Cyren Sandboxing

Stop evasive zero-day threats with a sandbox array in the cloud.

Request a demo

Block the unknown, not just the known

Cyren Sandboxing is an advanced layer of web and email security which protects your business against breaches and data loss from today’s sophisticated threats – even if previously unknown. Zero-day exploits, targeted attacks, and Advanced Persistent Threats are increasingly “sandbox aware,” as hackers use diverse strategies to evade detection by traditional sandboxing appliances. Cyren’s unique sandbox cloud computing array technology is able to tease out the full behavior of malicious files and embedded URLs targeting your users.

  • Stop today’s sophisticated threats with an advanced layer of security in the cloud
  • Combats sandbox-aware malware with a multi-sandbox array of diverse environments and iterative analysis
  • Once a new threat is identified, all Cyren users are immediately protected
  • Combines with dynamic reputation analysis for deep Advanced Threat Protection

Stay up to date with the latest in cybersecurity from Cyren

Learn why companies need more than traditional sandbox security to protect businesses in a changing threat landscape that includes hyper-evasive malware, advanced phishing techniques, and increasing zero-day attacks.

Download datasheet

Understand how a new generation of malware, specifically designed to evade traditional defenses, is requiring businesses and security professionals to rethink protection and detection strategies.

Read article

What are zero-day attacks and why is their frequency increasing? Learn how hackers are using new high-volume distribution techniques to penetrate business systems.

Watch webinar

Don’t deploy it – just turn it on

Cyren Sandboxing is easy to implement, as it’s delivered as an integrated feature of our Cyren Email Security Gateway services. As a cloud-based solution, there are no time-consuming updates or patches that you need to apply, and you are always running the latest version.

  • Cloud-based, integrated feature of email security SaaS services
  • No maintenance, no patching required 
  • Always updated, no lengthy appliance update cycles 
  • Can be instantly activated, requires no “deployment”

Unlimited scalability

Cyren Sandbox Cloud Computing is designed to protect all of your users, from roaming employees to branch offices to headquarters, from the most logical place – the cloud, where our massively scalable, globally unified security platform sees over 17 billion web and email transactions a day, delivering the fastest threat analysis and the highest catch rates. Our patent-pending Cloud Sandbox Array technology performs full behavioral analysis as necessary to identify a threat, and handles with ease the additional processing load required to properly inspect threats hidden in encrypted SSL traffic.

  • Cloud processing scale allows deeper “Big Data” behavioral analysis and better threat detection
  • Scalable protection for all your users and all your traffic – no need to worry about load analysis and sizing appliances
  • Automates complex process of file analysis formerly done manually by malware researchers

Actionable forensics and reports

For security teams seeking detail to pinpoint any problem and identify systems requiring remediation, Cyren provides an Incident Management dashboard with detailed forensic reports identifying the root cause and impact of an infection – the when, how, where, and who. And even though our analysis may be extremely complex, conducted across multiple sandbox environments, our reporting clarifies any action needed with a single unified report and risk score and a merged list of identified risks.

  • Incident reports pinpoint problems and speed remediation
  • System alerts inform type and severity, from Active Directory sync issues to identified malware
  • Malware forensic analysis provides full malware profile, signature, analysis results, and link to behavioral screenshots

How it works: Multi-sandboxes in the cloud

Malware today is designed to avoid detection by appliance sandboxes, a problem Cyren Sandboxing solves by combining cloud computing power with our patent-pending multi-sandbox array technology to ensure that the behavior of unknown files is completely expressed during analysis. A natural language-processing decision engine coordinates the analysis of suspicious objects by multiple, different sandboxing environments, including varied virtual and physical environments.

Automated process steps are:

  1. Sophisticated pre-processing performs static analysis and the decision engine selects the initial sandbox for analysis from the array.
  2. The file is detonated in the selected sandbox and monitored for malicious activity, while different components are.
  3. Based on results, the file may be recursively submitted to different types of sandboxes – until full behavior is observed, and an aggregate threat score is calculated.
  4. Once malicious files and URLs are identified, Cyren fingerprints and blocks them across its global network within seconds.

25B Security Transactions Daily

1.3B Users Protected

300M Threats Blocked Daily