Home > Mechanisms > Sandbox



A sandbox is a testing environment that isolates untested or unknown code. Sandboxing protects operational systems and their data from unknown code that may have arrived on the network from unknown external sources. It can provide threat intelligence by analyzing code behavior, and can for example be used in conjunction with rogue executables captured in a honeypot or for testing an unknown VM image.

Figure 1 - An example of a sandbox being used to test an unknown VM instance.

Figure 1 is an example of sandboxing that isolates rogue VMs, preventing malicious or unapproved VMs from damaging or snooping on the rest of the compute resource, or escaping. Sandboxes restrict what a program can do, providing only the permission level it needs without adding additional permissions that could be abused. Another example is browser sandboxing of loaded Web pages. Web pages can run JavaScript code, but if the JavaScript code tries to access a local file on the compute resource, the request will fail because the code is being executed inside the sandbox.

Related Patterns: