Realtime Non-Sandbox Sandboxing

Playgrounds today are much different than the playgrounds of yesteryear. Back then we actually had sand in the sandbox, while now we have rubber mulch to protect our children from themselves.  So, when is a sandbox not a sandbox? The basic function is the same and the play factor is still there, but now it’s safer and doesn’t need the same level of maintenance. Isn’t it time you did the same to your security sandbox as well?

Why Sandboxes Make Sense

HowToGeek.com has this to say about why sandboxes are essential for your security strategy:

“A sandbox is a tightly controlled environment where programs can be run. Sandboxes restrict what a piece of code can do, giving it just as many permissions as it needs without adding additional permissions that could be abused.”

Put in more layman’s terms: a sandbox is a safe place to detonate any hidden security bombs hidden inside of content you thought was safe. Think of it as a filter that preprocesses your content to ensure zero-day malware and unknown threats from entering your network.

Why Sandboxes May Not Make Sense

While sandboxes have shown a clear value for years, their inherent weaknesses now should give you pause for consideration.  You can read more specifics in our blog titled “3 Reasons to Avoid Sandboxes” but the net of the situation is that relying exclusively on a sandbox will but a significant delay in access to content at a much higher cost and for that you still may be breached because there are well published sandbox evasion techniques.

However, we have also discussed how to extend the life of your sandbox investment by front-ending it with a static-analysis based technology to create an evasion proof barrier between potential harm and your sandbox. If you are interested in that check out our blog titled “Nitrous Oxide” for Your Sandbox”.

The Non-Sandbox Sandbox

Why wait for detonation when you can bypass it and get straight to a definitive yes/no decision on the safety of content flowing into your organization. The SoleGATE platform avoids the pitfalls of traditional security approaches in the market today through the use of static analysis, which is extremely fast (millisecond latency), incredibly accurate (0.00002% false positive rate), client-side application/technology stack/OS independent (evasion proof), and provides 100% coverage of all incoming content, whether through email, web or cloud (truly cross-domain).  SoleGATE parses, evaluates and de-obfuscates every line of code that may be embedded or hidden in content whether it’s in a datafile, stream, active content or file-less malware, without the need for file detonation, runtime analysis, or sanitization/reconstruction.

DvC™ is the patented technology that powers SoleGATE. DvC™ has no assumptions on threat heuristics or behaviors, or patterns, but works on the premise that there is no legitimate reason for executable code to be present in any content that is a data file or stream. Active content and file-less malware are similarly analyzed using a hybrid approach encapsulated within DvC™. As such, SoleGATE is conclusive in its results. Content infected with malware is quarantined and that which is clean is let through. There is no guesswork, no prediction, no timeout. Your content is guaranteed to be clean (or not).

The SoleGATE software protection platform is truly versatile compared to its competitors. It is easily delivered as a cloud service, on-premise solution or any hybrid combination thereof directly for Office365 and G-Suite, and through a powerful REST API for cloud file sharing applications (Box, Amazon S3, etc.) and for web proxies through an easy ICAP integration.

Get Solebit’s whitepaper on a transformative, evasion-proof approach against modern cyber-attacks that doesn’t require sandboxing. It will outline how to strengthen your cyber defenses dramatically by preventing attacks before they enter and harm your organization, your customers and your brand. Remediation is costly, prevention is not.

Download Whitepaper Now

 

Recent Posts