A recent SonicWall Cyber Threat Report indicated that ransomware attacks were up in every geography except India, which saw a 49% reduction, and the U.K. However, India still has a major uphill task in combating malware, where attacks rose by 53% in 2018.
For our weekly column Deep Dive we talked to the Debasish Mukherjee, Country Director – India & SAARC, SonicWall to understand how technologies like AI and ML can better the cybersecurity landscape.
Role Of AI And ML
SonicWall is one of the leading companies in the space of cybersecurity that leverages technologies like artificial intelligence and machine learning. The company has even built a product that ensures protection against some of the worst malware.
When it comes to malware detection and protection, there are many companies that are relying on signature-based malware monitoring, that can only detect and protect against known attacks. These kind antiviruses require frequent (daily or weekly) updates of their signature databases to protect against the latest threats, which isn’t feasible for the end-user.
Furthermore, Mukherjee also said that AI can adapt the discovery approach to uncover threats that try to hide and, once determined as malicious, can fingerprint the payload via signature, turning a zero-day into a known threat.
Talking about SonicWall’s firewall, with more than 1 million sensors deployed across 215 territories and countries, the company has one of the largest global footprints of active firewalls. The company also has a cloud-based, multi-engine SonicWall Capture Advanced Threat Protection (ATP) sandbox service that discovers and stops unknown, zero-day attacks, such as ransomware, at the gateway with automated remediation.
Staying Ahead Of The Curve
When asked, what makes SonicWall better than its competitors in the market, Mukherjee said, the single-sign-on and single-pane-of-glass management integrate the functionality of the Capture Cloud Platform to deliver robust security management, analytics, and real-time threat intelligence for an entire portfolio of network, email, mobile, and cloud security resources.
That is not all, SonicWall NSV, which is a new virtual firewall service, provides deep packet inspection, security control, and networking functionality. This new product is designed to block denial-of-service attacks, context-aware exploits, and other unwanted web traffic before it can connect with web applications.
Also, Capture Client integrates SonicWall’s firewalls with SentinelOne’s machine learning-based continuous behaviour monitoring functionality that allows its users to block malicious traffic at the firewall in real-time.