New
#11
If you use virtual disk in VM-s, then if it become infected, you can easily recreate the virtual disk. If there's no other factors (network share, shared folders between VM and host, virtual disk not opened in host directly) , the action heroes can't break out from the virtual environment. It means the VM may become infected (no immunity), but fully separated, so the host is safe.
If you want to test lot of dangerous things, use differential virtual disks or checkpoints/snapshots. Easy to revert back to previous state, so no need to reinstall OS and setup everything again, just go back in time before you test the first software.
Sandbox usually run in the host environment, and there's a risk to something break out from it, infecting the host OS.
The Virtual machine is much more safer (if its fully separated).
Btw: 8 GB or ram is enough.. but paging load become higher and higher. On HDD, this means high performance drop,
on SSD, some performance drop and SSD wearing (this will make the SSD kill sooner than expected).
My developer host a bit overkill, for VM development 33GB (32GB+overhead) dedicated to VMs, no swap/pagefile, also 8GB (dynamically allocated) reserved for RAMdisk (ex. for Temp folders, reduce NVME SSD wearing).