Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Palo Alto Networks WildFire


Published on

Brief presentation of Palo Alto Networks WildFire malware protection solution.

Published in: Technology
  • Be the first to comment

Palo Alto Networks WildFire

  1. 1. Palo Alto Networks - WildFire• Werner Schmidt, CISSP - Email: - Phone: 866-833-4070 - Web: www.altaware.com1
  2. 2. Introducing WildFire• Identifies unknown malware by direct observation in a virtual sandbox environment - Looks for more than 70 malicious behaviors• Automatically generates signatures for identified malware - Infecting files and command-and-control - Distributes signatures to all firewalls via regular threat updates• Provides forensics and insight into malware behavior - Actions on the target machine2
  3. 3. WildFire Architecture Compare to Known Files Sandbox Environment Signature Generator Admin Web Portal • New Signatures • Unknown • Firewall Delivered to ALL Files From Submits File Firewalls. Portal Untrusted to WildFire provides malware Zones Cloud forensics3
  4. 4. An Integrated Approach to Threat Prevention App-ID™ Signatures Sources Behaviors• All traffic, all ports, •Block threats on all • Malware hosting •WildFire malware all the time ports URLs analysis• Application •93.4% block rate of • Recently registered •Download patterns signatures known exploits domains •Unknown traffic• Heuristics •5M+ malware • SSL decryption of •Malware behaviors samples high-risk sites• Decryption• Reduce the attack • Prevents known • Block known surface threats sources of threats • Pinpoints live infections and• Remove the ability • 90% of threats • Be wary of unknown threats to hide through 2015 unclassified and (Gartner) new domains4