PT Sandbox

Malware developers are constantly creating new ways to evade traditional defenses including antivirus products, firewalls, intrusion protection systems (IPS), and mail and web gateways.

Made for your infrastructure

Allows to flexibly customize virtual environments to match real workstations. This ensures high fidelity and detection even if malware is tailored to a specific company’s infrastructure.

Provides complex analysis

Uses unique rules made by PT Expert Security Center and multiple antivirus engines to effectively detect new, unknown malware and targeted attacks.

Detects hidden threats

Once databases are updated, PT Sandbox automatically re-checks previously analyzed files and detects hidden threats and previously unnoticed attacks.

Detects threats in traffic

PT Sandbox checks all traffic generated during analysis of a suspicious file and decrypts TLS traffic to detect malicious activity.

Ease and convenience

Covers all common attack vectors

PT Sandbox blocks all the main vectors used by malware to infiltrate your network. The product analyzes email attachments, network stored files, files uploaded to corporate sites, and Internet downloads.

Why virtual environments need to be customized

APT malware targets a specific company and the software in use at that company. In order to detect such malware in a sandbox, that sandbox needs to be running the same software as the company’s real workstations. For example, if your company uses Google Chrome, an attacker’s malware might target Google Chrome. But the malware will not show itself in a sandbox that has just Edge installed. A non-customized sandbox with the wrong software won’t pick up any malicious activity. The result: a compromise of your company. PT Sandbox solves this problem by providing the ability to customize and configure full-fidelity virtual environments.
Support Request