ANY.RUN Sandbox Reviews & Product Details

We utilize Any.Run Sandbox to analyze email attachments received from users in order to determine their legitimacy and identify potential malicious content. The sandbox environment allows us to safely observe the behavior of files or software in an isolated setting, ensuring our internal systems remain protected from exposure. Its very easy to use and convenient yet very powerful tool. Review collected by and hosted on G2.com.

The product has limitation like file size is very limited, the time is also limited some time the time runs out before the investigation completes. Review collected by and hosted on G2.com.

ANY.RUN sandbox provides a powerful and advanced Threat Analysis Platform, significantly improving and broadening visibility into potential threats that may impact your organization. Giving the opportunity to understand behavior of each sample that we intended to analyze, in addition to an enrichment of every Analysis with the different tools and third party sources that ANY.RUN enables to each Report based on this most important Security and Compliance Frameworks. Easy to understand and making it part of any IT Security Team that is trying to create a Threat Intelligence process on the organization make ease to implement and fit on internal Threat Intelligence Procedures. Review collected by and hosted on G2.com.

I would like to see a direct integration with the Crowdstrike Platform, so that all the intelligence provided by ANY.RUN can be incorporated into the security IT architecture of any organization aiming to address today's threats and adversaries. Review collected by and hosted on G2.com.

ANY.RUN is an easy to use platform that we use regularly to confirm nagging suspicions when something "nearly ok" makes it through email filters. The ability to quickly review all the actions of a nefarious link or file provides a clear visual aid to help new members of the team learn new vectors. Review collected by and hosted on G2.com.

The only problem I can think of isn't even an issue with ANY.RUN, but a testament to threat actors, is that many inspections stop as soon as infection products detect the presence of a VM, thus limiting insights. That being said, any time links don't fully resolve, it's a clear sign that we were right to be concerned. Review collected by and hosted on G2.com.

The best thing i like about any run sandboxing tool is that it provides a very accurate results and the GUI is very user friendly and easy to use.

It helps the user for easy implementation of the sandboxing.

I use this sandboxing tool very often and frequently as a part of my daily BAU. It consist of a variety of features which allows the user to analyse on ease.

Also, in case of any queries the customer support is very responsive and supportive.

It also provide various integration features to implement with our day-to-day tools for on the go use. Review collected by and hosted on G2.com.

The only thing i dislike is while entering a base-64 URL it gives an error for incorrect URL. Review collected by and hosted on G2.com.

I find ANY.RUN Sandbox incredibly valuable as it allows me to safely detonate suspicious files or URLs and observe real-time behavior, which is essential for my role as a SOC analyst. The real-time interactive analysis is a feature I particularly appreciate, as it provides verdicts, IOCs, and risk scores within seconds, allowing me to make timely decisions and block malicious entities swiftly. The detailed reports offered by ANY.RUN Sandbox give me structured insights like MITRE ATT&CK mappings and behavioral timelines, which are crucial for accurate triage and seamless integration into SIEM/SOAR workflows. Eliminating the need to build a lab from scratch, ANY.RUN Sandbox offers a ready-to-use interactive environment that saves me both time and resources. It simplifies my investigations by eliminating manual VM setups, freeing me up to focus on high-value investigations. The tool's intuitive nature meant I could log in and start using it immediately, making the setup process effortless. The combination of these features significantly accelerates my investigations and enhances detection accuracy, making ANY.RUN Sandbox an indispensable tool in my cybersecurity toolkit. Review collected by and hosted on G2.com.

I find the limited free plan to be a constraint, as it does not allow for deep investigations without immediately needing an upgrade. The short VM timeouts of 60 seconds restrict the ability to fully observe multi-stage attacks that require more time for activities such as delayed payload drops or command and control callbacks. Additionally, the small file size limits of 16 MB hinder the testing of complex samples like bundled archives or installers, which are common in real-world attacks. Review collected by and hosted on G2.com.

