SandBlast Agent Data Collection sends anonymized incident related data to the CheckPoint ThreatCloud. This data helps improve protections for all our customers. The data currently being sent may include:
Anonymized Forensic Reports
Memory Dumps of Malicious/Compromised Processes (currently disabled)
Malicious Files (currently disabled)
To disable Data Collection please do the following:
Open SmartEndpoint console.
Go to the Policy tab.
Open the SandBlast Agent Forensics, Remediation And Anti-Ransomware policy.
Edit the Monitoring and Exclusions action.
Click on Add location.
Add the following text to the Process name test box: