Application Security

Trouble in the Sandbox

Network security teams use virtual environments, or sandboxes, with their own guest operating systems to allow code to be scrutinized before entry into sensitive areas. If the code is malicious, the sandbox throws it out before it does harm. But sandboxes attract two things, clever kids and cats. Cats move the sand around when nobody’s looking and leave a little something extra, so you know they’ve been there. Clever, industrious kids sit on the edge and patiently move the sand around to suit them. Clever adults do the same thing.

Wait For It, Wait For It

Black Hats have developed patient code that plops down in a sandbox and performs non-threatening tasks until the virtual operating system’s scan times out. Then the code unpacks the real baggage and inserts itself like the in-laws at a holiday dinner. Given the number of applications used by contemporary organizations in office and mobile settings, networks have become huge extended families. Uncle Leonard over there in the corner looks suspicious, and remember what happens when he drinks. Can you trust him?

Scrubbing Bubbles

ICS is the Mr. Clean of the cybersecurity world. As a part of our risk assessment and code review process, we scrub up to a million lines of code, looking for clever adults waiting patiently. With the prominence of mobile applications and emergence of the Internet of Things, your organization now faces the threatening menace of your sales manager’s toaster and your assistant’s home thermostat. We bring the world to our sandbox these days.

Let ICS make sure your applications are working for you and not leaving a little something extra in the night.