Alternatives to Cuckoo Sandbox
Compare Cuckoo Sandbox alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Cuckoo Sandbox in 2024. Compare features, ratings, user reviews, pricing, and more from Cuckoo Sandbox competitors and alternatives in order to make an informed decision for your business.
-
1
Thinfinity Workspace
Cybele Software, Inc.
Thinfinity® Workspace 7 is a comprehensive, secure platform that offers a zero-trust approach, enabling secure and contextual access to corporate virtual desktops, virtual applications, internal web apps, SaaS, and files, whether they are on Windows, Linux, or mainframes. It supports various deployment models, including cloud, on-premise, and hybrid settings, and can be deployed on any cloud provider of your choice. With its proprietary reverse gateway technology, Thinfinity® Remote Workspace 7 ensures secure reverse connections over SSL with TLS 1.3 encryption. This robust approach doesn't require client-side installations, firewall modifications, or the opening of inbound ports on your network, thereby enhancing the security infrastructure of your business. The platform ensures all browser-based connections are secured over HTTPS, offering a wide variety of authentication options, from straightforward User/Password to sophisticated Active Directory authentication. -
2
VMware Fusion Pro
Broadcom
VMware Fusion gives Mac users the power to run Windows on Mac along with hundreds of other operating systems side by side with Mac applications, without rebooting. Fusion is simple enough for home users and powerful enough for IT professionals, developers and businesses. Running Windows on Mac is only the beginning. VMware Fusion lets you choose from hundreds of supported operating systems, from lesser-known Linux distributions to the latest Windows 10 release, to run side by side with the latest macOS release. Fusion makes it simple to test nearly any OS and app on a Mac. Build and test apps in a sandbox while securely sharing local source files and folders. Fusion Pro now includes a RESTful API to integrate with modern development tools like Docker, Vagrant, Ansible, Chef, and others to fit the power of VMware into today’s Agile and DevOps-oriented production pipelines. -
3
Joe Sandbox
Joe Security
Tired of high level malware analysis? Perform one of the deepest analysis possible - fully automated or manual - from static to dynamic, from dynamic to hybrid, from hybrid to graph analysis. Rather than focus on one, use the best of multiple technologies including hybrid analysis, instrumentation, hooking, hardware virtualization, emulation and machine learning / AI. Check out our reports to see the difference. Deeply analyze URLs to detect phishing, drive by downloads, tech scam and more. Joe Sandbox uses an advanced AI based algorithm including template matching, perptual hashing, ORB feature detection and more to detect the malicious use of legit brands on websites. Add your own logos and templates to extend the detection capabilities. Interact with the sandbox through Live Interaction - directly from your browser. Click through complex phishing campains or malware installers. Test your software against backdoors, information leakage and exploits (SAST and DAST). -
4
Secure Malware Analytics (formerly Threat Grid) combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. With a robust, context-rich malware knowledge base, you will understand what malware is doing, or attempting to do, how large a threat it poses, and how to defend against it. Secure Malware Analytics rapidly analyzes files and suspicious behavior across your environment. Your security teams get context-rich malware analytics and threat intelligence, so they’re armed with insight into what a file is doing and can quickly respond to threats. Secure Malware Analytics analyzes the behavior of a file against millions of samples and billions of malware artifacts. Secure Malware Analytics identifies key behavioral indicators of malware and their associated campaigns. Take advantage of Secure Malware Analytics's robust search capabilities, correlations, and detailed static and dynamic analyses.
