FortiSandbox offers a robust combination of proactive detection and mitigation, actionable threat insight and integrated and automated deployment. At its foundation is a duallevel sandbox which is complemented by Fortinet's antimalware and optional integrated FortiGuard threat intelligence.
Proactive detection and mitigation
Suspicious codes are subjected to multi-layer pre-filters prior to execution in the virtual OS for detailed behavioral analysis. The highly effective pre-filters include a screen by AV engine, queries to cloud-based threat databases and OS-independent simulation with a code emulator, followed by execution in the full virtual runtime environment. Once a malicious code is detected, granular ratings along with key threat intelligence is available, a signature is dynamically created for distribution to integrated products.
Actionable insight
All classifications - malicious and high/medium/low risk - are presented within an intuitive dashboard. Full threat information from the virtual execution - including system activity, exploit efforts, web traffic, subsequent downloads, communication attempts and more - is available in rich logs and reports.
