![Page 1: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/1.jpg)
Segurança com Disrupçãonas Universidades Portuguesas
Paulo VieiraSales Manager Portugal
![Page 2: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/2.jpg)
THE DIGITAL AGE
2 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 3: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/3.jpg)
DIGITAL TRANSFORMATIONFOR COMPETITIVE ADVANTAGE
3 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 4: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/4.jpg)
4 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 5: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/5.jpg)
5 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 6: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/6.jpg)
6 | © 2018, Palo Alto Networks. All Rights Reserved.
NO SLOWDOWN
![Page 7: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/7.jpg)
HIGHLY AUTOMATED ADVERSARY
7 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 8: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/8.jpg)
8 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 9: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/9.jpg)
CYBER MOONSHOT CHALLENGE
National Security Telecommunications Advisory Committee
![Page 10: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/10.jpg)
OFFICE OF THE CISO
CONSUMING CYBERSECURITY IS BECOMING IMPOSSIBLE
10 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 11: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/11.jpg)
AUTOMATION, ORCHESTRATION, AND LEVERAGE
11 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 12: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/12.jpg)
NO SINGLE ENTITYCAN DO ALL INNOVATION
12 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 13: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/13.jpg)
13 | © 2018, Palo Alto Networks. All Rights Reserved.
INNOVATION THATCAN BE CONSUMED
![Page 14: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/14.jpg)
Cortex
14 | © 2018, Palo Alto Networks. All Rights Reserved.
Mobile UsersBranch Office
Next-Generation Firewall
Campus
Traps
ServersEndpoints Cloud Data Center
CortexTM
HUB
CortexTM Data Lake
3rd PARTY
APP
3rd PARTY
APP
AUTOFOCUSHUNTING
MAGNIFIERBEHAVIORAL ANALYTICS
![Page 15: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/15.jpg)
ENABLING INNOVATIVE SECURITY APPS
Reporting and
Visualization
IoT Security
Automation and
Orchestration
Malware
DetectionAnalytics
Threat
Intelligence
Detection and
Response
Identity
Application
Framework
15 | © 2018 Palo Alto Networks, Inc. All Rights Reserved.
![Page 16: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/16.jpg)
IoT SECURITY APPS TO PROTECT CONNECTED DEVICES
16 | © 2018 Palo Alto Networks, Inc. All Rights Reserved.
Fingerprint and
monitor IoT
devices
Support specialized
devices across
multiple industries
Control access
to quickly stop
unauthorized activity
![Page 17: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/17.jpg)
![Page 18: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/18.jpg)
18 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 19: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/19.jpg)
19 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 20: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/20.jpg)
20 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 21: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/21.jpg)
21 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 22: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/22.jpg)
22 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 23: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/23.jpg)
23 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 24: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/24.jpg)
24 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 25: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/25.jpg)
SECOPS TO AUTOMATE WORKFLOWS
25 | © 2018 Palo Alto Networks, Inc. All Rights Reserved.
Contain threats faster
with orchestrated
enforcement
Streamline operations
by coordinating actions
for third-party products
Improve efficiency
by removing
manual processes
![Page 26: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/26.jpg)
26 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 27: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/27.jpg)
27 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 28: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/28.jpg)
ANALYTICS APPS TO FIND SOPHISTICATED THREATS
Detect stealthy
threats with machine
learning
Access rich
data and threat
intelligence easily
Automate
enforcement to
stop threats
![Page 29: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/29.jpg)
JOIN THE GROWING ECOSYSTEM
29 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 30: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/30.jpg)
CLOUDNETWORK ENDPOINT
30 | © 2017, Palo Alto Networks. Confidential and Proprietary.
CORTEX XDR: BREAKING SECURITY SILOS
CortexTM Data Lake
CortexTM XDR
DETECTION & RESPONSE FOR NETWORK, ENDPOINT AND CLOUD
Automatically detect attacks
using rich data & cloud-
based behavioral analytics
Accelerate investigations
by stitching data together
to reveal root cause
Tightly integrate with
enforcement points to stop
threats & adapt defenses
![Page 31: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/31.jpg)
App
AppApp name
Protocol
URL and Domain
Response Size
Response Code
Referrer
COLLECT AND CORRELATE RICH DATA
Collect rich data for
behavioral analytics & AI
Automatically correlate data to gain
context for investigations
User & Host
Network
Threat Intel
Endpoint
NetworkTCP port
Source IP
Country
Dest IP
Sent Bytes
Received BytesThreat
IntelligenceMalware hashes
Malicious IPs
Phishing URLs
URL Categories
User & HostUser name
Hostname
Organizational unit
Operating system
Mac address
EndpointFile update
Process name
MD5/SHA Hash
File path
Registry change
Malware verdict
CLI arguments
![Page 32: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/32.jpg)
SECURE YOUR ORGANIZATION WITH CORTEX XDR & TRAPS
32 | © 2018, Palo Alto Networks. All Rights Reserved.
