Do you use sandbox technology?

Not in the strict sense of dynamic runtime analysis. In general, our experience has taught us that sandboxing technology is particularly important for forensic and full attack chain analysis. Unfortunately, the downside of such in-depth analysis is relatively slow speed (time to reporting is typically within 5-10 minutes), scaling challenges, high maintenance, and a large resource overhead. Instead, we focus on a sophisticated set of lightweight emulation engines that have shown to yield the same result (and sometimes better) for an overwhelming amount of malicious documents at a fraction of cost. OPSWAT Filescan is a best-in-class initial assessment solution for large datasets or as part of a multi-level analysis pipeline.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
How good is the efficacy for in-the-wild malware?

See the "Technical Datasheet" for a complete list of features: https://docs.opswat.com/filescan/datasheet/technical-datasheet

On This Page
Do you use sandbox technology?