Disconnected tools and data sources have made it harder for security analysts to do their jobs quickly and effectively.
Palo Alto Networks AutoFocus™ contextual threat intelligence service speeds your ability to respond to cyberattacks faster and to analyze, investigate and instantly respond to critical threats. It brings speed, consistency and precision to threat investigation and provides instant access to community-based threat data, enhanced with deep context and attribution from the Palo Alto Networks Unit 42 threat research team, saving time and effort for faster, more precise threat analysis. Now your teams can quickly investigate, correlate and pinpoint malware’s root cause without adding dedicated malware researchers or additional tools. Plus, automated protections make it simple to turn raw intelligence into protection across your environment.
Draw on rich data with context to improve the accuracy of your analysis and speed of your response. AutoFocus™ gives you instant access to billions of samples and trillions of artifacts collected from the WildFire® malware analysis prevention service worldwide. It combines automated analysis with human intelligence from the Unit 42 threat research team, adding context and attribution to threats. And it brings together all in-house and third-party threat data in one system, without the need for multiple tools.
With AutoFocus™ your teams can quickly pinpoint the root cause of attacks with lightning fast search across hundreds of pre-defined or customizable queries. Security analysts gain deeper insights into attacks with pre-built Unit 42 tags for malware family, adversary, campaign, malicious behavior and exploits – no dedicated malware research team is needed. And you can automatically surface high-impact threats and Indicators of Compromise, or IOCs, with statistical analysis to prioritize investigations.
AutoFocus™ automatically delivers protections to next-generation firewalls for real-time enforcement, so you can dramatically cut response times to attacks. You can organize third-party threat intelligence feeds and share indicators for prevention using MineMeld™ threat intelligence syndication engine. And with the easy-to-use API for access to collected intelligence, you can instantly enrich third-party tools and SIEMs.
To learn more about the Palo Alto Networks AutoFocus™ contextual threat intelligence service, please contact your Exclusive Networks Account Manager.