Cyber attacks against businesses and governments are becoming ever more sophisticated. For example, criminals and state actors are now employing proprietary encryption techniques to mask their attacks within system memory where the weaponry may be exposed for only 100 nanoseconds. Many legacy firewalls and anti-virus solutions are unable to effectively identify and mitigate this kind of attack within such a short timespan.

SonicWall’s approach to this growing problem is Real-Time Deep Memory Inspection (RTDMI), a multi-technology detection capability that identifies and blocks malware that may not exhibit any detectable malicious behavior or that hides its weaponry via encryption. By forcing malware to reveal its weaponry while in system memory, SonicWall is able to proactively stop mass-market, zero-day threats and unknown malware using real-time, memory-based inspection techniques.

RTDMI also analyzes documents dynamically to detect malicious document categories, including:

• Malicious Flash-based Microsoft Office documents
• Dynamic Data Exchange-based (DDE) exploits and malware inside Microsoft Office files
• Microsoft Office and PDF files containing malware or other malicious executables
• Malevolent shellcode-based and multi-layer files
• Macro-based malicious files
• PDF documents with “JavaScript infectors”
• JavaScript-based exploits in PDF documents
• Malicious, phishing-based PDF documents leading to both phishing and malware hosting websites

Earlier this year, SonicWall’s RTDMI technology — through its real-time analysis of instruction and memory usage patterns — proved its effectiveness against future exploits built on the Meltdown vulnerability. Meltdown could allow an attacker to access sensitive information (e.g., passwords, emails, documents) inside the protected memory regions of system processors.

To implement SonicWall’s Real-Time Deep Memory Inspection technology to better protect your business against crippling cyber attacks, contact us today at (410) 729-0440 or info@datalinktech.com.