Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Palo Alto Networks Enhances WildFire Security Service

Palo Alto Networks has upgraded its security platform with enhancements to its WildFire service that are designed to help organizations detect and fight off malware and exploits.

Palo Alto Networks has upgraded its security platform with enhancements to its WildFire service that are designed to help organizations detect and fight off malware and exploits.

According to the company, Wildfire has been bolstered an improved level of file visibility, including all common file types such as PDFs, Office documents and encrypted applications. In addition, zero-day exploit detection capabilities have been added that rely on behavioral analysis, and the product works to block command-and-control activity using a global database of compromised domains and infrastructure.

WildFire detects unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) by executing them in a cloud-based virtual sandbox environment.

Palo Alto Networks WildfireThe enhancements are accessible via Palo Alto Networks PAN-OS version 6.0. The PAN-OS operating system is the “heart of the Palo Alto Networks platform, which will be available for all Palo Alto Networks customers with valid support contracts,” according to the company.

Previously in order to use WildFire, organizations needed to be an existing Palo Alto Networks firewall customer. However, that is no longer the case, as WildFire is now sold in a stand-alone capacity, the company told SecurityWeek.

“The Palo Alto Networks security platform with WildFire gives us an extra layer of security we didn’t have before — extra inspection and comfort that we can stay ahead of breaches by not just detecting them, but also by easily blocking them,” said Phil Cummings, security administrator, Health Information Technology Services-Nova Scotia. “By having our firewall, URL filtering, threat prevention natively integrated and managed from a single dashboard — instead of multiple niche products, we have a clearer picture of our threat landscape. Ultimately, the platform gives us what we need to effectively detect, analyze, block, and, more importantly, quickly remediate issues.”

The single dashboard is another of the enhancements, and is meant to offer security administrators a view into the information on malware, malicious behavior, compromised hosts and more so that incident response teams can quickly react to a threat.

“Quickly detecting and eliminating previously unknown threats across all applications is key to protecting an organization from today’s advanced threats,” said Lee Klarich, senior vice president of product management at Palo Alto Networks, adding that the company’s approach gives customers the “closed loop capabilities” they need to effectively stop sophisticated threats.

Written By

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.