A sandbox is a security mechanism to analyze the behaviour of any suspicious file types and web objects by allowing it to execute in an isolated environment with constrained resources. It allows one to execute any untested, un-trusted/outsourced code without causing any damage to the host machine and production environment. Usually the program is run into Virtual environment or emulation software which provide the feel and functionality similar to the actual environment.

There…

Log management is one of the primary requirements for building an enterprise class SOC. In security, Log analysis is often the first step in incident forensics. Operating systems such as windows, Unix, Linux and other network devices such as routers, firewalls etc. offer native log management capabilities but are not sufficient for organizations because of a variety of reasons. First, due to storage constraint older logs are overwritten by the most recent logs. Second, log collection for…

RansomWare is a type of malicious software (malware) when infected with encrypts all the important files such as documents, pictures, movie file etc with a virtually unbreakable encryption key. [RM1] The RansomWare arrives via email attachments, insecure downloads,  use of outdated browser's, or through Trojans such as Zeus etc. Once executed the malware usually reaches out to its Command & Control server over an internet connection to get the…