Capture Advanced Threat Protection (ATP)

SonicWall Capture ATP is a cloud-based, multi-engine sandbox that revolutionizes advanced threat detection. Included with Capture ATP, SonicWall’s patented Real-Time Deep Memory Inspection™ (RTDMI) blocks zero-day and unknown threats at the gateway — even those that hide via encryption or don’t exhibit malicious behavior.

The Advanced Protection You Need, Where You Need It

SonicWall Capture ATP scans a broad range of file types to prevent zero-day attacks, targeted malware, advanced ransomware and more. Capture ATP analyzes behavior in a multi-engine sandbox platform that includes full system emulation, hypervisor-level analysis, virtualized sandboxing and RTDMI™, which uses real-time, memory-based inspection techniques to force malware to reveal its weaponry into memory.

By giving admins the ability to block until verdict, create customized policies and scan select files in the cloud, SonicWall Capture ATP combines the efficiency of automation with greater flexibility and control.

Download Datasheet

Superior Threat Prevention. Faster, More Accurate Verdicts.

SonicWall Capture ATP offers higher security effectiveness, faster response times and a lower total cost of ownership.

Multi-Engine Sandbox

By combining multi-engine sandbox technology, system emulation and virtualization techniques, SonicWall Capture ATP detects more threats faster than single sandbox solutions.

  • The solution scans traffic and extracts suspicious code for analysis.
  • Malware capabilities are replicated over various environments — all without detection.
  • SonicWall Capture Labs rapidly deploys remediation signatures to SonicWall security products, so threats that fail anywhere fail everywhere.

100% Threat Detection in Third-Party Testing

Independent ICSA Labs testing found that SonicWall Capture ATP delivers better threat protection than competitors.

Download Report
Detection of Unknown Threats
Perfect Scores
Consecutive ICSA ATD Certifications

Multi-Engine Sandbox. Multi-Solution Flexibility.

Delivering unparalleled real-time threat detection and protection, the SonicWall Capture ATP service with RTDMI can be added to a variety of SonicWall’s latest security products:

Secure Remote Access

Connect and secure your growing remote workforce and devices.


Defend your physical networks from malware, intrusions and more with best-in-class protection.

Wireless Security

Enhance Wi-Fi security and performance with cloud-based deployment and management solutions.

Cloud App Security

Protect business-critical SaaS apps — including Microsoft Office 365, G Suite, Box and Dropbox — in real time.

Virtual Firewalls

Defend your business and data within virtual networks, for both public and private clouds.

Secure Email

Shield your organization from advanced email threats, including targeted phishing attacks, ransomware and BEC.


Ransomware Critically Impacts Real-World Businesses
Case Study
SonicWall Cloud App Security Case Study
Catch the Latest Malware with Capture Advanced Threat Protection