Cloud Sandbox
Protect Your Users from Previously Unknown Malware
Consisting of over 8,600 file attributes, our Cloud Sandbox includes an intelligent neural network to rapidly determine the presence of new, unknown malware. Our Cloud Sandbox leverages machine learning to continuously improve with every new file uploaded for analysis.
Why Choose Cloud Sandbox?
Defend Against the Unknown
An additional layer of web and email security protects you against brand new or unknown sophisticated threats.
Leading Technology
Analyzes over 8,600 file attributes and continuously trained for an effective and up-to-date malware radar.
Built-In Protection
Seamlessly integrated into standard file scanning of Secure Web Gateway and Secure Email Gateway.
How is the Cloud Sandbox Trained and Continuously Updated?
- A neural network is set up to decide if a file contains malware
- More than 8,600 file attributes serve as input to the neural network
- Through a large data set containing malicious and clean, labelled files, the neural network is trained to distinguish one from another
- Whenever a new, unknown file is uploaded to the Cloud Sandbox, the neural network determines whether the file contains malware, based on the previously seen files
- With every uploaded file, the neural network gets smarter as machine learning perpetually tunes its evaluation capabilities to align to the most current known hallmarks of malware
- Re-learning mechanisms ensure the continued accuracy of our neural network
When Cloud Sandbox Comes into Play
Beyond conventional malware scanning, our Cloud Sandbox also employs:
Hash Cache
A unique file hash is calculated for the email attachment or file downloaded from the web. This file hash is checked against a local hash cache which contains known bad and known good hashes.
Hash Database
If the local cache does not know the file already, the file hash is additionally looked up in the large, global cloud database.
Risk Score
If the hash can’t be located in any database, the local engine calculates a risk score based on machine learning algorithms. Only if the risk level exceeds the defined threshold, is the file uploaded to the cloud.
Machine Learning
Finally, if heuristics aren’t decisive, the file is evaluated against more than 8,600 attributes in the Cloud Sandbox. A specially-tailored ML module then evaluates and determines the existence of malware in the suspicious file.
A unique file hash is calculated for the email attachment or file downloaded from the web. This file hash is checked against a local hash cache which contains known bad and known good hashes.
If the local cache does not know the file already, the file hash is additionally looked up in the large, global cloud database.
If the hash can’t be located in any database, the local engine calculates a risk score based on machine learning algorithms. Only if the risk level exceeds the defined threshold, is the file uploaded to the cloud.
Finally, if heuristics aren’t decisive, the file is evaluated against more than 8,600 attributes in the Cloud Sandbox. A specially-tailored ML module then evaluates and determines the existence of malware in the suspicious file.
Leave Complexity
Behind
To learn how Open Systems SASE Experience can benefit your organization, talk to a specialist today.
Contact Us