP VULNERABILITIES(IPS) 40 minutes Check Point Palo Alto 8.3 Hours Fortinet 3.6 hours. 12.3 hours Check Point 43 minutes Check Point Palo Alto 36.3 hours Fortinet 32 hours Palo Alto 30 Days Fortinet 30 Days CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 WannaCry & NotPetya CVE-2017-0144 Apache Struts 2 29 hours Check Point Palo Alto 6 days Fortinet 4 days CVE-2017-9805 CVE-2017-9791

Editor's Notes

  1. Here is the complete record of our NSS Labs test participation. You can see in each instance we received NSS Labs’ highest award, NSS Recommended. In fact Check Point has received nine NSS Recommended awards since 2011. Every FW, IPS and NGFW test we’ve participated in, we’ve received NSS Recommended. Plus we conducted one Individual IPS test where we scored 99% Security Score – but NSS only grant “Recommended” as part of Group Tests – this was an Individual test on our 61000 appliance. Overall a truly exceptional record – that should help give you confidence in the quality of our products and the security we deliver – over the long term.
  2. Topic CVEs Covered by Check Point, but not covered by Palo Alto Covered by Palo Alto, but not covered by Check Point Covered by Check Point in Recommended, but not covered by Palo Alto Covered by Check Point with Critical performance impact Covered by Check Point with Critical performance impact, but not covered by Palo Alto
  3. Topic CVEs Covered by Check Point, but not covered by Palo Alto Covered by Palo Alto, but not covered by Check Point Covered by Check Point in Recommended, but not covered by Palo Alto Covered by Check Point with Critical performance impact Covered by Check Point with Critical performance impact, but not covered by Palo Alto
  4. Topic CVEs Covered by Check Point, but not covered by Palo Alto Covered by Palo Alto, but not covered by Check Point Covered by Check Point in Recommended, but not covered by Palo Alto Covered by Check Point with Critical performance impact Covered by Check Point with Critical performance impact, but not covered by Palo Alto
  5. Check Point: https://appwiki.checkpoint.com/appwikisdb/public.htm Palo Alto: https://applipedia.paloaltonetworks.com/ Fortinet: https://fortiguard.com/appcontrol Cisco: FP management -> Policies -> Application Detectors # of Anonymizers proxy/tunnel apps (e.g. TOR, UltraSurf, HideMyAss…) Check point: anonymizer PAN: proxy+encrypted-tunnel Fortinet:proxy Cisco: anonymizer/proxy category # of P2P apps CP: P2P file sharing PAN: “peer-to-peer” Technology Fortinet: “P2P” Cisco: peer-to-peer category # of File sharing apps CP: file storage and sharing category PAN: file sharing sub-category Fortinet: storage.backup Cisco: remote file storage category # of Remote Admin apps CP: remote administration category PAN: remote access subcategory Fortinet: remote access category Cisco: remote administration category
  6. Full Reference : https://docs.google.com/spreadsheets/d/16kMzTF2xIlnzyrkGmKswnbR_qsMg4heO8aqzv4D3qTI/edit#gid=1963141070 # of vulnerabilities represent the sum of CVE’s + Internal vulnerabilities found in 2016 by each vendor. The list include vulnerabilities of all enterprise security products (network + endpoint security)
