Shortfalls of Security Sandboxing to Detect Advanced Threats

Prevention suites are becoming increasingly ineffective. Information security professionals are turning to alternative approaches to detecting the presence of advanced malware.

Some vendors have taken to network-based sandboxing: analyzing inbound suspicious files in your network by allowing them to run in a virtual machine environment – with the hopes of finding malware and extracting forensics data to create signatures to attempt to block future infections.

The approach seems logical on the surface – “detonating” malware to capture communication traits and endpoint forensics seems to make sense. However, this approach has shortcomings and solely relying on sandboxing as your solution for advanced threat detection is at best unreliable, leaving gaps in your security posture you thought were closed.

In this webcast you will:

  • Understand the Cyber Kill Chain

  • See How Malware Can Evade Virtual Machine Sandboxing

  • Discover How to Use Network Intelligence and Monitoring to Uncover Threats


Brian Foster, Damballa

Please register to view the webcast.