Analysis Settings

Overview

Enclave's analysis engine can be fine-tuned to match your organization's security requirements. This guide covers the key configuration options available.

Analysis Timeouts

analysis:
  timeout:
    file: 300  # 5 minutes
    url: 180   # 3 minutes
    memory: 600 # 10 minutes

Adjust these values based on your needs. Longer timeouts allow for more thorough analysis but reduce throughput.

Sandbox Environments

Enclave supports multiple analysis environments:

• Windows 10 (default)
• Windows 7
• Ubuntu 20.04
• Kali Linux

Enable or disable environments in config/environments.yml:

environments:
  windows10: true
  windows7: false
  ubuntu: true
  kali: false

Network Simulation

Configure network behavior for sample analysis:

network:
  internet_access: false
  simulated_services:
    - dns
    - http
    - smtp
  allowed_domains:
    - "*.microsoft.com"
    - "*.google.com"

Memory Limits

Set resource constraints for analysis containers:

resources:
  memory: "4g"
  cpu_count: 2
  disk_space: "50g"