Calgary, Alberta, Canada, May 15, 2017 –Wedge Networks, the leader in real-time network threat prevention, today announced that Wedge Advanced Malware Blocker™ (WedgeAMB) blocks the WannaCry ransomware family of malware, without requiring signature or software updates. While security vendors globally are now issuing alerts declaring protection from WannaCry ransomware, WedgeAMB is one of the few, if not the only, network security system that was able to detect and block WannaCry before vendor issued signature updates became available, well after the attacks and pervasive ransomware events.
The global attacks launched across more than 150 countries has impacted more than 200,000 victims, as of Sunday, May 14th, according to Rob Wainwright, the head of the European Union’s law enforcement agency Europol. While security vendors globally have now identified and issued signature updates to protect against WannaCry, WedgeAMB blocked the initial malware attack, without requiring any signature update. Additionally, WedgeAMB is uniquely positioned to detect and block future variants of WannaCry and other ransomware families using a combination of Wedge’s patented real-time deep content inspection engine working in concert with four different malware detection technologies to block both known and new, never encountered before malware in real-time.
The attack used a multi-vectored approach consisting of WannaCry/Wcry, a relatively new ransomware family that was discovered in April. In some reported cases the exploit was delivered via phishing attacks and in other cases it was delivered using a worm that exploits a vulnerability in the Windows SMB v 1.0 Server (CEV-2017-0144) which was identified in March.
As a new version of malware, WannaCry evaded the detection by thousands of conventional signature and heuristic-based anti-virus security systems. WedgeAMB also uses signature and heuristic-based AV technology, but using its patented Deep Content Inspection Technology (USPTO 7,630,379) where network traffic is assembled in real-time into its constituting objects, WedgeAMB also analyzes executable content using artificial intelligence anti-malware. WedgeAMB’s AI-AM technology immediately recognizes that the DLL file contains malware and blocks the file from being downloaded, thus averting an infection.
WedgeAMB also scans the packets as they first enter the system. This packet inspection function blocks the worm that would have exploited CVE-2017-0144, thus eliminating the potential for dissemination of the ransomware. WedgeAMB’s ability to use orchestrated malware scanners to block the worm actually stops the attack from happening. However, if the worm was able to execute, WedgeAMB’s AI-AM technology will block the actual download of the ransomware payload, providing a secondary level of threat prevention.
About WedgeAMB and Free Evaluation System
WedgeAMB™ is one of the key security application sets supported on the Wedge’s Absolute Real-time Protection (WARP) Series of network security products. WedgeAMB is available in both appliance and virtual machine (VM) versions, supporting 100 Mbps, 1 Gbps, and soon 10 Gbps network connections. WedgeAMB is typically placed in-line at the enterprise or datacenter location, where it conducts a combination of deep packet and deep content inspection, including the real-time creation of fully reconstructed MIME objects (web pages, word, PDF, power point, excel documents, etc.) and subjects them to an orchestrated, multi-thread scanning with IPS/IDS, signature-based AV, heuristic-based AV, and AI-based anti-malware. This comprehensive analysis is completed in milliseconds, allowing malware to be detected and immediately blocked at the network level, before content is delivered to endpoints. Further information on WedgeAMB is available on the Wedge Networks website, or in this link to a WedgeAMB product brochure.
WedgeAMB is based upon the same award winning Wedge security technologies and software that lead to Gartner’s inclusion of Wedge Networks in their 2016 Cool Vendor report for cyber security.
About Wedge Networks:
Wedge Networks™ is revolutionizing real-time network security with cutting edge innovation, performance, and scale. Embracing global innovation, Wedge’s Cloud Network Defense™ (WedgeCND™) and Absolute Real-Time Protection (WedgeARP™) Series of products integrate and orchestrate the industry’s highest performance security inspection and mediation engines with best-in-class security technologies developed by Wedge and third parties. Purpose-built as fully virtualized security systems, these products can be deployed in the form of x86 appliances, virtual machines, or cloud application software. Today, these industry-leading solutions block security threats for tens of millions of end users in enterprise, service provider, government agency, and security-as-a-service networks spanning more than 17 countries.
Wedge Networks is headquartered in Calgary, Canada with international offices in Dallas, USA; and Manama, Bahrain. Visit http://www.wedgenetworks.com/ for more information
Media Contacts:
USA & International PR contact:
Kate Fly
Zonic Group PR
[email protected]
Phone: +1 512 751 4637