We offer leading Next-Generation Intrusion Prevention System (NGIPS) capabilities through the Threat Prevention subscription, preventing known vulnerability exploits, malware and command-and-control activity.
Vulnerability Exploit Prevention
Vulnerability-based protections detect and block exploits and evasive techniques on both the network and application layers, including port scans, buffer overflows, packet fragmentation and obfuscation. IPS protections include both anomaly detection and signature matching, using stateful pattern matching to understand packet arrival order and sequence.
In-line malware prevention is automatically enforced, stopping malware delivery and installation through our proprietary payload-based signatures, which are updated through daily content updates. Payload-based signatures do not rely on easily changed attributes, instead detecting patterns in the body of the file that can be used to identify future variations of the malware, even if the content has been slightly modified. Users can extend this capability with the WildFire™ threat analysis service to detect and prevent zero-day exploits and malware, bringing the daily content updates to near-real time.
Command-and-control (C2) activity is stopped from being used to exfiltrate data, deliver secondary malware payloads, or provide additional instructions for future stages of the attack. The service employs a revolutionary approach to shutting down this critical threat vector by automatically generating C2 signatures that go beyond basic domain and URL matching, producing research-grade protections at machine speed and scale.
World-Class Threat Research
Palo Alto Networks conducts all signature generation in-house, without repackaging third-party content. This allows us to develop and enforce the highest efficacy protections for our customers, without compromise.
Our signature developers and threat research team leverage third-party intelligence during the course of their research efforts to enrich their understanding and ensure we have the widest possible visibility into vulnerability exploits. Furthermore, the Palo Alto Networks® threat research team, Unit 42, has discovered more than 130 critical zero-day vulnerabilities in Microsoft®, Adobe®, Apple®, Android™ and other ecosystems, allowing us to create signatures for never-before-seen threats.