Advanced persistent threats (APTs) are necessitating a behavioral approach to detecting malware. Instead of trying to detect malware based on what it is (signature based), behavioral malware detection relies on what the malware does.
A network security sandbox is an analysis environment (often virtualized) in which a suspicious program is executed and the behavior of the program is observed, noted, and then analyzed in an automated manner.
This approach is more effective than just looking at the appearance of the executable, because sandboxing goes beyond just the mere appearance of the binary, and observes what the binary does; and, therefore, it is much more conclusive in determining if an executable is malicious.
The network security sandbox market represented over half a billion dollars in revenue in 2014, the vast majority of which came from North America. By 2019, the market will grow to $ billion and see a broader geographic revenue distribution.
The market is dominated by FireEye, comprising almost two-thirds of 2014 market revenue. The market is seeing flurry of new market entrants as vendors of security platforms augment their solutions with network security sandbox offerings.
A combination of network security sandbox features and large market share puts FireEye in the position of clear market leadership.
Electronic Access - Site License Fulfilled By Publisher
Electronic Access - Global site License Fulfilled By Publisher