Rapidly Investigate
• Root cause analysis
• Timeline analysis
• Integrated threat intel
Prevent
• Market-leading network, endpoint, cloud security
Respond & Adapt
• Integrated enforcement
• Adaptable rules
Automatically Detect
• Behavioral analytics with machine learning
• Customizable detection
• Automated threat hunting
1 2
4 3
![Page 33: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/33.jpg)
AUTOMATICALLY DETECT ATTACKS WITH BEHAVIORAL ANALYTICS
Cortex XDR profiles behavior to find
anomalies indicative of attack
Malware Behavior
Attackers often perform 1,000s of actions, but each one may look innocent
Command and Control
Internal Reconnaissance
Cortex
Data Lake
Cortex
XDR
![Page 34: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/34.jpg)
ACCELERATE & SIMPLIFY INVESTIGATIONS
34 | © 2018, Palo Alto Networks. Confidential and Proprietary.
Investigate any alert with one click
Automatically reveal the root cause & chain of events
Review threat intel, forensic timeline & context
chrome.exe
ENV21\Sauron
1 2 3
ROOT
CAUSE
7zFM.exe cmd.exe powershell.exe wscript.exe
Clicks on URL in phishing email Downloads 7zip file 7zip runs *.pdf.bat file in zip *pdf.bat file creates Virtual basic
script for Windows script engine
Attempts C2 connection
12
2
Traps alert
![Page 35: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/35.jpg)
RESPOND & ADAPT TO THREATS
Apply knowledge gained to detect
future threats & ease investigations
Easily stop threats through tight
integration with enforcement points
Block attacks with firewall external
dynamic lists
Isolate the endpoint using Traps
Create new rule to detect known
bad activity
Cortex
Data Lake
Cortex XDR
![Page 36: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/36.jpg)
PALO ALTO NETWORKS ACADEMY
![Page 37: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/37.jpg)
O QUE REPRESENTA AS ACADEMIAS PARA PORTUGAL
37 | © 2015, Palo Alto Networks. Confidential and Proprietary.
• 8 academias em Portugal
1 academia Regional
• 46 Instrutores formados para dar os cursos completos
• Mais de €1,7M em equipamentos nas 8 academias.
• 80 Alunos já com o nível de PCNSE
![Page 38: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/38.jpg)
Your Environments Are so Diverse
38 | © 2015, Palo Alto Networks. Confidential and Proprietary.
![Page 39: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/39.jpg)
39 | © 2018, Palo Alto Networks. All Rights Reserved.
3 EVOLUTIONS OVER 10 YEARS
![Page 40: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/40.jpg)
WHAT WE HAVE ACCOMPLISHED FY18
TOP 20 Companies
using Artificial
Intelligence
”Palo Alto Networks is activelyusing AI and Machine Learning tobeat the bad guys”.
Gartner Market Share
We are #1 in theenterprise networksecurity market shareaccording to Gartner.
Fortune Future 50
The worlds forward-looking innovative companies that are in best shape to the change the future.
AI
![Page 41: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/41.jpg)
WHAT WE HAVE ACCOMPLISHED FY18
![Page 42: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/42.jpg)
42 | © 2017, Palo Alto Networks. All Rights Reserved.
*Gartner Magic Quadrant for Enterprise Network Firewalls, Adam Hils, Greg Young, Jeremy D’Hoinne, and Rajpreet Kaur, May 2016
Strong industry leadership position
![Page 43: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/43.jpg)
More
innovation
More
sharing
More
automation
More flexibility
on usage
More ease of
deployment
More
software
A NEW MODEL
43 | © 2018, Palo Alto Networks. All Rights Reserved.
![Page 44: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/44.jpg)
44 | © 2018, Palo Alto Networks. All Rights Reserved.
