We offer unique malware prevention capabilities across the network, endpoint and cloud. Our stream-based engine blocks malware in-line, stopping attacks before they can succeed, without impacting performance. We provide high-efficacy malware prevention through multiple techniques, including:

  • Consistent protection and enforcement across all deployment scenarios.
  • Signatures based on payload, not hash, or other easily changed attributes.
  • In-line, stream-based detection and prevention of malware hidden within compressed files, web content or other common file types.
  • Near real-time updates from the WildFire™ threat analysis service, ensuring protection against zero-day malware.
  • Replace legacy host-based antivirus with Traps™ advanced endpoint protection.

Shared Threat Intelligence and Analytics

When zero-day exploits or malware are discovered by any WildFire user, the service automatically orchestrates enforcement of high-fidelity, evasion-resistant protections for all WildFire subscribers in 300 seconds of first discovery anywhere in the world. These protections are shared across more than 14,000 WildFire users, forming the industry’s largest distributed sensor network focused on detecting and preventing unknown threats.

In combination with WildFire, organizations can use AutoFocus™ contextual threat intelligence to hone in on the most targeted threats with high relevance and context. AutoFocus provides the ability to hunt across all data extracted from WildFire, as well as correlate indicators of compromise (IoCs) and samples with human intelligence from the Unit 42 threat research team. Together, WildFire and AutoFocus provide a complete picture into unknown threats targeting your organization and industry, and increase your ability to quickly take action on intelligence, without adding specialized security staff. 

Threat Research and Sharing

We pair our automated threat identification and prevention systems with human intelligence from our Unit 42 threat research team. Using the wealth of malware intelligence in the Palo Alto Networks Threat Intelligence Cloud, Unit 42 uses the AutoFocus service to conduct proactive threat hunting, identifying previously unknown malware families, campaigns or adversaries to create new protections for our customers. We partner with other leading vendors to share intelligence on never-before-seen threats, helping keep the entire ecosystem safe.

Palo Alto Networks® is also a founding member of the Cyber Threat Alliance, a partnership of security and research vendors striving to defeat attackers by sharing malware samples and research. We ingest newly discovered samples from our alliance partners, as well as various third-party feeds, to generate new protections for our customers.


Traps Advanced Endpoint Protection Named a Gartner Visionary

Gartner has recognized Traps advanced endpoint protection as a Visionary among endpoint security products. Read the full report.

  • 3
  • 5466

WildFire named a leader for Automated Malware Analysis

The Forrester Wave™: Automated Malware Analysis, Q2 2016 ranks WildFire as a leader in this space, through evaluation of its current offering, its market presence, and strategy.

  • 0
  • 4380

CBI Health Group

CBI Health chose the Palo Alto Networks Next-Generation Security Platform to protect its data center from ransomware and other threats.

  • 2
  • 1785


Rompetrol improves endpoint security and reduces malware attacks with Palo Alto Networks Traps

  • 1
  • 615

CAME Group

CAME Group (CAME) provides automation systems for residential and industrial entrances, parking lots, and access control points. With 50 branches in 40 countries all networked with its corporate headquarters in Italy, CAME was uniquely challenged to provide a network architecture that ensured both secure network access and secure endpoints. Targeted attacks by malware, such as CryptoLocker, were frequently infiltrating servers and PCs, disrupting productivity and creating unpredictable remediation costs. Traditional antivirus software was ineffective in stopping such attacks. By deploying the Palo Alto Networks Next-Generation Security Platform with Next-Generation Firewalls, Threat Intelligence Cloud services, and Advanced Endpoint Protection, CAME successfully prevents cyberthreats from infiltrating endpoint devices and its network. Through consolidation, CAME is saving $2.5 million over three years, with an additional $250,000 in savings by eliminating remediation costs on endpoint devices. Moreover, the company now has uniform security policies enterprise-wide, with increased visibility and control over network traffic for improved bandwidth and application performance.

  • 2
  • 2748


Schauinsland-Reisen is one of the most important travel service companies in Germany and Europe. The Reiseveranstalter is the 7th largest package tour operator in Germany. The medium-sized, independent Reiseveranstalter based in Duisburg currently offers more than 60 travel destinations, with more destinations being added. This nearly 100-year-old company with a team of 300+ provides excellent availability and customer service to its customers. This Customer Story is also available in German.

  • 1
  • 1902