  7. Full reference patch teusday http://tiny.cc/urgency) BlueKeep CVE-2019-0708: publish date – May 16, 2019 Check Point – May 19, 2019 - https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0657.html Palo Alto – May 21, 2019 – content version 8154 Fortinet – May 22, 2019 - https://fortiguard.com/search?q=CVE-2019-0708&engine=3 Cisco - May 21, 2019 https://blog.talosintelligence.com/2019/05/talos-releases-coverage-for-wormable.html Fragmentsmack: CVE-2018-5391 - used in FragmentSmack. Publication: August 14, 2018 Check Point released a fix (patch) on August 16, 2018 = 2 days (https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk134253&src=securityAlerts) Palo Alto released advisory with “medium” severity that they are vulnerable and with fix in November 29, 2018 = 108 days (https://securityadvisories.paloaltonetworks.com/  PAN-SA-2018-0012) Cisco released a fix in August 24 @21:30 GMT = 10 days (https://tools.cisco.com/security/center/mpublicationListingDetails.x?pageNo=5&docType=CiscoSecurityAdvisory) SegmentSmack: CVE-2018-5390 & CVE-2018-6922 https://www.kb.cert.org/vuls/id/962459/ and https://access.redhat.com/security/cve/cve-2018-5390 Published in Aug 6, 2018 (after embargo) Check Point Released a patch OS fix in August 16, 2018 = 10 days (https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk134253&src=securityAlerts) Cisco released a fix in Cisco released a fix in August 24 @21:30 GMT (https://tools.cisco.com/security/center/mpublicationListingDetails.x?pageNo=5&docType=CiscoSecurityAdvisory) Palo Alto released “info” advisory, stating they are not vulnerable - in September 19, 2018 - (https://securityadvisories.paloaltonetworks.com/  PAN-SA-2018-0012) Struts2 2018 CVE-2018-11776 published in August 22, 2018 - https://nvd.nist.gov/vuln/detail/CVE-2018-11776 & https://semmle.com/news/apache-struts-CVE-2018-11776 Check Point published August 23, 2018 @ 18:22 GMT+2 PAN published in August 24, 2018 @20:43 (8:43pm) GMT+2 (pkg 8057) Cisco published in Aug 23, 2018 @21:29 GMT+2  https://www.snort.org/advisories/talos-rules-2018-08-23-8-23-2018 Fortinet published in Oct 15, 2018  https://fortiguard.com/encyclopedia/ips/30956/apache-struts-2-ognl-script-injection ===ALL TIMES ARE IST (GMT +2 with daylight) === Microsoft Patch Tuesday release dates :         Flash (In The Wild) 0days 2016 Check Point CVE-2016-1010 (http://arstechnica.com/security/2016/03/adobe-issues-emergency-patch-for-actively-exploited-code-execution-bug/) Mar 2016 update package 634161670 Thu 10-Mar-16 22:11   CVE-2016-1019 (https://helpx.adobe.com/security/products/flash-player/apsa16-01.html) Apr 2016 update package 634162315 Wed 06-Apr-16 19:12       Fortinet: CVE-2016-1010  http://fortiguard.com/updates/ips?version=7.813 (Mar 16th, 2016 - 10:37:11) CVE-2016-1019 http://fortiguard.com/updates/ips?version=7.829 ( Apr 08th, 2016 - 10:44:09) Palo Alto : CVE-2016-1010 Version 570 (Thu 3/17/2016 12:24 AM) CVE-2016-1019 Version 576 (Fri 4/8/2016 11:39 AM) BADLOCK Check Point Apr 2016 update package 634162437  Tue 12-Apr-16 20:14 ====> 11 Min. Palo Alto: Apr 2016 update package 578 Wed 4/12/2016 4:55 AM====> 532 Min Fortinet Update 7.831 Apr 12th, 2016 - 21:07:14=64 min
  8. Full references at http://tiny.cc/dna-cp
  9. ===ALL TIMES ARE IST (GMT +2 with daylight) === Microsoft Patch Tuesday release dates : Jan 2015  Tue 13-Jan-15 20:41 Feb 2015 Tue 10-Feb-15 20:23 Mar 2015 Tue 10-Mar-15 20:05 Apr 2015 Tue 14-Apr-15 20:11 May 2015 Tue 12-May-15 20:01 Jun 2015 Tue 09-Jun-15 20:11 Jul 2015 14-07-15 20:22 Aug 2015 Tue 11-Aug-15 20:13 Sept 2015 Tue 08-Sep-15 20:11 Oct 2015 Tue 13-Oct-15 20:02 Nov 2015 10-Nov-15 20:06 Dec 2015 08-Dec-15 20:21 Jan 2016 12-Jan-16 20:32 Feb 2016 09-Feb-16 20:11 Mar 2016 08-Mar-16 20:10 Apr 2016 12-Apr-16 20:03   Check Point: Jan 2015 update package 634150275  Tue 13-Jan-15 21:10 ====> 29 Min. Feb 2015 update package 634150971 Tue 10-Feb-15 20:44 ====> 21 Min. Mar 2015 update package 634151647 