Why you need a sandbox

Malware developers are constantly creating new ways to evade traditional defenses including antivirus products, firewalls, intrusion protection systems (IPS), and mail and web gateways.

But detecting malware is precisely the purpose of a different kind of solution. Sandboxes run a file in an isolated virtual environment, analyze the actions performed by the file, and issue a verdict that answers the all-important question: is the file safe or not?

Our solution

PT Sandbox is a state-of-the-art sandbox for enterprise protection from advanced persistent threat (APT) and mass attacks. Capable of detecting sophisticated malware in files and traffic, the product supports flexible and extensive customization of virtual environments for maximum effectiveness.

Detects threats in traffic

PT Sandbox checks all traffic generated during analysis of a suspicious file and decrypts TLS traffic to detect malicious activity.

Ease and convenience


Covers all common attack vectors

PT Sandbox blocks all the main vectors used by malware to infiltrate your network. The product analyzes email attachments, network stored files, files uploaded to corporate sites, and Internet downloads.

Why virtual environments need to be customized

APT malware targets a specific company and the software in use at that company. In order to detect such malware in a sandbox, that sandbox needs to be running the same software as the company's real workstations.

For example, if your company uses Google Chrome, an attacker's malware might target Google Chrome. But the malware will not show itself in a sandbox that has just Edge installed. A non-customized sandbox with the wrong software won't pick up any malicious activity. The result: a compromise of your company.

PT Sandbox solves this problem by providing the ability to customize and configure full-fidelity virtual environments.

Related services and solutions