1. Overview
Sandbox is a feature in Graphus that allows end-users to investigate suspicious attachments and URLs in an email. Graphus will send a hash of the file or link to its partners for investigation. To protect the privacy of your or your customer's files, Graphus will never upload or submit any original attachments.
2. Setup
An admin can perform the setup for this feature on the Graphus portal. Refer to the below steps for the setup:
- Log into the Graphus portal, and navigate to the settings page (https://cloud.graph.us/settings).
- Ensure to turn ON the Sandboxing option.
- Scroll down to the end of the page and click Save Changes.
3. How does this feature work?
This feature will work for the organization for which the Sandbox is enabled. You can use this feature on the following pages: Quarantine, EmployeeShield®, and Phish911™.
-
Quarantine:
- Go to the Quarantine page (https://cloud.graph.us/quarantinedAlerts).
- Select the Sandbox-enabled organization and click the investigation hyperlink from the table.
-
- Click the Sandbox button from the top menu on the Investigate modal window. You can see two buttons: Submit Data and Retrieve Results.
- Click Submit Data to submit a hash of your file or an URL. Once you click Proceed, the data will be submitted for scanning.
- You can retrieve the results by clicking Retrieve Results. The analysis of your data can take a few seconds to a few minutes.
- The Sandbox Scan results will be shown per resource (file or URL) and you will see the number of partners who reported positive detections (for example 2 out of 90). Extend the Resource row to see the detailed result per partner.