For a long time, gateway and endpoint security solutions have protected us from known threats. But how can we defend ourselves against new threats? The unknown unknowns? This is where SonicWall's Capture Advanced Threat Protection (CATP) comes in. And CATP is what the ICSA Labs Advanced Threat Defense is testing.

The test involves sending unknown or little-known threats to CATP (in this instance via a SonicWall NSa 3600) that have been identified as the primary sources of recent breaches. These types of viruses or malware would previously have been called "wild" because they are as yet not identified and therefore are not yet part of the 'patterns' that traditional security products rely on.

We've already given away the result, but it's worth repeating...

The detailed result is that 216 threats were tested - each 4-hours old or less. SonicWall Capture ATP detected all of them. Additionally:

Case closed. Or maybe not. For while CATP excelled in the security tests, what about the I.T. headache caused by innocent applications being blocked due to overzealous security?

Now that's case closed.

SonicWall's CATP has now delivered 6 successful quarterly ICSA tests in a row - that's since it first became available in January 2020. These results are just one indication of the potential found within CATP’s machine-learning capabilities. At the heart of CATP is Real-Time Deep Memory Inspection (RTDMI) technology that continues to grow faster, with more vigilance and more intelligence. Each year since its introduction, RTDMI has identified significantly more threats than the previous year: in the first six months of 2021, it identified 54% more never-before-seen threats than it did in the first half of 2020.