Fidelis Sandbox is an isolated virtual execution environment, available in the cloud or on-prem, that detonates suspicious files and URLs to detect malware that evades static analysis and signatures. As a core component of Fidelis Elevate (with a cloud sandbox included) and an optional appliance for Fidelis Network customers who cannot use cloud, it analyzes runtime behavior such as file writes, registry changes, API calls, and network activity, then produces detailed reports with a malware score tied to related alerts. Reports are stored for rapid reuse on resubmission, enable IOC extraction for Fidelis feeds, support prevention through proprietary hash formats, and improve future detections using machine-learning on the sandbox database.

Join for free to read