There are several products that do this to different extant and I'd like to see Norton get in to this area and include it in the AV they currently sell. Companies in the area now: Bromium, Avast, Sandboxie, Samsung "My Knox" and even Apple sandboxes applications. There may be more. I'm use to running VMware with OS inside of a VM, but it's a hassle not to have a sandboxed application interface on home PCs and all of the mobile systems running Norton.
I just started using Samsung My Knox, but I would like to have Norton's mobile solution in that sandbox, offering another layer of sandbox protection.
Yep, I do tend to imagine right or wrong. Given the choice of emulated malware local or cloud. I prefer cloud. Letting nasty get near my machine vs letting nasty play in the cloud. I prefer cloud. As you know, there are vm aware / sandbox aware malware. Just saying.
FWIW ~ imagine, Norton emulates aka runs samples in the cloud before [..].
IMO ~ I'd like to imagine Norton will do heavy lifting sample comparison/detection in the cloud off my machine.
Hi bjm_:
You could be correct, but Symantec employee dong_chung's June 2016 announcement Introducing Symantec Data Scanner (SDS) Technology about the Norton Security PC client v22.7 states that the new SDS engine "can monitor the activities of processes and file IOs in kernel mode and scan in user mode without trading off performance of the system. Scanning in user mode provides additional flexibility by removing memory limitations in kernel mode. This also supports other enhancements included in this release such as our enhanced emulator."
That sound to me like scanning inside the sandbox is performed on the local machine, but someone from Symantec will have to clarify.
-----------
32-bit Vista Home Premium SP2 * Firefox v47.0.1 * NIS v22.7.0.76 * MBAM Premium v2.2.1
Norton Security will run and analyze unknown and suspicious files in an isolated protected virtual environment to see how they act before allowing the file to be run on the user's device.
FWIW ~ imagine, Norton emulates aka runs samples in the cloud before [..].
IMO ~ I'd like to imagine Norton will do heavy lifting sample comparison/detection in the cloud off my machine. Just me. Sans proprietary information. I do tend to imagine.
The latest Norton v22.7.0.76 products introduced a sandbox, although it's almost impossible to find any information on how this feature works. The support article My Norton product looks different only says "Emulator - Runs and analyzes unknown and suspicious files in an isolated protected virtual environment to see how they act before allowing the file to be run on the user's device."
When v22.7 was being beta-tested a few months ago the beta site at https://manage.norton.com/beta (which is no longer active) stated the following:
Sandboxing, or isolating potential threats
"Cybercriminals attempt to trick security solutions by “packing-up” malware (often-times within legitimate software files) to prevent it from being identified. Norton is extremely proud to announce a new high-performance emulator that uses these cybercriminals' tricks against them. Norton Security will run and analyze unknown and suspicious files in an isolated protected virtual environment to see how they act before allowing the file to be run on the user's device. This helps to ensure the file is safe before it takes up residence and wreaks havoc on a user's device."
I have no idea if this sandbox is available on all platforms or if it's currently restricted to Windows PCs, and I can't find any updated information on this feature on Symantec's Security Technology and Response (STAR) site. You might have to contact Norton Customer Support via a Live Chat at www.norton.com/chat to find that information.
-----------
32-bit Vista Home Premium SP2 * Firefox v47.0.1 * NIS v22.7.0.76 * MBAM Premium v2.2.1
right or wrong. Given the choice of emulated malware local or cloud. I prefer cloud. Letting nasty get near my machine vs letting nasty play in the cloud. I prefer cloud. As you know, there are vm aware / sandbox aware malware. Just saying. 