Navigating the Sandbox Buffet

Maxime Serrano, Figma, Inc.

Buggy software is a fact of life, and preventing all security vulnerabilities is near impossible. Organizations often have no choice but to run potentially risky software, such as parsing, thumbnailing, or compression libraries, within their infrastructure to do even basic work. Such software is frequently implemented in memory-unsafe languages, by third-parties, and is seldom designed to handle hostile user input. It’s no surprise that security news is replete with bug names like “ImageTragick.”

Fortunately, sandboxing can be a powerful defense in these scenarios. In the past, sandbox technologies were often expensive, immature, and operationally fickle, so only well-resourced organizations could leverage them effectively at scale. But today, we live in a democratized era of the sandbox buffet, where there is a surfeit of different ways to virtualize, contain, and jail processing. With so many options, it’s easier than ever to pick the right combination of sandboxing techniques that provide the most appropriate set of tradeoffs for isolating your workloads.

View the full Enigma 2023 program at https://www.usenix.org/conference/eni...