For HomeFor BusinessFor Partners
Business Insights
6 min read

GravityZone Sandbox Analyzer On-Premises Now Generally Available

Michael Rosen

December 04, 2019

GravityZone Sandbox Analyzer On-Premises Now Generally Available
  • Bitdefender announces the general availability release of GravityZone Sandbox Analyzer On-Premises
  • Automates suspicious file submission from standard ICAP clients including web, email, and cloud gateways
  • Improves targeted attack detection through Golden Image management and parallel sample detonation

Bitdefender today announces the general availability (GA) release of GravityZone™ Sandbox Analyzer On-Premises, building upon our many years of delivering industry-leading malware sandboxing in the cloud. Following a successful controlled introduction in July of this year—involving rigorous testing and proving by multiple high-security customers—Bitdefender users can now expand their targeted-attack defense and breach avoidance use-cases and workflows to cover suspicious files that reach the endpoint from risky web, email and network activity and facilitate broader security integration and automation objectives of their modern, virtualized datacenters.

The Sandbox Analyzer On-Premises supports a diversity of file types for analysis—including executable files, Office documents, PDFs, packed and archived files, plus other types often used for malware delivery—and can monitor or withhold files pending sandbox verdicts, according to the customer’s requirements. Bitdefender uses sophisticated anti-analysis detection and anti-fingerprinting defenses to handle sandbox-aware malware, along with continuous machine learning and global threat intelligence informed from our 500 million worldwide endpoint sensors.

Sandbox Analyzer On-Premises Web Page 

Powerful New Features and Enhancements

New ICAP Sensor: Standard ICAP clients—including Secure Web Gateways (SWG), Secure Email Gateways (SEG), and Cloud Access Security Brokers (CASB)—can now send suspicious files to our ICAP server for prefiltering and sandbox analysis. Files originating via ICAP are highlighted/filtered under GravityZone Sandbox Analyzer reporting.

Sample Persistence and Re-Analysis:  File samples now persist on the datastore, allowing for resubmission with alternate Sandbox settings (e.g. different golden image, shorter/longer analysis runtime, with/without Internet access, various command-line arguments, etc.). Persistence is configurable via a policy setting.

Detonation Profiles: Users can manage the Sandbox throughput by toggling between different detonation profiles. Each Sandbox Analyzer sensor can be configured with a specific detonation profile setting, allocating Sandbox Analyzer resources by balancing sample throughput with analysis runtime.

Parallel Detonation: Users can select multiple preinstalled Golden Images when detonating a sample, creating parallel detonations, each one producing a different result for analysts to consider.

Golden Image Validation: Sandbox Administrators can inspect a golden image before submitting the image for building, verifying all GI requirements are met and making corrections, saving image preparation time.

Benefits of On-Premises Deployment 

Bitdefender customers benefit from on-premises sandboxing over cloud sandboxing when they require:

  • Targeted attack protection –Precise sandbox detection using customizable detonation “golden images” that closely replicate actual production workstations or VDI configurations 
  • High security environment – All sample analysis takes place onsite and no files or data ever go offsite 
  • Data privacy and compliance – User and machine identities remain local with no vendor data leakage 
  • Performance and scalability – Parallel processing throughput and runtime controlled by the customer 
  • Security integration and automation – Design custom end-to-end workflows using APIs (SIEM, SOAR) 
  • Security virtualization – 100% virtual appliances run on commodity virtualized servers, freeing administrators from the demands of managing yet another category of proprietary security hardware 

Flexible Sandbox Submission and Workflow Automation

The Sandbox Analyzer On-Premises supports multiple file submission and retrieval mechanisms mapped to common customer workflows and facilitates multi-stage security automation, including: 

  1. Automatic submission from Bitdefender Endpoint Security Tools (BEST) Client
  2. Automatic submission from GravityZone Central Quarantine
  3. Automatic submission from network file extraction
  4. Automatic submission from ICAP clients (SWG, SEG, CASB, etc.) to ICAP server for prefiltering/sandboxing
  5. Manual submission through GravityZone Control Center 
  6. Manual or automated file submission and results retrieval via API

Fortify Your Bitdefender Onsite Security Capabilities Today 

With the general availability release of Sandbox Analyzer On-Premises, Bitdefender customers with stringent onsite security requirements gain a powerful tool to combat advanced and targeted malware entering the network from multiple attack vectors. Automated workflows and flexible integrations combine with high-performance, ultra-secure local sandboxing—all with expert support from Bitdefender and our Worldwide Channel Partners. Elevate your targeted attack protection and breach avoidance defenses with proven sandbox technology that you control.

Schedule a Sandbox Analyzer On-Premises Demo 

tags

Business Insights

Author

Michael Rosen

Michael Rosen

Michael is Director of Technical Product Marketing for Bitdefender’s Data Center and Network Security Products. He has an MBA in Information Systems, a JD in Law, and 20 years of experience bringing innovative enterprise security software systems to market. Michael enjoys diving deep into products and making technical content accessible to general audiences.

View all posts

Right now Top posts

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
Ransomware Threat Research Threat Intelligence

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again

November 13, 2024

Bitdefender Threat Debrief | November 2024
Enterprise Security Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | November 2024

November 07, 2024

5 Approaches to Counter a Cybercriminal’s Growing Arsenal
Enterprise Security Threat Research

5 Approaches to Counter a Cybercriminal’s Growing Arsenal

November 06, 2024

Bitdefender Threat Debrief | October 2024
Enterprise Security Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | October 2024

October 10, 2024

FOLLOW US ON SOCIAL MEDIA

SUBSCRIBE TO OUR NEWSLETTER

Don’t miss out on exclusive content and exciting announcements!

You might also like

Empowering MSP Workflows: Bitdefender’s New ConnectWise PSA Integration Update
Enterprise Security Endpoint Protection & Management

Empowering MSP Workflows: Bitdefender’s New ConnectWise PSA Integration Update
Bitdefender Enterprise

November 21, 2024

Security Advisory: Adversaries Abuse Microsoft Teams and Quick Assist
Enterprise Security Endpoint Detection and Response

Security Advisory: Adversaries Abuse Microsoft Teams and Quick Assist
Jade Brown and Nikki Salas

November 20, 2024

Balancing User Experience with Security: A New Frontier for CISOs in Minimizing Business Risk Exposure
Enterprise Security Endpoint Protection & Management Endpoint Detection and Response

Balancing User Experience with Security: A New Frontier for CISOs in Minimizing Business Risk Exposure
Daniel Daraban

November 19, 2024

Bookmarks

loader