Detect and Prevent Highly Evasive Zero-Day Malware and Exploits Within 300 Seconds

WildFire™ cloud-based threat analysis service is the industry’s most advanced analysis and prevention engine for highly evasive zero-day malware and exploits. The cloud-based service employs a unique multi-technique approach combining dynamic and static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and prevent even the most evasive threats.

Find the Unknown With a Unique Multi-Technique Approach

WildFire goes beyond legacy approaches used to detect unknown threats, bringing together the benefits of four independent techniques for high-fidelity and evasion-resistant discovery, including:

  • Dynamic analysis: Observes files as they detonate in a custom-build evasion resistant virtual environment, enabling detection of zero-day malware and exploits using hundreds of behavioral characteristics.
  • Static analysis: Highly effective detection of malware and exploits that attempt to evade dynamic analysis, as well as instantly identifying variants of existing malware.
  • Machine learning: Extracts thousands of unique features from each file, training a predictive machine learning classifier to identify new malware and exploits not possible with static or dynamic analysis alone.
  • Bare metal analysis: Evasive threats are automatically sent to a real hardware environment for detonation, entirely removing an adversary’s ability to deploy anti-VM analysis techniques.

Together, these four unique techniques allow WildFire to discover and prevent unknown malware and exploits with high efficacy and near-zero false positives.

The Power of the Threat Intelligence Cloud

As part of the Palo Alto Networks Threat Intelligence Cloud, WildFire is the world’s largest distributed sensor system focused on identifying and preventing unknown threats, with more than 14,000 enterprise, government, and service providers contributing to the collective immunity of all other users. When a novel malware or exploit is seen, WildFire automatically creates and shares a new prevention control in about 300 seconds, without human intervention.

WildFire also forms the central prevention orchestration point for the Palo Alto Networks Next-Generation Security Platform, allowing the enforcement of new controls across:

  • Threat Prevention to block malware, exploits, as well as command-and-control (anti-C2 and DNS-based callback) activity.
  • URL Filtering with PAN-DB for the prevention of newly discovered malicious URLs.
  • AutoFocus™ contextual threat intelligence service, enabling the extraction, correlation, and analytics of threat intelligence with high relevance and context.
  • Traps™ advanced endpoint protection and Aperture™ SaaS security service for real-time verdict determination and threat prevention.
  • Integration with our technology partners for verdict determination on third-party services with the WildFire API.

Threat Intelligence, Analytics, and Correlation

In combination with WildFire, organizations can use AutoFocus to hone in on the most targeted threats with high relevance and context. AutoFocus provides the ability to hunt across all data extracted from WildFire, as well as correlate indicators of compromise (IoCs) and samples with human intelligence from the Unit 42 threat research team. Together, WildFire and AutoFocus provide a complete picture into unknown threats targeting your organization and industry, and speed your ability to quickly take action on intelligence, without adding specialized security staff.

Deployment Options That Meet Privacy Needs

WildFire is available in multiple deployment modes, which can meet even the strictest local privacy or regulatory requirements, including:

  • Global cloud delivery for immense scale and speed.
  • Private cloud delivery with an on-premise appliance (WF-500) to maintain privacy.
  • Hybrid cloud delivery combining the benefits of public and private cloud deployments.
  • European Union (EU) cloud delivery for organizations in the EU with regional requirements.

 

Lightboard

See how WildFire works together with the Palo Alto Networks Next-Generation Security Platform to automatically identify and prevent unknown attacks in 300 seconds, across the network, endpoint and cloud.

AutoFocus

Enrich WildFire with groundbreaking threat intelligence and analytics capabilities with AutoFocus. See how they provide high degrees of relevance, correlation and context for the most advanced threats.   

Learn More

Datasheet

Get the full details on how WildFire brings together dynamic and static analysis with machine learning to identify and automatically prevent unknown threats.   

Download Now

Experience WildFire Yourself

Security Lifecycle Review

Get the details behind unknown threats impacting your organization with the Security Lifecycle Review (SLR). You’ll be able to understand your organization’s risk posture, including malware, vulnerability exploits and command-and-control activity observed on your network.

 

Sign Up For an SLR Today

 

Ultimate Test Drive

Seeing is believing, so get hands-on with WildFire and the full suite of threat prevention capabilities at Palo Alto Networks. You will be able to get familiar with the product, set policy, and see how easily WildFire can help keep you safe from unknown threats.

Take WildFire for a Test Drive

 


 

Product Summary Specsheet

Key features, performance capacities and specifications for all Palo Alto Networks firewalls.

  • 34
  • 87289

PA-3000 Series Specsheet

Key features, performance capacities and specifications of the Palo Alto Networks PA-3000 Series.

  • 11
  • 48930

Firewall Feature Overview Datasheet

This datasheet provides a comprehensive overview of the critical PAN-OS features that power all next-generation firewalls from Palo Alto Networks.

  • 10
  • 40687

PA-5000 Series Specsheet

Key features, performance capacities and specifications for our PA-5000 Series.

  • 3
  • 33846

PA-800 Series Datasheet

Palo Alto Networks PA-800 Series next-generation firewall appliances are designed to secure enterprise branch offices and midsized businesses.

  • 1
  • 8525

PA-500 Specsheet

Key features, performance capacities and specifications for our PA-500.

  • 7
  • 36546