RADICALLY DIFFERENTOUTCOMES
![Page 45: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/45.jpg)
OBRIGADO
![Page 46: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/46.jpg)
PALO ALTO NETWORKS PLATFORM
NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY
WildFireThreat Prevention URL Filtering AutoFocus Logging Service Magnifier MineMeld
CLOUD-DELIVERED SECURITY
SERVICES
© 2018, Palo Alto Networks. All Rights Reserved.
![Page 47: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/47.jpg)
Threat Intelligence
WildFire
Global and Regional
Cloud-based zero-day
malware analysis
engine
AutoFocus
Acquiring contextual
intelligence providing
correlation and
aggregation
“Lens into WildFire”
MineMeld
Turn contextual
intelligence from
AutoFocus and 3rd Party
sources into automated
prevention measures
© 2018, Palo Alto Networks. All Rights Reserved.
Detection Investigation Respond
![Page 48: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/48.jpg)
MALWARE, WF-AV, URLS, DNS, AUTO-C2
EVERY 5 MINUTES
STATIC
ANALYSIS
FIREWALLS TRAPS APERTURE CYBER THREAT
ALLIANCE
PARTNER
INTEGRATIONSVM-SERIES
DYNAMIC
ANALYSIS
MACHINE LEARNING BARE METAL
DYNAMIC UNPACKING
NETWORK TRAFFIC
PROFILING
MAGNIFIER
NEW
NEW
NEW
NEW
NEW
GLOBAL
PROTECT
WILDFIRE
THREAT
PREVENTION
URL
FILTERING
© 2018, Palo Alto Networks. All Rights Reserved.
AUTOFOCUS
![Page 49: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/49.jpg)
49 | © 2018, Palo Alto Networks. All Rights Reserved.
Cumulative total unique files processed
0.0
2.5
5.0
7B
5T
300M
Samples
Artifacts
Per month
![Page 50: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/50.jpg)
300M+Never before seen samples
every month demonstrates
our unique data set
26,000+WildFire Customers growing
every month
45%Malware detected by
WildFire is unknown in
Virus Total
40%Zero-day malware detected by
WildFire were not seen by the top
six antivirus vendors at the time of
detection
230KNew high quality protections delivered
daily to the platform within 5 minutes
1- PE, PE64 (Windows)
2- Android APK
3- DLL (Windows)
4- PDF (Adobe)
5- ELF (Linux)
IP, DNS, C2, URL, WF-AV
Top file type trends
Malware delivered over applications other than web and email
(FTP, SMB)
8%
1.1MAverage Malware variants covered from a
single WildFire signature
Protections Delivered:
50 | © 2018 Palo Alto Networks, Inc. All Rights Reserved.
Wil
dF
ire
By T
he N
um
bers
![Page 51: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/51.jpg)
Malware Analysis Engine - Automation
Bare
Metal
Analysis
Static
Analysis
Dynamic
Analysis
Dynamic
Unpacking
Detect known exploits,
malware, and variants
Find new zero-day
exploits & malware
through execution
Heuristic Engine
Steer evasive malware
to bare metal
Identify VM-aware
threats using hardware
systems
Memory analysis
Machine learning
File anomalies
Malicious patterns
Known malicious code
Custom hypervisor
Behavioral scoring
Multi-version analysis
Full dynamic analysis
Real desktop hardware
No virtual environment
No hypervisor
© 2018, Palo Alto Networks. All Rights Reserved.
Continuous Feedback Loop
![Page 52: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/52.jpg)
52 | © 2018, Palo Alto Networks, Inc. All Rights Reserved.
Bare Metal
Analysis
Network Traffic
ProfilingCustom Hypervisor
Used Twitter to download malware Hosts temperature checks to
bypass legacy sandboxes
Rapid Innovations
Causes crashes in virtual
environment
SARODIP GRAVITYRAT VARIOUS THREATS
![Page 53: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/53.jpg)
NAM
EMEA - EU
APAC
Japan
SOC 2 Type 2 Compliant | Regional Data Privacy | Identical Capabilities | Distributed Research Team
Singapore
Amsterdam
CaliforniaVirginia
© 2018, Palo Alto Networks. All Rights Reserved.
