WEBINAR: Live Event Date: September 20, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Designing a Proactive Approach to Information Security with Cyber Threat Hunting REGISTER >
See the complete list of top threat intelligence companies.
Founded in 2005, with an IPO in July 2012 (stock symbol on the NYSE is PANW), Palo Alto Networks has around 40,000 customers in 150+ countries across multiple industries. Fiscal year 2016 revenue was $1.4 billion, a 49% year-over-year increase.
Palo Alto Networks AutoFocus contextual threat intelligence service makes threat analytics, with full context, available to organizations of all sizes. This hosted security service arms security operations professionals with the intelligence, correlation, context and automated prevention workflows needed to identify and respond to events in real time.
The service includes:
- native integration with the WildFire data set
- researcher-curated context from Unit 42
- the Palo Alto Networks threat research team (including information on malware family, adversaries, campaigns, malicious behaviors and exploits used)
- aggregation and correlation of any third-party threat intelligence provider via the Palo Alto Networks MineMeld app for AutoFocus,
- integration into third-party systems
"Threat intelligence requires a rich set of high-fidelity data natively available in the platform, sourced from sensors across the network, endpoint and cloud, including human-curated context around observed threats," said Scott Simkin, Senior Group Manager, Threat Intelligence Cloud, Palo Alto Networks. "It must aggregate, correlate and validate threat intelligence from any third-party source, and automatically syndicate preventions across the network, endpoint and cloud, including driving visibility and context enrichment to third-party security systems."
AutoFocus is a cloud-delivered service that receives enrichment from sensors deployed across the network, endpoint and cloud.
Markets and Use Cases
Simkin said more than 85 of the Fortune 100 and more than half of the Global 2000 rely on Palo Alto Networks to improve their cybersecurity posture.
AutoFocus is cloud-based and does not impact the throughput or performance of Palo Alto Networks Next-Generation Firewalls. The service receives hundreds of millions of samples per month, and over a trillion artifacts total, across petabytes of data.
No relevant security qualifications.
Automation drives workflows that identify, analyze and enable response based on policy, or allow human interdiction when needed. Statistical analytics and correlation are done on one trillion+ indicators available in the system, as well as machine learning to help identify and feed new data into the system.
SaaS-based security services
Licensed as a per-user annual subscription or available as an unlimited user enterprise-wide license.
Free Security Resources
Detect and Investigate Malicious IP Activities in SIEM with Predictive Threat Intelligence
You already know how good Splunk is at correlating and analyzing operational data. But did you know that when you combine real-time, predictive threat intelligence with your IP logs, Splunk can actually alert you to perimeter attacks and accelerate the discovery and response to advanced online attacks?
- Continuously monitor and analyze over 4.3 billion IP addresses and affiliated IPs, URLs, files and mobile apps for highly accurate, actionable, real-time intelligence
- Identify IPs with a history of malicious behavior and predict which IPs pose a greater risk of a future attack
- Integration is fast, easy and will help your SIEM deliver greater depth and security insight into threats than you ever imagined possible