top of page





Enhanced protection against targeted attacks


Custom Sandbox Analysis uses virtual images that are tuned to precisely match your system configurations, drivers, installed applications, and language versions. This approach improves the detection rate of advanced threats that are designed to evade standard virtual images. The custom sandbox environment includes safe external access to identify and analyze multi-stage downloads, URLs, command and control (C&C), and more, as well as supporting manual or automated file and URL submission.

Flexible Deployment Analyzer can be deployed as a standalone sandbox or alongside a larger Deep Discovery deployment to add additional sandbox capacity. It is scalable to support up to 60 sandboxes in a single appliance, and multiple appliances can be clustered for high availability or configured for a hot or cold backup.

Advanced Detection Methods such as static analysis, heuristic analysis, behavior analysis, web reputation, and file reputation ensure threats are discovered quickly. Analyzer also detects multi-stage malicious files, outbound connections, and repeated C&C from suspicious files.

• Broad file analysis range examines a wide range of Windows executables, Microsoft® Office, PDF, web content, and compressed file types using multiple detection engines and sandboxing. Custom policies can be defined by file type.

• Document exploit detection discovers malware and exploits delivered in common document formats by using specialized detection and sandboxing.

• URL analysis Performs sandbox analysis of URLs contained in emails or manually submitted samples.

• Web services API and manual submission enables any product or malware analyst to submit suspicious samples. Shares new indicators of compromise (IoC) detection intelligence automatically with Trend Micro and third-party products.

• Support for Windows, Mac, and Android™ operating systems.

Detect ransomware detects script emulation, zero-day exploits, targeted and password-protected malware commonly associated with ransomware. IT also uses information on known threats to discover ransomware through pattern and reputationbased analysis. The custom sandbox can detect mass file modifications, encryption behavior, and modifications to backup and restore.


    bottom of page