Sandboxes and Silver Bullets: Vendors Promote New/Old Detection Techniques to Stop Zero-Day Threats

Paula Musich
Paula Musich

Summary Bullets:

  • Anti-malware vendors are falling over each other to emulate the success FireEye has seen with its particular update to the sandbox technique for detecting zero-day threats that evade existing defenses.
  • Prospective buyers should be thorough in their evaluation not only of effectiveness and false positives, but also costs to deploy and scale the technology for their own environments.

At this year’s RSA conference in San Francisco, a handful of anti-malware vendors resurrected an old malicious code detection technology with a new twist on it.  Sandboxing was promoted as the latest silver bullet to detect more sophisticated attacks that get past traditional defenses.  Vendors including McAfee, Trend Micro, Fortinet and sandbox veteran Norman Security all launched new sandbox initiatives, following the successful lead of niche player FireEye, which has seen significant growth as a result of its success using its Virtual Execution engine and Malware Analysis System to detect and shutdown malware infections that got past traditional defenses.  Other vendors also pursuing this new twist include Palo Alto Networks and Sourcefire.  Continue reading “Sandboxes and Silver Bullets: Vendors Promote New/Old Detection Techniques to Stop Zero-Day Threats”