tag:blogger.com,1999:blog-7652481.post116161529741559178..comments2009-01-14T01:06:19.255-05:00David Biancohttp://www.blogger.com/profile/09760835714791462863noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-7652481.post-4934992556697651162009-01-14T01:06:00.000-05:002009-01-14T01:06:00.000-05:00A few more:<BR/><BR/>http://camas.comodo.com/<BR/>http://anubis.iseclab.org/<BR/>http://www.joebox.org/<BR/><BR/>And here you can get Web-based results for CWSandbox: http://www.cwsandbox.org/Jhttp://www.blogger.com/profile/16520171809045089172noreply@blogger.comtag:blogger.com,1999:blog-7652481.post-44087906293569439262007-04-03T19:38:00.000-04:002007-04-03T19:38:00.000-04:00It's too bad I didn't see this post earlier! Thank you for the kudos on our product. A couple clarifications on the post and comments:<BR/>- 'Sandbox' is a generic term, used by Norman, Sunbelt and others to describe the process of 'sandboxing' an app, malware or otherwise. Our product is hence, CWSandbox.<BR/>- The Sunbelt CWSandbox is based on Carsten Willems' CWSandbox project and we collaborate closely with his team.<BR/>- With respect to the reporting, that's more or less correct, the publicly accessible version isn't always in sync with the latest, nor is all the detailed exposed in the HTML report.<BR/>- Chad, Sunbelt-Software.Chadlhttp://www.blogger.com/profile/08696910278934284318noreply@blogger.comtag:blogger.com,1999:blog-7652481.post-1163197447165781792006-11-10T17:24:00.000-05:002006-11-10T17:24:00.000-05:00David,<BR/><BR/>I did some research on the companies mentioned in this posting and I came across a couple of news announcements that sounded confusingly similar. Perhaps you could shed some light here. One was from Sunbelt Software titled: Sunbelt Software Introduces Automated Sandbox Technology to Enable Rapid, Safe and Accurate Analysis of Malware (see: http://www.sunbelt-software.com/Press.cfm?id=164)<BR/><BR/>The other one was from Norman titled: Norman's Sandbox Analysis Tools Enable UK Organizations To Deal with Unknown Malware and Targeted Security Threats (see: http://sourcewire.com/releases/rel_display.php?relid=27810&hilite=)<BR/><BR/>The content of the press releases is eerily similar (is one ripping off the other?). One thing that did interest me was the following statement by Norman's CEO, Trygve Aasland in the Norman press release: <BR/><BR/>“The corporate information security market is seeing a shift away from mass attacks towards numerous individual, sophisticated attacks – often mounted by criminal gangs - that as a result pass “under the radar” of heuristic and signature-based technologies. Our new SandBox tools will help organizations take action against specific attacks by allowing the nature of the threat launched against them to be understood.”<BR/><BR/>“In particular, users urgently require analytical technologies which detect and categorize sophisticated targeted attacks, based on new forms of malicious code which are only detectable by their abnormal behavior. Used alongside other techniques in a multi-level security hierarchy, SandBox tools empower organizations to defend against targeted attacks and organized online criminal activity.”<BR/><BR/>Do you think Sunbelt and Norman are on to something unique here? Is this a better approach to dealing with malware threats?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7652481.post-1161780328470658122006-10-25T08:45:00.000-04:002006-10-25T08:45:00.000-04:00Well, they do list Symantec on the page you mentioned, but it's not included on the report itself, so I can't say that they're supporting it at all. I've heard from at least one other person that Symantec was showing up on reports at least a few weeks ago, so perhaps this is just a temporary thing.David Biancohttp://www.blogger.com/profile/09760835714791462863noreply@blogger.comtag:blogger.com,1999:blog-7652481.post-1161711837962226342006-10-24T13:43:00.000-04:002006-10-24T13:43:00.000-04:00VirusTotal *does* support Symantec.<BR/><BR/>http://www.virustotal.com/en/virustotalf.html<BR/><BR/>The missing heavyweight is Trend Micro. The VirusTotal folks say that they approached Trend Micro but Trend Micro refused to participate.snaikeshttp://www.blogger.com/profile/00291704397039941407noreply@blogger.com