AutoFocus™ contextual threat intelligence service accelerates analysis, correlation and prevention workflows. Unique, targeted attacks are automatically prioritized with full context, allowing security teams to respond to critical attacks faster, without additional IT security resources.
Gain visibility into the most critical threats with contextual intelligence on malware families, campaigns, threat actors, malicious behaviors and exploits used. AutoFocus allows you to answer questions like: “Who is attacking me?” “What tools are they using?” and “How targeted or unique is this threat?”
AutoFocus helps the entire IT security team become advanced threat hunters, instead of relying on a small group of highly specialized security operations professionals. Threat intelligence from the service is made directly accessible in the Palo Alto Networks platform, including PAN-OS and Panorama, without requiring a separate tool.
Accelerated Analysis and Hunting Workflows
Legacy approaches to securing the organization rely on aggregating an increasing number of detection-focused alerts with complex analysis workflows after the event.
AutoFocus puts the entire wealth of Palo Alto Networks threat intelligence at your fingertips, dramatically cutting the time it takes to conduct analysis, forensics or hunting efforts. Threat intelligence and context are available directly in PAN-OS® security operating system, Panorama™ network security management, or the AutoFocus portal for in-depth searching across indicators of compromise (IoCs).
Aggregate Any Third-Party Intelligence Source
Organizations rely on multiple source of threat intelligence to ensure the widest possible visibility into emerging threats, but they struggle to aggregate, correlate, validate and share indicators across different feeds. As part of AutoFocus, the MineMeld application provides a single, unified, threat feed and indicator management system.
Threat Intelligence Drives Prevention
Security teams require more than just raw threat intelligence – they need to automatically transform it into actionable controls that prevent future attacks. AutoFocus simplifies workflows to create and enforce new controls, from fully automated to user directed, within the same unified security platform.