Protection from Targeted and Unknown Attacks
WildFire™ cloud-based malware-analysis environment is an advanced threat intelligence service that identifies unknown malware, zero-day exploits, and advanced persistent threats (APTs) through static and dynamic analysis in a scalable, virtual environment. Once deployed, WildFire automatically disseminates updated protections in near-real time to immediately halt threats from spreading – without manual intervention. This closed-loop, automated process gives organizations the assurance that their networks, endpoints and cloud are armed with the absolute latest threat intelligence at all times.
Advanced cyberattacks are employing stealthy and persistent methods to evade traditional security measures. Skilled adversaries demand that modern security teams re-evaluate their prevention tactics to better address the volume and sophistication of today’s attacks. Purpose-built for high fidelity hardware emulation, WildFire analyzes suspicious samples as they execute. When new threats emerge, Palo Alto Networks® Next-Generation Security Platform automatically routes suspicious files and URLs to WildFire for deep analysis.
WildFire inspects millions of samples per week from its global network of customers and threat intelligence partners looking for new forms of previously unknown malware, exploits, malicious domains and outbound command-and-control activity. The cloud-based service creates new protections that are capable of blocking targeted and unknown malware, exploits, and outbound C2 activity by observing their actual “behavior,” rather than relying on pre-existing signatures. The protections are shared globally in minutes.
Next-Generation Security Platform
WildFire is built on our industry-leading Next-Generation Security Platform, benefiting from full visibility into all network traffic, including stealthy attempts to evade detection, such as the use of non-standard ports or SSL encryption. Known threats are proactively blocked with our Next-Generation Firewall, Threat Prevention, URL Filtering, Traps and Aperture, providing baseline defenses against known exploits, malware, malicious URLs and command-and-control (C2) activity. Unknown files, and email links are forwarded and analyzed by WildFire in a scalable sandbox environment, where new threats are identified and protections are automatically developed and delivered to the security elements in your organization in the form of signatures and verdict updates. The result is a unique, closed-loop approach to preventing cyberthreats that includes: positive security controls to reduce the attack surface; inspection of all traffic, ports and protocols to block all known threats; rapid detection of unknown threats by observing the actions of malware in a cloud-based execution environment; and automatic deployment of new protections back to the frontline to ensure threats are known to all and blocked across the attack lifecycle.