-
5
Symantec Content Analysis
Broadcom
Symantec Content Analysis automatically escalates and brokers potential zero-day threats for dynamic sandboxing and validation before sending content to users. Analyze unknown content from one central location. Leveraging Symantec ProxySG, this malware analyzer uses a unique multi-layer inspection and dual-sandboxing approach to reveal malicious behavior and expose zero-day threats, and safely detonate suspicious files and URLs. Content Analysis delivers multi-layer file inspection to better protect your organization against known and unknown threats. Unknown or suspicious content from sources like ProxySG, messaging gateway, or other tools is delivered to Content Analysis for deep inspection, interrogation, analysis and ultimately blocking, if deemed malicious. Recent enhancements to Content Analysis strengthens this platform even further. -
6
Avira Cloud Sandbox
Avira
The Avira Cloud Sandbox is an award-winning, unlimited-scale automated malware analysis service. It blends multiple advanced analysis technologies to deliver a complete threat intelligence report from an uploaded file. The Cloud Sandbox API delivers a detailed, file-specific, threat intelligence report. It contains valuable, actionable intelligence. The report has a detailed classification of the file, information on the techniques, tactics and procedures (IoCs) present in the threat, and a description of how and why the submitted file was identified as clean, malicious, or suspicious. Avira’s Cloud Sandbox leverages the technologies developed within the Avira Protection Cloud, the cloud security system that underpins the anti-malware and threat intelligence solutions of Avira. Through OEM technology partnerships we protect many of the world’s leading cyber-security vendors, and nearly a billion people world-wide. -
7
Falcon Sandbox
CrowdStrike
Falcon Sandbox performs deep analysis of evasive and unknown threats, enriches the results with threat intelligence and delivers actionable indicators of compromise (IOCs), enabling your security team to better understand sophisticated malware attacks and strengthen their defenses. Unique hybrid analysis technology detects unknown and zero-day exploits while defeating evasive malware. Uncover the full attack lifecycle with in-depth insight into all file, network, memory and process activity. Save time and make all security teams more effective with easy-to-understand reports, actionable IOCs and seamless integration. The most sophisticated analysis is required to uncover today’s evasive and advanced malware. Falcon Sandbox’s Hybrid Analysis technology exposes hidden behavior, defeats evasive malware and delivers more IOCs, to improve the effectiveness of the entire security infrastructure. -
8
VIPRE ThreatAnalyzer
VIPRE
VIPRE ThreatAnalyzer is a dynamic malware analysis sandbox that lets you safely reveal the potential impact of malware on your organization, so you can respond faster and smarter in the event of a real threat. Today’s most devastating security risks are often disguised as legitimate executable files, PDFs, or Microsoft Office documents. One wrong click, and you can seriously disrupt business and rack up massive financial damage. But wouldn’t it be useful to see exactly how that might unfold? You could understand how an attack is constructed, and you could identify which networks and systems are at greatest risk. VIPRE ThreatAnalyzer allows you to intercept and reroute suspicious files, even ransomware and zero-day threats, to a sandbox where they can be detonated in a safe environment, and then analyzed by a machine-learning determination engine. You get the benefit of understanding how would-be attackers think, without compromising your networks. -
9
ANY.RUN
ANY.RUN
ANY.RUN is an online interactive sandbox for DFIR/SOC investigations. The service gives access to fast malware analysis and detection of cybersecurity threats. The effectiveness of the solution has been proven by over 400,000 active users who find new threats with ANY.RUN daily. More than 1000 companies have already taken advantage of ANY.RUN malware analysis sandbox, which is available to businesses of all sizes and at an affordable cost. The easy-to-use service also helps companies improve and simplify malware analysis process and cyber security as a whole. Committed to helping organizations proactively detect and defend against advanced cyber threats, ANY.RUN delivers a cutting-edge interactive solution that empowers companies to quickly analyze malware, which continuously changes and evolves. Learn more at ANY.RUN's website.Starting Price: $109 per month -
10
SHADE Sandbox
SHADE Sandbox
You browse the internet everywhere and your device is at a threat of malware attack, therefore advanced appliance-based sandboxing is immensely useful. Sandboxing tool is like a protective layer that restrains viruses and malware in the virtual environment. SHADE Sandbox is used to safely execute suspicious code without any risk of causing harm to the network or host device. SHADE Sandbox is a program that creates an isolated environment. It is the most effective shareware sandboxing solution. Downloading and installing SHADE Sandbox for advanced malware attack prevention creates a layer of protection against any security threat, which is previously unseen cyber-attacks and particularly, stealthy malware. The best part of sandbox is what happens in the sandbox remains in it – prohibiting system failures and stopping software vulnerabilities from spreading. SHADE Sandbox and protect your PC!Starting Price: $ 21.02 per year -
11
FortiSandbox
Fortinet
