When Will Threat Intelligence Deliver on Its Promise?

Nov 15, 2019
3 minutes

This post is also available in: 日本語 (Japanese)

Adversaries are getting more sophisticated, but also more pragmatic. For them, simplicity is the best way to get the job done. Unfortunately, organizations are in the opposite position, struggling with ever-increasing complexity in their security processes. Organizations now realize that they cannot block adversaries by using traditional event, alerting and monitoring solutions. Their security teams are already stretched thin and overburdened by the tsunami of alerts that is drowning them daily. Threat intelligence holds the promise of rescuing them and restoring their sanity. 

Unfortunately, over the years, threat intelligence has not delivered on this promise. There are too many intel feeds that provide little to no value to security operations because the methods are so complicated. Teams must manually collect and incorporate multiple low-value and limited-visibility feeds into the tools they use for investigation and response, which slows them down.

There must be a better way. We believe in threat intelligence that supercharges detection, investigation and response efforts and stops attacks before they happen; threat intelligence that gives your security team instant access to high-fidelity intel based on real-world attacks embedded in the tools they already use, eliminating manual labor and the swivel-chair effect. 

Palo Alto Networks is tackling this challenge with a bold new vision for AutoFocus, our industry-leading threat intelligence platform that already delivers the highest-fidelity expert-backed intel. We are greatly expanding the range of data types that AutoFocus can ingest, allowing customers to tap into the full breadth of a massive threat intelligence repository that Palo Alto Networks has built over 10 years with more than 65,000 customers. Security analysts get unique insight into real-world attack intel from the world’s largest footprint of sensors. Every indicator is enriched with the deepest context from world-renowned Unit 42 threat researchers.

Security teams can simply consume this intel as a standard feed or embed custom feeds into the tools they already use through a flexible API framework. Analysts will finally have comprehensive, trustworthy and easy-to-use threat intelligence at their fingertips, allowing them to focus on what matters most: stopping breaches.

This will change the game on how we consume threat intelligence.

Palo Alto Networks threat intelligence is driven by the insights of Unit 42 threat researchers, security operations center (SOC) experts and product leaders. 

We're hosting a candid discussion led by these experts comparing today’s threat intelligence offerings, and describing what needs to change.

You’ll find out:

  • The three ways to protect your enterprise using threat intelligence.
  • How to embed threat intel into the tools you’re already using.
  • The future of threat intelligence, including our bold new innovations.

Join our Nov. 20 webinar, "3 Ways to Speed Up Response with Threat Intel."

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.