Zscaler Data Protection Recognized as a 2023 Product of the Year by CRN

Find out more

World's first AI-driven malware prevention engine

Zscaler Sandbox prevents emerging and unknown threats and malware inline, protecting your users with the industry’s most comprehensive zero trust platform.

New AI-powered innovations

icon of shield and checkmark

Advanced reporting features

Advanced reporting features

Map malware behavior and payload intent to MITRE ATT&CK to enrich incident investigations and response

Post-delivery analysis leaves you reacting to threats, not preventing them

AI-powered C2 infrastructure detection

AI-powered C2 infrastructure detection

Detect and prevent advanced encrypted attacks and command-and-control communication with JA3 signatures pulled from malware samples

Encrypted traffic allows today’s threats to avoid detection

Custom hash blocklists

Custom hash blocklists

Enable SecOps to perform proactive network-level protection using cryptographic hash from other parts of the security stack

Physical appliances aren’t built for the agility and scale of the cloud

Score-based blocking

Score-based blocking

Block suspicious categories and files like greyware and adware to reduce IT help desk tickets

Zscaler: A Leader in the 2023 Gartner® Magic Quadrant™ for
Security Service Edge (SSE)

A Leader in SSE, once again

Modern threats bypass traditional sandboxing

icon of shield and checkmark

Cyberattackers exploit sandbox weaknesses and use evasive techniques

Today’s adversaries use polymorphism and obfuscation techniques to evade detection and automation to build highly targeted attacks at lightning speed, easily bypassing legacy malware defenses and out-of-band sandbox offerings.

Post-delivery analysis leaves you reacting to threats, not preventing them

Post-delivery analysis leaves you reacting to threats, not preventing them

Traditional passthrough approaches often let never-before-seen malware slip by as the sandbox detonates new samples out-of-band, sharing protections only after the initial compromise.

Encrypted traffic allows today’s threats to avoid detection

Encrypted traffic allows today’s threats to avoid detection

Physical sandbox appliances lack native inline inspection and SSL decryption, requiring additional devices that create device sprawl and administrative and configuration nightmares.

Physical appliances aren’t built for the agility and scale of the cloud

Physical appliances aren’t built for the agility and scale of the cloud

Backhauling high volumes of traffic from cloud applications and mobile or remote users to dedicated sandboxes appliances with limited capacity results in performance bottlenecks, high latency, and frustrated users who may circumvent defenses.

Why Zscaler Cloud Sandbox?

Why Zscaler Sandbox?

Zscaler Sandbox is the world’s first AI-driven malware prevention engine, delivering inline patient zero defense by quarantining unknown or suspicious files before they reach your users. With unlimited latency-free inspection across web and file transfer protocols, including TLS/SSL, leave no stone unturned and keep advanced persistent threats off your network.

Built on a unique cloud native proxy platform, our cloud-delivered sandbox automatically detects, prevents, and intelligently quarantines unknown threats and suspicious files, preventing compromise, lateral movement, and data loss across all users and devices. With real-time security updates sourced from 300 trillion daily signals, the service offers near-instant delivery of known benign files.

Ready to face tomorrow's threats

The world’s first intelligent malware preventionThe world’s first intelligent malware prevention

The world’s first intelligent malware prevention

Stop zero-day infections and advanced persistent threat (APT) attacks in their tracks using AI-driven quarantine and deep forensic file analysis, effectively blocking malware from reaching users without rescanning benign files.

Contextual threat intelligence for your SOC

Contextual threat intelligence for your SOC

Perform malware analysis at scale, uncovering the attack lifecycle and mapping malicious behavior and payload intent to the MITRE ATT&CK framework, giving analysts forensic details to enrich threat intelligence and SecOps workflows.

Built on an extensible zero trust platform

Built on an extensible zero trust platform

Draw on shared global protection inline with real-time updates sourced from 300 trillion daily threat signals for all users in all locations, with unlimited content inspection and native SSL decryption on a fully integrated, cloud native platform.

Zscaler Sandbox key differentiators

AI-driven malware prevention engine

AI-driven malware prevention engine

Intelligently identify, quarantine, and prevent unknown or suspicious threats inline using advanced AI/ML without rescanning benign files.

Full inline inspection to find hidden attacks

Full inline inspection to find hidden attacks

Expose and prevent evasive threats and malware hiding in encrypted traffic across web and file transfer protocols without latency and capacity limits.

