Select Page

SandboxingBenefit from the Most Advanced Analysis and Threat Prevention Engine in the Industry

Sandboxing completes the effectiveness of Retarus Email Security: It exports all incoming email attachments that could potentially contain malicious code to a virtual machine and checks them for unusual behavior. Emails classified as infected are deleted or immediately moved to quarantine.

The Challenge

New Cyber Threats Every Second

Around the world, an unmanageable number of new cyber threats emerge every second. The use of cloud services, increasing automation, and global networking often make it all too easy for attackers today. One example is the use of polymorphic malware, which allows attackers to spread their threats faster than ever before. It is dynamic malware that continuously adapts its code both flexibly and autonomously. That’s how it eludes conventional detection mechanisms, as the identifiable attributes are constantly changing.

According to security authorities, the number of new malware variants increases by around 140 million every year.
The Solution

Machine Learning Helps to Defend Against Unknown Threats

In combating these malware variants and similarly adaptive threats, machine learning is a particularly powerful weapon that must be included in every IT security strategy. Only a sandbox engine based on state-of-the-art machine learning is capable of quickly analyzing and processing today’s common data volumes and threats. It supports automated decision-making in fractions of a second, enabling it to deliver an immediate response. Another key benefit: machine learning models are particularly good at detecting any changes that may have been made to executable files, a major weakness of earlier signature-based approaches, which far too often were exploited by attackers.

Retarus relies on leading technologies from its partner, Palo Alto Networks, and its threat analysis solution, WildFire: this means that Retarus Email Security uses one of the most advanced prevention engines in the industry. With this sandboxing technology, you benefit from a range of highly automated and intelligent analysis mechanisms to defend against threats, staying one decisive step ahead of zero-day exploits and malware.

Configuring the sandboxing function in myEAS

Retarus Sandboxing – Compliance Included

Suspicious content is executed in a protected environment within the Retarus infrastructure and thoroughly checked. This fully automated analysis meticulously focuses on file formats frequently used in attacks, including EXE, DLL, ZIP, PDF, as well as Microsoft® Office documents and Java files. Emails identified as infected are deleted or immediately moved to quarantine.

The sandboxing technology is operated exclusively in Retarus’ own European data centers. This enables you to comply with all data protection requirements while benefiting from the Shared Threat Intelligence of several hundred thousand WildFire cloud subscribers, without having to transfer sensitive data there yourself.
With its patented signatureless approach, the technology used by Retarus is highly successful at filtering both dangerous files and malicious scripts.

Multiple Analysis Methods for Top Results

Static analysis: checks thousands of file attributes to identify possible malicious code in a timely and effective manner. This enables fast and reliable analysis in less than four minutes on average.
Dynamic analysis: automatically runs files in a virtual environment to detect previously unknown malware based on unusual behavioral attributes. This also benefits users of the patented Retarus Patient Zero Detection®: the sandbox results generate related events and automatically warn all other recipients of the same attachments who were not initially detected.
Machine learning: uses collective threat intelligence consisting of a shared data pool. It does this by continuously analyzing trillions of files – infected and uninfected – from more than 50,000 companies, government agencies, service providers, and more than 40 partners. This unique cache of data enables researchers and data scientists at Palo Alto Networks – Retarus’ partner – to create accurate and efficient machine learning models that are constantly updated and thus always up-to-date.
The Features

Retarus Sandboxing Features at a Glance

InboundOutbound
Sandboxing subjects specific file attachments to an in-depth analysis. Attachments that contain potentially malicious code (e.g. files and active elements) are exported to a virtual machine and checked for unusual behavior. For this advanced threat check, Retarus uses the sandboxing solution from Palo Alto Networks: a specialized and renowned third-party provider. Emails identified as infected are either quarantined or deleted, and the intended recipient is notified.

  • In-depth checks of email attachments by executing them in virtual machines
  • Integration of a leading third-party sandboxing solution (Palo Alto) in Retarus Email Security
  • Operated at Retarus (German processing)
  • Notification of infected attachments via Email Security Report
  • Select view of advanced security checks in Retarus Email Live Search Monitoring (Tracking Point)

Sandboxing

Sandboxing

Email Security
Essential Protection
Advanced Threat Protection
Post Delivery Protection
Sandboxing
Forensics (for SIEM, NOC, SOC)
Module
Add-on

Use Machine Learning to Reliably Detect Even Completely Unknown Attack Patterns. Sandboxing with Retarus.

The security services offered by the cloud-based Retarus Secure Email Platform can be customized to meet your company’s security needs. Click on the individual modules to find out how they can increase your level of protection and security as well as complement your existing solutions.

With the Retarus Essential Protection, Retarus Advanced Protection, and the patented Retarus Post Delivery Protection modules, you are well prepared for the full range of today’s attacks. The Retarus Sandboxing module’s machine learning engine helps to protect against new attack patterns and the large number of adaptive malware variants. Integration options offered by Retarus Forensics complete a state-of-the-art IT security strategy.

Questions About Retarus Sandboxing?

Request more information or test Retarus Email Security without obligation. We look forward to hearing from you.