Cyware Sandbox
Notice
This feature is available in Intel Exchange v3.7.5.0 onwards. Contact your Cyware sales or support representative to gain access to Cyware Sandbox.
Cyware Sandbox lets you safely execute suspicious files or URLs in a controlled environment. You can detect malicious behavior, investigate unknown threats, and generate actionable Indicators of Compromise (IOCs) without affecting live systems.
Capabilities
You can use the following capabilities based on the depth of your analysis:
Scan: Perform a quick scan of files or URLs to receive an immediate threat verdict. This lightweight method is useful when fast decision-making is required. For more information, see Scan.
Sandbox: Submit a file or URL for deep behavioral analysis. The sandbox records detailed activity and produces a comprehensive report that can be reviewed anytime. For more information, see Sandbox.
For more information about Sandbox, see Cyware Sandbox.
 |
Frequently Asked Questions
Scan performs a quick surface-level check. Sandbox conducts a deeper analysis with detailed reporting.
You can submit common file types such as executables, archives, documents, and standard URLs for analysis.
Supported file extensions include: .dll, .upx, .exe, .msi, .chm, .hta, .iqy, .doc, .docx, .xls, .xlsx, .ppt, .pptx, .pub, .pub2016, .zip, .one, .mht, .hwp, .ich, .inp, .pdf, .rtf, .slk, .swf, .html, .bat, .ps1, .js, .jse, .vbe, .pl, .py, .vbs, .wsf, .apk, .dex, .jar, .lnk, .url, .jnlp, .reg, .xslt, .xps.
URLs in standard formats (HTTP/HTTPS links) are also supported.