Explore Joe Security Cloud Basic Accounts Contact Us
top title background image

Joe Sandbox Detect

Deep Malware Analysis for your Endpoint

Joe Sandbox Detect is a slim endpoint utility which helps security teams to solve two challenges:

  • Validation of EDR/XDR alerts: Joe Sandbox Detect automatically analyzes quarantined files of Endpoint Protection and provides deep malware analysis on top of EDR / XDR alerts.
  • Malware and Phishing reaching end user's emailbox: Joe Sandbox Detect enables any user to easily analyze emails with Joe Sandbox and sends a deep malware analysis report to the security team.
Both functionalities can be used in tandem or alone.

Joe Sandbox Detect integrates with Joe Sandbox Cloud, Joe Sandbox Desktop and Joe Sandbox Ultimate.
Joe Sandbox Detect

Validation of EDR/XDR Alerts

Validation of EDR/XDR Alerts

Joe Sandbox Detect continuesly monitors the quarantine of the Endpoint Detection. If a new file has been quarantined it is analyzed automatically by Joe Sandbox and the security gets a deep malware analysis report for alert validation and threat intelligence.

Through the Joe Sandbox web interface, the security team has access to all the quarantined files, including the detailed information such as the Endpoint Detection threatname, timestamp, Joe Sandbox executive report, analysis report, PCAP, screenshots, IOCs etc.



User-spotted Phishing and Malware Reporting

User-spotted Phishing and Malware Reporting

Joe Sandbox Detect creates a small drag and drop bar on the end user Windows desktop. With a simple gesture users can send any e-Mail, attachment or file to Joe Sandbox for deep analysis. The security team and optionaly the end user is alerted and provided with a deep malware analysis report.

Through the Joe Sandbox web interface, the security team has access to all the reported files, including the detailed analysis information such as the executive report, analysis report, PCAP, screenshots, IOCs etc.


Learn more about Joe Sandbox Detect

Contact Joe Security to schedule a technical presentation.

Quarantine Analysis

Joe Sandbox Detect automatically analysis quarantined files of Endpoint Protection and provides security team a deep malware analysis report in addition to the Endpoint Protection alert. The following Endpoint Protection are supported: Avast, AVG, Avira, Crowdstrike, ESET, FortiClient, GData, Kaspersky, MalwareBytes, McAfee, SentinelOne, Sophos, Trendmicro and Windows Defender.

Quarantine Analysis

Analysis of suspicious e-Mails and Files

Joe Sandbox Detect enables users to analyze suspicious e-Mails and files with the help of Joe Sandbox Desktop, Joe Sandbox Ultimate and Joe Sandbox Cloud. Being specialized in Deep Malware Analysis, Joe Sandbox detects even the most advanced cyber threats. Joe Sandbox Detect has the ability to analyze any type of files. Joe Sandbox Detect also analyzes URLs to detect Phishing attacks or malicious webpages.

Analysis of suspicious e-Mails and Files

File and IOC Encryption

Any file including Office documents analyzed by Joe Sandbox Detect are fully private and encrypted with AES. Only the user has access to the decryption password. Shared encryption keys can be used to get access to the analyses of several users.

File and IOC Encryption

Configurable Alerts

Detailed alerts about the detection can be configured by Joe Sandbox through Joe Sandbox Detect. Alerts are sent via SYSLOG or e-Mail to one or mo receivers.

Configurable Alerts

Easy Deployment

Joe Sandbox Detect can be easily deployed in enterprises. It comes with an installer with command line switch to configure the install. Apart from .Net Joe Sandbox Detect does not require any other third party software.

Easy Deployment

Complementary to other security products

Joe Sandbox Detect is fully complementary to other security products such as Antivirus, Firewalls and Endpoint Protection. Joe Sandbox Detect does not impact your current existing security settings or products.

Complementary to other security products

Zero Performance Impact

Joe Sandbox Detect has a zero performenace impact to your end points. All analysis is done in the cloud or on your on-premise instance. With Joe Sandbox Detect you do not fear to have a laggy end point.

Zero Performance Impact

Simple User Interface

Joe Sandbox Detect was designed for the average computer user, and gives them the possibility to analyze e-mails with a single drag and drop action. The bar nicely integrates into the ribbon bar of Microsoft Windows Desktop. The notification screens are simple and easy to understand.

Simple User Interface

Seamless Integration

Joe Sandbox Detect integrates with Joe Sandbox Desktop, Joe Sandbox Ultimate and Joe Sandbox Cloud. The integration is done in seconds and offers the possibility to download the detailed analysis results for each analyzed attachment. SOCs, CERTs and CIRTS can fully access the analysis and the detailed reports.

Seamless Integration

Request a Joe Sandbox Detect trial

Contact Joe Security to receive a free trial for Joe Sandbox Detect.

What is Joe Sandbox Detect?

Joe Sandbox Detect analyzes through Joe Sandbox (Cloud or on-premise) files quarantined by your Endpoint Detection and enables end-users to report phishing / malware with a deep malware analysis report of Joe Sandbox to the security team.

Who should use Joe Sandbox Detect?

Any security team which likes to enrich its EDR/XDR alerts with Joe Sandbox's deep malware analysis reports. Any security team which likes to enable its end-user to report phishing and malware reaching their endpoint or email box.

Does Joe Sandbox Detect block threats?

No, Joe Sandbox Detect is a utility to analyze files with Joe Sandbox.

Which EDR / XDR solutions are supported?

Avast, AVG, Avira, Crowdstrike, ESET, FortiClient, GData, Kaspersky, MalwareBytes, McAfee, SentinelOne, Sophos, Trendmicro and Windows Defender.

How do I see an analysis of an EDR/XDR quarantined files in Joe Sandbox?

For each analysis you can open the Joe Sandbox Detect tab and see which EDR / XDR solution has detected the file, at what time and with what detection.

Can users manually analyze potential threats, such as emails?

Yes, simply drag and drop your email into the drag bar on top of your desktop.

As a CERT, CIRT or SOC can I see the analysis done by my users? Do I get alerts?

Yes, you can fully access all the analysis and get alerts via e-Mail or SYSLOG.

How are e-Mails, attachments and files analyzed?

E-Mails, attachments and files are sent to Joe Sandbox Desktop, Ultimate and Cloud for dynamic and static analysis.

How do I install Joe Sandbox Detect?

Joe Sandbox Detect is delivered as an MSI installer file.

Does using Joe Sandbox Detect require any specific knowledge?

No, the user interface is very clean and easy to use, designed for the average computer user.

Does the Joe Sandbox Detect installer have some configuration options?

Yes, you can configure various aspects via command line arguments. Please consult our user guide for detailed instructions.