FortiSandbox

Details
Content
Dependencies
Version History

FortiSandbox is an advanced security tool that goes beyond standard sandboxing. It combines proactive mitigation, enhanced threat detection, and in-depth reporting, using Fortinet's dynamic antivirus technology, dual-level sandboxing, and FortiGuard cloud integration to counter advanced threats. It effectively detects viruses, Advanced Persistent Threats (APTs), and malicious URLs, integrating seamlessly with existing Fortinet devices like FortiGate and FortiMail for comprehensive network protection.

Pack Contributors:

Lior Sabri

Contributions are welcome and appreciated. For more info, visit our Contribution Guide.

Pack Contributors:

Lior Sabri

Contributions are welcome and appreciated. For more info, visit our Contribution Guide.

Dashboards

Name	Description
FortiSandboxv2 API Execution Metrics

Integrations

Name	Description
FortiSandbox v2	FortiSandbox is an advanced security tool that goes beyond standard sandboxing. It combines proactive mitigation, enhanced threat detection, and in-depth reporting, using Fortinet's dynamic antivirus technology, dual-level sandboxing, and FortiGuard cloud integration to counter advanced threats. It effectively detects viruses, Advanced Persistent Threats (APTs), and malicious URLs, integrating seamlessly with existing Fortinet devices like FortiGate and FortiMail for comprehensive network protection.
FortiSandbox (Deprecated)	FortiSandbox integration is used to submit files to FortiSandbox for malware analysis and retrieving the report of the analysis. It can also provide file rating based on hashes for already scanned files. Deprecated. Use FortiSandboxv2 instead.

Name

Description

FortiSandbox v2

FortiSandbox (Deprecated)

FortiSandbox integration is used to submit files to FortiSandbox for malware analysis and retrieving the report of the analysis. It can also provide file rating based on hashes for already scanned files. Deprecated. Use FortiSandboxv2 instead.

Playbooks

Name	Description
FortiSandbox - Loop For Job Verdict	Playbook used to retrieve the verdict for a specific job id for a sample. Deprecated. Use `fortisandbox-submission-file-upload` instead. submitted to FortiSandbox
FortiSandbox - Upload Multiple Files	Playbook used to upload files to FortiSandbox. Deprecated. Use `fortisandbox-submission-file-upload` instead.
Detonate File - FortiSandbox	Main playbook to upload submissions to FortiSandbox, poll for verdict. Deprecated. Use `fortisandbox-submission-file-upload` instead. and retrieve report
FortiSandbox - Loop for Job Submissions	Playbook used to retrieve job id for submissions of fortisandbox using. Deprecated. Use `fortisandbox-submission-file-upload` instead. the submission id.

Widgets

Name	Description
API Call Results for FortiSandbox2

Integrations

Name	Description
FortiSandbox (Deprecated)	FortiSandbox integration is used to submit files to FortiSandbox for malware analysis and retrieving the report of the analysis. It can also provide file rating based on hashes for already scanned files. Deprecated. Use FortiSandboxv2 instead.
FortiSandbox v2	FortiSandbox is an advanced security tool that goes beyond standard sandboxing. It combines proactive mitigation, enhanced threat detection, and in-depth reporting, using Fortinet's dynamic antivirus technology, dual-level sandboxing, and FortiGuard cloud integration to counter advanced threats. It effectively detects viruses, Advanced Persistent Threats (APTs), and malicious URLs, integrating seamlessly with existing Fortinet devices like FortiGate and FortiMail for comprehensive network protection.

Name

Description

FortiSandbox (Deprecated)

FortiSandbox v2

Playbooks

Name	Description
FortiSandbox - Upload Multiple Files	Playbook used to upload files to FortiSandbox. Deprecated. Use `fortisandbox-submission-file-upload` instead.
Detonate File - FortiSandbox	Main playbook to upload submissions to FortiSandbox, poll for verdict. Deprecated. Use `fortisandbox-submission-file-upload` instead. and retrieve report

Required Content Packs (3)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Playbooks	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (7)

Pack Name	Pack By
Filters And Transformers	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR
Base	By: Cortex XSOAR
Common Playbooks	By: Cortex XSOAR
Rasterize	By: Cortex XSOAR
Aggregated Scripts	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

2.0.5 - 7827247 (March 22, 2026)

Documentation and metadata improvements.

