Forensics and Anti-Ransomware

Forensics and Anti-Ransomware monitor file operations, processes, and network activity to identify malicious behavior.

Forensics analyzes attacks detected by the client, the Check Point Security Gateway and some third-party security products.

If a ransomware attack occurs, you can restore your initial files and delete encrypted files created by the attack. Your administrator might do this automatically. The best practice is to speak with your technical support before you do the Anti-Ransomware Restoration procedure.

In the Endpoint Security Main Page, you can see a list of incidents that Forensics has analyzed. To get more information, click the incident.