What about CASMA On-box Sandboxing
search cancel

What about CASMA On-box Sandboxing

book

Article ID: 274215

calendar_today

Updated On:

Products

Malware Analysis

Issue/Introduction

Some explanation about the VA-CASMA On-box Sandboxing feature ?? … and possibly guidance on how to configure it ? ..

 

Environment

Release : CASMA 3.1.6.0/3.1.7.0/3.1.8.1

Resolution

On-box sandboxing with Symantec Content Analysis is a security feature that helps organizations detect and mitigate advanced threats and malware by analyzing potentially malicious files and URLs in a controlled environment.

The on-box Content Analysis and Malware Analysis dual-detection approach combines virtualization and emulation to capture more malicious behavior across a wider range of custom environments.

Malware Analysis is an integrated, on-box technology for detecting and analyzing unknown, advanced, and targeted malware. The adaptive and customizable sandbox solution delivers comprehensive malware detonation and analysis. The dual-detection approach quickly analyzes suspicious files and URLs, interacts with running malware to reveal its complete behavior, and exposes zero-day threats and unknown malware.

Enabling the on-box sandboxing decreases the throughput for the appliance, but also increases the detection capabilities.

As shared during the morning call, The On-Box Sandboxing with the CASMA-VA works exactly the same way as the MA you already know, ran on the physical CAS appliances. We have been able to develop the MA on top of the CAS-VA, hence, the CASMA, as we call it today.

To configure a Malware Sandbox, please refer to the steps in the Tech. Doc. with the URL below.

Configure a Malware Analysis Sandbox

For further guidance, please refer to the attached doc.

Attachments

1695757096866__Malware_Analysis_Guide_v24.pdf get_app