Capturing the World’s Latest Malware so You Can Fear Less
If anyone ever needs proof on how effective SonicWall Capture Labs is, look back to the WannaCry ransomware attack in May 2017, and just last week the NotPetya malware. In contrast to over 250,000 endpoints compromised in over 150 countries, SonicWall customers with active security subscriptions were largely unaffected.
Why were they unaffected?
Our customers were protected because SonicWall had identified and created signatures for all exploits of the SMB vulnerability, as well as early versions of WannaCry, weeks in advance. Any of our customers with active Gateway Anti-virus and Intrusion Prevention System (GAV/IPS) services received those signatures automatically, and thereby blocked this ransomware variant and the worm that spread it across the globe. This was possible because SonicWall Capture Labs gathers millions of samples of malware in order to protect our customers from the latest threats.
In 2016, SonicWall’s Capture Labs Threat Research processed over 60 million unique pieces of malware that were previously unknown to us. This included versions of polymorphic malware, newly developed malicious code and zero-day attacks. The result of this work created countless signatures and other countermeasures that protected our customers from the latest attacks across our product portfolio.
So where does SonicWall get all of these malware samples?
With over 1 million sensors placed around the world, our Capture Labs Research Team receives the largest amount of data from real customer traffic. Our SonicWall Capture Advanced Threat Protection (ATP) Service is a network sandbox that runs suspicious code to find unknown malicious code. Business networks will encounter an average of 28 new, zero-day versions of malware over a calendar year, Capture ATP is designed specifically to prevent this.
In addition, SonicWall participate in numerous industry collaboration efforts such as the Microsoft MAPP program so our researchers receive new verified threats before the public. We also actively engage in numerous international threat research communities and freelance researchers so our in-house team possesses samples of uncommon attacks and vulnerabilities.
Read this eBook to learn how to protect against ransomware with a multi-layer threat elimination chain to stop known and discover unknown malicious code targeting your organization.