Cyware Sandbox
Notice
Contact your Cyware sales or support representative to gain access to Cyware Sandbox.
Sandbox provides a secure and isolated environment to safely analyze artifacts, such as files, URLs, QR codes, or hash values that may be suspicious or potentially malicious. By performing analysis in a controlled environment, security teams can investigate unknown threats, detect malicious behavior, and avoid exposing live systems. Each analysis results in a verdict, such as Malicious, Benign, Suspicious, Unknown, or Not Applicable, allowing analysts to accurately assess the nature and severity of the threat.
Supported Products and Versions
Use the table below to view product and version support for this feature:
Product | Version | Availability |
|---|---|---|
Intel Exchange | v3.7.5.0 onwards* | Enterprise customers |
Collaborate | v3.8.10.0 onwards* | MSSP customers |
*Certain Sandbox features are available only in later versions of Intel Exchange and Collaborate. For detailed feature availability, see Release Notes.
Capabilities
You can use the following capabilities based on the depth of your analysis:
Scan: Perform a quick scan of supported artifacts to receive an immediate threat verdict. This lightweight method is useful when fast decision-making is required. You can scan files, URLs, QR codes, or hash values. For more information, see Scan.
Sandbox: Submit supported artifacts for deep behavioral analysis. The sandbox records detailed activity and produces a comprehensive report that can be reviewed anytime. You can sandbox files, URLs, QR codes, or hash values. For more information, see Sandbox.
Use Cases
You can use the sandbox to detect, analyze, and respond to threats across the following use cases:
Test suspicious submissions: Examine unknown files, URLs, QR codes, or hash values before interacting with them, especially when received from unfamiliar sources.
Detect advanced threats: Identify behaviors associated with zero-day malware that may be missed by traditional security tools.
Analyze threats safely: Run potentially malicious content in an isolated environment without affecting live systems.