• Link to Rss this site
  • Link to LinkedIn
  • Link to Youtube
  • Link to X
  • Link to Instagram
  • English English English en
  • Deutsch Deutsch German de
Sales: +49 5251 304-800 | Support: +49 5251 304-636
NoSpamProxy
  • PRODUCT
    • NoSpamProxy Cloud
    • NoSpamProxy Protection
    • NoSpamProxy Encryption
    • NoSpamProxy Large Files
    • NoSpamProxy Disclaimer
  • SOLUTIONS
    • M365 Mail Security
    • Managed Certificates
    • 32Guards
    • AS4
  • RESOURCES
    • Documentation
    • Forum
    • Webcast Training
    • Training Courses
    • Support
    • Software Download
  • PARTNERS
    • Finding Resellers
    • Becoming Reseller
    • Partner Portal
    • NFR Licenses
  • COMPANY
    • Contact
    • Testimonials
    • Team
    • Career
    • Events
    • Awards
  • PRICES
  • BLOG
  • FREE TRIAL VERSION
    • Price Request
    • Free Trial Version
  • English
    • Deutsch
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu
Sandboxing Wundermittel oder Hype

Is Sandboxing a Miracle Cure or a Hype?

All Topics, News, NoSpamProxy Protection

IT infrastructures today are regularly exposed to dangerous and sophisticated attacks by hackers. With the growing number of attacks, the technological maturity of the attack methods used increases: Emotet, WannaCry, Locky, DDOS attacks or Zip bombs repeatedly threaten companies and authorities, and in many cases cause considerable damage.

According to the Federal Office for Information Security in Germany, two-thirds of German companies and authorities were victims of hacker attacks in 2016 and 2017, and one-quarter of these cyber attacks led to operational failures.* This is not just about losing the ability to act or financial losses, but also about the loss and misuse of confidential data.

Conventional protective mechanisms are no longer sufficient

Effective anti-spam software, email gateways and firewalls are now part of the basic configuration of every proper IT landscape. The attackers, however, equip themselves and find security gaps or loopholes at regular intervals through which they place malware on the victim’s computers or networks.

Manufacturers of anti-spam and anti-malware software are making corresponding efforts to add further levels of protection to their products. The so-called Sandbox is often discussed as a particularly promising level of protection against spam and malware.

How a Sandbox works

The basic principle of sandboxing is to isolate the executed file from the system environment and thus protect it from the potentially harmful effects. In this case, it is about files that are to be scanned for malware. This works because the sandbox is separate from the system’s resources, but provides all the relevant functionality.

In the area of email security, a sandbox pretends to the links and attachments to be tested that they have been delivered, are on the client and are being opened. This detonation process, i.e the opening of the files, is then observed and evaluated. Sandboxing is therefore another layer of protection against spam and malware for email security that is primarily used to defend against zero-day attacks, targeted attacks and advanced persistent threats.

Sandbox Overview Cyren

Hackers respond to the sandbox trend

However, malware developers are developing countermeasures and are now able to detect traditional sandboxing environments. In such cases, the malware aborts the execution of the malicious code; this is referred to as sandbox evasion and makes successful analysis difficult or even impossible.

In these cases, it is crucial to use effective spam filters with functions such as Content Disarm and Reconstruction (CDR), intelligent content filters, URL rewriting or the option of delayed delivery. This means that there is already basic protection that eliminates many threats and significantly reduces the number of files that are uploaded to the sandbox.

Using Sandbox Arrays to prevent Sandbox Evasion

The situation is different again when not only a single sandbox, but a sandbox array – i.e. a row of sandboxes connected in series – is used. The files to be checked are checked in different sandboxes, which work on the basis of both virtual and physical computers. In order to make the checking process as efficient as possible, an expected behavior is predicted on the basis of the file type (static analysis) and an environment optimized for this prediction is started (dynamic analysis). Only if the expected behavior does not occur, further virtual computers are provisioned (post-processing). Malicious files and URLs can thus be reliably detected and the mechanisms of sandbox evasion bypassed.

NoSpamProxy Sandbox Service provides security

NoSpamProxy uses a cloud-based sandbox array technology that securely detects malicious files and URLs and quickly distributes this knowledge by means of comprehensive swarm intelligence. In addition, intelligent spam filters ensure that most threats are detected before sandboxing is required. In this way, you save time, resources, networks and infrastructure.

Free 30-day NoSpamProxy trial

* Cyber Security Survey 2017 by the Federal Office for Information Security (in German only)

  • share 
  • share 
  • share 
  • email 
19.07.2019/by Stefan Feist

SEARCH

PRODUCT

  • All Topics
  • NoSpamProxy Cloud
  • NoSpamProxy Protection
  • NoSpamProxy Encryption
  • NospamProxy Large Files

You need support?

You can find more information about NoSpamProxy in our documentation and forum.

CATEGORY

  • All Topics
  • News
  • Product
  • Tech & Support
  • Events
RSS Feed Logo RSS Feed Logo Subscribeto RSS Feed

NoSpamProxy

  • NoSpamProxy Cloud
  • NoSpamProxy Encryption
  • NoSpamProxy Large Files
  • NoSpamProxy Disclaimer
  • Price request
  • Team
  • Career
  • General terms and conditions
  • Data Protection Information for Business Partners and Applicants
  • Cybersecurity (PSIRT)

Partners

  • Becoming a reseller
  • Partners
  • Order Certificates
  • Newsletter

Categories

  • All topics
  • News
  • Support
  • Updates
  • Order certificates

Latest News

  • Was ist ein Zero Day Exploit Preview
    What is a Zero-Day Exploit?23.04.2025 - 14:00
  • Info Icon
    UPDATE: New Google email sender guidelines: What you need to do17.04.2025 - 12:00
  • Was ist Spoofing Preview
    What is spoofing?11.04.2025 - 14:00
IMPRINT • EULA • Privacy Policy • • © 2025 Net at Work GmbH
  • Link to Rss this site
  • Link to LinkedIn
  • Link to Youtube
  • Link to X
  • Link to Instagram
Link to: Emails in spam folders are considered delivered Link to: Emails in spam folders are considered delivered Emails in spam folders are considered deliveredE-Mail Spam-Ordner Link to: How to create GDPR-compliant email disclaimers Link to: How to create GDPR-compliant email disclaimers E-Mail-Signatur DSGVO-konform erstellenHow to create GDPR-compliant email disclaimers
Scroll to top Scroll to top Scroll to top