Network security firm Palo Alto Networks has enhanced its security platform to increase advanced threat detection and prevention capabilities.
Most significantly, this includes enhancements to the Palo Alto Networks’ WildFire service which enables quick discovery and elimination of previously unknown malware, zero-day exploits and advanced persistent threats.
According to a company statement, Cyber criminals are employing new stealth methods to evade traditional security measures, such as stateful firewalls, intrusion prevention systems and anti-virus (AV) systems.
These legacy approaches often address only a single threat vector across a limited range of network traffic, resulting in a higher attack penetration rate and costly human incident response.
“To better detect sophisticated attacks, a highly automated and scaleable “closed loop” approach is required,” a Palo Alto statement said.
“One that begins with positive security controls to reduce the attack surface; inspects all traffic, ports, and protocols to block all known threats; rapidly detects unknown threats; then, automatically employs new protections back to the front line to ensure previously unknown threats are known to all and blocked.”
New enhancements include extended file visibility – all common file types, including PDFs, Office documents, Java, and APKs, operating systems, and applications (encrypted or not) are now seen and filtered.
Zero-day exploit detection – using behavioural analysis, this signature independent capability in the WildFire cloud quickly identifies exploits in common applications and operating systems and distributes the intelligence to subscribing customers in as little as 30 minutes to prevent future attacks.
It also includes discovery of malicious domains – blocks the critical command-and-control phase of an advanced attack by building a global database of compromised domains and infrastructure.
It provides a single “pane of glass” view into incident response.
Palo Alto Networks, senior vice-president, Lee Klarich, said quickly detecting and eliminating previously unknown threats across all applications was key to protecting an organisation from today’s advanced threats.
“Only Palo Alto Networks offers its customers the closed loop capabilities to most efficiently and effectively stop sophisticated threats,” he said.