Kaspersky has introduced version 3.0 of its Research Sandbox, a malware investigation tool designed for security teams and researchers. The update includes new features aimed at improving file analysis, threat detection, and system performance, while also reducing hardware requirements.
“Built on over two decades of malware research, Kaspersky Research Sandbox combines our deep threat analysis expertise with cutting-edge technology,” said Boris Storonkin, product manager, Threat Intelligence at Kaspersky. “It empowers security teams with professional interactive malware investigation tool with even deeper analysis and optimized performance — now with twice lowered hardware requirements.”
Real-time threat investigation
A major addition to Sandbox 3.0 is the visual interaction feature, which allows analysts to monitor how malware behaves in real time through sample detonation. The tool now supports the use of investigation scripts, helping teams uncover more threat details during execution.
By integrating the Microsoft Antimalware Scan Interface (AMSI), Sandbox 3.0 can now better detect packed and obfuscated malware, including PowerShell scripts. These are tactics often used in modern cyberattacks to bypass standard security tools.
Flexible setup and broader insights
With this release, users can now choose between Kaspersky’s public and private networks for threat intelligence. The option to use Kaspersky Security Network (KSN) offers a more budget-friendly and quicker setup compared to the traditional Kaspersky Private Security Network (KPSN).
Sandbox 3.0 also introduces extended static analysis. By examining file attributes such as headers, string content, and data patterns, analysts can gain more insights into malware, even on operating systems that don’t yet support dynamic testing like macOS.
Improved user experience
Kaspersky has redesigned the tool’s interface to make threat research easier. The new System Activities page includes better visuals for report filtering, while the updated History table allows quick access to past investigation results.
“Kaspersky Research Sandbox 3.0 is built to meet the needs of today’s threat landscape,” said Storonkin. “We focused on creating a tool that supports faster, more informed decisions without heavy hardware demands.”