WildFire™ classifies previously unknown samples as either
malware, grayware, benign, or phishing, so that you can then block
or enforce the newly-identified traffic according to your security
policy needs. When WildFire observes and executes a sample in a
WildFire analysis environment, artifacts (such as file properties, behaviors,
and activities) are revealed to be associated with the sample.
AutoFocus™ provides a new lens through which you can view the
artifacts collected by WildFire. AutoFocus layers statistics over
artifacts found to be associated with a sample, to show the number
of times the artifact has been seen with other malware, grayware,
or benign samples. High-risk artifacts seen frequently with malware
are labeled
Suspicious or
Highly
Suspicious, and artifacts associated with high-risk behaviors
are indicated.