ICSA 2021 Advanced Threat Defense Certification Testing Report

Advanced threat detection solutions are one of the most hyped products in the industry today but are known for letting in attacks and blocking innocuous files due to false positives. ICSA Labs tested the detection capabilities of SonicWall’s advanced threat defense solution, SonicWall Capture Advanced Threat Protection (Capture ATP) with RTDMI, with a mix of 1,471 test runs over the course of 35 days. The mix was primarily composed of new and little-known malicious threats not detected by traditional security products. Additionally, ICSA Labs launched innocuous applications and activities to additionally test SonicWall Capture ATP in terms of false positives. Throughout testing, ICSA Labs observed logs to ensure not only that SonicWall Capture ATP indicated the existence of a malicious threat but also that logged threats were distinguishable from other logged traffic and events. Read this report to see how Capture ATP fared against these advanced attacks and potential false positives.