Much is being made about including Sandbox in security applications nowadays.
Whats the big deal?
Well, its not a big deal to be honest. So what if you bundle a readily available application like sandboxing along with your Anti virus! It really is not a big deal at all. Majority of vendors are using this bundling to justify charging for their Anti Virus amidst Microsoft making their version free. They are saying, hey pay for our Anti virus cos it has Sandox in it.
So why don’ t I see this as anything earth shattering but just a marketing gimmick?
Well for one because there are free Sandbox applications available, but more importantly so what if you have a sandbox! Overwhelming majority of end users are not going to know which application to sandbox or not. I mean how about malware that silently infects them? How will on demand Sandboxing help? How can user’s put these malware that they don’t see into sandbox? Just bundling a new application and expecting the user’s to change their behavior is NOT an easy thing especially when they also have to be experts at catching hidden infections so that they can sandbox them! believe me, we are world’s leading HIPS provider with over 25 million installations. And HIPS for consumers does teach you a lot about usability! 😉
We need a sandbox in a security application not as an add on, but as an integrated part of the security application, being used by the security application (this is a HUGE difference, pls note!). When an unknown application is detected, this should automatically be sandboxed. This way user can continue doing the work without being disturbed with unnecessary alerts, while the security of the system is maintained because the unknown application is held within the sandbox. This sandboxed application can then be sent to Anti Virus labs for further analysis and, depending on the outcome, can be deleted from sandbox or simply taken out and put on the Hard disk.
Now this is the way to use the Sandboxing technology in a security product like an Antivirus, achieving default deny based security with no pop ups or requiring decisions from user’s side! That is what is called Automatic Sandboxing TM. This is the revolutionary patent pending technology from Comodo! Default Deny Protection with virtually no pop ups is now reality!
Thanks
Melih