Tue 10-Mar-15 21:06 ====> 61 Min. Apr 2015 update package 634152477 Tue 14-Apr-15 20:32 ====> 21 Min. May 2015 update package 634153159 Tue 12-May-15 22:11 ====> 130 Min. Jun 2015 update package 634153827 Tue 09-Jun-15 20:41 ====> 30 Min. Jul 2015 update package 634154669 Tue 14-Jul-15 21:21 ====> 59 Min. Aug 2015 update package 634155315 Tue 11-Aug-15 20:34 ====> 21 Min. Sept 2015 update package 634156015 Tue 08-Sep-15 23:02 ====> 171 Min. Oct 2015 update package 634156850 Tue 13-Oct-15 20:21 ====> 19 Min. Nov 2015 update package 634157526 Tue 10-Nov-15 21:11 ====> 55 Min. Dec 2015 update package 634158204 Tue 08-Dec-15 22:11 ====> 110 Min. Jan 2016 update package 634150275 Tue 12-Jan-16 20:48 ====> 16 Min. Feb 2016 update package 634160946 Tue 09-Feb-16 20:31 ====> 20 Min. Mar 2016 update package 634161619 Tue 08-Mar-16 20:32 ====> 22 Min. Apr 2016 update package 634162437  Tue 12-Apr-16 20:14 ====> 11 Min.   Average for Check Point Patch Tuesday response time (Jan-2015 – Apr 2016 ): 50 minutes   Palo Alto Jan 2015 update package 481 Wed 1/14/2015 1:26 AM====> 285 Min. Feb 2015 update package 485 Wed 2/11/2015 2:00 AM====> 337 Min. Mar 2015 update package 490 Wed 3/11/2015 6:50 PM====> 1365 Min. Apr 2015 update package 495 Wed 4/15/2015 12:01 AM====> 230 Min. May 2015 update package 499 Wed 5/13/2015 8:18 AM====> 737 Min. Jun 2015 update package 504 Tue 6/9/2015 10:46 PM====> 95 Min. Jul 2015 update package 515 Thu, 7/16/2015 3:24 AM====> 1862 Min. Aug 2015 update package 521 Thu, 8/13/2015 7:11 PM====> 2818 Min. Sept 2015 update package 526 Wed, 9/9/2015 6:14 PM====> 1323 Min. Oct 2015 update package 533 Wed, 10/14/2015 7:38 AM====> 696 Min. Nov 2015 update package 539 Wed, 11/11/2015 10:16 AM====> 850 Min. Dec 2015 update package 544 Wed 12/9/2015 2:34 AM====> 373 Min. Jan 2016 update package 551 Tue 1/12/2016 10:25 PM====> 113 Min. Feb 2016 update package 557 Wed 2/10/2016 5:08 AM====> 537 Min. Mar 2016 update package 566 Thu 3/10/2016 0:03 AM====> 1793 Min. Apr 2016 update package 578 Wed 4/12/2016 4:55 AM====> 532 Min   Average for PAN Patch Tuesday response time (Jan-2015 – Apr 2016 ): 872 minutes (14h33m)   Cisco (https://www.snort.org/advisories/) : Jan 2015 VRT Rules 2015-01-13 2015-01-13 19:27:43 UTC====> 106 Min. Feb 2015 VRT Rules 2015-02-10 2015-02-10 18:23:34 UTC====> 60 Min. Mar 2015 VRT Rules 2015-03-10 2015-03-10 19:40:03 UTC====> 155 Min. Apr 2015 VRT Rules 2015-04-14 2015-04-14 17:46:40 UTC====> 35 Min. May 2015 Talos Rules 2015-05-12 2015-05-12 18:28:55 UTC====> 87 Min. Jun 2015 Talos Rules 2015-06-09 2015-06-09 17:25:03 UTC====> 14 Min. Jul 2015 Talos Rules 2015-07-14 2015-07-14 17:51:25 UTC====> 31 Min. Aug 2015 Talos Rules 2015-08-11 2015-08-11 17:55:32 UTC34 ====> 42 Min. Sept 2015 Talos Rules 2015-09-08 2015-09-08 18:14:21 UTC====> 63 Min. Oct 2015 Talos Rules 2015-10-13 2015-10-13 19:03:24 UTC====> 121 Min. Nov 2015 Talos Rules 2015-11-10 2015-11-10 19:54:08 UTC ====> 168 Min. Dec 2015 Talos Rules 2015-12-08 2015-12-08 22:03:06 UTC====> 282 Min. Jan 2016 Talos Rules 2016-01-12 2016-01-12 19:05:37 UTC====> 153 Min. Feb 2016 Talos Rules 2016-02-09 2016-02-09 19:15:02 UTC ====>124 min Mar 2016 Talos Rules 2016-03-08 2016-03-08 18:21:55 UTC====> 61 Min. Apr 2016 Talos Rules 2016-04-12 2016-04-12 19:06:33 UTC ====> 63 Min     Average for Cisco Patch Tuesday response time (Jan-2015 – Apr 2016 ): 98 minutes (1h38m)   SSL Drown Attack Check Point : proactively protecting with signature “Secure Sockets Layer Version 2.0” see also sk92447 Palo Alto : Version 567  Thursday, March 10, 2016 at 9:16 PM