Why you need a sandbox

Malware developers are constantly creating new ways to evade traditional defenses including antivirus products, firewalls, intrusion protection systems (IPS), and mail and web gateways.

But detecting malware is precisely the purpose of a different kind of solution. Sandboxes run a file in an isolated virtual environment, analyze the actions performed by the file, and issue a verdict that answers the all-important question: is the file safe or not?

Our solution

PT Sandbox is a state-of-the-art sandbox for enterprise protection from advanced persistent threat (APT) and mass attacks. Capable of detecting sophisticated malware in files and traffic, the product supports flexible and extensive customization of virtual environments for maximum effectiveness.

Made for your infrastructure
Made for your infrastructure

Allows to flexibly customize virtual environments to match real workstations. This ensures high fidelity and detection even if malware is tailored to a specific company’s infrastructure.

Provides complex analysis
Provides complex analysis

Uses unique rules made by PT Expert Security Center and multiple antivirus engines to effectively detect new, unknown malware and targeted attacks.

Detects hidden threats
Detects hidden threats

Once databases are updated, PT Sandbox automatically re-checks previously analyzed files and detects hidden threats and previously unnoticed attacks.

Detects threats in traffic

PT Sandbox checks all traffic generated during analysis of a suspicious file and decrypts TLS traffic to detect malicious activity.

Ease and convenience

sb_dashboard

Covers all common attack vectors

PT Sandbox blocks all the main vectors used by malware to infiltrate your network. The product analyzes email attachments, network stored files, files uploaded to corporate sites, and Internet downloads.

Why virtual environments need to be customized

APT malware targets a specific company and the software in use at that company. In order to detect such malware in a sandbox, that sandbox needs to be running the same software as the company's real workstations.

For example, if your company uses Google Chrome, an attacker's malware might target Google Chrome. But the malware will not show itself in a sandbox that has just Edge installed. A non-customized sandbox with the wrong software won't pick up any malicious activity. The result: a compromise of your company.

PT Sandbox solves this problem by providing the ability to customize and configure full-fidelity virtual environments.

Related services and solutions

Get a free pilot

By clicking Send you give your free and explicit consent to process your personal data and agree to our Privacy Policy