“Threat actors have been so far ahead of the game they’ve been able to create highly evasive malware without the greater industry even knowing,” said SonicWall President and CEO Bill Conner. “This new real-time deep memory inspection technology, coupled with more than a decade of machine-learning experience, will help level the playing field and eliminate some of the most challenging attack vectors. The new engine is the latest addition to our Capture Cloud Platform that reinforces our leadership position.”
The new SonicWall Capture Cloud Real-Time Deep Memory Inspection (RTDMITM) technology and engine has been operational for months and is discovering hundreds of malware strands not detected by sandboxing technology.
“This is a revolution in engineering, execution and innovation,” said General Michael Hayden, Principal at the Chertoff Group, a global advisory firm focused on security and risk management. “To introduce this technology in the relatively early stages of these advanced attacks is a huge win for the security industry, as well as the public and private sectors.”
SonicWall is unveiling this new technology to strengthen the company’s automated real-time breach detection and prevention platform. SonicWall RTDMI is a patent-pending technology and process utilized by the SonicWall Capture Cloud to identify and mitigate even the most insidious modern threats, including future Meltdown exploits. The new RTDMI technology:
• Proactively detects and blocks unknown mass-market malware via deep memory inspection in real time
• Detects and blocks malware that does not exhibit any malicious behavior and hides its weaponry via custom encryption
• Forces malware to “reveal” its weaponry into memory
• Identifies and mitigates sophisticated attacks where weaponry is exposed for less than 100 nanoseconds
On Jan. 3, a new processor vulnerability, known as Meltdown, was published by Google’s Project Zero security team. A successful exploit of this vulnerability could allow an attacker to access sensitive information (e.g., passwords, high value crypto keys, login cookies, VPN credentials) inside protected memory regions on modern processors.
SonicWall Capture Labs threat researchers have validated SonicWall RTDMI technology is also effective against future exploits built on the Meltdown vulnerability, via the engine’s real-time analysis of instruction and memory usage.
How SonicWall Real-Time Deep Memory Inspection Works
SonicWall deployed the RTDMI engine into the SonicWall Capture Cloud Platform and is leveraging the technology to support SonicWall’s layered security platform, which includes next-generation firewalls, wireless network security, email security, secure mobile and remote access offerings, as well as cloud and IoT solutions.
SonicWall’s RTDMI technology detects and blocks malware that does not exhibit any malicious behavior and hides its weaponry via encryption. By forcing malware to reveal its weaponry into memory, the RTDMI engine proactively detects and blocks mass-market, zero-day threats and unknown malware.
Sandbox engines execute files in a virtual environment, log the resulting activity, and then, after execution, look for and attempt to correlate malicious behavior. The correlation and scoring of these activities and behaviors are prone to both false positives and false negatives.
Modern malware writers implement advanced techniques, including custom encryption, obfuscation and packing, as well as acting benign within sandbox environments, to allow malicious behavior to remain hidden. These techniques often hide the most sophisticated weaponry, which is only exposed when run dynamically and, in most cases, is impossible to analyze in real-time using static detection techniques.
SonicWall Capture Labs researchers leveraged a variety of deep-learning techniques to analyze code blocks of hundreds of terabytes of malware and related high-quality metadata of extracted features, and those combined insights resulted in the RTDMI solution.
“Sandbox techniques are often ineffective when analyzing the most modern malware. SonicWall’s RTDMI technology is very fast and very precise, and can mitigate sophisticated attacks where the malware’s most protected weaponry is exposed for less than 100 nanoseconds,” said John Gmuender, SonicWall CTO.
The Evolution of DPI
In 2004, SonicWall Capture Labs researchers pioneered the use of machine learning for threat analysis, and those insights and innovations led to the patented Reassembly Free Deep Packet Inspection technology scanning files for threats without requiring reassembly — on the fly blocking in real-time — resulting in a low-latency, high-throughput solution without memory constraints. Today, SonicWall’s machine-learning technology powers the protection provided by the Capture Cloud Platform.
“More than a decade ago we pioneered the use of reassembly-free, deep-packet inspection for the security industry, which changed the speed and effectiveness for inspecting and mitigating advanced cyber threats in real-time,” said Gmuender. “Coupled with our deep experience in machine learning and artificial intelligence, our advances in cloud technology allow us to quickly extend this value to our partners and customers. And we will continue to do so with future innovation in threat detection and prevention. Combining our deep security domain expertise with our experience and innovation in AI, we are continuing to take the offensive in the cyber arms race.”
SonicWall has been fighting the cyber-criminal industry for over 26 years, defending small, medium-size businesses and enterprises worldwide. Backed by research from SonicWall Capture Labs, our award-winning real-time breach detection and prevention solutions, coupled with the formidable resources of over 21,000 loyal channel partners around the globe, are the backbone, securing more than a million business and mobile networks and their emails, applications and data.
This combination of products and partners has enabled an automated real-time breach detection and prevention solution tuned to the specific needs of the more than 500,000 organizations in over 150 countries. These businesses can run more effectively and fear less about security.
Dubai Internet City
This release was published on openPR.
Permanent link to this press release:
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.
You can edit or delete your press release Vistar Communications here
News-ID: 940402 • Views: 430
More Releases for Capture
Capture Global Market With Professional Translation Services
For the companies to go global, they must understand the culture and language of the markets they want to penetrate. One of the common ways to achieve this is to opt for professional translation services. Language translation service in India is one of the fastest-growing sectors as more businesses are looking forward to expanding their operations overseas. India Is Key For The Translation Industry Because Of The Following Reasons: 1. India is the largest
Specialty Zeolites Market – Capture the Bountiful Opportunities
Market Definition: The global specialty zeolites market is expected to generate high revenue during the forecast period. Factors such as increasing construction activities pertaining to infrastructural development and commercial construction in developing regions, elevated demand of coatings and paints are anticipated to propel the specialty zeolites market. There is a surge in the demand for specialty zeolites owing to infrastructural advancements coupled with approval for Foreign Direct Investment (FDI) in the
Lead Capture Phone Answering Service
Upclose & Virtual, a Virtual Assistant Service provider in Australia, provides a useful service to their small business clients - the company answers incoming phone calls from present and potential customers and manages all of the business's management jobs so owners can concentrate on growing and develop their companies. Upclose & Virtual's small business clients which are usually working in customer-facing conditions and cannot always be achieved at a brick-and-mortar office.
Report 2017 Facial Motion Capture Global Research
"Global Facial Motion Capture Market Research Report 2017" The Report covers current Industries Trends, Worldwide Analysis, Global Forecast, Review, Share, Size, Growth, Effect. . . Description- '
Laser Capture Microdissection Market report , 2015 – 2020
Laser capture microdissection (LCM) is a technology that provides the scientific community with a rapid and reliable method to procure a homogeneous population of cells under direct microscopic visualization. Laser capture microdissection technology has been used in wide variety of applications such as organ transplantation, pathology, gene expression, molecular characterization of cancer cells and others. LCM technology can capture the tissue cells of interest and allowed accurate separation of tumor
Voltage Data Acquisition Systems Capture Transient Data
Log Signals from the kHz to MHz range CHESTERLAND, OH—April 4, 2016 Do you need to record voltage for your application? CAS DataLoggers offers versatile data acquisition systems from ADwin and Delphin which can record voltage signals from a variety of sensors, electronic devices, or other equipment. Models are available with sample rates in the kHz or MHz range suitable for capturing transient events or for the timing of very fast sequences.