WildFire Global Infrastructure
![Page 54: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/54.jpg)
Threat Intelligence
WildFire
Global and Regional
Cloud-based zero-day
malware analysis
engine
AutoFocus
Acquiring contextual
intelligence providing
correlation and
aggregation
“Lens into WildFire”
MineMeld
Turn contextual
intelligence from
AutoFocus and 3rd Party
sources into automated
prevention measures
© 2018, Palo Alto Networks. All Rights Reserved.
Detection Investigation Respond
![Page 55: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/55.jpg)
How can we use AutoFocus context to deploy
automated protections?
AutoFocus : Answers to Important Questions
WHOWHATWHEN
WHEREHow does my organization
compare to the rest of the Industry?
Latest Malware in the news, are we
protected?
How long has this being going on?
© 2018, Palo Alto Networks. All Rights Reserved.
![Page 56: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/56.jpg)
56 | © 2018, Palo Alto Networks. All Rights Reserved.
AutoFocus latest Statistics
![Page 57: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/57.jpg)
57 | © 2015, Palo Alto Networks. Confidential and Proprietary. Executive Dashboard & Report
Granular SearchesDetailed Analysis
Export Capabilities
3rd Party FeedsCorrelation
API
© 2018, Palo Alto Networks. All Rights Reserved.
![Page 58: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/58.jpg)
58
More
Customers
More
Protection
BetterHigh-Fidelity
Protection
More
Context
© 2018, Palo Alto Networks. All Rights Reserved.
![Page 59: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/59.jpg)
AutoFocus tag group samples
Increase YoY
Ransomware: 75%
25%Increase in Android APK
files YoY
32%Malware Increase
YoY
• Non-Email : 100%
• Traditional Email: -23%
• Web-browsing : 235%
• Gmail: 136%
Increase in email applications
delivering malware YoY
16%Increase in malware delivered
over encrypted traffic YoY
Cryptomining: 1500%
Virlock Qhost Upatre Cosmic DukeAutoFocus top malware families seen in last 6 months
AutoFocus Trends
![Page 60: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/60.jpg)
Threat Intelligence
WildFire
Global and Regional
Cloud-based zero-day
malware analysis
engine
AutoFocus
Acquiring contextual
intelligence providing
correlation and
aggregation
“Lens into WildFire”
MineMeld
Turn contextual
intelligence from
AutoFocus and 3rd Party
sources into automated
prevention measures
© 2018, Palo Alto Networks. All Rights Reserved.
Detection Investigation Respond
![Page 61: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/61.jpg)
The MineMeld Application for AutoFocus
Drive automated
prevention for Palo
Alto Networks devices
or ingestion into other
security systems
Multi-source threat
intelligence by
aggregating any third-
party provider into
AutoFocus
Correlate and
validate intelligence
against all other
providers
& native AutoFocus
intel store
© 2018, Palo Alto Networks. All Rights Reserved .
![Page 62: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/62.jpg)
MineMeld Ecosystem
200+ Sources ExportIntegrated Platform
AutoFocus | MineMeld
3rd Party Vendors
© 2018, Palo Alto Networks. All Rights Reserved.
PAN-OSEDL’s
![Page 63: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/63.jpg)
63
More
Customers
More
Protection
BetterAutomated
Protection
© 2018, Palo Alto Networks. All Rights Reserved.
More
Context
3rd Party
Feeds
![Page 64: Segurança com DisrupçãoPALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY Threat Prevention URL Filtering WildFire AutoFocus Logging Service](https://reader030.vdocuments.us/reader030/viewer/2022040611/5ed9eeeb28db2d5ca2491aee/html5/thumbnails/64.jpg)
64 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Automated Protection #1
WildFire
5 min updates
WF-AV, C2, DNS, URL
230K protections daily
Near Real Time
1Automated Protection #2
API, External Dynamic List
5min updates
IP, URL, Domain
Better Policy Management
23rd Party Solutions
EDR | SIEM | IR Systems | O365
Automated Protection #3
API/External Dynamic List
White List OR Black List
Operational Efficiency
3
And More..
Next Generation
Security Platform
High-Fidelity IOC’s
URL
Domain
IP
Hash
Regex
AutoFocus3rd Party Intelligence Correlation and
Aggregation
•JSON
•JSON-SEQ
•STIX/TAXII
Next-Generation Firewall
Automated Prevention Touch Points Continuous Response
3Touchpoints
Automated Response
Export
© 2018, Palo Alto Networks. All Rights Reserved.
MINEMELD