Source Analyse Software In A Remote Secure Environment
Several remote services are available to analyze submitted software programs or files for malicious contents like computer viruses or trojans. Among them are Virus Total which uses more than a dozen different antivirus engines to scan submitted files. All of them have one thing in common: They scan and analyze the files using signature databases and maybe heuristic methods which means that they might miss malicious code. The benefit of a security scan in a remote secure environment is that the uploaded files or computer software programs get executed and analyzed.
CW Sandbox is a web service with a similar looking frontend like all the other online virus scanners. What sets it apart is the remote secure environment that it uses to execute and analyze the files that get uploaded. It uses a sandbox to execute the file and will log all system activity that is connected to the file launch. The file analysis contains a summary but also detailed changes to the file system, the Windows Registry and network activity plus a technical summary with additional information.
Each report is divided into different categories. The File Changes for example contains categories that list newly created, opened and deleted files and a summary that lists all file operations in chronological order. The network activity analysis will detail connections that have been established including host names, IP addresses and if data has been posted to one of those addresses.
Several remote services are available to analyze submitted software programs or files for malicious contents like computer viruses or trojans. Among them are Virus Total which uses more than a dozen different antivirus engines to scan submitted files. All of them have one thing in common: They scan and analyze the files using signature databases and maybe heuristic methods which means that they might miss malicious code. The benefit of a security scan in a remote secure environment is that the uploaded files or computer software programs get executed and analyzed.
CW Sandbox is a web service with a similar looking frontend like all the other online virus scanners. What sets it apart is the remote secure environment that it uses to execute and analyze the files that get uploaded. It uses a sandbox to execute the file and will log all system activity that is connected to the file launch. The file analysis contains a summary but also detailed changes to the file system, the Windows Registry and network activity plus a technical summary with additional information.
Each report is divided into different categories. The File Changes for example contains categories that list newly created, opened and deleted files and a summary that lists all file operations in chronological order. The network activity analysis will detail connections that have been established including host names, IP addresses and if data has been posted to one of those addresses.
