Complementing Email Security with Malware Sandbox

Rui Serra By Rui Serra • June 25, 2018

Sophisticated cybercriminals use advanced malware to elude traditional security systems. They use evasive coding techniques to evade conventional security barriers, stealing sensitive data and endangering your organization’s network.

With hackers weaponizing email attachments and links to find ways to exploit your networks at a greater pace, it’s up to you to protect your organization by finding solutions to deal with these threats. And it starts with strengthening your email security in a way that it makes it able to detect different and more recent attacks. One technology that’s touted to protect you from Advanced Persistent Threats (APTs) is sandboxing.

What is Sandboxing?

A sandbox is an isolated environment that imitates the entire computer system; it is safe enough to run malicious code as it is intended to run. To understand the intended purpose of suspicious programs or files, you can execute them in the sandbox to monitor their behavior without affecting the application in which it runs.

Sandboxes are highly beneficial for malware analysis and blocking malware at the network level. Malware that’s been detected will be blocked and ultimately detonated in your sandbox. By providing you with a dedicated environment to analyze potential threats to your organization, a sandbox technology protects you from both known and unknown threats.

Boosting Email Security with Sandboxing Technology

Email security solutions leverage techniques and tools such as antispam, antivirus, web filtering, IP reputation, and app control to protect your organization. However, these won’t stop today’s new breed of attacks that are sophisticated enough to mask themselves through tunneling or encryption. Sandboxing will work cooperatively with your existing network security technologies, strengthening your defenses. By adding sandboxing to your security, you add an extra layer of protection that has the ability to detect malicious code by exposing its intentions in the sandbox.

At AnubisNetworks, we’ve partnered with Check Point Software Technologies to bring you their sandbox technology, SandBlast Threat Emulation. They boast the most accurate sandboxing engine available to protect your organization from attackers before they enter your network.

The problem with traditional sandbox solutions is that they only detect malware behavior at the OS level. This means the exploitation has already occurred and the hacker code is already running. With SandBlast Threat Emulation, detection takes place at the CPU level, monitoring the instruction flow to detect exploits attempting to bypass OS security controls. Therefore, attacks are stopped before they have a chance to launch.

The partnership between AnubisNetworks and Check Point Software Technologies will deliver a new Dynamic Malware Analysis filtering module within AnubisNetworks’ Email Security Gateway, integrating SandBlast capabilities in its Mail Protection Service (MPS) defense layer.

CEO of AnubisNetworks Francisco Fonseca says, "Dynamic Malware Analysis is the missing puzzle piece of the most complete Email Security solutions currently available in today’s market.”

New call-to-action