Unlike previous generation of viruses that were non-sophisticated and low in volume, antivirus tools were sufficient to provide reasonable protection with their database of signatures. However, today’s modern malware entails new techniques such as use of exploits. Exploiting a vulnerability in a legitimate application can cause anomalous behavior and it’s this behavior that attackers take advantage of to compromise computer systems. The process of an attack by exploiting an unknown software vulnerability is what is known as a zero-day attack aka 0-day attack, and before sandboxing there was no effective means to stop it. A malware sandbox, within the computer security context, is a system that confines the actions of an application, such as opening a Word document, to an isolated environment. Within this safe environment the sandbox analyzes the dynamic behavior of an object and its various application interactions in a pseudo-user environment and uncovers any malicious intent. -
12
Comodo Internet Security
Comodo
Our sandbox technology automatically locks unknown files in a secure environment while our Valkyrie system tests their behavior in real-time - protecting you against malware that the virus industry hasn’t even discovered yet. Hot spot protection that encrypts all data transmitted over both wired and wireless Internet connections up to 10GB per month. Secure Shopping lets you shop and bank online with confidence. This breakthrough technology isolates your browser inside a secure container which cannot be hacked, tracked or viewed by malware or internet thieves. Tracks down and destroy any existing malware hiding in a PC. Detects spyware threats and destroys each infection. Prevents malicious software turning your PC into a zombie. Protects critical system files and blocks malware before it installs. Cutting-edge protection against sophisticated buffer overflow attacks.Starting Price: $29.99 per year -
13
ReversingLabs Titanium Platform
ReversingLabs
A complete advanced malware analysis platform that speeds destructive file detection through automated static analysis. Delivered in any cloud, any environment, for every part of the enterprise. Over 360 file formats processed and 3600 file types identified from diverse platforms, applications & malware families. Real-time, deep inspection of files, scalable to 150 million files per day without dynamic execution. Tightly coupled connectors integrate industry leading email, EDR, SIEM, SOAR, and analytics platforms. Unique Automated Static Analysis fully dissects internal contents of files in 5 ms without execution, obviating the need for dynamic analysis in most cases. Empower dev and AppSec teams with the industry-leading SBOM that delivers a full and accurate software picture through dependency, malicious behavior and tampering visibility, that accelerates confident release and compliance, while giving the SOC deep software threat intelligence to isolate and respond. -
14
Avast Premium Security
Avast
Spoofed (fake) websites are one of the oldest hacking tricks in the book. Avast Premium Security scans websites for security risks on both your computer and mobile phone, so you can finally shop and bank online safely on any device. Remote access attacks are on the rise — and the last thing you want is for a hacker to remotely take control of your PC and infect it with malware or lock your files with ransomware. Avast Premium Security now protects your PC against these attacks. Viruses, ransomware, scams, and other attacks target Windows more than any other operating system. So if you’re a PC owner, the stronger your protection, the better. Your Mac is not immune to malware. And malware isn’t even the only threat Macs face. Malicious websites and vulnerable Wi-Fi networks can also jeopardize your safety — unless you have the right protection. Android phones are vulnerable to both malware and theft.Starting Price: $39.99 per device per year -
15
Binary Ninja
Binary Ninja
Binary Ninja is an interactive disassembler, decompiler, and binary analysis platform for reverse engineers, malware analysts, vulnerability researchers, and software developers that runs on Windows, macOS, and Linux. Disassemble executables and libraries from multiple formats, platforms, and architectures. Decompile code to C or BNIL for any supported architecture, including your own. Automate analysis with C++, Python, and Rust APIs from inside or outside the UI. Visualize control flow and navigate through cross-references interactively. Name variables and functions, apply types, create structures, and add comments. Collaborate effortlessly with synchronized commits using our Enterprise product. Our built-in decompiler works with all of our officially supported architectures at one price and builds on a powerful family of ILs called BNIL. In fact, not just our architectures, but even community architectures can produce amazing decompilation.Starting Price: $299 one-time payment -
16
odix
odix
odix’s patented technology disarms malicious code from files. Our concept is simple, instead of trying to detect the malware, odix generates a malware free copy of the file to the user. Total protection from known and unknown threats delivered to corporate network by incoming files. odix’s malware prevention solutions are based on its Deep File Inspection and TrueCDR™ patented technology. The algorithms provide new detection-less approach against File-Based attacks. The core CDR (Content Disarm and Reconstructions) process focuses on verifying the validity of the file structure on the binary level and disarms both known and unknown threats. This is very different from anti-virus and sandbox methods that scan for threats, detect a subset of malware and block files. With CDR, all malware, including zero-days, are prevented and the user gets a safe copy of the originally infected file. -
17
QFlow
Quarkslab
