Skip to main content

Cyware Sandbox

Notice

Contact your Cyware sales or support representative to gain access to Cyware Sandbox.

Sandbox provides a secure and isolated environment to safely execute suspicious files or URLs. By analyzing artifacts in a controlled setup, security teams can investigate unknown threats, detect malicious behavior, and avoid exposing live systems. This supports enhanced threat intelligence and helps generate actionable Indicators of Compromise (IOCs).

Each analysis results in a verdict, such as Malicious, Benign, Suspicious, Unknown, or Not Applicable, allowing analysts to accurately assess the nature and severity of the threat.

Capabilities

You can use the following capabilities based on the depth of your analysis:

  • Scan: Perform a quick scan of files or URLs to receive an immediate threat verdict. This lightweight method is useful when fast decision-making is required. For more information, see Scan.

  • Sandbox: Sandbox: Submit a file or URL for deep behavioral analysis. The sandbox records detailed activity and produces a comprehensive report that can be reviewed anytime. For more information, see Sandbox.

Use Cases

You can use the sandbox to detect, analyze, and respond to threats across the following use cases:

  • Test suspicious files or URLs: Examine unknown files or links before interacting with them, especially when received from unfamiliar sources.

  • Detect advanced threats: Identify behaviors associated with zero-day malware that may be missed by traditional security tools.

  • Analyze threats safely: Run potentially malicious content in an isolated environment without affecting live systems.