Support

Support for business applications

Kaspersky Anti Targeted Attack (KATA) Platform

Architecture of the application

Sandbox component

Kaspersky Anti Targeted Attack (KATA) Platform
Нет результатов
Knowledge Base Online Help
FAQ Download Forum Contact support Recovery tools

Sandbox component

8 November 2023

ID 247495

Servers hosting the Sandbox component run virtual machines with images of operating systems.

The Sandbox component starts objects in these operating systems and analyzes the behavior of the objects to detect malicious activity and signs of targeted attacks to the corporate IT infrastructure.

By default, the maximum file size scanned by the Sandbox module is 100 MB. You can configure scan settings in the administrator menu of the application management console.

The maximum level of nesting for scanned archives is 32.

The maximum number of objects that can be in queue to be scanned by the Sandbox component per day is 20,000 objects. When this limit is reached, the application deletes 10% of the objects that have been queued for scanning the longest and replaces them with new objects queued for scanning. The deleted objects are saved in the application with the NOT_SCANNED status.

See also

Architecture of the application

Sensor component

Central Node component

Endpoint Agent component

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.