Products > Cloud Sandbox

Your users are everywhere. But your sandbox is sitting in the data center.

Get the benefits of complete sandboxing in a cloud-first world.

The challenges of stopping zero-day threats

Today’s appliance-based sandboxing solutions are expensive and, therefore, typically installed only in the data center. When users leave the network, they become exposed to new threats because sandbox protection can’t follow them.

Traditional sandboxes usually operate out of line, allowing traffic through while inspecting suspicious files in TAP mode. If a threat is detected in the sandbox, it sends alerts, but they can arrive too late. Traditional sandboxes also lack the ability to fully inspect SSL traffic due to hardware limitations—and many malware authors are exploiting those limitations to distribute their malicious payloads.

In order to provide sandbox protection, organizations have bolted sandboxing solutions onto their existing security stacks. It helps, but achieving a fully integrated threat platform across multiple products is nearly impossible.

Relying on UTM and NGFW appliances to secure internet traffic is costly, results in appliance sprawl, and compromises branch security.
Zscaler turns zero-day threats into zero threats

Zscaler turns zero-day threats into zero threats

No matter where users connect, Zscaler Cloud Sandbox sits between them and the internet, analyzing unknown files for zero-days and advanced threats. Zscaler delivers full sandbox protection—on or off network—without backhauling traffic or the use of cumbersome VPNs.

The Zscaler Cloud Sandbox service is integrated into the Zscaler Cloud Security Platform, so you get a full security stack from day one. Just point your traffic to Zscaler — there’s no hardware or software to buy or manage.

Zscaler Cloud Sandbox lets you find and stop more threats, as it is always inline and delivers full SSL inspection with unlimited capacity.

Benefits of the Zscaler Cloud Sandbox service

Simply scalable:

Cover every user, regardless of location, from the cloud. On or off network, everyone gets the exact same protection, without cumbersome VPNs or costly MPLS links.

Better inline protection:

Because Zscaler Cloud Sandbox is always inline, you can easily hold onto files until verified as clean by the sandbox before delivering.

Full SSL visibility:

The Zscaler Cloud Sandbox service can fully inspect all your SSL and never run out of inspection capacity. Stop making inspection compromises and find more malware where it hides!

Cost effective:

Just point your traffic to Zscaler. There is no hardware to buy or software to manage. You get complete sandbox protection at a fraction of the cost of traditional appliances.

The cloud effect:

Get better threat intelligence, as zero-days identified are shared with all other Cloud Sandbox customers within seconds.

Fully integrated:

Like all Zscaler services, Cloud Sandbox is fully integrated into the Zscaler Security Platform and can be turned on in seconds. Layer it onto your installation and instantly enjoy better protection from a completely unified platform.

Zscaler Cloud Sandbox stops emerging advanced threats faster

Explore Trending Internet Threats

The Zscaler Cloud Sandbox service delivers full inline protection and provides a complete picture of the threats targeting your users.

Zscaler Cloud Sandbox provides extensive reporting on all identified behaviors
Zscaler Cloud Sandbox helps in scaleing granular policies by user, group, file type, and URL to easily control which files get quarantined and inspected

Scale granular policies by user, group, file type, and URL to easily control which files get quarantined and inspected.

The world's most trusted brands trust Zscaler

Read their stories and hear their accounts of moving security off the
network and into the cloud.

GHD Logo

GHD is one of the world’s leading professional services companies operating in the global markets of water, energy and resources, environment, property and buildings, and transportation. See how Zscaler Cloud Sandbox transformed the way GHD protects its 8,500 users from advanced threats.

Read the Story

Getting started is simple

With Zscaler Cloud Security, there is no hardware deploy or manage. By making Zscaler your next hop to the internet, you’ll immediately enjoy increased security and compliance. Turn on the services you need now, and easily add more as your demands grow or as you phase out appliances.


Up-level your security and make Zscaler your next hop to the internet. It is fast to deploy and no infrastructure changes are required.


Remove point products and phase out gateway appliances at your own pace. Reduce cost and management  overhead.


Cloud-enable your network. Secure SD-WAN / local internet breakouts, optimize backhauling and deliver a better user experience.

To gain fast, secure access to Zscaler Cloud Sandbox, talk to Zscaler

Yes, please keep me updated on Zscaler news, events, webcast and special offers.

By submitting the form, you are agreeing to our privacy policy.

Suggested Resources


Cloud Sandbox Datasheet

Sandbox Appliances

Top Gaps in Sandbox Appliances

White Paper

Combating APTs with Cloud Sandboxing