SonicWall has revealed that a new Capture Cloud engine has discovered hundreds of new malware variants not seen before by sandboxing technology. Through the use of previously unannounced patent-pending technology, SonicWall Capture Labs security researchers engineered an advanced method for identifying and mitigating threats through deep memory inspection — all in real time, said the firm.
“Threat actors have been so far ahead of the game they’ve been able to create highly evasive malware without the greater industry even knowing,” said SonicWall president and CEO Bill Conner. “This new real-time deep memory inspection technology (RTDMI), coupled with more than a decade of machine-learning experience, will help level the playing field and eliminate some of the most challenging attack vectors. The new engine is the latest addition to our Capture Cloud Platform that reinforces our leadership position.”
Operational for a while, the new SonicWall Capture Cloud Real-Time Deep Memory Inspection (RTDMI) technology and engine is discovering hundreds of malware strands not detected by sandboxing technology, said the firm.
SonicWall said it is unveiling this new technology to strengthen the company’s automated real-time breach detection and prevention platform. SonicWall RTDMI is a patent-pending technology and process utilised by the SonicWall Capture Cloud to identify and mitigate even the most insidious modern threats, including future Meltdown exploits.
The new RTDMI technology proactively detects and blocks unknown mass-market malware via deep memory inspection in real time. It detects and blocks malware that does not exhibit any malicious behaviour and hides its weaponry via custom encryption. It forces malware to “reveal” its weaponry into memory. It identifies and mitigates sophisticated attacks where weaponry is exposed for less than 100 nanoseconds.
SonicWall deployed the RTDMI engine into the SonicWall Capture Cloud Platform and is leveraging the technology to support SonicWall’s layered security platform, which includes next-generation firewalls, wireless network security, email security, secure mobile and remote access offerings, as well as cloud and IoT solutions.