Sandboxing

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> Sandboxing or using a sandbox environment is
00:00
another important technique when it comes to
00:00
cloud development that we want to cover.
00:00
In this lesson, we're going to talk about the use of
00:00
sandboxing in cloud development,
00:00
the different use of the term sandboxing,
00:00
and the security benefits of sandboxing.
00:00
In the context of cloud development,
00:00
sandboxing really refers to two distinct things.
00:00
One, it could be the physical separation,
00:00
isolation of the machines
00:00
that are used to do development,
00:00
or to test a piece of software or it could refer to
00:00
the logical isolation of one environment from another.
00:00
Then there's also process sandboxing,
00:00
where a process can run,
00:00
a set of code can run in isolation
00:00
from interference from other aspects.
00:00
When it comes to testing.
00:00
Testing something in a sandbox environment is ideal for,
00:00
especially if you're worried about a vulnerability
00:00
or you're trying to do forensics on a piece of malware.
00:00
Putting it in a sandbox environment prevents it
00:00
from getting out and affecting other systems.
00:00
When it comes to the environment separation using
00:00
a logical isolation of sandbox is very
00:00
useful in cloud development from
00:00
a software life-cycle process,
00:00
you want to keep your testing and
00:00
development environments separate from
00:00
what's going on and production to
00:00
prevent code that isn't properly tested or
00:00
vetted from being deployed to production and introducing
00:00
vulnerabilities into
00:00
the environment that is customer-facing.
00:00
I want to reflect for a moment,
00:00
what are examples of sandboxing that you observed?
00:00
Have you had to do analysis
00:00
or forensics where you want to make
00:00
sure that anything nasty on
00:00
a machine doesn't get out of the environment?
00:00
When you're developing a piece of software,
00:00
how do you ensure that the code is properly vetted by
00:00
keeping logical isolation
00:00
between different development environments?
00:00
Then I want you to think about, are there instances you
00:00
now see could benefit from sandboxing?
00:00
How sandboxing could be employed in
00:00
your SDLC to improve security?
00:00
In summary, we talked about the use
00:00
of sandboxing in cloud environments.
00:00
Talked about the use cases for one sandboxing is used,
00:00
such as testing, code isolation
00:00
as well as physical environment separation.
00:00
Then we talked about the security benefits
00:00
>> of sandboxing.
00:00
>> Basically, it just prevents
00:00
>> any malicious software that's
00:00
>> on whatever's in the sandbox
00:00
>> from being able to get out.
00:00
>> Then also, when it comes to
00:00
the software development life-cycle,
00:00
it prevents untested or unverified code from
00:00
being deployed to production environment
00:00
where it can have an impact on your customers.
00:00
I'll see you in the next lesson.
Up Next