Call a Specialist Today! 844-356-5142

Kaspersky Research Sandbox
An instrument of choice for the safe detonation, analysis and detection of advanced threats


Kaspersky Private Security Network


Kaspersky Products
Kaspersky Research Sandbox - License Pack
Kaspersky Research Sandbox, 100 Nodes, 1 Year (Includes Commercial License + Maintenance) License Pack
#KL7954ACRFS
Get a Quote!
Kaspersky Research Sandbox, 250 Nodes, 1 Year (Includes Commercial License + Maintenance) License Pack
#KL7954ACTFS
Get a Quote!
Kaspersky Research Sandbox, 1000 Nodes, 1 Year (Includes Commercial License + Maintenance) License Pack
#KL7954ACVFS
Get a Quote!

More pricing below, click here!


Overview

Making an intelligent decision based on an object’s behavior while simultaneously analyzing the process memory, network activity, etc. is the optimal approach to understanding today’s sophisticated targeted and tailored threats. Sandboxing technologies are powerful tools that allow the investigation of an object’s origins, the collection of IOCs based on behavioral analysis and the detection of malicious objects not previously seen.

Today’s malware uses a whole variety of methods to avoid executing its code if this could lead to exposing its malicious activity. If the system does not meet the required parameters, the malicious program will almost certainly destroy itself, leaving no traces. For the malicious code to execute, the sandboxing environment must therefore be capable of accurately mimicking normal end-user behavior.

Kaspersky Research Sandbox has been developed directly out of our in-lab sandboxing complex, a technology that’s been evolving for over a decade. It incorporates all the knowledge about malware behaviors acquired by Kaspersky throughout our continuous threat research, allowing us to detect 350 000+ new malicious objects every day. Deployed on-premises, this powerful technology also prevents exposure of data outside the organization.

It offers a hybrid approach, combining behavioral analysis, and rock-solid anti-evasion, with human-simulating technologies. Kaspresky Research Sandbox also allows to customize images of the systems for analysis tailoring them to real environments, which increases the accuracy of threat detection and the speed of investigation.

The product offers a unique approach to comparing similar samples while ensuring near-zero false positive rates. Any new attack can quickly be linked to known APT malware, previous targeted attacks and hacker groups, helping you to distinguish high-risk threats from less serious incidents, so you can take timely protective measures to prevent an attacker from gaining a foothold in your system.

  • On-premises deployment makes sure no data is exposed outside the organization
  • Supports the analysis of more than a hundred file types
  • Advanced anti-evasion techniques
  • Custom images allowing to analyze threats across a range of operating systems and applications and only those that apply to real environments
  • Separate analysis of each process to detect suspicious activities with associated network connections
  • Detailed analysis reports, including all system activities, extracted files, network activities (PCAP) and visual graphs
  • Manual file/URL submission and RESTful API for seamless integration and automation of your security operations

IMPORTANT: Integration with Kaspersky Private Security Network is required


Patented Technology

Patented behavioral analysis technology with extended logging and in-depth reporting effectively exposes the malicious nature of a file

Anti-evasion Techniques

Incorporates all the knowledge about malware behaviors acquired by Kaspersky, ensuring the sandboxing environment stays undetected

Custom OS Images

Allows customization of guest OS images, tailoring them to your real environments, which increases the accuracy of threat analysis results

Privacy and Compliance

Can be deployed in secure, air-gapped environments to protect your systems and information and to meet any compliance requirements


Research Sandbox Solutions

Kaspersky Research Sandbox is based on a patented proprietary technology (patent no. US10339301). By creating the exact conditions that triggers malware execution, it allows researchers to analyze a suspicious file/URL in a single attempt.

The product supports bare metal deployment. Hardware configuration depends on the required performance and can be scaled. It requires 100 Mbps network connection for each channel and at least one independent ISP connection (two or more are recommended for fault-tolerance). The ISP should be aware and ready for malicious traffic.