Fortinet:  http://fortiguard.com/updates/ips?version=7.802 Thursday, March 3, 2016 at 11:26 PM       Flash (In The Wild) 0days 2016 Check Point CVE-2016-1010 (http://arstechnica.com/security/2016/03/adobe-issues-emergency-patch-for-actively-exploited-code-execution-bug/) Mar 2016 update package 634161670 Thu 10-Mar-16 22:11   CVE-2016-1019 (https://helpx.adobe.com/security/products/flash-player/apsa16-01.html) Apr 2016 update package 634162315 Wed 06-Apr-16 19:12       Fortinet: CVE-2016-1010  http://fortiguard.com/updates/ips?version=7.813 (Mar 16th, 2016 - 10:37:11) CVE-2016-1019 http://fortiguard.com/updates/ips?version=7.829 ( Apr 08th, 2016 - 10:44:09) Palo Alto : CVE-2016-1010 Version 570 (Thu 3/17/2016 12:24 AM) CVE-2016-1019 Version 576 (Fri 4/8/2016 11:39 AM) BADLOCK Check Point Apr 2016 update package 634162437  Tue 12-Apr-16 20:14 ====> 11 Min. Palo Alto: Apr 2016 update package 578 Wed 4/12/2016 4:55 AM====> 532 Min Fortinet Update 7.831 Apr 12th, 2016 - 21:07:14=64 min
  10. ===ALL TIMES ARE IST (GMT +2 with daylight) === Microsoft Patch Tuesday release dates : Jan 2015  Tue 13-Jan-15 20:41 Feb 2015 Tue 10-Feb-15 20:23 Mar 2015 Tue 10-Mar-15 20:05 Apr 2015 Tue 14-Apr-15 20:11 May 2015 Tue 12-May-15 20:01 Jun 2015 Tue 09-Jun-15 20:11 Jul 2015 14-07-15 20:22 Aug 2015 Tue 11-Aug-15 20:13 Sept 2015 Tue 08-Sep-15 20:11 Oct 2015 Tue 13-Oct-15 20:02 Nov 2015 10-Nov-15 20:06 Dec 2015 08-Dec-15 20:21 Jan 2016 12-Jan-16 20:32 Feb 2016 09-Feb-16 20:11 Mar 2016 08-Mar-16 20:10 Apr 2016 12-Apr-16 20:03   Check Point: Jan 2015 update package 634150275  Tue 13-Jan-15 21:10 ====> 29 Min. Feb 2015 update package 634150971 Tue 10-Feb-15 20:44 ====> 21 Min. Mar 2015 update package 634151647 Tue 10-Mar-15 21:06 ====> 61 Min. Apr 2015 update package 634152477 Tue 14-Apr-15 20:32 ====> 21 Min. May 2015 update package 634153159 Tue 12-May-15 22:11 ====> 130 Min. Jun 2015 update package 634153827 Tue 09-Jun-15 20:41 ====> 30 Min. Jul 2015 update package 634154669 Tue 14-Jul-15 21:21 ====> 59 Min. Aug 2015 update package 634155315 Tue 11-Aug-15 20:34 ====> 21 Min. Sept 2015 update package 634156015 Tue 08-Sep-15 23:02 ====> 171 Min. Oct 2015 update package 634156850 Tue 13-Oct-15 20:21 ====> 19 Min. Nov 2015 update package 634157526 Tue 10-Nov-15 21:11 ====> 55 Min. Dec 2015 update package 634158204 Tue 08-Dec-15 22:11 ====> 110 Min. Jan 2016 update package 634150275 Tue 12-Jan-16 20:48 ====> 16 Min. Feb 2016 update package 634160946 Tue 09-Feb-16 20:31 ====> 20 Min. Mar 2016 update package 634161619 Tue 08-Mar-16 20:32 ====> 22 Min. Apr 2016 update package 634162437  Tue 12-Apr-16 20:14 ====> 11 Min.   Average for Check Point Patch Tuesday response time (Jan-2015 – Apr 2016 ): 50 minutes   Palo Alto Jan 2015 update package 481 Wed 1/14/2015 1:26 AM====> 285 Min. Feb 2015 update package 485 Wed 2/11/2015 2:00 AM====> 337 Min. Mar 2015 update package 490 Wed 3/11/2015 6:50 PM====> 1365 Min. Apr 2015 update package 495 Wed 4/15/2015 12:01 AM====> 230 Min. May 2015 update package 499 Wed 5/13/2015 8:18 AM====> 737 Min. Jun 2015 update package 504 Tue 6/9/2015 10:46 PM====> 95 Min. Jul 2015 update package 515 Thu, 7/16/2015 3:24 AM====> 1862 Min. Aug 2015 update package 521 Thu, 8/13/2015 7:11 PM====> 2818 Min. Sept 2015 update package 526 Wed, 9/9/2015 6:14 PM====> 1323 Min. Oct 2015 update package 533 Wed, 10/14/2015 7:38 AM====> 696 Min. Nov 2015 update package 539 Wed, 11/11/2015 10:16 AM====> 850 Min. Dec 2015 update package 544 Wed 12/9/2015 2:34 AM====> 373 Min. Jan 2016 update package 551 Tue 1/12/2016 10:25 PM====> 113 Min. Feb 