the customer want to test pa wilfire feature . my test step: 1: from http://wildfire.paloaltonetworks.com/publicapi/test/apk, download the sample malware.the traffice throught the pa 2: when we can find the wildire log from firewall and theck the log report ,know the malware files sha256 ------------------------------------------------ log: 33, filename: wildfire-test-apk-file.apk processed 120151 seconds ago, action: upload success vsys_id: 1, session_id: 47055, transaction_id: 5 file_len: 1434514, flag: 0x801c, file type: apk threat id: 52108, user_id: 0, app_id: 109 from 192.168.5.31/50643 to 34.84.44.247/80 SHA256: 2751671b591b6969b09f8c032cd89e6ae83a5f3ec819c8b923c673a6286cbec3 ------------------------------------------------------------------------------------------------------------ 3:then wait 48 hours,we go to threat db lookup the sha256 value,but we don't find the sha256. so I think that PA will not update malware signature to antiivirus from sample malware files(http://wildfire.paloaltonetworks.com/publicapi/test/apk).is true ?
... View more