QFlow is an advance malware detection and analysis platform to reduce the risk of infection during file transfers. QFlow offers comprehensive detection methods and the customization and automation of processing chains to meet specific needs. QFlow integrates a suite of tools that allow advanced analysis of potentially malicious files: commercial antiviruses, commercial sandboxes, open source tools optimized with Quarkslab's expertise. The deployment modes offered, as well as the strict security requirements that apply to the solution, reduce the risk of data leakage. Use Cases: - detection of malware in files and URLs - advanced threat analysis for security engineers - simplified integration into IT infrastructure or business application chains via ICAP or APIs - removable device security through white stations Analysis: - Static analysis (4 AVs) - Dynamic analysis (VMRay) - Morphological analysis (Binary analysis by Cyber Detect's GORILLE) -
18
REMnux
REMnux
REMnux® is a Linux toolkit for reverse-engineering and analyzing malicious software. REMnux provides a curated collection of free tools created by the community. Analysts can use it to investigate malware without having to find, install, and configure the tools. The easiest way to get the REMnux distro is to download the REMnux virtual machine in the OVA format, then import it into your hypervisor. You can also install the distro from scratch on a dedicated host or add it to an existing system running a compatible version of Ubuntu. The REMnux toolkit also offers Docker images of popular malware analysis tools, making it possible to run the them as containers without having to install the tools directly on the system. You can even run the REMnux distro as a container. For details about installing, using, and contributing to REMnux, as well as for information about the tools included in the toolkit, see the REMnux documentation site. -
19
FileScan.IO
FileScan GmbH
FileScan.IO is a next-gen malware analysis platform with the following emphasis: - Providing rapid and in-depth threat analysis services capable of massive processing - Focus on Indicator-of-Compromise (IOC) extraction and actionable context Key Benefits - Perform detection and IOC extraction for all common files in a single platform - Rapidly identify threats, their capabilities and update your security systems - Search your corporate network for compromised endpoints - Analyze files at scale without actually executing them - Easy reporting for entry level analysts and executive summary - Easy deployment and maintenance We offer a free community service which is a free malware analysis service that offers rapid in-depth file assessments, threat intelligence and indicator of compromise (IOCs) extraction for a wide range of executable files, documents and scripts. -
20
Jotti
Jotti
Jotti's malware scan is a free service that lets you scan suspicious files with several anti-virus programs. You can submit up to 5 files at the same time. There is a 250MB limit per file. Please be aware that no security solution offers 100% protection, not even when it uses several anti-virus engines. All files are shared with anti-virus companies so detection accuracy of their anti-virus products can be improved. We are not interested in names, addresses, or other information providing insight into the identities of our visitors, but we do log and use some of the data you provide. We recognize that privacy is important and we want you to completely understand what happens with the information you send to us. We store files you send in for scanning and share these with anti-malware companies. We do this to help anti-malware companies improve the detection accuracy of their security products. We treat your files confidentially. -
21
FileAlyzer
Spybot
If you want to know more about the inner life of files, FileAlyzer is the tool you urgently need! FileAlyzer shows basic file content, a standard hex viewer, and a wide range of customized displays for interpreted complex file structures that help you understand the purpose of a file. It also supports generation of OpenSBI advanced file parameters, with FileAlyzer you can find the right attributes to write your own optimized malware file signatures! Files as you see them do often contain more than the visible content, through so-called alternate data streams. FileAlyzer makes the additional information in these streams visible through a list of streams associated with the current file, and a basic hex viewer. Sometimes, malware attaches itself as a custom stream to legit files, and can be identified here. Android apps are actually zip archives that include the app code and many resources and configuration files. FileAlyzer will display a few app properties. -
22
Sandboxie
Sandboxie
Sandboxie is a sandbox-based isolation software for 32- and 64-bit Windows NT-based operating systems. It is being developed by David Xanatos since it became open source, before that it was developed by Sophos (which acquired it from Invincea, which acquired it earlier from the original author Ronen Tzur). It creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying the local or mapped drive. An isolated virtual environment allows controlled testing of untrusted programs and web surfing. Since the Open Sourcing sandboxie is being released in two flavors the classical build with a MFC based UI and as plus build that incorporates new features and an entirely new Q’t based UI. All newly added features target the plus branch but often can be utilized in the classical edition by manually editing the sandboxie.ini file. -
23
MoQuality
MoQuality
MoQuality is a sandbox that enables end-to-end UI testing for your Android and iOS apps. Helps build robust Appium tests. No more flaky tests. Integrates with your continuous testing workflow. Stores all test artifacts (tests, builds and reports) under one dashboard. Generates visual test reports to assist with triaging and test maintenance. Enables advanced functionality over Appium open-source. Write your Appium tests in Python, Java, JavaScript (wd/webdriverio). Build and debug your Appium script on the fly with MoQuality. Run the tests locally on real devices, emulators, and simulators. Test reports are the results of test runs that are saved by the user. You can run your Appium tests locally as many times as you wish. MoQuality supports most Android and iOS real devices, emulators and simulators. We do not restrict the number of users per license. Go ahead and add all your teammates to share the test reports.Starting Price: $25 per month -
