WildFire is a cloud-based
virtual environment that analyzes and executes unknown samples (files
and email links) and determines the samples to be malicious, phishing,
grayware, or benign. With WildFire enabled, a Palo Alto Networks
firewall can forward unknown samples to WildFire for analysis. For
newly-discovered malware, WildFire generates a signature to detect
the malware, which is made available for retrieval in real-time
for all firewalls with an active WildFire subscription. This enables
all Palo Alto next-generation firewalls worldwide to detect and
prevent malware found by a single firewall. Malware signatures often
match multiple variants of the same malware family, and as such,
block new malware variants that the firewall has never seen before.
The Palo Alto Networks threat research team uses the threat intelligence
gathered from malware variants to block malicious IP addresses,
domains, and URLs.