SecondWrite Sandbox

As opposed to existing solutions, where malware is able to hide itself, our patented technology acts as a lie detector that analyzes all the code in the malware by using complete code exploration. Existing sandboxes handle evasions in a reactive manner by adding ad-hoc methods to handle specific evasion after the fact. Our technology is independent of the underlying evasive mechanism and proactively defeats any known or unknown zero-day evasion techniques.

Product Features

Detects Evasive Malware

Zero-day evasions, Targeted attacks, Stalling code,
Anti-VM malware, time bombs and others.

Captures IOCs

Internal Program structure, Anti-analysis features,
Anti-reverse engineering features, Obfuscation.

Handles All File Types

Executables, documents, PDFs, .NET, VB, URLs

Easy-to-use API

Integrates easily with other security solutions.

SecondWrite is building an advanced malware sandbox that successfully detects and stops all types of malware including advanced evasive malware. Our sandbox is meant for use by at least the following customer segments:

  • Network security companies.
  • Endpoint security companies.
  • Security operations centers (SOCs) at enterprises.
  • Managed security providers running SOCs.
  • Incidence response teams
  • Threat intelligence vendors.

In each of these segments, the customer submits files to our sandbox for evaluation. Our sandbox then returns a report for each file describing its dynamic behavior.

Available Deployments


Cloud Hosting


70% more indicators of compromise detected on randomly selected malware data sets than a leading sandbox containing ad-hoc anti-evasive techniques.
Handles all kinds of evasive malware. Existing bare-metal or full-system emulation only handle anti-VM malware.
Handles zero-day or previously unknown evasions. Ad-hoc techniques used in existing sandboxes are easily circumvented by advanced malware.

Interested in learning more?