2016 update package 557 Wed 2/10/2016 5:08 AM====> 537 Min. Mar 2016 update package 566 Thu 3/10/2016 0:03 AM====> 1793 Min. Apr 2016 update package 578 Wed 4/12/2016 4:55 AM====> 532 Min   Average for PAN Patch Tuesday response time (Jan-2015 – Apr 2016 ): 872 minutes (14h33m)   Cisco (https://www.snort.org/advisories/) : Jan 2015 VRT Rules 2015-01-13 2015-01-13 19:27:43 UTC====> 106 Min. Feb 2015 VRT Rules 2015-02-10 2015-02-10 18:23:34 UTC====> 60 Min. Mar 2015 VRT Rules 2015-03-10 2015-03-10 19:40:03 UTC====> 155 Min. Apr 2015 VRT Rules 2015-04-14 2015-04-14 17:46:40 UTC====> 35 Min. May 2015 Talos Rules 2015-05-12 2015-05-12 18:28:55 UTC====> 87 Min. Jun 2015 Talos Rules 2015-06-09 2015-06-09 17:25:03 UTC====> 14 Min. Jul 2015 Talos Rules 2015-07-14 2015-07-14 17:51:25 UTC====> 31 Min. Aug 2015 Talos Rules 2015-08-11 2015-08-11 17:55:32 UTC34 ====> 42 Min. Sept 2015 Talos Rules 2015-09-08 2015-09-08 18:14:21 UTC====> 63 Min. Oct 2015 Talos Rules 2015-10-13 2015-10-13 19:03:24 UTC====> 121 Min. Nov 2015 Talos Rules 2015-11-10 2015-11-10 19:54:08 UTC ====> 168 Min. Dec 2015 Talos Rules 2015-12-08 2015-12-08 22:03:06 UTC====> 282 Min. Jan 2016 Talos Rules 2016-01-12 2016-01-12 19:05:37 UTC====> 153 Min. Feb 2016 Talos Rules 2016-02-09 2016-02-09 19:15:02 UTC ====>124 min Mar 2016 Talos Rules 2016-03-08 2016-03-08 18:21:55 UTC====> 61 Min. Apr 2016 Talos Rules 2016-04-12 2016-04-12 19:06:33 UTC ====> 63 Min     Average for Cisco Patch Tuesday response time (Jan-2015 – Apr 2016 ): 98 minutes (1h38m)   SSL Drown Attack Check Point : proactively protecting with signature “Secure Sockets Layer Version 2.0” see also sk92447 Palo Alto : Version 567  Thursday, March 10, 2016 at 9:16 PM Fortinet:  http://fortiguard.com/updates/ips?version=7.802 Thursday, March 3, 2016 at 11:26 PM       Flash (In The Wild) 0days 2016 Check Point CVE-2016-1010 (http://arstechnica.com/security/2016/03/adobe-issues-emergency-patch-for-actively-exploited-code-execution-bug/) Mar 2016 update package 634161670 Thu 10-Mar-16 22:11   CVE-2016-1019 (https://helpx.adobe.com/security/products/flash-player/apsa16-01.html) Apr 2016 update package 634162315 Wed 06-Apr-16 19:12       Fortinet: CVE-2016-1010  http://fortiguard.com/updates/ips?version=7.813 (Mar 16th, 2016 - 10:37:11) CVE-2016-1019 http://fortiguard.com/updates/ips?version=7.829 ( Apr 08th, 2016 - 10:44:09) Palo Alto : CVE-2016-1010 Version 570 (Thu 3/17/2016 12:24 AM) CVE-2016-1019 Version 576 (Fri 4/8/2016 11:39 AM) BADLOCK Check Point Apr 2016 update package 634162437  Tue 12-Apr-16 20:14 ====> 11 Min. Palo Alto: Apr 2016 update package 578 Wed 4/12/2016 4:55 AM====> 532 Min Fortinet Update 7.831 Apr 12th, 2016 - 21:07:14=64 min
  11. Full reference patch teusday http://tiny.cc/urgency WannaCry CVEs (eternalblue) were announces much earlier then actual outbreak. (Microsoft notified everyone on patch Tuesday of March 14, 2017 @ 7:19pm) CVE-2017-0144 - used in both WannaCry and Not-Petya (not-petya is a new variant of wannacry) CVE-2017-0146 ===ALL TIMES ARE IST (GMT +2 with daylight) === Microsoft Patch Tuesday release dates : Jan 2015  Tue 13-Jan-15 20:41 Feb 2015 Tue 10-Feb-15 20:23 Mar 2015 Tue 10-Mar-15 20:05 Apr 2015 Tue 14-Apr-15 20:11 May 2015 Tue 12-May-15 20:01 Jun 2015 Tue 09-Jun-15 20:11 Jul 2015 14-07-15 20:22 Aug 2015 Tue 11-Aug-15 20:13 Sept 2015 Tue 08-Sep-15 20:11 Oct 2015 Tue 13-Oct-15 20:02 Nov 2015 10-Nov-15 20:06 Dec 2015 08-Dec-15 20:21 Jan 2016 12-Jan-16 20:32 Feb 2016 09-Feb-16 20:11 Mar 2016 08-Mar-16 20:10 Apr 2016 12-Apr-16 20:03   Check Point: Jan 2015 update package 