Automatic Sandbox

What I would like to see is an automatic sandbox. Basically if a file is unknown to the AV or to the white list ( if you have one, cloud maybe), then it should be run in a full virtual environment. Then the behavior blocker can watch the process in the environment and if it does anything that is out of the normal it terminates the process automatically. The firewall can more heavily apply rules to the sandbox and it can even stop things like exploits by automatically sandboxing the browser when the user opens.

Comments

  • Automatic sandpit, is not a panacea, and you well know that, as a user of products Сomodo.

  • so you say because it is not a solution for every difficult problem it's not worth having at all. While bitdefender has great signatures, best in the business in my opinion its zeroday is lagging. Even with everything turned up to the max IDS,Active Virus control , etc it is still lagging in zeroday.

  • I merely pointed out that the sandbox have vulnerabilities, and you well know about them)

  • yes that is true with anything but with proper testing you can continuously improve it and plug any vulnerabilities. Right now an automatic sandbox would not be a detriment to Bitdefender in anyway, only a benefit.