Once the analysis is complete, Research Sandbox provides a detailed report on the behavior and functionality of the analyzed sample, allowing you to define the appropriate response procedures:

  • Summary — general information about a file’s execution/URL browsing results.
  • Sandbox detection names — a list of detects (both AV and behavioral) that were registered during the file execution.
  • Triggered network rules — a list of network SNORT rules that were triggered during analysis of traffic from the executed object.
  • Execution map — a graphically represented sequence of object activities (actions taken on files, processes and the registry, and network activity) and the relationship between them. The root node of the tree represents the executed object.
  • Suspicious activities — a list of registered suspicious activities.
  • Screenshots — a set of screenshots that were taken during the file execution/URL browsing.
  • Loaded PE images — a list of loaded PE images that were detected during the file execution/URL browsing.
  • File operations — a list of file operations that were registered during the file execution/URL browsing.
  • Registry operations — a list of operations performed on the OS registry that were detected during the file execution/URL browsing.
  • Process operations — a list of interactions of the file with various processes that were registered during the file execution.
  • Synchronize operations — a list of operations of created synchronization objects (mutex, event, semaphore) that were registered during the file execution/URL browsing.
  • Downloaded files — a list of files that were extracted from network traffic during the file execution/URL browsing.
  • Dropped files — a list of files that were saved (created or modified) by the executed file.
  • HTTPS/HTTP/DNS/IP/TCP/UDP and etc. — network sessions/requests details that were registered during the file execution/URL browsing
  • Network traffic dump (PCAP) — network activity can be exported in PCAP format.
  • MITRE ATT&CK matrix — all identified process activities recorded during emulation are presented in the form of a MITRE ATT&CK matrix.

Kaspersky Research Sandbox is the instrument of choice for detecting unknown threats. It’s more mature and more focused on advanced threats than any other solution.



Suitable for

Kaspersky Research Sandbox is ideal for:

  • Government
  • Enterprise


Pricing Notes:

Kaspersky Products
Kaspersky Research Sandbox - License Pack
Kaspersky Research Sandbox, 100 Nodes, 1 Year (Includes Commercial License + Maintenance) License Pack
#KL7954ACRFS
Get a Quote!
Kaspersky Research Sandbox, 250 Nodes, 1 Year (Includes Commercial License + Maintenance) License Pack
#KL7954ACTFS
Get a Quote!
Kaspersky Research Sandbox, 1000 Nodes, 1 Year (Includes Commercial License + Maintenance) License Pack
#KL7954ACVFS
Get a Quote!
Kaspersky Research Sandbox, 100 Nodes, 2 Years (Includes Commercial License + Maintenance) License Pack
#KL7954ACRDS
Get a Quote!
Kaspersky Research Sandbox, 250 Nodes, 2 Years (Includes Commercial License + Maintenance) License Pack
#KL7954ACTDS
Get a Quote!
Kaspersky Research Sandbox, 1000 Nodes, 2 Years (Includes Commercial License + Maintenance) License Pack
#KL7954ACVDS
Get a Quote!
Kaspersky Research Sandbox, 100 Nodes, 3 Years (Includes Commercial License + Maintenance) License Pack
#KL7954ACRTS
Get a Quote!
Kaspersky Research Sandbox, 250 Nodes, 3 Years (Includes Commercial License + Maintenance) License Pack
#KL7954ACTTS
Get a Quote!
Kaspersky Research Sandbox, 1000 Nodes, 3 Years (Includes Commercial License + Maintenance) License Pack
#KL7954ACVTS
Get a Quote!
Kaspersky Research Sandbox - Renewal Pack
Kaspersky Research Sandbox, 100 Nodes, 1 Year Maintenance Renewal
#KL7954ACRFR
Get a Quote!
Kaspersky Research Sandbox, 250 Nodes, 1 Year Maintenance Renewal
#KL7954ACTFR
Get a Quote!
Kaspersky Research Sandbox, 1000 Nodes, 1 Year Maintenance Renewal
#KL7954ACVFR
Get a Quote!
Kaspersky Research Sandbox, 100 Nodes, 2 Years Maintenance Renewal
#KL7954ACRDR
Get a Quote!
Kaspersky Research Sandbox, 250 Nodes, 2 Years Maintenance Renewal
#KL7954ACTDR
Get a Quote!
Kaspersky Research Sandbox, 1000 Nodes, 2 Years Maintenance Renewal
#KL7954ACVDR
Get a Quote!
Kaspersky Research Sandbox, 100 Nodes, 3 Years Maintenance Renewal
#KL7954ACRTR
Get a Quote!
Kaspersky Research Sandbox, 250 Nodes, 3 Years Maintenance Renewal
#KL7954ACTTR
Get a Quote!
Kaspersky Research Sandbox, 1000 Nodes, 3 Years Maintenance Renewal
#KL7954ACVTR
Get a Quote!