634150275  Tue 13-Jan-15 21:10 ====> 29 Min. Feb 2015 update package 634150971 Tue 10-Feb-15 20:44 ====> 21 Min. Mar 2015 update package 634151647 Tue 10-Mar-15 21:06 ====> 61 Min. Apr 2015 update package 634152477 Tue 14-Apr-15 20:32 ====> 21 Min. May 2015 update package 634153159 Tue 12-May-15 22:11 ====> 130 Min. Jun 2015 update package 634153827 Tue 09-Jun-15 20:41 ====> 30 Min. Jul 2015 update package 634154669 Tue 14-Jul-15 21:21 ====> 59 Min. Aug 2015 update package 634155315 Tue 11-Aug-15 20:34 ====> 21 Min. Sept 2015 update package 634156015 Tue 08-Sep-15 23:02 ====> 171 Min. Oct 2015 update package 634156850 Tue 13-Oct-15 20:21 ====> 19 Min. Nov 2015 update package 634157526 Tue 10-Nov-15 21:11 ====> 55 Min. Dec 2015 update package 634158204 Tue 08-Dec-15 22:11 ====> 110 Min. Jan 2016 update package 634150275 Tue 12-Jan-16 20:48 ====> 16 Min. Feb 2016 update package 634160946 Tue 09-Feb-16 20:31 ====> 20 Min. Mar 2016 update package 634161619 Tue 08-Mar-16 20:32 ====> 22 Min. Apr 2016 update package 634162437  Tue 12-Apr-16 20:14 ====> 11 Min.   Average for Check Point Patch Tuesday response time (Jan-2015 – Apr 2016 ): 50 minutes   Palo Alto Jan 2015 update package 481 Wed 1/14/2015 1:26 AM====> 285 Min. Feb 2015 update package 485 Wed 2/11/2015 2:00 AM====> 337 Min. Mar 2015 update package 490 Wed 3/11/2015 6:50 PM====> 1365 Min. Apr 2015 update package 495 Wed 4/15/2015 12:01 AM====> 230 Min. May 2015 update package 499 Wed 5/13/2015 8:18 AM====> 737 Min. Jun 2015 update package 504 Tue 6/9/2015 10:46 PM====> 95 Min. Jul 2015 update package 515 Thu, 7/16/2015 3:24 AM====> 1862 Min. Aug 2015 update package 521 Thu, 8/13/2015 7:11 PM====> 2818 Min. Sept 2015 update package 526 Wed, 9/9/2015 6:14 PM====> 1323 Min. Oct 2015 update package 533 Wed, 10/14/2015 7:38 AM====> 696 Min. Nov 2015 update package 539 Wed, 11/11/2015 10:16 AM====> 850 Min. Dec 2015 update package 544 Wed 12/9/2015 2:34 AM====> 373 Min. Jan 2016 update package 551 Tue 1/12/2016 10:25 PM====> 113 Min. Feb 2016 update package 557 Wed 2/10/2016 5:08 AM====> 537 Min. Mar 2016 update package 566 Thu 3/10/2016 0:03 AM====> 1793 Min. Apr 2016 update package 578 Wed 4/12/2016 4:55 AM====> 532 Min   Average for PAN Patch Tuesday response time (Jan-2015 – Apr 2016 ): 872 minutes (14h33m)   Cisco (https://www.snort.org/advisories/) : Jan 2015 VRT Rules 2015-01-13 2015-01-13 19:27:43 UTC====> 106 Min. Feb 2015 VRT Rules 2015-02-10 2015-02-10 18:23:34 UTC====> 60 Min. Mar 2015 VRT Rules 2015-03-10 2015-03-10 19:40:03 UTC====> 155 Min. Apr 2015 VRT Rules 2015-04-14 2015-04-14 17:46:40 UTC====> 35 Min. May 2015 Talos Rules 2015-05-12 2015-05-12 18:28:55 UTC====> 87 Min. Jun 2015 Talos Rules 2015-06-09 2015-06-09 17:25:03 UTC====> 14 Min. Jul 2015 Talos Rules 2015-07-14 2015-07-14 17:51:25 UTC====> 31 Min. Aug 2015 Talos Rules 2015-08-11 2015-08-11 17:55:32 UTC34 ====> 42 Min. Sept 2015 Talos Rules 2015-09-08 2015-09-08 18:14:21 UTC====> 63 Min. Oct 2015 Talos Rules 2015-10-13 2015-10-13 19:03:24 UTC====> 121 Min. Nov 2015 Talos Rules 2015-11-10 2015-11-10 19:54:08 UTC ====> 168 Min. Dec 2015 Talos Rules 2015-12-08 2015-12-08 22:03:06 UTC====> 282 Min. Jan 2016 Talos Rules 2016-01-12 2016-01-12 19:05:37 UTC====> 153 Min. Feb 2016 Talos Rules 2016-02-09 2016-02-09 19:15:02 UTC ====>124 min Mar 2016 Talos Rules 2016-03-08 2016-03-08 18:21:55 UTC====> 61 Min. Apr 2016 Talos Rules 2016-04-12 2016-04-12 19:06:33 UTC ====> 63 Min     Average for Cisco Patch Tuesday response time (Jan-2015 – Apr 2016 ): 98 minutes (1h38m)   SSL Drown Attack Check Point : proactively