Check Point Document Threat Extraction Technology
Threat Extraction Overview
Threat Extraction is a technology that removes potentially malicious features that are known to be risky from files (macros, embedded objects and more).
This is a new approach for Threat Prevention: instead of determining whether a file is malicious or not, Threat Extraction cleans the file before it enters the organization.
Threat Extraction prevents both known and unknown threats before they arrive to the organization, thus providing better protection against zero-day threats.
Important: since R80.30, Threat Extraction supports HTTP/HTTPS.
Supported file formats
Threat Extraction supports the following primary file formats. Many other formats (such as Windows Metafile) that are commonly associated with these primary formats are also supported.
|Adobe PDF (all versions)
||Microsoft Visio, Microsoft Project, etc.
Note: since R80.30, valid only on Mail
|Microsoft Excel 2007 and above
||xlsx, xlsb, xlsm, xltx, xltm, xlam
|Microsoft Excel 2007 Binary
|Microsoft Excel 97 - 2003
|Microsoft PowerPoint 2007 and above
||pptx, pptm, potx, potm, ppam, ppsx, ppsm
|Microsoft PowerPoint 97 - 2003
||ppt, pps, pot, ppa
|Microsoft Word 2007 and above
||docx, docm, dotx, dotm
|Microsoft Word 97 - 2003
To experience this new technology, you may submit files to SandBlast Analysis Page by sending them to firstname.lastname@example.org.
Related solution: sk112240 - How to add support for new file types in Threat Extraction