Sophos Sandstorm

Next-gen sandboxing made simple.

Sandbox threat defense made simple

Sophos Sandstorm offers your own dedicated cloud sandbox environment to stop the latest zero-day and unknown threats like ransomware and keep them off your network and away from your endpoints. Available with Sophos XG Firewall, UTM, Web Appliance, and Secure Email Gateway, Sophos Sandstorm uses next-gen, cloud-sandbox technology to give your organization an extra layer of security against evasive threats like ransomware and zero-day malware disguised as executables, PDFs, and Microsoft Office documents.

Smarter cloud sandboxing to stop unknown threats – dead

Sandstorm accurately pre-filters all files to ensure high performance, and focuses detonation on unknown, suspicious files, greatly increasing performance.

The Good

With over 30 years of threat intelligence data built into our sandbox pre-filtering engine, we quickly identify and deliver safe files without sandboxing.

The Bad

If we already know it’s bad, we block it at the source. With the Sophos antivirus engine, your users will never see a file we detect as malicious.

The Unknown

Windows .exe files, documents with macros, PDFs with scripts – all signs of potential malicious behavior. Sandstorm only selects these unknown, potentially malicious files for detonation in the sandbox. The process takes just a few of minutes to complete.

Intercept ransomware and zero-day threats with Sophos Sandstorm

Blocking attacks based on their behavior, not their appearance, is the most effective way to provide protection against zero-day threats.

Blocking bad behavior in the sandbox

Threats are constantly changing their appearance. Malware authors update code, obfuscate it, encrypt it, to make it appear different than it looked before. The behavior of malicious threats is what remains constant. Once selected for execution, all file processes, file activity, registry activity, network connections are analyzed before a decision is made.

The power of Sophos and deep learning

In addition to Sophos antivirus protection for file and memory scanning detection, Sophos Sandstorm also takes advantage of the same technology used by the award-winning Sophos Intercept X. It catches previously unseen malware hiding in suspicious payloads quickly and effectively with the power of deep learning artificial intelligence. Meanwhile, the latest CryptoGuard behavioral detection identifies and blocks zero-day families of ransomware.

Get Sophos Sandstorm today

Dedicated email security

Sophos Sandstorm is included with Sophos Email Advanced. Block spam, phishing, and advanced email threats with email security simply delivered through Sophos Central.

All-in-one network protection

Sophos Sandstorm integrates seamlessly with Sophos XG Firewall. It provides unprecedented threat protection and visibility into your network, users, and applications.

It’s also incredibly easy for Sophos UTM, Sophos Web Appliance, and Sophos Email Appliance users to start a 30-day trial from their dedicated management console.