Cloud SWG: Malware Advanced Sandbox Enhancement
The maintenance is now complete. Thanks for your patience.
The scheduled maintenance is now underway. We'll keep you updated on our progress.
Beginning October 21, 2024, Broadcom will update the Cloud SWG with a new version of the sandbox engine associated with the Malware Advanced Service. This maintenance activity is expected to complete on October 23, 2024. Existing customers will be migrated automatically without the need for manual reconfiguration. All historical reports will be preserved and the migration is not expected to cause any issues or outages. While the sandbox will be new to Cloud SWG, it has been live in production for our Email Security Service and Symantec Endpoint Security Complete customers for over a year with excellent performance and efficacy.
Impact
- The new sandbox is fully integrated with our full stack of cloud based detection capabilities:
- Utilizes metadata from our global intelligence network to eliminate known threats and benign files.
- Uses file content, age, frequency and other factors to identify threats that would otherwise be missed.
- Advanced machine learning to detect threats that have never been seen before.
- Static scanning, disassembly, entropy analysis, emulation, multi-level embedded/encoded artifact extraction for analysis.
- Executes potential malware in a controlled sandbox environment with new active in-line evaluation, new patterns, evasion detection, and other advanced sandbox techniques to maximize efficacy.
- Previously file verdicts were presented as 1-10, they will now be either ‘Clean’, ‘Suspicious’ or ‘Malicious’ for simplicity.
- The malware SIEM feed will include a new field with this verdict (‘ma-sb-verdict’)
- Emails sent for suspicious and higher post-downloaded threats will now include a link to the report, as opposed to a pdf report as the pdfs were often being detected by spam filters as malicious.
- The Cloud SWG detonation reports will feature new patterns, categories and other minor formatting changes.
Required Action
No action is necessary, as customers will be migrated automatically without the need for manual reconfiguration.
Notice
This communication is related to the Cloud SWG public infrastructure. For updates related to the Symantec Gov Cloud infrastructure, subscribe to status notifications for the "FedRAMP" component at: https://status.broadcom.com/services/cloud-secure-web-gateway.
Support
Questions? Contact technical support by visiting: https://support.broadcom.com/security.
For service status and maintenance updates visit and subscribe to Broadcom Service Status: https://status.broadcom.com
-
Cloud Secure Web Gateway
-
Portal & Reporting
- Reporting Services and Portal Dashboards
-
Portal & Reporting
Find Your Subscription
We’ll find your subscription and send you a link to login to manage your preferences.
Check Your Inbox
We’ve found your existing subscription and have emailed you a secure link to manage your preferences.
Subscribe to Status Updates
We’ll use your email to save your preferences so you can update them later.
-
Email{{ value }}
-
Text Message{{ value }}
-
Slack
-
Microsoft Teams{{ value }}
-
Google Chat
Subscribe to other services using the bell icon on the subscribe button on the status page.
Unsubscribe Completely?
You’ll no long receive any status updates from Broadcom Service Status, are you sure?
{{ error }}
You’re Unsubscribed!
We’ll no longer send you any status updates about Broadcom Service Status.