Multi-Method Threat Prevention Innovations

To stay ahead of increasingly sophisticated adversaries, PAN-OS^® 8.0 introduces several industry-first innovations that drive forward our ability to detect and prevent the most evasive threats, block command-and-control traffic in far more effective ways, and allow our customers to gain leverage from any threat intelligence source, including:

• WildFire™ service has an all-new anti-evasion analysis engine that brings together the benefit of multiple independent detection techniques:
  • New machine learning that operates on thousands of extracted features to further the WildFire service's ability to detect more malware and variants while maintaining high accuracy.
  • An entirely new malware analysis environment, custom built from the ground up without any dependency on open-source emulation tools used throughout the industry that are readily identifiable by the adversary.
  • An innovative bare-metal execution environment where suspicious, evasive files are dynamically steered for detonation on real hardware systems, enabling detection for the most evasive anti-VM threats.
     
• Advancing command-and-control (C2) prevention by introducing end-to-end automation of the generation, delivery and enforcement of payload-based C2 protections, based on data from WildFire customers. This system eliminates the trade-off between quick automated protections, based on URL or DNS, and effective, but low-scale manual signature creation that was the status quo in the security industry.
  
  
• Extending AutoFocus™ contextual threat intelligence service with the MineMeld application, enabling security teams to aggregate, correlate, and automatically turn any third-party threat intelligence source into prevention across the Palo Alto Networks^® Next-Generation Security Platform.