on 04-10-201503:49 PM - last edited
2 weeks ago
Happy Friday, everyone!
I wanted to take a minute and talk about AutoFocus.
As you may have heard a new product called AutoFocus was announced at Ignite 2015 last week, but not a lot of information has been released about it yet.
AutoFocus is a brand new threat intelligence platform only from Palo Alto Networks, and is looking extremely exciting. This new security service takes information from WildFire and our very own Threat Research Center -- Unit 42 -- as well as events from a global repository and makes it available to everyone in an easy to access and easy to search database.
So you are no longer limited to threats only within your network realm, but the entire world. The threat alliance that Palo Alto Networks has started with other anti-malware vendors like Symantec and McAfee have rapidly increased the amount of threat data that is now in the threat intelligence cloud.
Autofocus will also feature Elastic Search capabilities within AutoFocus to return results on search queries almost immediately. Gone are the days waiting double digits for searches to come back with any data. You will be able to search on names, called commands, hashes, tags or even parts of the files that are affected.
The service allows security teams to prioritize limited security resources, with the intelligence and context to focus on the truly unique and targeted attacks, providing insights such as:
Details on the latest threat tactics, techniques and procedures used against specific organizations and industry peers.
Attribution of malware to specific adversaries and attack campaigns.
Indications of highly customized or targeted attacks vs. commodity malware.
Access to this program is available through a limited-time Community Access program. Community Access offers a preview of the service prior to general release.