Threat sandboxing
Sandboxing technology let admins run executables and frequently exploited vulnerabilities in well known filetypes (pdf, office files,..) in a safe environment for analysis and threat detection. Files analysed in this environment are allowed to complete their entire lifecycle, without any risk to the outside and your network, for a full analysis of all operating system interactions they perform. Any malicious files will exploit the host operating system while being fully monitored along every step, allowing complex learning algorithms to document their behavior and build signatures and heuristics to detect future encounters with these 0-day infections ‘in the wild’. After each analysis the host operating system is safely destroyed and replaced with a fresh instance to test the next file.
