sandbox


Fortinet participated in the NSS Labs 2017 Breach Detection System (BDS) group test and was awarded a Recommended rating for its latest FortiSandbox 2000E appliance introduced in the second half of 2017. [Read More]
by RSS Damien Lim  |  Nov 01, 2017  |  Filed in: Business and Technology
Welcome back to our monthly review of some of the most interesting security research publications. Previous edition: March 2017 What happened to your home? IoT Hacking and Forensic with 0-day from TROOPERS 17, by Park and Jin Figure 1: Hacking a vacuum cleaner The authors hacked a vacuum cleaner, which, besides cleaning, also includes an embedded camera and microphone. The hack wasn’t easy because the vacuum wasn’t too badly secured. The authors however found 2 vectors: 1. They connected on the... [Read More]
by RSS Axelle Apvrille  |  May 10, 2017  |  Filed in: Security Research
There have been numerous cases where advanced malware has been linked to significant data breaches. Malware authors employ a variety of techniques to hide their malicious intent, including the use of packing utilities to create “packed malware.” Ladi Adefala, Senior Security Strategist at Fortinet, explains how a real time sandbox can change the game with regard to defending against these sophisticated attacks. What is Packed Malware? Packed malware is one of the most common types of advanced malware, carefully designed to evade... [Read More]
by RSS Ladi Adefala  |  Dec 07, 2016  |  Filed in: Security Q & A
On September 26th, Fortinet announced our new Fortinet Fabric Ready Program, which delivers on the “Open” attribute of the Fortinet Security Fabric by providing threat intelligence visibility across multi-vendor cybersecurity solutions. Cross-product  coordination (regardless of vendor) is a critical capability for today’s enterprises, as it is rare for an organization to completely source all IT security components from a single vendor across the entirety of their network and covering all attack vectors.  Leaving... [Read More]
by RSS David Finger  |  Oct 18, 2016  |  Filed in: Industry Trends
The Internet of Things (networks of uniquely identifiable endpoints, or "things," that communicate without human interaction using embedded IP connectivity) is the next industrial revolution. Estimates say there will be 24 Billion IoT devices installed by 2020, and $6 Trillion will be invested in IoT devices over the next 5 years. With that kind of growth and investment, protecting each of these “things” and their corresponding interactions with other components, including our networks, will be critical. So where is this... [Read More]
by RSS Daniel Cole  |  Sep 14, 2016  |  Filed in: Industry Trends
Sandbox technology and the ongoing effort to defend and protect against cyber threats continues. Independent testing offers organizations valuable insight into what solutions are best for their use case. Below we discuss this maturing technology and the role of testing with Fortinet’s David Finger. I saw the announcement from NSS Labs about their recent Breach Detection Group Test results. What is the significance? Cyberattacks and breaches continue to be top of mind across organizations, and because of that, sandbox technology (or Breach... [Read More]
by RSS Bill McGee  |  Aug 02, 2016  |  Filed in: Industry Trends
Overview Over the last few months, the Shifu banking Trojan has become more common in the wild prevalent and the malware family has been getting a fair amount of attention both from researchers and the mainstream media. there have been a number of discussions surrounding the malware family. We also became aware that this malware attempts to bypass our sandbox technology, FortiSandbox. In this post, we will share some of our findings on this new banking Trojan and also talk about how our technologies can support and address Shifu. Prevalence While... [Read More]
by RSS Floser Bacurio  |  Nov 03, 2015  |  Filed in: Industry Trends
Are we losing the fight against malware and the hackers who are making every day a zero day? ***** MAY CONTAIN SPOILERS ***** Few authors are as skilled as GRRM when it comes to killing off important characters. Clearly, that oft-uttered phrase from the eastern continent, “valar morghulis”, is not just an empty bit of High Valyrian for the Game of Thrones author. For the two or three of you out there who haven’t heard of fierce tween, Arya Stark, utter the phrase valar morghulis, it literally translates to “All... [Read More]
by RSS Chris Dawson  |  Apr 10, 2015  |  Filed in: Industry Trends
Protection from advanced cyber threats requires a holistic approach to security - Including powerful sandboxing technologies. When we talk about sandboxes, we’re not talking about that big pile of dirt and germs you played in as a kid, although the name is certainly apt given the sorts of threats and infections that get bounced around in sandbox appliances. Sandboxes are either physical or virtual appliances that actually allow potentially malicious code to run in a safe environment where their behavior can be observed directly. Sandboxing... [Read More]
by RSS Chris Dawson  |  Mar 04, 2015  |  Filed in: Industry Trends
The main issue with Hack.Lu this year was that there were too many interesting things in parallel: interesting talks, workshops, CTF... :) Talks 19 year old Filippo Valsorda talked about the setup of https://filippo.io/Heartbleed/ (heartbleed testing website) and his surprise at how many requests the website got. Several end-users also misunderstood the site and thought he would fix the issue, not just say if vulnerable. Attila Marosi presented his reverse engineering of some leaked Android FinSpy spyware. His tools to run a fake FinFisher server... [Read More]
by RSS Axelle Apvrille  |  Nov 10, 2014  |  Filed in: Security Research