With threats of almost every type on the rise, the SonicWall Capture Labs threat research team has been busier than ever in 2021. Our job is to gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat Network. This network consists of over a million security sensors in over 215 countries and territories, SonicWall’s internal malware analysis framework, shared threat intelligence and exploits from more than 50 industry collaboration groups and research organizations, and information from third-party security researchers.
We then cross reference and correlate this information to identify and distribute the right signature and IOCs (Indicators of Compromise) to our various security engines. These engines, in turn, protect our customers by blocking would-be attackers.
However, our customers would like to have direct access to this information to perform their own research. To help facilitate this, SonicWall is pleased to announce the release of Capture Labs Portal, a free-to-use centralized repository for comprehensive research that combines new and previously available tools into one easy-to-access portal.
On average, SonicWall receives more than a million malware candidates per month for evaluation and potential addition to our repository for malware, URLs/content filtering, CVEs and IPS signature databases. With the introduction of the Capture Labs Portal, researchers can perform the following actions from a single organized and easy-to-access portal:
- Use Security Center in near real time
- Look for the latest security news
- Research SonicWall’s product advisory databases
- Report new SonicWall product vulnerabilities online
- Research SonicWall’s rich application, IPS, Anti-Virus and Anti-Spyware threat databases, and
- Use content filtering and IP reputation lookup tools.
Exploring the Capture Labs Portal
The Capture Labs Portal contains several useful interfaces. Security Center offers a snapshot of recorded attacks across the globe in near real time, while Security Analytics allows the researcher/user to break down attack patterns and observe directional changes in volume.
In Security News, users can browse the latest and most relevant research articles and news from SonicWall’s research team.
The SonicWall Advisory section can be used to research CVE lists, report a new vulnerability, review any SonicWall vulnerability notifications (PSIRT), and check out the Hall of Fame spotlighting the current most active researchers.
Application and threat databases allow users to research current applications, IPS, and Anti-Virus and Anti-Spyware signature coverage.
And lastly, the Content Filtering and IP Reputation Lookup tools enable users to quickly and easily gauge the safety of URLs and IP addresses, as well as see what category a specific web property belongs to.
We believe that concentrating all research tools in a single place will help reduce the critical time-to-resolution parameter for our customers, as well as for the security industry in general. As the Capture Labs Threat Research Team grows and adds more tools, we will be augmenting this portal with additional capabilities. The goal of the Capture Labs Portal is to provide a one-stop-shop to facilitate the research of both customers and the entire security community.
The Capture Labs Portal can be accessed by anyone and is free to use.