ANY.RUN Sandbox Reviews & Product Details

Overall, I like the website; the user interface is easy to use, the analysis of URLs and files is simple, the overview during the analysis is great, very informative and also understandable. I have never really used customer support myself, but my colleague has told me that they are relatively prompt and informative in providing assistance. I use ANY.RUN at least once a week and have never really had problems with the analyses. Implementing or adding URLs and files works very well every time, and I have never noticed any issues with uploading. Review collected by and hosted on G2.com.

What I like less is the resolution of the analysis, however, everything is still readable. Review collected by and hosted on G2.com.

The best thing i like about any run sandboxing tool is that it provides a very accurate results and the GUI is very user friendly and easy to use.

It helps the user for easy implementation of the sandboxing.

I use this sandboxing tool very often and frequently as a part of my daily BAU. It consist of a variety of features which allows the user to analyse on ease.

Also, in case of any queries the customer support is very responsive and supportive.

It also provide various integration features to implement with our day-to-day tools for on the go use. Review collected by and hosted on G2.com.

The only thing i dislike is while entering a base-64 URL it gives an error for incorrect URL. Review collected by and hosted on G2.com.

ANY.RUN has become one of the most valuable tools in my malware analysis workflow. The interactive sandbox is incredibly fast, intuitive, and gives me real-time visibility into process behavior, network traffic, file system actions, and registry modifications—all in one place. The fact that I can interact with the malware live (click buttons, enter text, browse folders) sets it apart from traditional static sandboxes.

The preconfigured analysis environments save a lot of time, and the ability to pivot into deeper analysis—like unpacking, process tree visualization, and network IOCs—is extremely helpful. Their public submissions database is also a great resource when hunting emerging threats.

What I Like Most:

Real-time interactive analysis

Beautiful and clear process tree visualization

Rich metadata and automatic extraction of IOCs

Easy to use even for junior analysts

Great for SOC, DFIR, and malware research Review collected by and hosted on G2.com.

Would love to see even more OS/Browser versions in interactive mode

Heavy samples sometimes take a bit longer to load—but still faster than many alternatives Review collected by and hosted on G2.com.

I use ANY.RUN Sandbox to review suspicious links and files related to phishing. I like it because the analysis is interactive and in real-time, which means I can see what's happening as it runs and not just wait for a final report. That helps me a lot to quickly understand if something is malicious. Additionally, the initial setup was quite simple, as registering and accessing the platform didn't take much time. Review collected by and hosted on G2.com.

Sometimes the free version falls a bit short, especially in analysis time or in some advanced features. They could extend the analysis time a bit. It would also help to have some advanced features enabled in a limited way, to better test them before moving to a paid plan. Review collected by and hosted on G2.com.

I really like the fact that ANY.RUN Sandbox generates a permanent report link after completing a run. This makes it easy for me to check reports later. I enjoy how the link opens a full interactive report, allowing an easy view of the process tree, network traffic, and IOCs. The ability to customize privacy settings is great. Public link option lets anyone view the analysis, while the private option restricts access to only me and my team. I like the ability to share the interactive report like a read-only, which is ideal for soft reviews and incident tickets. I appreciate the export feature that offers analysis results in multiple formats like HTML, JSON, and MSP, making it really easy for us to extract reports and share with our internal team. I find the initial setup very easy, just need to create a profile on the ANY.RUN website and it's ready for use. It's a breeze to use for my day-to-day operations. Review collected by and hosted on G2.com.

Sometimes, when uploading internal documents, there's no option to turn off the VirusTotal upload. This can be problematic because it involves internal, highly sensitive client data. Having the ability to disable the VirusTotal upload for sample analysis would be very helpful. Review collected by and hosted on G2.com.

We utilize Any.Run Sandbox to analyze email attachments received from users in order to determine their legitimacy and identify potential malicious content. The sandbox environment allows us to safely observe the behavior of files or software in an isolated setting, ensuring our internal systems remain protected from exposure. Its very easy to use and convenient yet very powerful tool. Review collected by and hosted on G2.com.

The product has limitation like file size is very limited, the time is also limited some time the time runs out before the investigation completes. Review collected by and hosted on G2.com.

ANY.RUN sandbox provides a powerful and advanced Threat Analysis Platform, significantly improving and broadening visibility into potential threats that may impact your organization. Giving the opportunity to understand behavior of each sample that we intended to analyze, in addition to an enrichment of every Analysis with the different tools and third party sources that ANY.RUN enables to each Report based on this most important Security and Compliance Frameworks. Easy to understand and making it part of any IT Security Team that is trying to create a Threat Intelligence process on the organization make ease to implement and fit on internal Threat Intelligence Procedures. Review collected by and hosted on G2.com.

I would like to see a direct integration with the Crowdstrike Platform, so that all the intelligence provided by ANY.RUN can be incorporated into the security IT architecture of any organization aiming to address today's threats and adversaries. Review collected by and hosted on G2.com.

I like the live interaction feature of ANY.RUN Sandbox, as it allows me to interact within the desktop rather than just receiving a report from other vendors. It lets me test live and mimic the output as if I'm opening the file from my local desktop, all without having to worry about the outcome if the file or link is deemed malicious since everything is contained within ANY.RUN Sandbox. The initial setup was easy and straightforward. Review collected by and hosted on G2.com.

I wish ANY.RUN Sandbox had the feature to select the operating system. Right now, we can't mimic the end user's environment, like macOS or Linux. Review collected by and hosted on G2.com.

ANY.RUN is an easy to use platform that we use regularly to confirm nagging suspicions when something "nearly ok" makes it through email filters. The ability to quickly review all the actions of a nefarious link or file provides a clear visual aid to help new members of the team learn new vectors. Review collected by and hosted on G2.com.

The only problem I can think of isn't even an issue with ANY.RUN, but a testament to threat actors, is that many inspections stop as soon as infection products detect the presence of a VM, thus limiting insights. That being said, any time links don't fully resolve, it's a clear sign that we were right to be concerned. Review collected by and hosted on G2.com.

I use ANY.RUN Sandbox to analyze potentially malicious samples and assess software behavior. It allows me to safely determine if a file or URL is malicious without risking my devices. I like the ease of use and the range of machines available, particularly the ability to perform analysis in both Windows and Linux environments, allowing for detailed checks. The simplicity of the platform and how easy it was to register and get started also stand out to me. Review collected by and hosted on G2.com.

The price point can feel a little steep, especially if you are using it as an individual. Review collected by and hosted on G2.com.