Application Sandboxes: A pen-tester’s perspective

Bromium Labs

I’m excited to announce a new research report from Bromium Labs, written by myself and Rafal Wojtczuk. It ended up being far more comprehensive than we initially thought, so we decided to call it “Application Sandboxes: A Pen Tester’s Perspective”. In this report we perform security evaluation of publicly available application sandboxes viz: Google Chrome, Adobe Reader, Sandboxie, BufferZone Pro and Dell Protected Workspace.

The report is available here.

To create some context, we are all aware of the deficiencies of traditional endpoint security technologies. There are a lot of vendors coming up with ideas and solutions to combat the malware challenge. What is the core issue? It’s simple – the attack surface, which is predominantly the Operating System (and installed apps) for any user. In this paper, we evaluate one of the the newer approaches – sandboxing and verify how well it stands up against real world threats.

The report…

View original post 160 more words