// THREAT DETECTION AND DATA PRIVACY TERM
Sandboxing
Sandboxing is a security practice that isolates a program or code in a separate, restricted environment. This allows suspicious files or applications to be run and analyzed without risking harm to the host computer or network.

TECHNICAL DEFINITION
Sandboxing is a cybersecurity technique that provides a controlled, isolated execution environment for untrusted programs, scripts, or files to prevent them from accessing or damaging the host operating system, network, or sensitive data. This containment mechanism is crucial for malware analysis, threat intelligence, and safely testing code by monitoring its behavior, system calls, and network traffic within a virtualized space.
BACKGROUND
Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- containment
- isolation environment
- detonation chamber
- virtual execution
- restricted environment
- quarantine
USAGE NOTE
Sandboxing is a core feature in modern web browsers, email security gateways, and advanced endpoint protection tools to safely analyze potentially malicious attachments and links.
DEVELOPERS
Organizations developing technology related to Sandboxing.
Develops WildFire, a cloud-based malware analysis service that uses dynamic analysis in a virtual, sandboxed environment to identify and protect against unknown threats.
Offers the Falcon Sandbox, an automated malware analysis solution that safely executes suspicious files in a controlled environment to provide detailed threat intelligence and indicators of compromise.
Provides FortiSandbox, a solution designed to detect advanced persistent threats (APTs) and zero-day malware by executing suspicious code in an isolated, virtualized environment.
Operates Cisco Secure Malware Analytics (formerly Threat Grid), which provides advanced sandboxing capabilities to analyze malware behavior and provide context-rich threat intelligence.
Offers SandBlast Zero-Day Protection, which uses threat emulation and extraction to inspect files in a virtual sandbox, identifying and blocking evasive malware before it enters the network.
Continuing the legacy of FireEye's Multi-Vector Virtual Execution (MVX) engine, Trellix provides advanced sandboxing technology that analyzes and detonates suspicious payloads across multiple vectors like web, email, and files.
Provides a cloud-native sandbox as part of its Zero Trust Exchange platform. It analyzes unknown files from web and SSL traffic in an isolated environment to prevent zero-day attacks.
A company specializing in malware analysis systems. They develop Joe Sandbox, a deep malware analysis platform that uses advanced instrumentation and sandboxing techniques, often licensed by other security vendors.
Develops the Symantec Content Analysis System (CAS) and other security products that integrate sandboxing to detonate and analyze suspicious files, identifying malicious behavior in a secure environment.