Dell SonicWall’s multi-engine sandbox approach to capturing evasive malware
As businesses in Asia Pacific become more digitized, enterprises and governments in this region have to ensure that their security programs are updated and future-proof to prevent imminent breaches from constantly evolving threats. In 2015, #Dell #SonicWall noted a rise in the use of exploit kits that have evolved with greater speed, heightened stealth and novel shape-shifting abilities. This is driven by the overwhelming number of exploit kit options that offer attackers a steady stream of opportunities to target the latest zero-day vulnerabilities. According to the #DellSecurity Annual Threat Report, there was a 73% increase globally in unique malware samples in 2015 over 2014, of which most of these threats were targeted, evasive and zero-day attacks found across computing systems and devices. Dell Security alone has blocked 2.17 trillion IPS attacks and 8.19 billion malware attacks throughout 2015. Covert intelligence In an recent interview via email with Networks Asia, Kent Shuart, director of APJ SonicWall Product Marketing at Dell Security, pointed out that smarter threats are now designed to evade discovery by single sandbox approaches to identifying malware. “Organizations need an intelligent, advanced threat detection system that analyzes the behavior of suspicious files and uncovers hidden malware without being found,” Shuart emphasized. The alarming rise in shape-shifting threat tactics and zero-day attacks has been driving strong customer and partner demand for Dell SonicWall Capture Service, an innovative multi-phase, multi-engine approach to advanced threat analysis that also supports prevention. In the first phase of this approach, SonicWall employs its Reassembly Free Deep Packet Inspection engine to inspect files at line speeds to identify known threats without slowing down network performance. Suspicious files are passed on to a second phase, SonicWall’s in-house developed sandbox engine, which incorporates the VMRay third-generation Analyzer threat detection engine and Lastline Breach Detection platform to deliver a three-layer defense that organizations need to safeguard against unknown threats.