Malware analysis sandbox service
Learn about the malware analysis sandbox service and determine if this service is right for your agency.
A malware analysis sandbox enables cybersecurity and digital professionals to analyse malware in a safe and controlled environment without risking their organisation’s live network environment. For example, if a suspicious email containing potentially malicious file attachments or links is received by users, clicking the links or opening files in a malware analysis sandbox means that any hidden malware, no matter how destructive, will remain contained within the confines of the sandbox environment and not cause any harm to live systems.
The malware analysis sandbox service uses a vendor-provided platform that specialises in the collection, processing, analysis, and dissemination of threat intelligence.
This service is provided by the Cyber Security Unit free of charge to all Queensland Government entities including Queensland Government departments, statutory bodies, local government authorities and government owned corporations.
Using this service helps enable Queensland Government entities to meet their obligations as specified under the Information security policy (IS18:2018) and improve cyber security maturity.
Business benefits
- Reduces the potential for business disruption and reputational damage by analysing files and attachments in a safe and controlled environment, rather than an organisation’s live computing environment.
- Increases the capacity and capability of local ICT support teams to detect malicious software quickly and effectively and to protect against future attacks.
- Low barrier to entry, the malware analysis sandbox service is a funded service available to all Queensland Government entities.
Technical Characteristics
- Behaviour-based dynamic analysis of potentially malicious code in a controlled environment to identify interactions with systems.
- A cloud based, isolated sandbox environment that ensures that malware analysis does not impact the production environment, analysis takes place on virtual machines.
- File, URL, and code analysis for Windows, Linux, Android, and macOS environments.
- Hosted within data centres located in Australia.
All government agencies and related bodies are eligible to access this service.
| Entity type | Eligibility | Cost |
|---|---|---|
| Queensland Government agencies | Eligible | No cost |
| Statutory bodies | Eligible | No cost |
| Local goverment | Eligible | No cost |
| Government-owned corporation | Eligible | No cost |
Use of this service requires acknowledgement of the associated fair use policy. The service currently operates on a shared tenancy restricted to 2000 daily malware analysis actions (known as “detonations”) across 200 users. Users with access to this service are expected to adhere to the fair use parameters in good faith by managing the number of detonations triggered by users per day. Should you have a requirement to perform a larger volume of detonations, please contact the Cyber Security Unit at cybersecurityunit@qld.gov.au for further advice.
Complete the malware analysis sandbox service application form to onboard this service or contact your Queensland Government Cyber Security Unit representative at cybersecurityunit@qld.gov.au should you require any further information
Contact the CITEC Service Desk at service@citec.com.au should you require technical support for this service.