Connect the Dots Automatically
The automated correlation engine includes correlation objects defined by the Palo Alto Networks Malware Research team. These objects identify suspicious traffic patterns or sequences of events that indicate a malicious outcome. Some correlation objects can identify dynamic patterns that have been observed from malware samples in WildFire™. Correlation objects trigger correlation events when they match on traffic patterns and network artifacts that indicate a compromised host on your network.
Reduce manual data mining
The ability to detect and highlight compromised hosts automatically empowers network operators and security professionals to cut back on manual data mining. The manual work needed to confirm compromised host activity can take valuable hours if not days. It’s like finding the needle in the haystack. Sometimes, a manual search never results in confirmation. The automated correlation engine does this work for you and automatically highlights any compromised host activity on your network.