Palo Alto Networks AutoFocus Review

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

See the complete list of top threat intelligence companies.

Company Description

Founded in 2005, with an IPO in July 2012 (stock symbol on the NYSE is PANW), Palo Alto Networks has around 40,000 customers in 150+ countries across multiple industries. Fiscal year 2016 revenue was $1.4 billion, a 49% year-over-year increase.

Product Description

Palo Alto Networks AutoFocus contextual threat intelligence service makes threat analytics, with full context, available to organizations of all sizes. This hosted security service arms security operations professionals with the intelligence, correlation, context and automated prevention workflows needed to identify and respond to events in real time.

The service includes:

  • native integration with the WildFire data set
  • researcher-curated context from Unit 42
  • the
 Palo Alto Networks threat research team (including information on malware family, adversaries, campaigns, malicious behaviors and exploits used)
  • aggregation and correlation of any third-party threat intelligence provider via the Palo Alto Networks MineMeld app for AutoFocus,
  • integration into third-party systems

“Threat intelligence requires a rich set of high-fidelity data natively available in the platform, sourced from sensors across the network, endpoint and cloud, including human-curated context around observed threats,” said Scott Simkin, Senior Group Manager, Threat Intelligence Cloud, Palo Alto Networks. “It must aggregate, correlate and validate threat intelligence from any third-party source, and automatically syndicate preventions across the network, endpoint and cloud, including driving visibility and context enrichment to third-party security systems.”


AutoFocus is a cloud-delivered service that receives enrichment from sensors deployed across the network, endpoint and cloud.

Markets and Use Cases

Simkin said more than 85 of the Fortune 100 and more than half of the Global 2000 rely on Palo Alto Networks to improve their cybersecurity posture.

Applicable Metrics

AutoFocus is cloud-based and does not impact the throughput or performance of Palo Alto Networks Next-Generation Firewalls. The service receives hundreds of millions of samples per month, and over a trillion artifacts total, across petabytes of data.

Security Qualifications

No relevant security qualifications.


Automation drives workflows that identify, analyze and enable response based on policy, or allow human interdiction when needed. Statistical analytics and correlation are done on one trillion+ indicators available in the system, as well as machine learning to help identify and feed new data into the system.


SaaS-based security services


Licensed as a per-user annual subscription or available as an unlimited user enterprise-wide license.

Get the Free Cybersecurity Newsletter

Strengthen your organization’s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Drew Robb Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis