Jump to content

Does eset have an answer to client sandboxing?

VanillaHaze

By VanillaHaze
in General Discussion

 Share

Recommended Posts

VanillaHaze

VanillaHaze 0

Posted
Posted (edited)

I am currently using eset’s smart security premium plan, however I wondered whether there is any add-on programmes or recommendation for containment technology so end users can run virtualised browser instances and downloads within a sandbox on their device for analysis? Something comparable to this - https://help.comodo.com/topic-72-1-451-4739-.html

 

Edited by VanillaHaze
Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted

You can set up the Comodo firewall so that everything runs in an isolated environment: https://www.youtube.com/watch?v=vktNQCwB2UY . You then just set up exclusions for your trusted apps. Video author states on the various security forums that no 0-day malware has been able to bypass her custom Comodo setup.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

It depends on what you want to achieve. If you want a sandbox for the purpose of removing changes made by applications that you install, ESET doesn't offer such solution. You can use the open-source application Sandboxie for this purpose.

If you want to test possible malware, I'd go for a hypervizor and use virtual machines rather a sandbox on your production machine.

When ESET scans files, it runs them in a virtual sandbox to evaluate the behavior and to create a DNA for matching advanced DNA detections.

ESET business users can also opt for ESET Dynamic Threat Defense when suspicious files are first sent to a cloud ESET sandbox where they are run and are also evaluated by Machine Learning (Augur) using 6 classification algorithms. For more information, please read https://www.eset.com/int/about/technology/. An admin can choose proactive protection and block execution of such files until a result of analysis is received.

Link to comment
Share on other sites
VanillaHaze

VanillaHaze 0

Posted
  • Author
Posted
3 hours ago, itman said:

You can set up the Comodo firewall so that everything runs in an isolated environment: https://www.youtube.com/watch?v=vktNQCwB2UY . You then just set up exclusions for your trusted apps. Video author states on the various security forums that no 0-day malware has been able to bypass her custom Comodo setup.

 

That was very interesting. 

Just to elaborate, im not a cybersecurity professional - the use case here is to observe and software features and architecture and programming under the hood, as a student, but its the source/repos that im not too sure of, even though they are premium solutions. Although I have a separate isolated hardware set-up for this work than to my ‘daily drivers’ (so I can literally just bin the hardware if things go seriously troublesome) the lan is the same, so my main concern is to protect the network. Ideally I need to contain the installed desktop/web apps and be able to force bridged connections from system wide VPN on host OS to the guest so that any nefarious snooping via malicious applications will not find wi-fi gateway or know my local ip. Im being extremely cautious but thats just for the sake of everyone else on the network!

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...