protecting with signature “Secure Sockets Layer Version 2.0” see also sk92447 Palo Alto : Version 567  Thursday, March 10, 2016 at 9:16 PM Fortinet:  http://fortiguard.com/updates/ips?version=7.802 Thursday, March 3, 2016 at 11:26 PM       Flash (In The Wild) 0days 2016 Check Point CVE-2016-1010 (http://arstechnica.com/security/2016/03/adobe-issues-emergency-patch-for-actively-exploited-code-execution-bug/) Mar 2016 update package 634161670 Thu 10-Mar-16 22:11   CVE-2016-1019 (https://helpx.adobe.com/security/products/flash-player/apsa16-01.html) Apr 2016 update package 634162315 Wed 06-Apr-16 19:12       Fortinet: CVE-2016-1010  http://fortiguard.com/updates/ips?version=7.813 (Mar 16th, 2016 - 10:37:11) CVE-2016-1019 http://fortiguard.com/updates/ips?version=7.829 ( Apr 08th, 2016 - 10:44:09) Palo Alto : CVE-2016-1010 Version 570 (Thu 3/17/2016 12:24 AM) CVE-2016-1019 Version 576 (Fri 4/8/2016 11:39 AM) BADLOCK Check Point Apr 2016 update package 634162437  Tue 12-Apr-16 20:14 ====> 11 Min. Palo Alto: Apr 2016 update package 578 Wed 4/12/2016 4:55 AM====> 532 Min Fortinet Update 7.831 Apr 12th, 2016 - 21:07:14=64 min
  12. Full reference patch teusday http://tiny.cc/urgency WannaCry CVEs (eternalblue) were announces much earlier then actual outbreak. (Microsoft notified everyone on patch Tuesday of March 14, 2017 @ 7:19pm) CVE-2017-0144 - used in both WannaCry and Not-Petya (not-petya is a new variant of wannacry) CVE-2017-0146 meltdown/spectre: CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 First javascript POC publication time stamp in Jan 4, 2018 @11:48am GMT+2 : https://www.reddit.com/r/webdev/comments/7o1zkp/exploiting_speculative_execution_meltdownspectre/ Check Point published signatures: Jan 5, 2018 @12:14am GMT+2 PAN published signatures: Jan 6, 2018 @12:24am GMT+2 Fortinet published signatures: Jan 5th 10:51pm PDT which is 8:51 GMT+2 ===ALL TIMES ARE IST (GMT +2 with daylight) === Microsoft Patch Tuesday release dates : Jan 2015  Tue 13-Jan-15 20:41 Feb 2015 Tue 10-Feb-15 20:23 Mar 2015 Tue 10-Mar-15 20:05 Apr 2015 Tue 14-Apr-15 20:11 May 2015 Tue 12-May-15 20:01 Jun 2015 Tue 09-Jun-15 20:11 Jul 2015 14-07-15 20:22 Aug 2015 Tue 11-Aug-15 20:13 Sept 2015 Tue 08-Sep-15 20:11 Oct 2015 Tue 13-Oct-15 20:02 Nov 2015 10-Nov-15 20:06 Dec 2015 08-Dec-15 20:21 Jan 2016 12-Jan-16 20:32 Feb 2016 09-Feb-16 20:11 Mar 2016 08-Mar-16 20:10 Apr 2016 12-Apr-16 20:03   Check Point: Jan 2015 update package 634150275  Tue 13-Jan-15 21:10 ====> 29 Min. Feb 2015 update package 634150971 Tue 10-Feb-15 20:44 ====> 21 Min. Mar 2015 update package 634151647 Tue 10-Mar-15 21:06 ====> 61 Min. Apr 2015 update package 634152477 Tue 14-Apr-15 20:32 ====> 21 Min. May 2015 update package 634153159 Tue 12-May-15 22:11 ====> 130 Min. Jun 2015 update package 634153827 Tue 09-Jun-15 20:41 ====> 30 Min. Jul 2015 update package 634154669 Tue 14-Jul-15 21:21 ====> 59 Min. Aug 2015 update package 634155315 Tue 11-Aug-15 20:34 ====> 21 Min. Sept 2015 update package 634156015 Tue 08-Sep-15 23:02 ====> 171 Min. Oct 2015 update package 634156850 Tue 13-Oct-15 20:21 ====> 19 Min. Nov 2015 update package 634157526 Tue 10-Nov-15 21:11 ====> 55 Min. Dec 2015 update package 634158204 Tue 08-Dec-15 22:11 ====> 110 Min. Jan 2016 update package 634150275 Tue 12-Jan-16 20:48 ====> 16 Min. Feb 2016 update package 634160946 Tue 09-Feb-16 20:31 ====> 20 Min. Mar 2016 update package 634161619 Tue 08-Mar-16 20:32 ====> 22 Min. Apr 2016 update package 634162437  Tue 12-Apr-16 20:14 ====> 11 Min.   