Hello Everyone,
I have just been tasked with finding software that will allow a user to download and install software and use it until we are able to do a risk assessment of the software. The software must be able to protect the host/network from access by this software and be able to tell us when this application is attempting to do something it shouldn't like reaching out to the external network. This software should also alert us of the installation of any software so we can initiate an assessment of the software.
With that said...
Windows Sandbox is now available, and while it provides the kind of sandboxing we want it does not provide any of the alerting we need.
We do not want to use VM software like Virtual Box to accomplish this task.
Any help in finding a solution that provides this functionality would be greatly appreciated.
@nigelrobertsHave a look at Adaptive Security Platform by illumio, this provides Segmentation from a broad level all the way down to Nano level. It also provides visibility of application flows, and use whitelisting by default. You can run it via a Cloud service or on premises. It helps you also towards Zero Trust Security.
The other one worth looking at used to be called Twistlock, until the Palo Alto acquisition, which includes vulnerability scanning, container scanning - given that containers are unique and immutable.
https://www.paloaltonetworks.com/prisma/cloud
Regards
Caute_cautim