We’ve all been there: You’re doing research online and download a new program onto your computer. Suddenly a pop-up on the bottom of your desktop informs you something may be wrong. The antivirus program you’re running has flagged the newly-downloaded file as something suspicious, and you’re left deciding whether to trust the source of the file or not.
At this point, most people are left with one of two options: delete the file and move on, or roll the dice, run the program, and hope for the best. Unfortunately, neither option is ideal when trying to maximize productivity levels or keep a network healthy and sustainable.
But what is the alternative solution? How can individuals ensure their programs are safe to use without potentially compromising their systems? The answer is auto-containment.
What is Auto-Containment?
Auto-containment is the action of taking something potentially harmful and moving it to an isolated setting where it can be tested and investigated further. In cybersecurity, this is known as “sandboxing” and allows users to view unknown files or run suspicious programs in a restricted operating system environment without compromising the integrity of their primary system.
The effectiveness of auto-containment can be likened to this:
Let’s say you’re going for a walk outside, and you recognize a familiar face. You spend a bit of time chatting with the person, but after a while, the individual requests to come and visit your home. The problem is, however, that while you know who this person is, you’re not too sure if you trust them enough to walk them into your house. But no one wants to be rude, so you invite them over.
What the individual doesn’t realize though is that the “house” you invited them into isn’t your home at all. Instead, you’ve staged a heavily surveilled building to look and feel just like a home, but in reality, it’s designed to monitor and watch every move the person makes. All the visible valuables in the building are actually worthless props, and you’ve positioned yourself behind an invisible, impenetrable pane of glass while you observe all of their actions. Here, you’ve killed two birds with one stone. In the event the individual had ulterior motives and tried to attack you or steal any of your “valuables,” you can smile and wave without a worry in the world. On the other hand, if the individual is sincere about their motives, you’re able to establish a relationship and can trust them moving forward.
Now, as somewhat unrealistic as this illustration may be, in cybersecurity situations, auto-containment works just like this. However, it’s important to note that not all antivirus and internet security options operate this way. In fact, many security software solutions focus on identifying suspicious activities and leaving it to the user to discern the credibility of files without providing an isolated environment to test. Many users need a better solution.
Auto-Containment Analysis Using Comodo Valkyrie
Comodo Valkyrie is a cloud-based verdict system that inspects and analyzes the run-time behavior of unknown files in a safe sandbox environment. Valkyrie analyzes over 200 million file queries per day and more than 300 million unknown files each year. Comodo’s Auto Containment technology is also extremely lightweight, only utilizing 2% computer processing resources and just 20 megabytes of RAM. By using a CPU-enforced OS virtualization model, Comodo’s Auto Containment technology significantly improves on performance issues typically found in most sandboxes and containers.
Valkyrie is managed through a self-serve console that allows users to upload suspicious files for analysis. Valkyrie’s system uses multiple techniques for analysis, including automated signature-based detection and human experts to provide comprehensive reporting of file statuses.
Valkyrie’s file verification service utilizes embedded detectors to run an in-depth analysis of the entire run time of a file. Unlike traditional antivirus programs that only measure files surface-deep, Valkyrie uses both static and dynamic analysis to look deeper than the surface of a file, discovering potentially dangerous hidden images and coding that other programs may miss. All of this testing is managed through a safe sandboxed environment separate from your business systems and provides you with end-to-end security protection that grows with your business.
To learn more about auto-containment can protect your business, contact Comodo Cybersecurity to request a free live demo of Valkyrie’s cloud-based file analysis platform.
TEST YOUR EMAIL SECURITY GET YOUR INSTANT SECURITY SCORECARD FOR FREE