Xcitium Verdict Cloud(Valkyrie)

F

ForgottenSeer 103564

Sandbox Breaker said:
When locally sandboxed you won't need to worry about damage. You may also make rules to Deny traffic for contained items. Their cloud sandbox is prone to the save evasions as all others. From personal experience... I've submitted samples that tricked the comodo cloud sandbox. Check out some of my malware analysis post's for examples.
Click to expand...
On a local sandbox isolating the internet will hamper many samples from functioning, which is almost as pointless as trying to analyze sandbox aware malware. It would be interesting to know the rule-set its automated with.

Will sit down later and give those a look.
 
  • Like
  • Applause
Reactions: Trident, simmerskool and Sandbox Breaker
Sandbox Breaker

Sandbox Breaker

Level 11
Verified
Top Poster
Well-known
Jan 6, 2022
520
Xeno1234 said:
I could try this with Harmony if it works. Ill probably just use containment and VirusScope (if thats compatable)
Click to expand...
It works with Harmony. So you then have 2 cloud sandboxes and one local to prevent damage! Even if it bypasses the two cloud ones... Your local one does not care as the file is untrusted.
 
  • Like
Reactions: simmerskool
Xeno1234

Xeno1234

Level 14
Jun 12, 2023
684
Sandbox Breaker said:
It works with Harmony. So you then have 2 cloud sandboxes and one local to prevent damage! Even if it bypasses the two cloud ones... Your local one does not care as the file is untrusted.
Click to expand...
And the anti-malware engine on harmony is extremely good. Should block anything that gets past sandbox locally (I use gamemods, so the game has to be out of the sandbox and some mods might be malicious).
 
Kongo

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,585
Xeno1234 said:
And the anti-malware engine on harmony is extremely good. Should block anything that gets past sandbox locally (I use gamemods, so the game has to be out of the sandbox and some mods might be malicious).
Click to expand...
Even without any experience with either Comodo/xcitium and Harmony I would dare to say that pretty much nothing will get past those two. Not even legitimate software. Wonder if that's actually a good setup on a productive system.
 
  • Hundred Points
Reactions: simmerskool
Sandbox Breaker

Sandbox Breaker

Level 11
Verified
Top Poster
Well-known
Jan 6, 2022
520
Kongo said:
Even without any experience with either Comodo/xcitium and Harmony I would dare to say that pretty much nothing will get past those two. Not even legitimate software. Wonder if that's actually a good setup on a productive system.
Click to expand...
It's overkill. Xcitium containment alone with configure defender is good. All ASR rules on.
 
  • Like
  • Hundred Points
Reactions: roger_m, oldschool, simmerskool and 2 others

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Xcitium Advanced with OpenEDR Combined
Replies
92
Views
9,624
Video Reviews - Security and Privacy
Nikola Milanovic
Nikola Milanovic
Sandbox Breaker
    • Like
    • +Reputation
Malware Analysis Signed Sample(WISE CLEANER CERT) Bypassed ASR Rule
Replies
12
Views
845
Malware Analysis
Sandbox Breaker
Sandbox Breaker
4n0nym0us
4n4lDetector 2.7
Replies
19
Views
1,681
Other software
4n0nym0us
4n0nym0us

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top