Advanced WildFire Achieves FedRAMP High “In Process” Status

We are excited to announce that Palo Alto Networks' Advanced WildFire has achieved the "In Process" status for FedRAMP High authorization on the FedRAMP Marketplace. This significant milestone underscores our dedication to being the top cybersecurity partner for federal organizations, providing unparalleled support and tools for a secure digital environment.

Progressing Toward FedRAMP High Authorization

Palo Alto Networks has a longstanding relationship with FedRAMP. In 2018, WildFire achieved a Moderate Authority to Operate (ATO) for its malware detection capabilities. Building on this foundation, we announced in March 2023, our selection by the Joint Advisory Board (JAB) to pursue FedRAMP High authorization for Advanced WildFire. As of January 2024, we have reached the "In Process" status for this high-impact level, bringing us closer to full authorization.

Currently, Palo Alto Networks has completed all technical reviews and is awaiting the next steps from FedRAMP Program Management Office (PMO) to grant authorization. The following memo provides additional clarity into the changes currently underway within the JAB Authorization process. 

Why Federal Agencies Choose Advanced WildFire

Traditional solutions often fall short against modern malware, which frequently changes its code to evade detection. Today’s malware is fast-moving, and sophisticated, and often leverages AI to enhance its attacks. These advanced threats can encrypt critical data, extract sensitive information, and infiltrate systems rapidly, causing extensive damage.

Advanced WildFire is engineered to effectively counter these threats. As the industry’s largest malware analysis engine, it stops known, unknown, and highly evasive malware in real-time. 

Key benefits include:

• Superior Detection: Defeats 26% more malware than traditional sandboxes using Intelligent Run-Time Memory Analysis (IRMA) 1
• Zero-Day Protection: Stops up to 22% more zero-day malware 2
• Speed and Accuracy: Prevents threats 60 times faster than competitors and detects 99.58% of known and unknown malware 3
• Global Threat Intelligence: Shares threat intelligence from a global network of 65,000 customers, ensuring rapid distribution of prevention measures

1, 2: This information was obtained from the Advanced WildFire monthly report which is maintained  by Advanced WildFire Engineering. 

3 : AV-TEST results

Figure 1: FedRAMP JAB authorization process (Source: FedRAMP)

Understanding the Authorization Process

As of this posting, the FedRAMP JAB authorization path includes three sequential key milestones: Ready, In Process, and Authorized. 

1. The FedRAMP “Ready” designation signifies that the cloud service provider has successfully passed a 3rd party readiness assessment. 
2. The next stage is the FedRAMP “In-Process” designation that signifies the successful completion of a FedRAMP 3rd Party Audit against the full scope of controls and acceptance by the JAB to continue PMO and administrative review of the audit results. 
3. Once the PMO review has completed under the JAB authorization path, the cloud service is granted a JAB ATO and listed on the FedRAMP marketplace and JAB Authorized. Organizations can pursue a FedRAMP authorization via two approaches: through the JAB or via agency sponsorship. 

Learn More

Palo Alto Networks currently supports U.S. government agencies under FedRAMP Moderate regulation, securing their applications with WildFire. As we move towards FedRAMP High authorization, we look forward to extending our partnership to high-impact federal organizations. If you’re interested in experiencing Advanced WildFire’s capabilities and uncovering hidden threats in your network, please register now for a free trial and reach out directly to a Palo Alto Networks Sales Representative.