24
Shadow Defender
Shadow Defender
Shadow Defender is an easy-to-use security solution (for Windows operating systems) that protects your PC/laptop real environment against malicious activities and unwanted changes. Shadow Defender can run your system in a virtual environment called 'Shadow Mode'. 'Shadow Mode' redirects each system change to a virtual environment with no change to your real environment. If you experience malicious activities and/or unwanted changes, perform a reboot to restore your system back to its original state, as if nothing happened. With Shadow Defender, you have the flexibility to specify which files and folders are permanently saved to the real environment. This ensures important files and folders are kept after a reboot. If you want to make a maintenance-free computer, Shadow Defender will be your best choice. Surf the internet safely and eliminate unwanted traces. Eliminate system downtime and maintenance costs. Reboot to restore your system back to its original state.Starting Price: $39 one-time payment -
25
Intezer Analyze
Intezer
Intezer automates Tier 1 SOC tasks, working like an extension of your team. Intezer can monitor incoming incidents from endpoint, email, or SIEM tools, then "autonomously" collects evidence, investigates, triages, triggers remediation action, and escalates only the the serious threats to your team for human intervention. Fast set up and integrations with your SOC and IR teams workflows (EDR, SOAR, SIEM, etc.) means you can starting filtering out false positives, get detailed analysis about every threat, and speed up your incident response time. Make sure every incident and artifact (such as files, URLs, endpoint memory, etc.) gets deeply analyzed, detecting malicious code in memory and other evasive threats.Starting Price: Free -
26
V-OS is V-Key’s core patented technology, a virtual secure element. It is a secure sandbox that is embedded within a native iOS or Android mobile app and creates a safe operating environment where data can be stored and cryptographic processes can be executed in isolation from the rest of the mobile app. In this video, we take a step back to introduce and explain the core of our technology, V-OS. With V-OS as the security foundation of your mobile application, your organization can build a wide range of solutions that are secure, trusted and scalable, and customized to your business needs. Layered tamper detection and response mechanisms. Patented cryptographic virtual machine. FIPS 140-2 Level 1 and Common Criteria EAL3+. Minimizes total costs of ownership. Faster market penetration with effortless over-the-air deployment. Flexible and extensible SDK framework. Eradicate costly hardware dependency.Starting Price: Free
-
27
Deep Discovery Inspector
Trend Micro
Deep Discovery Inspector is available as a physical or virtual network appliance. It’s designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches. Organizations are increasingly becoming victims of targeted ransomware when advanced malware bypasses traditional security, encrypts data, and demands payment to release the data. Deep Discovery Inspector uses known and unknown patterns and reputation analysis to detect the latest ransomware attacks, including WannaCry. The customized sandbox detects mass file modifications, encryption behavior, and modifications to backup and restore processes. Security professionals are flooded with threat data coming from numerous sources. Trend Micro™ XDR for Networks helps prioritize threats and provide visibility into an attack. -
28
PT MultiScanner
Positive Technologies
PT MultiScanner provides multiple levels of anti-malware protection to detect and block infections on corporate infrastructure, uncover hidden threats, and facilitate investigation of malware-related security incidents. Counting on the same antivirus vendor to be right every time? Draw on the best anti-malware vendors and Positive Technologies expertise instead. Extensive integration support and scalability make PT MultiScanner the right choice for both startups and the largest corporations. Suspicious objects are scanned with multiple anti-malware engines, static analysis, and Positive Technologies reputation lists. The solution supports scanning of files and archives, including recursively compressed ones. As a result, PT MultiScanner can spot and block malware far more effectively than any one method used in isolation. -
29
Apozy Airlock
Apozy
Apozy Airlock. The browser endpoint detection and response platform that neutralizes web attacks in one click. The Internet is a dangerous place. It doesn’t have to be. Airlock fills the gap in your EPP/EDR by protecting the browser, delivering a safe, clean, and lightning-fast internet experience. Powered by the very first visually-aware native browser isolation platform with over 6 petabytes of visual data, Airlock prevents web attacks in real time. Airlock stops spearfishing in its tracks. With a visual model database of over 67.83 billion pages which analyzes over 12.20 trillion links per year, our technology protects anyone clicking on a malicious link by sandboxing the threat.Starting Price: $9/month/user -
30
Comodo Antivirus
Comodo
