What Capture ATP is

SonicWall Capture is a cloud-based Zero-Day threat detection and sandboxing service.

Capture's multi-engine approach to stopping unknown and zero-day attacks at the gateway, and with automated remediation.

​

How it works

Suspicious files are to the multi-engine sandbox platform, which includes virtualized sandboxing, full system emulation, and hypervisor-level analysis technology.

It executes suspicious code and analyzes behavior, thus providing comprehensive visibility to malicious activity while resisting evasion tactics and maximizing zero-day threat detection.

​

Files sent to the cloud for analysis can be held at the gateway until a verdict is determined. If the file is found to be malicious it will be blocked, and if it is found to be clear it will be delivered.​