cybersecurity Glossary

What is Sandbox?

A sandbox is a virtual and restricted environment in which software runs. The purpose of a sandbox is twofold: to isolate malicious software to run in a controlled environment or to be used within software that is susceptible to attack.

For the first case, there are products that allow security analysts to run malware on a system that looks real and learn from its behaviour.

The second scenario, which we can consider similar to virtualisation, is the strategy used, for example, by web browsers, to visit pages through the Internet and, in the event that there is a security flaw in the browser, isolate or reduce the impact of the attack.

There are operating systems such as Android that use the sandboxing strategy to isolate mobile applications from each other, limiting the access of one malicious application to another’s data. An example, a flashlight application could not access the information and messages saved by Whatsapp.