I appreciate the ANY.RUN sandbox system because it functions like an online system, similar to a Docker or TryHackMe machine. This provides a valuable platform for IT security research, education, and the safe handling of suspicious and harmful content. One of the outstanding features is the detailed listing of reactions and triggered processes, which allows me to delve deeper into the analysis. The initial setup of ANY.RUN Sandbox was simple, enabling a smooth start with the tool. Overall, I find the service so beneficial that I would give it an unreserved recommendation with the highest rating of 10 out of 10. Review collected by and hosted on G2.com.

I use the free version of ANY.RUN Sandbox, where a 'detonation' is only available for a short time. This limitation means that I cannot always interact in time and may miss some activities that should be observed. Review collected by and hosted on G2.com.

I am able to watch as I safely detonate suspected malware. The report options, even for free users, is amazing, as are the TI Feeds which is critical to my work as a Cybersec Analyst. Any.Run is a tool I use to gather intel about emerging threats which while not affecting me directly, may, and I need to prepare for that. Lastly, the MITRE TTP IOCs are also important so I can perform adversary emulation more quickly. Review collected by and hosted on G2.com.

I wish there were more lower cost paid options, around $50 a month, but I understand why the price is so high given I work in this field and how important this data is. Review collected by and hosted on G2.com.

I rely on ANY.RUN Sandbox to safely analyze malware, which is incredibly important for maintaining security. It provides easy accessibility, allowing me to swiftly use the sandbox without any hassle. The speed and reliability of the platform stand out, enabling me to analyze threats quickly and consistently. I particularly value how ANY.RUN Sandbox aids users in safely understanding and handling threats, ensuring I can dissect and interpret potential risks effectively. It breaks down complex elements such as traffic analysis and process analysis in a way that is straightforward and accessible. This ease of breakdown means I can delve into detailed analyses without getting lost in complicated data. Overall, I find ANY.RUN Sandbox to be a valuable tool that serves my needs excellently and is a nice tool to have in my security toolkit. The seamless initial setup process further enhances its appeal, and I fully trust its capabilities, giving it a perfect 10 in terms of how likely I am to recommend it to others. Review collected by and hosted on G2.com.

I dislike the time limit for non-premium users; 5 minutes is too low. Review collected by and hosted on G2.com.

I genuinely appreciate ANY.RUN Sandbox for its easy accessibility and the fact that it's free to use. This makes it a highly valuable tool for gathering information on Indicators of Compromise (IOCs). The capability to run IOCs directly and efficiently gather information is significant for my research needs. I find ANY.RUN Sandbox to be one of the best sandboxes available, particularly because of how straightforward it is to use. Transitioning from Hybrid Analysis to ANY.RUN was remarkably easy, mainly due to the straightforward setup and the cost-free advantage. This makes ANY.RUN an especially appealing choice, and its ease of use stands out as a major advantage. Review collected by and hosted on G2.com.

I feel that integrating information from other Threat Intelligence (TI) sources into ANY.RUN Sandbox could significantly enhance its capabilities. Having a feature that merges data with ongoing research would provide a more comprehensive insight into Indicators of Compromise (IOCs) and improve the overall value of the tool. Review collected by and hosted on G2.com.

I love using ANY.RUN Sandbox for its capability to analyze suspicious links and attachments in a secure environment. It allows me to interact with files within the sandbox, which adds tremendous value by enabling me to safely execute files and observe any potential threats they might contain. This interactive feature helps me to thoroughly assess the behavior of a file in a controlled setting, enhancing my ability to detect threats. Additionally, the ease of the initial setup stands out, making it straightforward to get started with the tool. The overall design allows me to thoroughly test and diagnose without fear of risk to my system, ultimately offering peace of mind in threat analysis. Review collected by and hosted on G2.com.

I find it sometimes confusing to look at all the output from ANY.RUN Sandbox to determine if there was anything malicious or not. Review collected by and hosted on G2.com.