Sababa Sandbox

How do you deal with suspicious files that arrive to your corporate environment via emails, web browsing or USB devices? One option is to block and forget about them. The other one is to allow their execution and monitor what happens next.

Sababa Sandbox allows exploring any suspicious files in a safe isolated environment by submitting the software for analysis both manually and automatically. Some previous generations of sandboxes simulate the suspicious samples and therefore are slow and difficult to scale. The other use hooking approaches, which are faster but easier to evade. Unlike all of them Sababa Sandbox uses an agentless hypervisor approach, so that it is both very fast and scalable. Moreover, it is also difficult to evade, since the software being analyzed does not realize that it is running within a sandbox.
• Real-time detection and in-depth analysis at scale • Total visibility into malware activity • Evasion resistant
Real-time detection and in-depth analysis at scale

• Supports real-time, high volume
detection of malicious files

• Performer in-depth begavioral analyses in costomizable enviromments

• Hardware virtualization enables
parallel execution of analyses

• Highly scalable architecture executes analyses with near-native performance in enterprise enviromments

total visibility into malware activity

• Unique hypervisor based-approach allows monitoring of all system interaction

• Higher security privileges than kernel code

• Observes all unaligned function calls, private function invocations and direct system calls

Evasion resistant​

• Virtually impossible for malware to detect and evade

• Not single bot is modified inside the monitoring enviromment

• Immune to hook evasions (Direct
system calls, unalingned function calls)

• Provides optimum balance between
performance, transparency and isolation

Sababa Sandbox is a useful tool to improve the security of the corporate environment:

Incident Response – In addition to reporting whether submitted software is safe or not, we also extract and provide as much information about it as possible

Threat Intelligence – In order to provide quality threat intelligence, you must analyze a lot of data. There are between 1 and 2 million new malware variants discovered every day. Due to the fast and scalable engine, we can keep up with that pace.

Protection – Due to a good integration of Sababa Sandbox with the other security systems through external connectors, the solutions adds granularity to the corporate security.

OEM Integration – Sababa Sandbox can be embedded into security appliances and cloud security solutions, providing the ultimate validation and analysis.

English
Sababa Security