Kaspersky Sandbox

Advanced protection against new and targeted malware without expensive security experts and tools

Advanced Threat Detection

Kaspersky Sandbox provides fully automated advanced detection of complex threats and APT-level attacks. Suspicious objects are analyzed in an isolated environment where in-depth analysis rapidly detects and blocks new, unknown, and evasive cyberthreats.

Part of Kaspersky Optimum Security, the sandbox solution integrates seamlessly with Kaspersky EDR Optimum and Endpoint Security for Business to create a comprehensive multi-layered endpoint security solution.

Automated detection without manual analysis

Zero-day exploit detection

Ransomware and APT protection

Seamless integration with EDR

Key Advantages

Detectable

Suspicious objects in isolated environment

Manageable

Simple installation & operation

Scalable

Supports 1,000+ endpoints

Integrated

Works with EDR and EPP

Core Capabilities

Isolated Analysis Environment

Suspicious objects analyzed in isolated virtual machines with full-featured operating systems

Behavioral Threat Detection

Monitor ~30,000 API interactions to detect malicious activity and targeted attack indicators

Zero-Day Exploit Detection

Detect advanced exploits including ROP chains, heap spraying, stack pivoting, and security token changes

Hardware Virtualization

Fast and stable sandbox architecture based on hardware virtualization technology

Anti-Evasion Technology

Kaspersky Sandbox employs sophisticated anti-evasion techniques to defeat malware that attempts to detect and avoid sandbox environments:

Random VM environment generation

User action emulation (mouse, scrolling)

Process and document interaction

Advanced exploit behavior detection

Early-stage exploitation prevention

Supported File Types

Windows executables (*.exe)

.NET objects and libraries

Microsoft Office files

PDF documents

Android APK packages

DLL files

Script files

Complete Capabilities

Windows OS support (XP and later)

Android OS support (x86 and ARM)

Multi-layered exploit detection

Anti-evasion techniques

Real-time threat updates

APT-level attack detection

Ransomware identification

Unknown malware analysis

Deployment & Scalability

Quick Deployment

Simple installation and operation - no need for fully fledged IT security teams

Enterprise Scale

Basic configuration supports 1,000+ endpoints, easily scales for large organizations

Flexible Architecture

On-premises, cloud, or Kaspersky infrastructure deployment options

Ideal For

Enterprise Security

Large-scale threat detection

APT Defense

Advanced persistent threats

Ransomware Protection

Automated detection & blocking

Unknown Threats

Zero-day exploit detection

Protect Against Advanced Threats & Zero-Days

Automated sandbox detection integrated with your endpoint security

Request Demo View All Products