Related pull requests:
- 43566

Download

2.0.4 - 5636304 (October 29, 2025)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 41629

Download

2.0.3 - R5469292 (October 20, 2025)

Integrations

FortiSandbox v2

Fixed an issue where URL indicators were not correctly identified in some cases.
Updated the Docker image to: demisto/python3:3.12.11.4819260.

Related pull requests:
- 41464

Download

2.0.2 - 4096037 (July 8, 2025)

Integrations

FortiSandbox v2

Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 40498

Download

2.0.1 - R3980324 (June 26, 2025)

Integrations

FortiSandbox v2

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

2.0.0 - 931860 (April 3, 2024)

Dashboards

New: FortiSandboxv2 API Execution Metrics

(Available from Cortex XSOAR 6.10.0).

Integrations

FortiSandbox (Deprecated)

Deprecated. Use FortiSandboxv2 instead.

New: FortiSandbox v2

New: FortiSandbox is an advanced security tool that goes beyond standard sandboxing. It combines proactive mitigation, enhanced threat detection, and in-depth reporting, using Fortinet's dynamic antivirus technology, dual-level sandboxing, and FortiGuard cloud integration to counter advanced threats. It effectively detects viruses, Advanced Persistent Threats (APTs), and malicious URLs, integrating seamlessly with existing Fortinet devices like FortiGate and FortiMail for comprehensive network protection.

Playbooks

Detonate File - FortiSandbox

Deprecated. Use fortisandbox-submission-file-upload instead.

FortiSandbox - Loop For Job Verdict

Deprecated. Use fortisandbox-submission-file-upload instead.

FortiSandbox - Loop for Job Submissions

Deprecated. Use fortisandbox-submission-file-upload instead.

FortiSandbox - Upload Multiple Files

Deprecated. Use fortisandbox-submission-file-upload instead.

Widgets

New: API Call Results for FortiSandbox2

(Available from Cortex XSOAR 6.10.0).

Related pull requests:
- 33716
- 33400

Download

1.0.5 - 5976562 (August 7, 2023)

Integrations

FortiSandbox

Documentation and metadata improvements.

Related pull requests:
- 28648

Download

2.0.5 - 7827247 (March 22, 2026)

Documentation and metadata improvements.

Related pull requests:
- 43566

Download

2.0.4 - 5636304 (October 29, 2025)

Changes are not relevant for XSIAM marketplace.

Related pull requests:
- 41629

Download

2.0.3 - R5469292 (October 20, 2025)

Integrations

FortiSandbox v2

Fixed an issue where URL indicators were not correctly identified in some cases.
Updated the Docker image to: demisto/python3:3.12.11.4819260.

Related pull requests:
- 41464

Download

2.0.2 - 4096037 (July 8, 2025)

Integrations

FortiSandbox v2

Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 40498

Download

2.0.1 - R3980324 (June 26, 2025)

Integrations

FortiSandbox v2

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404

Download

2.0.0 - 933455 (April 3, 2024)

Integrations

FortiSandbox (Deprecated)

Deprecated. Use FortiSandboxv2 instead.

New: FortiSandbox v2

New: FortiSandbox is an advanced security tool that goes beyond standard sandboxing. It combines proactive mitigation, enhanced threat detection, and in-depth reporting, using Fortinet's dynamic antivirus technology, dual-level sandboxing, and FortiGuard cloud integration to counter advanced threats. It effectively detects viruses, Advanced Persistent Threats (APTs), and malicious URLs, integrating seamlessly with existing Fortinet devices like FortiGate and FortiMail for comprehensive network protection.

Playbooks

Detonate File - FortiSandbox

Deprecated. Use fortisandbox-submission-file-upload instead.

FortiSandbox - Upload Multiple Files

Deprecated. Use fortisandbox-submission-file-upload instead.

Related pull requests:
- 33716
- 33400

Download

1.0.5 - 5976562 (August 7, 2023)

Integrations

FortiSandbox

Documentation and metadata improvements.

Related pull requests:
- 28648

Download

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	February 14, 2021
Last Release	March 22, 2026

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

By downloading or using Marketplace content, you agree to the applicable Terms of Use and End User License Agreement. Third-party content is provided by its publisher, and Palo Alto Networks does not warrant, endorse, support, or assume responsibility for content not expressly identified as owned by Palo Alto Networks.