Complete protection for all of your devices at only $29.99 per device includes an award-winning firewall, host intrusion prevention, sandbox for untrusted software, anti-malware, and buffer overflow protection to tackle today’s diverse threats. Simply put, our antivirus program has everything you and your family need to safely browse the internet and use your device. Our free download offers basic protection for your PC but depending on your needs, that may not be enough. Complete Antivirus actively protects you while you shop online, offers web filtering and unlimited product support! We are offering the best value on the market because we strongly believe in creating a cyber-safe environment for everyone. We are a company that develops the most advanced cyber-security solutions for enterprise businesses, and we use that same technology to protect homes across the world with Comodo Antivirus.Starting Price: $29.99 per year -
31
WildFire
Palo Alto Networks
WildFire® utilizes near real-time analysis to detect previously unseen, targeted malware and advanced persistent threats, keeping your organization protected. Access advanced file analysis capabilities to secure applications like web portals, integrate with SOAR tools, and more. Incorporate WildFire’s unique malware analysis capabilities spanning multiple threat vectors resulting in consistent security outcomes across your organization via an API. Choose flexible file submission and query volumes as needed without requiring a next-generation firewall. Leverage industry-leading advanced analysis and prevention engine capabilities, regional cloud deployments, & unique network effect. WildFire combines machine learning, dynamic and static analysis, and a custom-built analysis environment to discover even the most sophisticated threats across multiple stages and attack vectors. -
32
Enigma Virtual Box
The Enigma Protector
Application virtualization system for Windows. Enigma Virtual Box enables application files and registry to be consolidated in a single executable file, without loss of efficiency and without virtualized files having to be extracted to the HDD. Enigma Virtual Box is a free application that supports both x86 and x64 binaries. Enigma Virtual Box is used for file and registry systems virtualization and allows you to consolidate all files and registry used by your application into a single executable file without having to extract virtual files to the disk. With Enigma Virtual Box, you can virtualize any types of files, dynamic libraries, ActiveX/COM objects, video and music files, text files, etc. Enigma Virtual Box does not extract temporary files to the HDD, file emulation is performed in the process memory only. Enigma Virtual Box does not extract the virtualized files to the disk and does not create any temporary files on the user's computer.Starting Price: $199 -
33
ToolWiz Time Freeze
ToolWiz
Create a virtual environment as a copy of the real system where allows an unmodified operating system with all of its installed software to run, keeping your actual system frozen and away from unwanted changes and malicious threats. Nothing bad can happen to your PC while Toolwiz Time Freeze is up and running. Run multiple operation systems (real&virtual systems) at the same time on the same PC without reboot and easily switch between them to optimize your PC resources and improve efficiency. Consolidate the management and utilization of your system’s resources to help you build a more flexible and responsive IT infrastructure. No matter what changes are made, no matter what happens, a simple restart will return things to the way they were. Modifications made to the settings can be undone, files downloaded from the web can be removed, and other unwanted changes will all can be undone when you restart your PC. -
34
VMware Workstation Pro
Broadcom
VMware Workstation Pro is the industry standard for running multiple operating systems as virtual machines (VMs) on a single Linux or Windows PC. IT professionals, developers and businesses who build, test or demo software for any device, platform or cloud rely on Workstation Pro. VMware Workstation Pro allows you to run multiple operating systems at once on the same Windows or Linux PC. Create real Linux and Windows VMs and other desktop, server, and tablet environments, complete with configurable virtual networking and network condition simulation, for use in code development, solution architecting, application testing, product demonstrations and more. Securely connect with vSphere, ESXi or other Workstation servers to launch, control and manage both virtual machines (VMs) and physical hosts. A common VMware hypervisor maximizes productivity and enables easy transfer of VMs to and from your local PC. -
35
VirtualBox
Oracle
VirtualBox is a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL) version 2. See "About VirtualBox" for an introduction. Presently, VirtualBox runs on Windows, Linux, Macintosh, and Solaris hosts and supports a large number of guest operating systems including but not limited to Windows (NT 4.0, 2000, XP, Server 2003, Vista, Windows 7, Windows 8, Windows 10), DOS/Windows 3.x, Linux (2.4, 2.6, 3.x and 4.x), Solaris and OpenSolaris, OS/2, and OpenBSD. VirtualBox is being actively developed with frequent releases and has an ever growing list of features, supported guest operating systems and platforms it runs on. VirtualBox is a community effort backed by a dedicated company. -
36
PolySwarm
PolySwarm
Unlike in any other multiscanner, in PolySwarm there is money at stake: threat detection engines back their opinions with money, at the artifact level (file, URL, etc.), and are economically rewarded and penalized based on the accuracy of their determinations. The following process is automated and is executed by software (engines) in near real time. Users submit artifacts to PolySwarm’s network via API or web UI. Crowdsourced intelligence (engine determinations) and a final score (PolyScore) are sent back to the User. The money from the bounty and the assertions becomes the reward, which is securely escrowed in an Ethereum smart contract. Engines that made the right assertion are rewarded with the money from the initial bounty from the enterprise plus the money the losing engines included with their assertions.Starting Price: $299 per month -
