The product uses a machine learning algorithm to detect unknown cyber threats.
The PT Sandbox sandbox was the first among other products of this class to be marked in the unified register of Russian programs as a product that uses artificial intelligence technologies. This software product is designed to protect against targeted and massive cyber attacks that use modern malware.
Attackers are constantly improving their malware, trying to make it invisible to traditional cybersecurity tools. PT Sandbox detects such programs in files using complex and deep checks, including behavioral analysis of processes implemented on the basis of a machine learning system.
The machine learning system in PT Sandbox analyzes more than 8,500 features of an object's behavior, based on the processes they run, as well as the sequence of system calls and certain patterns. This comprehensive analysis improves the accuracy of identifying unknown targeted threats.
For example, during one of the Standoff cyber battles, attackers launched a malicious program that created a chain of 100 subprocesses before starting its activity. The PT Sandbox machine learning system noticed this anomaly, while there were no classical signatures to detect it.
Machine learning algorithms help expand the expertise used in PT Sandbox. Positive Technologies experts continue to test models based on new data, improving the accuracy of threat detection, as well as train them to take into account the specifics of the customer's IT infrastructure.
The PT Sandbox sandbox was the first among other products of this class to be marked in the unified register of Russian programs as a product that uses artificial intelligence technologies. This software product is designed to protect against targeted and massive cyber attacks that use modern malware.
Attackers are constantly improving their malware, trying to make it invisible to traditional cybersecurity tools. PT Sandbox detects such programs in files using complex and deep checks, including behavioral analysis of processes implemented on the basis of a machine learning system.
The machine learning system in PT Sandbox analyzes more than 8,500 features of an object's behavior, based on the processes they run, as well as the sequence of system calls and certain patterns. This comprehensive analysis improves the accuracy of identifying unknown targeted threats.
For example, during one of the Standoff cyber battles, attackers launched a malicious program that created a chain of 100 subprocesses before starting its activity. The PT Sandbox machine learning system noticed this anomaly, while there were no classical signatures to detect it.
Machine learning algorithms help expand the expertise used in PT Sandbox. Positive Technologies experts continue to test models based on new data, improving the accuracy of threat detection, as well as train them to take into account the specifics of the customer's IT infrastructure.
