Playing in the Sandbox

2010 can't take credit for introducing the concept of the sandbox as a security control, but it does seem to be the year that it became more widely adopted and entered the mainstream vocabulary. Products such as the Google Chrome Web browser and Adobe Reader software both embraced sandboxing as a means of preventing attacks and exploits.

The sandbox is basically a safe zone that is segregated from the rest of the application or PC. Code--such as Javascript--is allowed to run within the sandbox, but can not infect or impact the rest of the system. Using a sandbox as a security control helps these applications prevent many of the most common attacks.

Sandboxing may move beyond individual applications, though. A spokesperson for commented to say, "Fully virtualized sandboxing solutions are making their way onto the market, specifically to address Web-borne attacks that defeat even application sandboxes, including trust-based exploits against users, e.g., fake antivirus, poisoned SEO, and kernel exploits."

Banner Year for Microsoft