Sandboxes have been touted as a high-ranking method to prevent a cyber-attack on organizations because they allow you to test everything before it can affect your production environment. But does that come with a cost and are they as effective as vendors would like us to believe?
Play Time in the Sandbox?
Most of us know a sandbox as a fun place that children play in at the playground. Similarly, for IT professionals, sandboxes have often been considered a safe place to develop and test code before it’s launched into production environments. For security professional though, sandboxing has been seen as a way to spot zero-day threats and stealthy attacks. However, as the “arms race” between invader and defender continues, malware authors have continuously found clever ways to evade sandbox detection.