Now Reading
Deep Dive: SonicWall Doubles Down On AI & Automation To Fight Cyber Attacks


Deep Dive: SonicWall Doubles Down On AI & Automation To Fight Cyber Attacks

SonicWall


SonicWall

A recent SonicWall Cyber Threat Report indicated that ransomware attacks were up in every geography except India, which saw a 49% reduction, and the U.K. However, India still has a major uphill task in combating malware, where attacks rose by 53% in 2018.



For our weekly column Deep Dive we talked to the Debasish Mukherjee, Country Director – India & SAARC, SonicWall to understand how technologies like AI and ML can better the cybersecurity landscape. 

Role Of AI And ML

SonicWall is one of the leading companies in the space of cybersecurity that leverages technologies like artificial intelligence and machine learning. The company has even built a product that ensures protection against some of the worst malware.

When it comes to malware detection and protection, there are many companies that are relying on signature-based malware monitoring, that can only detect and protect against known attacks. These kind antiviruses require frequent (daily or weekly) updates of their signature databases to protect against the latest threats, which isn’t feasible for the end user.

SonicWall’s Capture Client, on the other hand, is a signature-less unified endpoint platform that uses a static artificial intelligence (AI) engine to determine if new files are threats before they can execute. The platform also has a behavioural AI engine to protect against file-less threats — for example,  PowerShell scripts, macros within documents, lateral movement, etc. This continuous behavioural monitoring of the client helps create a complete profile of file activity, application and process activity, and network activity. It allows for protection against both file-based and fileless malware and delivers a 360-degree attack view with actionable intelligence relevant for investigations.

Furthermore, Mukherjee also said that AI can adapt the discovery approach to uncover threats that try to hide and, once determined as malicious, can fingerprint the payload via signature, turning a zero-day into a known threat.  

Talking about SonicWall’s firewall, with more than 1 million sensors deployed across 215 territories and countries, the company has one of the largest global footprints of active firewalls. The company also has a cloud-based, multi-engine SonicWall Capture Advanced Threat Protection (ATP) sandbox service that discovers and stops unknown, zero-day attacks, such as ransomware, at the gateway with automated remediation.

“We've been in machine learning before it was cool back in security space since 1999. Machine learning and AI truly protect against modern cyber warfare,” said Mukherjee. “AI can be used to identify activities that human oversight would mostly fail to catch. AI understands the big data coming from behavioural analysis.”

Staying Ahead Of The Curve

When asked, what makes SonicWall better than its competitors in the market, Mukherjee said, the single-sign-on and single-pane-of-glass management integrate the functionality of the Capture Cloud Platform to deliver robust security management, analytics, and real-time threat intelligence for an entire portfolio of network, email, mobile, and cloud security resources.  

That is not all, SonicWall NSV, which is a new virtual firewall service, provides deep packet inspection, security control, and networking functionality.  This new product is designed to block denial-of-service attacks, context-aware exploits, and other unwanted web traffic before it can connect with web applications.

See Also

Also, Capture Client integrates SonicWall’s firewalls with SentinelOne’s machine learning-based continuous behaviour monitoring functionality that allows its users to block malicious traffic at the firewall in real time.

SonicWall’s Take On Automation In Threat Detection

Modern cyber-attacks are increasing and are becoming more sophisticated. In addition to existing malware, security experts are seeing an increase in never-seen-before malware. Considering the number and nature of attacks, businesses require solutions that are automated and real time.

“Automation helps to detect malicious behaviour across multiple vectors, rapidly eliminate threats with the fully-automated integrated response and to adapt their defences against the most advanced cyber-attacks,” Mukherjee added.

The Roadmap Ahead

Looking into the future, Mukherjee said that the cybersecurity industry is going to be automated — both in terms of real-time breach detection and prevention. And with multiple decades of security knowledge powered by AI and ML, SonicWall is looking to make its layered security infrastructure the go-to option to mitigate evolving attack patterns.



Register for our upcoming events:


Enjoyed this story? Join our Telegram group. And be part of an engaging community.

Provide your comments below

comments

What's Your Reaction?
Excited
0
Happy
0
In Love
0
Not Sure
0
Silly
0
Scroll To Top