Consistent globally shared prevention

Consistent globally shared prevention

Get automated protection for previously unknown threats with integrated threat intelligence shared across all users in real time.

SOC workflows augmented with threat intel

SOC workflows augmented with threat intel

Accelerate investigation and response by sharing malware behavioral insights, threat intel, and advanced reporting using robust APIs.

No more costly physical appliances and software

No more costly physical appliances and software

Deploy in seconds with no hardware to buy or software to manage—simply configure and implement a sandbox policy to immediately see value.

Cloud-delivered protection with global edge presence

Cloud-delivered protection with global edge presence

Get unmatched security and user experience through full integration with Zscaler Internet Access™ as part of the Zscaler Zero Trust Exchange™.

Learn more

Get comprehensive, AI-powered malware and zero day prevention

Zscaler Sandbox is available in ZIA Business and Professional editions. Advanced features of Zscaler Sandbox are available in ZIA Transformation and Unlimited editions or as an add-on module.

Standard
Advanced*

File Types

2 file types: EXE, DLL
EXE, DLL, SCR, OCX, SYS, CLASS, JAR, PDF, SWF, DOC(X), XLX(X), PPT(X), APK, ZIP, RAR, 7Z, BZ, BZ2, TAR, TGZ, GTAR, RTF, PS1, HTA, VBS, script files in ZIP files

AI-Driven Quarantine

Policy Control

Granular quarantine-based policies

Reporting

All URL Categories

Limited to predefined URL categories
Included

API Integrations

Inline Blocking

Limited to suspicious URLs
Included with ZIA
Professional and Business
Included with ZIA Transformation and Unlimited *Available as an add-on module

File Types

Standard

2 file types: EXE, DLL

Included with ZIA Professional and Business

Advanced*

EXE, DLL, SCR, OCX, SYS, CLASS, JAR, PDF, SWF, DOC(X), XLX(X), PPT(X), APK, ZIP, RAR, 7Z, BZ, BZ2, TAR, TGZ, GTAR, RTF, PS1, HTA, VBS, script files in ZIP files

Included with ZIA Transformation and Unlimited
*Available as an add-on module

AI-Driven Quarantine

Standard

Included with ZIA Professional and Business

Advanced*

Included with ZIA Transformation and Unlimited
*Available as an add-on module

Policy Control

Standard

Included with ZIA Professional and Business

Advanced*


Granular quarantine-based policies

Included with ZIA Transformation and Unlimited
*Available as an add-on module

Reporting

Standard

Included with ZIA Professional and Business

Advanced*

Included with ZIA Transformation and Unlimited
*Available as an add-on module

All URL Categories

Standard

Limited to predefined URL categories

Included with ZIA Professional and Business

Advanced*

Included with ZIA Transformation and Unlimited
*Available as an add-on module

API Integrations

Standard

Included with ZIA Professional and Business

Advanced*

Included with ZIA Transformation and Unlimited
*Available as an add-on module

Inline Blocking

Standard

Limited to suspicious URLs

Included with ZIA Professional and Business

Advanced*

Included with ZIA Transformation and Unlimited
*Available as an add-on module

AutoNation, America’s largest auto retailer, leverages Zscaler Sandbox for protection against zero-day attacks.

Zscaler Sandbox provides content moderation for global professional services firm Genpact and their customers.

GHD, a provider of engineering and architectural services, uses Zscaler Sandbox to ensure consistent security for all users in all locations.

“The company was looking for a solution that would be deployed quickly, with in-depth reporting, and Zscaler Sandbox proved to be more effective—and more cost-effective—than the hardware alternatives.” - AutoNation

Getting started with our cloud-gen sandbox is simple

Getting started with our cloud-delivered sandbox is simple

Zscaler Sandbox provides unmatched security with zero hardware to deploy or manage. Using the internet as your new corporate network with Zscaler, you’ll immediately gain unrivaled security with a superior user experience. Turn on the security services you need now, and seamlessly add more functionality as your demands grow or you phase out legacy appliances.

Suggested resources

DATA SHEET

Zscaler Sandbox Privacy Data Sheet

BLOG

A New Kind of Sandbox: Findings Mapped to MITRE ATT&CK

EBOOK

Five Gaps of Network Sandbox Solutions

WHITE PAPER

Three Secrets to Stopping Ransomware Cold

INFOGRAPHIC

Anatomy of a Ransomware Attack

DATA SHEET

Zscaler Internet Access

ZPEDIA ARTICLE

What Is Security Service Edge (SSE)?