New Features: November 2019

The following topics provide a snapshot of the AutoFocus™ features introduced in November 2019. Each section includes context for the new feature, with steps to get started.
November AutoFocus Features
About Each Feature
User-Interface Enhancements
AutoFocus™ has been refreshed with an updated user-interface and now sports a look and feel that is more consistent with other Palo Alto Networks products. With the exception of the enhanced AutoFocus search, most work-flows and feature locations for previous features remain the same, so there is no ramp up time to familiarize yourself with the updated UI. For more details, simply log in to the AutoFocus portal.
af-updated-ui.png
AutoFocus Custom Feeds
AutoFocus™ now allows you to create user-defined EDL and URL lists based on the collective threat intelligence data of AutoFocus and connected Palo Alto Networks services. This generates customized EDL and URL lists with actionable threat data for firewalls as well as third party TIP and SIEM solutions, so you can better safeguard your network.
The threat intelligence data used to power the custom feeds are updated every 24 hours to maximize coverage with the latest threats.
af-custom-feed-overview.png
For more information about the concepts referenced in this feature, refer to:
Streamlined AutoFocus Searches
The AutoFocus™ search has been streamlined to provide faster and easier to use options. Previously, AutoFocus offered five search contexts, each providing unique insights into specific aspects of threat intelligence data. Those have been simplified into 3 searches:
  • Indicators
    —Search threat indicators, artifacts that have been ascertained by security experts as exhibiting signs of a compromised network, to quickly discover the most relevant aspects of potentially malicious URL, IP address, domain, and hashes.
    The
    Domain, URL & IP Adress Information
    tab from the previous version of AutoFocus has been integrated with the
    Indicators
    search.
af-indicator-search-sample.png
  • WildFire
    — Search samples sent to WildFire for analysis from various Palo Alto Networks connected appliances and services.
    The
    Samples
    tab from the previous version of AutoFocus has been renamed
    WildFire
    to reflect the primary analysis method for samples received by Palo Alto Networks.
af-wildfire-search-sample.bmp
  • Activity
    —Search session data provided by samples during sample submission. This allows you to search based on various context details, such as the time stamp, upload source, application, file URL, and more.
    The
    Sessions
    tab from the previous version of AutoFocus has been renamed
    Activity
    to better reflect the type of information shown in the summary.
af-activity-search-sample.png
For more information about the concepts and changes referenced in this feature, refer to:

Recommended For You