SONPO Implements Zero-Day Protection in Successful File Transfer Offering with Check Point ThreatCloud API Integration

Based in Prague, the Czech Republic, SONPO serves customers across Europe with security, development, and ICT integration solutions. Their customers include small and medium-sized businesses across industries, including financial services, government, healthcare, and IT. SONPO’s developers and sales teams have a unique focus on protecting their customers’ systems and applications from zero-day cyber threats.

“We chose Check Point ThreatCloud Threat Emulation for several reasons,” said Pavel Novák, Developer of SOFiE at SONPO. “We consider it to be the best sandboxing technology on the market, and we like the stable, straightforward API, which facilitated our development work.”

The ThreatCloud Threat Emulation API integration enabled SONPO to create a unique solution that delivers more than simple email security products. With SOFiE, clients can securely exchange files of any size or type—internally and with external partners. Files are sandboxed and inspected quickly. Those that behave suspiciously—such as trying to modify the registry, change network connections, or create new files—are flagged and further analyzed. That’s how malicious files are stopped from entering the client’s network. ThreatCloud Threat Emulation even uncovers threats hidden in SSL and TLS encrypted communications.

Sandboxing for Security
Exchanging files through email or FTP servers has limitations. Many email servers limit emails size to less than 50 MB. Security defenses frequently block harmless executable files and documents with macros. Public online file exchange services and cloud solutions often can’t guarantee the security of corporate data or assure that they meet compliance requirements. Those limitations represented an opportunity for SONPO. Based on its market research, there were no file exchange offerings on the market that included protection against zero-day threats.

The SONPO team sought customer feedback and evaluated many potential sandboxing solutions to integrate with SOFiE. After evaluating other options, SONPO chose Check Point ThreatCloud Threat Emulation API.

When a suspicious file enters SOFiE, the ThreatCloud Threat Emulation sandboxes it and queries ThreatCloud’s threat intelligence to check if the file is malicious. ThreatCloud’s Threat Emulation has the highest catch rate in the industry to protect organizations from unknown malware, zero-day, and targeted attacks. It also detects new unknown malware found in email attachments, downloaded files, and URLs through advanced AI-based engines.

“We chose Check Point ThreatCloud Threat Emulation for several reasons,” said Pavel Novák, Developer of SOFiE at SONPO. “We consider it to be the best sandboxing technology on the market, and we like the stable, straightforward API, which facilitated our development work.”

The ThreatCloud Threat Emulation API integration enabled SONPO to create a unique solution that delivers more than simple email security products. With SOFiE, clients can securely exchange files of any size or type—internally and with external partners. Files are sandboxed and inspected quickly. Those that behave suspiciously—such as trying to modify the registry, change network connections, or create new files—are flagged and further analyzed. That’s how malicious files are stopped from entering the client’s network. ThreatCloud Threat Emulation even uncovers threats hidden in SSL and TLS encrypted communications.

Differentiation that Matters
ThreatCloud Threat Emulation provides a flexible, scalable solution for protecting the many different companies that SONPO serves. Within SOFiE, ThreatCloud zero-day protection inspects file behavior simultaneously across multiple operating systems and more than 40 file types.

“Embedding Check Point ThreatCloud capabilities in SOFiE is a differentiator,” said Čadská. “Although there are many file exchange solutions on the market, none use the same sandboxing techniques or provide the strong focus on security that we can now offer to our customers.”

Value that Adds Up
SONPO clients are now protected from threats hiding in attachments and files. To their end users, ThreatCloud Threat Emulation is invisible. SOFiE effectively addresses a significant threat vector while making it easy for clients to use.

“With the Check Point ThreatCloud API, we add value to clients’ existing security defenses,” said Petr Chmelik, Chief Executive Officer at SONPO. “Check Point ThreatCloud Threat Emulation in SOFiE enables them to easily extend protection to an area that is often overlooked.”

Partnership that Delivers Value
After experiencing a ransomware attack in the past, a SONPO client asked the team to help secure their environment to the highest level. SONPO’s solution included SOFiE and the sandboxing engine. The client has not experienced downtime due to security threats since.

“There are plenty of security partners out there, but we wanted to partner with a security leader,” said Čadská. “Our cooperation with Check Point delivers the benefit of its market leadership and great support, which enables us to guarantee results for our clients.”