The Cloud Sandbox technology allows detecting advanced threats on the device. The Kaspersky Endpoint Security application automatically sends detected files to Cloud Sandbox for analysis. Cloud Sandbox runs these files in an isolated environment to detect malicious activity and decides on the reputation of these files. Information about these files is then sent to the Kaspersky Security Network. Thus, if Cloud Sandbox detects a malicious file, Kaspersky Endpoint Security performs an action to eliminate the threat on all devices on which it detects this file.
For Cloud Sandbox to work, you need to enable the use of Kaspersky Security Network.
If you are using Kaspersky Private Security Network, the Cloud Sandbox technology is not available.
The Cloud Sandbox technology is always enabled and is available to all users of Kaspersky Security Network, regardless of the type of license under which you are using the application. If you have the Kaspersky Endpoint Detection and Response Optimum solution deployed, you can enable a separate counter in the Web Console for threats detected using Cloud Sandbox. A counter of threats detected by Cloud Sandbox is also displayed in the GUI reports. You can use this counter to compile statistics when analyzing detected threats.
To enable the Cloud Sandbox counter in the Web Console:
The list of policies opens.
The list displays the policies configured for the selected administration group.
The policy properties window opens.