37
Threat.Zone
Malwation
Threat.Zone is a hypervisor-based, automated and interactive tool for analyzing malware , you can fight new generation malware.Starting Price: $50 per month -
38
CloudSandboxes
CloudSandboxes
Now it is possible to organize your one-day resources in the CloudSandboxes environment. Save up to 80%. To manage resources created during a demo, you need to keep track on them. Create these one-day resources in a sandbox environment. CloudSandboxes will organize the closing after each working day. Quality asks for cloud certified employees. Preparation for exams should be done in a save and cheap sandbox solution. The created resources for this purpose are neatly cleaned up by CloudSandboxes. An architect will experiment with cloud resources before they become part of a user story. Use these temporarily resources in a sandbox solution. They will not clutter dev and test environments. CloudSandboxes will safely close only your one-day resources. CloudSandboxes has no restrictions on its use. You can use CloudSandboxes to manage all your one-day resources. CloudSandboxes will take care of the used one-day resources when their working day is over.Starting Price: €199 per month -
39
BUFFERZONE
Bufferzone Security
BUFFERZONE provides a patented containment and disarming solution that defends endpoints against advanced malware and zero-day attacks while maximizing user and IT productivity. By isolating potentially malicious content coming from browsers, email and removable media, BUFFERZONE defends individuals and organizations from advanced threats that evade detection. BUFFERZONE disarms content for securely transferring it from the container to the native endpoint and secure network zones, and provides critical intelligence for enterprise-wide security analytics. Easy to deploy and configure, BUFFERZONE is a lightweight solution that provides cost-effective containment for up to thousands of endpoints. -
40
CodeSandbox
CodeSandbox
CodeSandbox is a cloud development platform that empowers development teams to code, collaborate, and ship projects of any size from any device in record time. Run your code in powerful microVMs and build anything without limits. We configure your environment for you and keep your code always ready, behind a URL. Boxy, the CodeSandbox AI coding assistant, is also now available to all Pro subscribers.Starting Price: $12 per month -
41
YARA
YARA
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determine its logic. YARA-CI may be a useful addition to your toolbelt. This is GitHub application that provides continuous testing for your rules, helping you to identify common mistakes and false positives. The above rule is telling YARA that any file containing one of the three strings must be reported as silent_banker. -
42
AP Lens
AP Lens
AP Lens is a Sandbox Browser that isolates networks using DNS Whitelisting. We stop the attack before it reaches the network. What does AP Lens provide? - Web Filtering: Flexible and user-friendly content blocking. - Anti-Phishing: Stop look-alike domains with 100% accuracy. - Ransomware Protection: Isolate the network without affecting business applications. - Secure Remote Work: Enforce internet usage policies without VPN slowness. - No More 0-Day Attacks: Escape the limits of blacklisting with AP Lens Augmented Whitelist. - Compliant: AP Lens meets regulatory requirements requested by cybersecurity insurance policies. - One-Click Installation: No need for a lengthy setup process or updating from the user's side. - No Maintenance: Stop malware and phishing without continuous monitoring. Our team builds on over 20 years of experience in cyber security, cloud security, and information protection in industries such as private banking and the public sector.Starting Price: $5 -
43
REVERSS
Anlyz
Threat actors today are highly sophisticated and are using disruptive technologies to penetrate the security walls of enterprises in unrelenting fashion. Reverss provides automated dynamic malware analysis to enable Cyber Intelligence Response Teams (CIRT) to mitigate obfuscated malware faster and effectively. Speedy detection of malware is powered by a central detection engine to drive functions around security operations towards correct threat response. Get actionable insights on how to tackle and rapidly nullify attacks with backing from robust security libraries that track past threats and intelligently reverse new ones. Enrich tasks of security analysts to expose more threat behaviors with context to understand the scope of threat. Derive thorough Malware Analysis Reports that drill down every detail of why, how and when an evasion occurred to upkeep your experts with knowledge and defend your business from future attacks. -
44
Hybrid Analysis
Hybrid Analysis
Here you can find common 'how-to' and troubleshooting guides around this community platform and aspects of the Falcon Sandbox platform. Please use the menu on the left side to navigate through some of the published articles. Hybrid Analysis requires that users undergo the Hybrid Analysis Vetting Process prior to obtaining an API key or downloading malware samples. Please note that you must abide by the Hybrid Analysis Terms and Conditions and only use these samples for research purposes. You are not permitted to share your user credentials or API key with anyone else. Please notify Hybrid Analysis immediately if you believe that your API key or user credentials have been compromised. At times, it may happen that a vetting request will get rejected due to incomplete data or a missing full real name, real business name or other means of validating cybersecurity credentials. In this case, it is possible to re-submit a vetting request one more time. -
