• Rss
  • LinkedIn
  • Youtube
  • Twitter
  • Instagram
  • English English English en
  • Deutsch Deutsch German de
Sales: +49 5251 304-800 | Support: +49 5251 304-636
NoSpamProxy
  • HOME
  • PRODUCT
    • NoSpamProxy Cloud
    • NoSpamProxy Protection
    • NoSpamProxy Encryption
    • NoSpamProxy Large Files
    • NoSpamProxy Disclaimer
  • SUPPORT
    • Knowledge Base
    • Forum
    • Training courses
    • Support Request
    • Software-Download
    • Resources
  • PARTNERS
    • Finding Resellers
    • Becoming Reseller
    • Partner Portal
  • COMPANY
    • Team
    • Testimonials
    • Career
    • Contact
  • EVENTS
    • Events
    • Webcast Training
  • BLOG
  • FREE TRIAL VERSION
    • Price request
    • Free trial version
  • English
    • Deutsch
  • Search
  • Menu Menu
Sandboxing Wundermittel oder Hype

Is Sandboxing a Miracle Cure or a Hype?

All Topics, News, NoSpamProxy Protection

IT infrastructures today are regularly exposed to dangerous and sophisticated attacks by hackers. With the growing number of attacks, the technological maturity of the attack methods used increases: Emotet, WannaCry, Locky, DDOS attacks or Zip bombs repeatedly threaten companies and authorities, and in many cases cause considerable damage.

According to the Federal Office for Information Security in Germany, two-thirds of German companies and authorities were victims of hacker attacks in 2016 and 2017, and one-quarter of these cyber attacks led to operational failures.* This is not just about losing the ability to act or financial losses, but also about the loss and misuse of confidential data.

Conventional protective mechanisms are no longer sufficient

Effective anti-spam software, email gateways and firewalls are now part of the basic configuration of every proper IT landscape. The attackers, however, equip themselves and find security gaps or loopholes at regular intervals through which they place malware on the victim’s computers or networks.

Manufacturers of anti-spam and anti-malware software are making corresponding efforts to add further levels of protection to their products. The so-called Sandbox is often discussed as a particularly promising level of protection against spam and malware.

How a Sandbox works

The basic principle of sandboxing is to isolate the executed file from the system environment and thus protect it from the potentially harmful effects. In this case, it is about files that are to be scanned for malware. This works because the sandbox is separate from the system’s resources, but provides all the relevant functionality.

In the area of email security, a sandbox pretends to the links and attachments to be tested that they have been delivered, are on the client and are being opened. This detonation process, i.e the opening of the files, is then observed and evaluated. Sandboxing is therefore another layer of protection against spam and malware for email security that is primarily used to defend against zero-day attacks, targeted attacks and advanced persistent threats.

Sandbox Overview Cyren

Hackers respond to the sandbox trend

However, malware developers are developing countermeasures and are now able to detect traditional sandboxing environments. In such cases, the malware aborts the execution of the malicious code; this is referred to as sandbox evasion and makes successful analysis difficult or even impossible.

In these cases, it is crucial to use effective spam filters with functions such as Content Disarm and Reconstruction (CDR), intelligent content filters, URL rewriting or the option of delayed delivery. This means that there is already basic protection that eliminates many threats and significantly reduces the number of files that are uploaded to the sandbox.

Using Sandbox Arrays to prevent Sandbox Evasion

The situation is different again when not only a single sandbox, but a sandbox array – i.e. a row of sandboxes connected in series – is used. The files to be checked are checked in different sandboxes, which work on the basis of both virtual and physical computers. In order to make the checking process as efficient as possible, an expected behavior is predicted on the basis of the file type (static analysis) and an environment optimized for this prediction is started (dynamic analysis). Only if the expected behavior does not occur, further virtual computers are provisioned (post-processing). Malicious files and URLs can thus be reliably detected and the mechanisms of sandbox evasion bypassed.

NoSpamProxy Sandbox Service provides security

NoSpamProxy uses a cloud-based sandbox array technology that securely detects malicious files and URLs and quickly distributes this knowledge by means of comprehensive swarm intelligence. In addition, intelligent spam filters ensure that most threats are detected before sandboxing is required. In this way, you save time, resources, networks and infrastructure.

Free 30-day NoSpamProxy trial

* Cyber Security Survey 2017 by the Federal Office for Information Security (in German only)

  • share 
  • share 
  • tweet 
  • email 
19.07.2019/by Stefan Feist

SEARCH

PRODUCT

  • All Topics
  • NoSpamProxy Cloud
  • NoSpamProxy Protection
  • NoSpamProxy Encryption
  • NospamProxy Large Files

Knowledge Base

Knowledge Base

Note: The information in this knowledge base is only relevant for NoSpamProxy up to version 13.2. All information for NoSpamProxy 14 and higher can be found in the online documentation.

CATEGORY

  • All Topics
  • News
  • Product
  • Tech & Support
  • Events
Subscribeto RSS Feed

NoSpamProxy

  • NoSpamProxy Cloud
  • NoSpamProxy Encryption
  • NoSpamProxy Large Files
  • NoSpamProxy Disclaimer
  • Price request
  • Team
  • Career
  • General terms and conditions
  • Data Protection Information for Business Partners and Applicants
  • Cybersecurity (PSIRT)

Partners

  • Becoming a reseller
  • Partners
  • Order Certificates
  • Newsletter

Categories

  • All topics
  • News
  • Support
  • Updates
  • Order certificates

Latest News

  • Info IconCritical Outlook vulnerability: No threat to NoSpamProxy customers24.03.2023 - 15:09
  • Default filter settings in NoSpamProxy 1422.03.2023 - 10:00
  • NoSpamProxy UpdateGlobal Rollout NoSpamProxy Version 14.0.515.03.2023 - 15:20
IMPRINT • EULA • Privacy Policy • © 2023 Net at Work GmbH
  • Rss
  • LinkedIn
  • Youtube
  • Twitter
  • Instagram
The Federal Fiscal Court and email securityE-Mail-Sicherheit DMARCE-Mail-Signatur DSGVO-konform erstellenHow to create GDPR-compliant email disclaimers
Scroll to top