Malware Analysis using Sandbox

Analyze files and URLs for threats: When you’re working with new vendors or untrusted software sources, you can test files or URLs for threats before using them.

Detect zero-day threats: With sandboxing, you can detect malicious activities performed by a file or a URL and eliminate zero-day threats.

Safe malware detection: Sandbox analyzes the file or URL's behaviour in a testing environment, thus making it an effective tool for malware detection. It is also safer as it does not risk running a suspicious object in the real business infrastructure.

Add threat intel into Intel Exchange: After completing sandbox analysis, you can import the identified threat data into Intel Exchange, evaluate it using Intel Exchange's confidence scoring, and enhance it further by adding contextual information through Intel Exchange's enrichment capabilities.

Configure Cyware Sandbox: Integrate the Cyware sandbox with Intel Exchange to begin submitting files and URLs for analysis as part of your initial setup. For more information, see Configure Cyware Sandbox.

Perform Malware Analysis: Submit suspicious files or URLs to the sandbox to safely investigate unknown threats without impacting internal systems. For more information, see Perform Malware Analysis.

View Malware Analysis Report: Access and review detailed reports to understand the verdicts, behavioural patterns, and indicators triggered by the submitted object. For more information, see View Malware Analysis Report.

Manage Sandbox Report: Organize, revisit, and manage past sandbox analysis reports to support ongoing investigations or historical threat research. For more information, see Manage Sandbox Records.

Create Intel from Sandbox: Convert sandbox findings into actionable threat intelligence and enrich it within Intel Exchange for broader detection and response. For more information, see Create Intel from Sandbox.