45
VirusTotal
VirusTotal
VirusTotal inspects items with over 70 antivirus scanners and URL/domain blocklisting services, in addition to a myriad of tools to extract signals from the studied content. Any user can select a file from their computer using their browser and send it to VirusTotal. VirusTotal offers a number of file submission methods, including the primary public web interface, desktop uploaders, browser extensions and a programmatic API. The web interface has the highest scanning priority among the publicly available submission methods. Submissions may be scripted in any programming language using the HTTP-based public API. VirusTotal can be useful in detecting malicious content and also in identifying false positives, normal and harmless items detected as malicious by one or more scanners. As with files, URLs can be submitted via several different means including the VirusTotal webpage, browser extensions and the API. -
46
OPSWAT
OPSWAT
Our goal is to eliminate malware and zero-day attacks. We believe that every file and every device pose a threat. Threats must be addressed at all locations at all times—at entry, at exit, and at rest. Our products focus on threat prevention and process creation for secure data transfer and safe device access. The result is productive systems that minimize risk of compromise. That’s why 98% of U.S. nuclear power facilities trust OPSWAT for cybersecurity and compliance. Solutions built to protect critical infrastructure. MetaDefender Kiosk ensures compliance with security policies by acting as a digital security guard—inspecting all media for malware, vulnerabilities, and sensitive data. MetaDefender Drive creates a portable perimeter, inspecting devices, even before they boot up. MetaDefender Vault is a secure file storage and retrieval solution that protects critical files.Starting Price: $0 -
47
Zemana AntiMalware
Zemana
Scan your PC in fast and effective way for malware, spyware, virus detection and removal. Detects and removes annoying browser add-on's, adware, unwanted apps and toolbar and any type of malware on your PC. We are developing this product based on your feedback. Don't let malware take away your PC! Zemana is a cyber-security company that keeps you safe from identity theft, credit card fraud, ransomware and other dangers of the online world. This is a privately held company, formed in 2007 by three college graduates. They wanted to offer more refined security solutions because at that time there were no products on the market that could defeat the rapidly growing level of new hacking variants. This is how our pioneer product Zemana AntiLogger came to life. Instead of just updating a virus database with known virus variants, Zemana AntiLogger was based on behavioral characteristics, so any unexpected and suspicious activity on a computer was blocked automatically.Starting Price: $24.95 per year -
48
AhnLab Xcanner
AhnLab
It is difficult to apply the latest security patch to various fixed function systems, such as Industrial Control Systems (ICS), Point of Sales (POS) Systems, KIOSKs, and ATMs, due to their sensitivity and outdated OS. This leaves them vulnerable to malware infection. As such these systems are placed in air-gapped network or low bandwidth network environments, which are designed to perform only set processes with bare minimum system requirements, it is often impossible to perform engine updates, real-time detection, and remediation with security programs built for PC environment. AhnLab Xcanner enables users to set scan and repair options according to each operating environment and provides minimal clashes with pre-installed security agents. Due to its user-friendly interface, on-site workers and facility managers with zero security knowledge can also easily respond to malware. -
49
BitNinja
BitNinja.com
BitNinja provides 3E Linux server protection for large hosting providers and small businesses equally. Effective because of our unique Defense Network that uses the power of the Ninja Community. Every BitNinja-protected server worldwide shares attack information with each other, resulting in a more intelligent and stronger protection shield by every single assault. Effortless because it is fast and easy to install, so your server protection is up and running in no time. It requires no maintenance, just keep running in the background and protecting your and your customer’s servers while you can concentrate on other aspects of your business with peace of mind. Enjoyable because you can take joy in the benefits of BitNinja, like the increased server capacity caused by the significant drop in the server load. Furthermore, you can easily manage all the modules and features on the unified dashboard and check how the the software catches malicious traffic in real-time.Starting Price: $10 per server -
50
Apptimized SafeBox
Apptimized
The software you use within the IT environment impacts the productivity of your team and business. But, what if software doesn't fit or you can't use it within the corporate infrastructure? It can cause the growth of Shadow IT and jeopardize your IT estate, from software contamination to the failure of the entire system. Apptimized SafeBox allows you to use a managed sandbox environment in the cloud and work with non-standard workloads depending on your needs. Use cloud-native safeboxes to assess, test, evaluate, package, etc. before installing software on your devices. Any data produced using SafeBox and your installed apps are kept kept as long as you need. Also, SafeBox provides you with a snapshot feature that allows you to switch between SafeBox states, setups, and configurations. If you wish to go back to the initial or intermediate state - simply revert it to a snapshot.