File Sandbox helps you submit a suspicious file for analysis to determine if the file is malicious or safe.
This feature is accessible for the Admin and Super Admin only.
If you suspect a file to be malicious in your environment, you can submit that file to the sandbox for detonation.
Supported File Types (Extensions):
"sh", "js", "7z", "py", "doc", "rtf", "xls", "ppt", "pps", "ps1", "bat",
"eml", "exe", "jar", "txt", "odt", "odp", "ods", "swf", "msg", "msi",
"pdf", "rar", "vbs", "zip", "cab", "lnk", "xml", "dll", "tar", "hta",
"elf", "docx", "docm", "link", "xlsx", "xlsm", "xlsb", "pptx",
"ppam", "html"
Submitting file to Sandbox
To submit a file to the sandbox, do the following steps.
- Log on to the Seqrite Endpoint Security Cloud.
- Go to File Sandbox.
- Number of detonations utilized /Total Detonation appears. This helps you to understand how many files you can submit to the Sandbox.
- Click Browse to upload the file.
- Click Submit.
The success message appears.
Notes
- The maximum file size to submit to the sandbox is 64 MB.
- The maximum no. of files you can submit depends upon your subscription to File Sandbox-Total Detonations.
Reports of File Sandbox
- In the File Sandbox Report section, existing reports if any are listed.
- Select the Period and Detonation Status for which you want to generate the report.
- To add filters, click Add Filters. The parameters in the Add Filters are File Name and Threat Type. Select or clear the filter that you want to add or remove.
- To generate the report on the selected parameters, click Generate Report. The report in tabular format will be displayed.
The report displays the following details of detonation analysis.
| Fields | Description |
|---|---|
| File Name | Displays the file name which is submitted in the sandbox. |
| Detonation Status | Displays one of the following detonation statuses. · Completed · In progress · Queued · Analyzing · Failed |
| Threat Type | Displays the threat type (if any) the file contains. |
| Submission Date | Displays the date and time when the file was submitted for detonation. |
| Completion Time | Displays the date and time when the file detonation was complete. |
| Report | Redirects to the detailed detonation report. |
| Details | Displays further details of the threat. To view the details, click the Details link. |
Exporting the report
Select the CSV option from the Export as list to export the tabular report in CSV format.
Select the PDF option from the Export as list to export the tabular report in PDF format.
The Email containing a link to download the report will be sent to your registered Email address. The link is valid for 72 hours only.