Joe Sandbox Detect
Deep Malware Analysis for your Endpoint
Joe Sandbox Detect is a slim endpoint utility which helps security teams to solve two challenges:
- Validation of EDR/XDR alerts: Joe Sandbox Detect automatically analyzes quarantined files of Endpoint Protection and provides deep malware analysis on top of EDR / XDR alerts.
- Malware and Phishing reaching end user's emailbox: Joe Sandbox Detect enables any user to easily analyze emails with Joe Sandbox and sends a deep malware analysis report to the security team.
Both functionalities can be used in tandem or alone.
Joe Sandbox Detect integrates with Joe Sandbox Cloud.
Validation of EDR/XDR Alerts
Joe Sandbox Detect continuesly monitors the quarantine of the Endpoint Detection. If a new file has been quarantined it is analyzed automatically by Joe Sandbox and the security gets a deep malware analysis report for alert validation and threat intelligence.
Through the Joe Sandbox web interface, the security team has access to all the quarantined files, including the detailed information such as the Endpoint Detection threatname, timestamp, Joe Sandbox executive report, analysis report, PCAP, screenshots, IOCs etc.
User-spotted Phishing and Malware Reporting
Joe Sandbox Detect creates a small drag and drop bar on the end user Windows desktop. With a simple gesture users can send any e-Mail, attachment or file to Joe Sandbox for deep analysis. The security team and optionaly the end user is alerted and provided with a deep malware analysis report.
Through the Joe Sandbox web interface, the security team has access to all the reported files, including the detailed analysis information such as the executive report, analysis report, PCAP, screenshots, IOCs etc.
Quarantine Analysis
Joe Sandbox Detect automatically analysis quarantined files of Endpoint Protection and provides security team a deep malware analysis report in addition to the Endpoint Protection alert. The following Endpoint Protection are supported: Avast, AVG, Avira, Crowdstrike, ESET, FortiClient, GData, Kaspersky, MalwareBytes, McAfee, SentinelOne, Sophos, Trendmicro and Windows Defender.
Analysis of suspicious e-Mails and Files
Joe Sandbox Detect enables users to analyze suspicious e-Mails and files with the help of Joe Sandbox Cloud. Being specialized in Deep Malware Analysis, Joe Sandbox detects even the most advanced cyber threats. Joe Sandbox Detect also analyzes URLs to detect Phishing attacks or malicious webpages.
File and IOC Encryption
Any file including Office documents analyzed by Joe Sandbox Detect are fully private and encrypted with AES. Only the user has access to the decryption password. Shared encryption keys can be used to get access to the analyses of several users.
Configurable Alerts
Detailed alerts about the detection can be configured by Joe Sandbox through Joe Sandbox Detect. Alerts are sent via SYSLOG or e-Mail to one or mo receivers.
Easy Deployment
Joe Sandbox Detect can be easily deployed in enterprises. It comes with an installer with command line switch to configure the install. Apart from .Net Joe Sandbox Detect does not require any other third party software.
Complementary to other security products
Joe Sandbox Detect is fully complementary to other security products such as Antivirus, Firewalls and Endpoint Protection. Joe Sandbox Detect does not impact your current existing security settings or products.
Zero Performance Impact
Joe Sandbox Detect has a zero performenace impact to your end points. All analysis is done in the cloud or on your on-premise instance. With Joe Sandbox Detect you do not fear to have a laggy end point.
Simple User Interface
Joe Sandbox Detect was designed for the average computer user, and gives them the possibility to analyze e-mails with a single drag and drop action. The bar nicely integrates into the ribbon bar of Microsoft Windows Desktop. The notification screens are simple and easy to understand.
Seamless Integration
Joe Sandbox Detect integrates with Joe Sandbox Cloud. The integration is done in seconds and offers the possibility to download the detailed analysis results for each analyzed attachment. SOCs, CERTs and CIRTS can fully access the analysis and the detailed reports.
Joe Sandbox Detect analyzes through Joe Sandbox Cloud files quarantined by your Endpoint Detection and enables end-users to report phishing / malware with a deep malware analysis report of Joe Sandbox to the security team.
Any security team which likes to enrich its EDR/XDR alerts with Joe Sandbox's deep malware analysis reports. Any security team which likes to enable its end-user to report phishing and malware reaching their endpoint or email box.
No, Joe Sandbox Detect is a utility to analyze files with Joe Sandbox.
Avast, AVG, Avira, Crowdstrike, ESET, FortiClient, GData, Kaspersky, MalwareBytes, McAfee, SentinelOne, Sophos, Trendmicro and Windows Defender.
For each analysis you can open the Joe Sandbox Detect tab and see which EDR / XDR solution has detected the file, at what time and with what detection.
Yes, simply drag and drop your email into the drag bar on top of your desktop.
Yes, you can fully access all the analysis and get alerts via e-Mail or SYSLOG.
E-Mails, attachments and files are sent to Joe Sandbox Desktop, Ultimate and Cloud for dynamic and static analysis.
Joe Sandbox Detect is delivered as an MSI installer file.
No, the user interface is very clean and easy to use, designed for the average computer user.
Yes, you can configure various aspects via command line arguments. Please consult our user guide for detailed instructions.
Learn more about Joe Sandbox Detect
Contact Joe Security to schedule a technical presentation.