How do I upload files to the Sandbox Scanning Portal?

Sandbox provides an additional layer of security against zero-day threats and Advanced Persistent Threats (APTs) through integrated file behavioral analysis. The Zscaler service runs and analyzes files in a virtual environment to detect malicious behavior. It propagates a hash of malicious files to all Zscaler Enforcement Nodes (ZENs) throughout the cloud, effectively maintaining a real time blacklist so it can prevent users anywhere in the world from downloading malicious files.

With the Cloud Sandbox subscription, you can manually submit suspicious files for analysis by uploading it to the Sandbox Scanning Portal: http://filecheck.zscaler.com/.

After you upload a file, the Sandbox engine does the following:

  • Executes and monitors suspicious objects in a controlled sandbox
  • Records and analyzes any malicious behaviors

When the Sandbox analysis is complete, you can see How do I interpret Sandbox Scanning Portal results? for more information about the results. You can also see How do I view the Sandbox Detail Report? for instructions on how to view the Sandbox Detail Report.