Explore Joe Security Cloud Basic Accounts Subscribe to our Newsletters Contact Us
top title background image

Joe Sandbox Detect

Automated Detection and Analysis of targeted Attacks

Joe Sandbox Detect Joe Sandbox Detect is a powerful endpoint client which detects suspicious files delivered via target attacks or spear phishing campaigns.

Joe Sandbox Detect continuously monitors browsers and e-Mail clients for suspicious files. If suspicious files are opened or created, Joe Sandbox Detect uploads them immediately and fully automatically to Joe Sandbox for deep analysis. Once the analysis is finished, Joe Sandbox alerts the security team as well as the end user, and provides detailed information such as the verdict (malicious, suspicious, clean) and IOCs.

Worried about data privacy? The uploaded files as well as all IOCs are AES encrypted and only you can access it.

Joe Sandbox Detect integrates with Joe Sandbox Cloud, Joe Sandbox Deskop, Joe Sandbox Complete and Joe Sandbox Ultimate.

Joe Sandbox Detect Explained

Joe Sandbox Detect Explained

Joe Sandbox Detect monitors browsers such as Internet Explorer, Edge or Chrome, as well as e-Mail clients such as Outlook or Thunderbird. As soon as one of these applications create a suspicious file (e.g. .exe, .cmd, .ps1, docxm etc.) Joe Sandbox Detect will send them to Joe Sandbox Cloud, Joe Sandbox Deskop, Joe Sandbox Complete or Joe Sandbox Ultimate for deep static and dynamic analysis. Once the analysis is finished, Joe Sandbox will inform the security team through an alert email. The user running Joe Sandbox Detect will also receive a desktop alert.

In addition, Joe Sandbox Detect creates a small drag and drop bar on your desktop. With a simple drag & drop gesture you can send any e-Mail, attachment or file to Joe Sandbox for deep analysis. Again, the security teams and the end user are alerted about the detection.

Through the Joe Sandbox web interface, the security teams have access to all the submitted analysis, including the detailed analysis information such as the executive report, analysis report, PCAP, screenshots, IOCs etc.


Learn more about Joe Sandbox Detect

Contact Joe Security to schedule a technical presentation.

Monitoring of Browsers and e-Mail clients

Joe Sandbox Detect monitors most common browsers and e-Mail clients including Internet Explorer, Edge, Chrome, Firefox, Microsoft Outlook and Thunderbird. If any of these programs creates a suspicious file, Joe Sandbox Detect automatically analyzes it with Joe Sandbox.

Monitoring of Browsers and e-Mail clients

Analysis of suspicious e-Mails and Files

Joe Sandbox Detect enables users to analyze suspicious e-Mails and files with the help of Joe Sandbox Desktop, Joe Sandbox Complete, Joe Sandbox Ultimate and Joe Sandbox Cloud. Being specialized in Deep Malware Analysis, Joe Sandbox detects even the most advanced cyber threats. Joe Sandbox Detect has the ability to analyze any type of files. Joe Sandbox Detect also analyzes URLs to detect Phishing attacks or malicious webpages.

Analysis of suspicious e-Mails and Files

File and IOC Encryption

Any file including Office documents analyzed by Joe Sandbox Detect are fully private and encrypted with AES. Only the user has access to the decryption password. Shared encryption keys can be used to get access to the analyses of several users.

File and IOC Encryption

Configurable Alerts

Detailed alerts about the detection can be configured by Joe Sandbox through Joe Sandbox Detect. Alerts are sent via SYSLOG or e-Mail to one or mo receivers.

Configurable Alerts

Easy Deployment

Joe Sandbox Detect can be easily deployed in enterprises. It comes with an installer with command line switch to configure the install. Apart from .Net Joe Sandbox Detect does not require any other third party software.

Easy Deployment

Complementary to other security products

Joe Sandbox Detect is fully complementary to other security products such as Antivirus, Firewalls and Endpoint Protection. Joe Sandbox Detect does not impact your current existing security settings or products.

Complementary to other security products

Zero Performance Impact

Joe Sandbox Detect has a zero performenace impact to your end points. All analysis is done in the cloud or on your on-premise instance. With Joe Sandbox Detect you do not fear to have a laggy end point.

Zero Performance Impact

Simple User Interface

Joe Sandbox Detect was designed for the average computer user, and gives them the possibility to analyze e-mails with a single drag and drop action. The bar nicely integrates into the ribbon bar of Microsoft Windows Desktop. The notification screens are simple and easy to understand.

Simple User Interface

Seamless Integration

Joe Sandbox Detect integrates with Joe Sandbox Desktop, Joe Sandbox Complete, Joe Sandbox Ultimate and Joe Sandbox Cloud. The integration is done in seconds and offers the possibility to download the detailed analysis results for each analyzed attachment. SOCs, CERTs and CIRTS can fully access the analysis and the detailed reports.

Seamless Integration

Request a Joe Sandbox Detect trial

Contact Joe Security to receive a free trial for Joe Sandbox Detect.

What is Joe Sandbox Detect?

Joe Sandbox Detect is an endpoint client which automatically analyzes through Joe Sandbox suspicious files created by browsers and e-Mails clients.

Who should use Joe Sandbox Detect?

Any user which is the target of spear phishing, targeted attacks or any other e-Mail and browser threats.

Which programs are monitored?

So far Joe Sandbox Detect monitors Microsoft Outlook, Mozilla Thunderbird, Internet Explorer, Chrome, Edge and Firefox. New programs can be easily added. Let us know about your mail client or browser!

Which files are analyzed?

Exe, dll, sys, doc, docx, docm, dot, dotm, rtf, xls, xlsx, xlsm, xltx, xlt, xltm, ppt, pptx, mht, hta, cmd, scf, lnk, pot, potx, pptm, bat, pif, sct, com, cpl, js, jse, vbs, vbe, jar, rar, zip, iso, 7z, bzip, bzip2, tar, gzip, lzh, chm, msi and sfx.

Does Joe Sandbox Detect block threats?

No, Joe Sandbox Detect is like a sensor which detects malware.

Are the uploaded files shared? What privacy protections are in place?

No files are shared. Any files uploaded as well as any IOC is encrypted with AES. Only the user can decrypt it.

Can users manually analyze potential threats, such as e-Mails?

Yes, simple drag and drop your e-Mail into the drag bar on top of your desktop.

As a CERT, CIRT or SOC can I see the analysis done by my users? Do I get alerts?

Yes, you can fully access all the analysis and get alerts via e-Mail or SYSLOG.

How are e-Mails, attachments and files analyzed?

E-Mails, attachments and files are sent to Joe Sandbox Desktop, Complete, Ultimate and Cloud for dynamic and static analysis.

How do I install Joe Sandbox Detect?

Joe Sandbox Detect is delivered as an MSI installer file.

Does using Joe Sandbox Detect require any specific knowledge?

No, the user interface is very clean and easy to use, designed for the average computer user.

Does the Joe Sandbox Detect installer have some configuration options?

Yes, you can configure various aspects via command line arguments. Please consolidate our user guide for detailed instructions.