Palo Alto Networks WildFire® malware prevention service is the industry’s most advanced analysis and prevention engine for highly evasive zero- day exploits and malware. The service employs a unique multi-technique approach, combining dynamic and static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and prevent even the most evasive threats.
Today, organizations must contend with an entire marketplace of malware and exploit developers selling or renting out their malicious tools, making them available to all classes of attackers. At the same time, advanced evasion techniques have been commoditized, allowing attacks to sidestep legacy detection approaches. Now, even low-skilled adversaries can launch unique attacks capable of evading traditional threat identification and prevention approaches, requiring human intervention that cannot scale against the volume of unknown threats seen today.
WildFire changes the equation for adversaries, turning every Palo Alto Networks platform deployment into a distributed sensor and enforcement point to stop zero-day malware and exploits before they can spread and succeed. Within the WildFire environment, threats are detonated, intelligence is extracted, and prevention is automatically orchestrated across the Palo Alto Networks Security Operating Platform in as few as five minutes after first discovery anywhere in the world.
Find the Unknown With a Unique Multi-Technique Approach
WildFire goes beyond traditional approaches used to detect unknown threats, bringing together the benefits of four independent techniques for high-fidelity and evasion-resistant discovery, including:
- Dynamic analysis – observes files as they detonate in a purpose-built, evasion-resistant virtual environment, enabling detection of zero-day exploits and malware using hundreds of behavioral characteristics.
- Static analysis – complements dynamic analysis with effective detection of malware and exploits, as well as providing instant identification of malware variants. Static analysis further leverages dynamic unpacking to analyze threats attempting to evade detection using packer tools.
- Machine learning – extracts thousands of unique features from each file, training a predictive machine learning model to identify new malware, which is not possible with static or dynamic analysis alone.
- Bare metal analysis – detonates evasive threats in a real hardware environment, entirely removing an adversary’s ability to deploy anti-VM analysis techniques.
Together, these four unique techniques allow WildFire to discover and prevent unknown malware and exploits with high efficacy and near-zero false positives.