With many organizations using a sandbox to detonate suspicious files, many threats are implementing logic to detect sandbox environments, to alter their behavior and evade detection. This talk will highlight many real-world evasion tactics employed by recent malware, discussing challenges in measuring evasive behaviors and offering insights to improving the effectiveness of the sandbox.
Learning Objectives: 1: Gain a deeper understanding of the challenges faced by sandbox technology. 2: Understand a sandbox is not a silver bullet security solution. 3: Learn how to apply critical thinking to inconclusive sandbox analysis reports.