Automated Detection and Prevention of Zero-Day Exploits and Malware That Meets Privacy and Regulatory Requirements

The Palo Alto Networks® WildFire® private cloud appliance (WF-500) complements the WildFire cloud-based threat analysis environment with on-premise analysis, detonation, and automated orchestration of prevention for zero-day exploits and malware. The appliance’s private cloud architecture allows organizations to meet privacy and regulatory requirements for local analysis while still benefiting from shared threat intelligence and protections from more than 15,500 WildFire subscribers.

Turn the Unknown Into Known

The WildFire appliance detects unknown threats through multiple complementary analysis techniques, including the inspection of more than 1,000 characteristics of a file, as well as proactive detonation of suspicious content in a virtual environment to uncover unknown malware based on its real behavior.

Once unknown threats are identified, protections are automatically orchestrated across local next-generation firewalls and Traps™ endpoint agents in as few as five minutes from initial detection, enabling them to block future instances of that threat.

Management and Analysis Scale

As part of the Palo Alto Networks Next-Generation Security Platform, WildFire appliances are centrally managed via Panorama™ network security management, simplifying your policy workflows across the WildFire global cloud, private cloud appliance, and next-generation firewalls. Multiple WildFire appliances can be clustered, all sharing a unified signature package, delivering massive local analysis scale and enhanced reliability for even the most demanding networks.

Local Analysis, Cloud Benefits

The WildFire appliance conducts threat detonation, intelligence extraction and protection generation locally by default, with the option to anonymously access the WildFire global cloud, for enhanced accuracy and time to prevention.

The WildFire appliance also supports a policy-based hybrid mode, enabling the steering of specific content to the WildFire appliance or global cloud for detonation, allowing privacy and allocation of local analysis resources based on sensitivity of content.


See how WildFire works together with the Palo Alto Networks Next-Generation Security Platform to automatically identify and prevent unknown attacks in 300 seconds, across the network, endpoint and cloud.


WildFire™ cloud-based threat analysis service is the industry’s most advanced analysis and prevention engine for highly evasive zero-day malware and exploits. The cloud-based service employs a unique multi-technique approach combining dynamic and static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and prevent even the most evasive threats.

Learn More


The Palo Alto Networks WildFire private cloud appliance (WF-500) complements the WildFire cloud-based threat analysis environment with on-premise analysis, detonation, and automated orchestration of prevention for zero-day exploits and malware.

Download Now

Experience WildFire Yourself

Security Lifecycle Review

Get the details behind unknown threats impacting your organization with the Security Lifecycle Review (SLR). You’ll be able to understand your organization’s risk posture, including malware, vulnerability exploits and command-and-control activity observed on your network.


Sign Up For an SLR Today


Ultimate Test Drive

Seeing is believing, so get hands-on with WildFire and the full suite of threat prevention capabilities at Palo Alto Networks. You will be able to get familiar with the product, set policy, and see how easily WildFire can help keep you safe from unknown threats.

Take WildFire for a Test Drive