Average for Check Point Patch Tuesday response time (Jan-2015 – Apr 2016 ): 50 minutes   Palo Alto Jan 2015 update package 481 Wed 1/14/2015 1:26 AM====> 285 Min. Feb 2015 update package 485 Wed 2/11/2015 2:00 AM====> 337 Min. Mar 2015 update package 490 Wed 3/11/2015 6:50 PM====> 1365 Min. Apr 2015 update package 495 Wed 4/15/2015 12:01 AM====> 230 Min. May 2015 update package 499 Wed 5/13/2015 8:18 AM====> 737 Min. Jun 2015 update package 504 Tue 6/9/2015 10:46 PM====> 95 Min. Jul 2015 update package 515 Thu, 7/16/2015 3:24 AM====> 1862 Min. Aug 2015 update package 521 Thu, 8/13/2015 7:11 PM====> 2818 Min. Sept 2015 update package 526 Wed, 9/9/2015 6:14 PM====> 1323 Min. Oct 2015 update package 533 Wed, 10/14/2015 7:38 AM====> 696 Min. Nov 2015 update package 539 Wed, 11/11/2015 10:16 AM====> 850 Min. Dec 2015 update package 544 Wed 12/9/2015 2:34 AM====> 373 Min. Jan 2016 update package 551 Tue 1/12/2016 10:25 PM====> 113 Min. Feb 2016 update package 557 Wed 2/10/2016 5:08 AM====> 537 Min. Mar 2016 update package 566 Thu 3/10/2016 0:03 AM====> 1793 Min. Apr 2016 update package 578 Wed 4/12/2016 4:55 AM====> 532 Min   Average for PAN Patch Tuesday response time (Jan-2015 – Apr 2016 ): 872 minutes (14h33m)   Cisco (https://www.snort.org/advisories/) : Jan 2015 VRT Rules 2015-01-13 2015-01-13 19:27:43 UTC====> 106 Min. Feb 2015 VRT Rules 2015-02-10 2015-02-10 18:23:34 UTC====> 60 Min. Mar 2015 VRT Rules 2015-03-10 2015-03-10 19:40:03 UTC====> 155 Min. Apr 2015 VRT Rules 2015-04-14 2015-04-14 17:46:40 UTC====> 35 Min. May 2015 Talos Rules 2015-05-12 2015-05-12 18:28:55 UTC====> 87 Min. Jun 2015 Talos Rules 2015-06-09 2015-06-09 17:25:03 UTC====> 14 Min. Jul 2015 Talos Rules 2015-07-14 2015-07-14 17:51:25 UTC====> 31 Min. Aug 2015 Talos Rules 2015-08-11 2015-08-11 17:55:32 UTC34 ====> 42 Min. Sept 2015 Talos Rules 2015-09-08 2015-09-08 18:14:21 UTC====> 63 Min. Oct 2015 Talos Rules 2015-10-13 2015-10-13 19:03:24 UTC====> 121 Min. Nov 2015 Talos Rules 2015-11-10 2015-11-10 19:54:08 UTC ====> 168 Min. Dec 2015 Talos Rules 2015-12-08 2015-12-08 22:03:06 UTC====> 282 Min. Jan 2016 Talos Rules 2016-01-12 2016-01-12 19:05:37 UTC====> 153 Min. Feb 2016 Talos Rules 2016-02-09 2016-02-09 19:15:02 UTC ====>124 min Mar 2016 Talos Rules 2016-03-08 2016-03-08 18:21:55 UTC====> 61 Min. Apr 2016 Talos Rules 2016-04-12 2016-04-12 19:06:33 UTC ====> 63 Min     Average for Cisco Patch Tuesday response time (Jan-2015 – Apr 2016 ): 98 minutes (1h38m)   SSL Drown Attack Check Point : proactively protecting with signature “Secure Sockets Layer Version 2.0” see also sk92447 Palo Alto : Version 567  Thursday, March 10, 2016 at 9:16 PM Fortinet:  http://fortiguard.com/updates/ips?version=7.802 Thursday, March 3, 2016 at 11:26 PM       Flash (In The Wild) 0days 2016 Check Point CVE-2016-1010 (http://arstechnica.com/security/2016/03/adobe-issues-emergency-patch-for-actively-exploited-code-execution-bug/) Mar 2016 update package 634161670 Thu 10-Mar-16 22:11   CVE-2016-1019 (https://helpx.adobe.com/security/products/flash-player/apsa16-01.html) Apr 2016 update package 634162315 Wed 06-Apr-16 19:12       Fortinet: CVE-2016-1010  http://fortiguard.com/updates/ips?version=7.813 (Mar 16th, 2016 - 10:37:11) CVE-2016-1019 http://fortiguard.com/updates/ips?version=7.829 ( Apr 08th, 2016 - 10:44:09) Palo Alto : CVE-2016-1010 Version 570 (Thu 3/17/2016 12:24 AM) CVE-2016-1019 Version 576 (Fri 4/8/2016 11:39 AM) BADLOCK Check Point Apr 2016 update package 634162437  Tue 12-Apr-16 20:14 ====> 11 Min. Palo Alto: Apr 2016 update package 578 Wed 4/12/2016 4:55 AM====> 532 Min Fortinet Update 7.831 Apr 12th, 2016 - 21:07:14=64 min