File Sandboxing helps you submit a suspicious file for analysis to determine if the file is malicious or safe. The major advantage of the File Sandbox is that it can reliably detect unknown threats.
This feature is accessible for the Admin and Super Admin only.
If you suspect a file to be malicious in your environment, you can submit that file to the sandbox for detonation.
Sandbox detonation – Sandbox security testing detects malware by running suspicious code in a safe and isolated environment and monitoring the behavior and outputs of the code. This is known as “detonation”.
Supported File Types (Extensions)
"sh", "js", "7z", "py", "doc", "rtf", "xls", "ppt", "pps", "ps1", "bat",
"eml", "exe", "jar", "txt", "odt", "odp", "ods", "swf", "msg", "msi",
"pdf", "rar", "vbs", "zip", "cab", "lnk", "xml", "dll", "tar", "hta",
"elf", "docx", "docm", "link", "xlsx", "xlsm", "xlsb", "pptx",
"ppam", "html"
Submitting file to Sandbox
To submit a file to the sandbox, do the following steps.
- Log on to the Seqrite Endpoint Security.
- Go to File Sandbox.
- Click Browse to upload the file.
- Click Submit.
The success message appears.
Notes
- The maximum file size to submit to the sandbox is 64 MB.
- The maximum no. of files you can submit depends upon your subscription to File Sandboxing-Total Detonations.
Reports of File Sandbox
In the File Sandbox Report section, existing reports if any are listed.
- Select the Period and Detonation Status for which you want to generate the report.
- To add filters, click Add Filters. The parameters in the Add Filters are File Name and Threat Type. Select or clear the filter that you want to add or remove.
- To generate the report on the selected parameters, click Generate Report. The report in tabular format will be displayed.
The report displays the following details of detonation analysis.
Fields | Description |
---|---|
File Name | Displays the file name which is submitted in the sandbox. |
Detonation Status | Displays one of the following detonation statuses. · Completed · In progress · Queued · Analyzing · Failed |
Threat Type | Displays the threat type (if any) the file contains. |
Submission Date | Displays the date and time when the file was submitted for detonation. |
Completion Time | Displays the date and time when the file detonation was complete. |
Report | Redirects to the detailed detonation report. |
Details | Displays further details of the threat. To view the details, click the Details link. |
Exporting the report
Select the CSV option from the Export as list to export the tabular report in CSV format.
Select the PDF option from the Export as list to export the tabular report in PDF format.
The Email containing a link to download the report will be sent to your registered Email address. The link is valid for 72 hours only.