Advanced WildFire Support for Intelligent Run-time Memory
Learn about the Advanced WildFire support for intelligent
run-time memory analysis
Advanced WildFire is a new
subscription offering from Palo Alto Networks that provides access
to Intelligent Run-time Memory Analysis, a cloud-based, advanced
analysis engine that complements existing static, and dynamic analysis
engines, to detect and prevent evasive malware threats. Advanced
threats rely on techniques such as environmental checks and obfuscation
to bypass detection. Additionally, they often display signs of bespoke
design with ephemeral behaviors that lead to fast-dissemination
throughout the network, after an attack has been initiated. By leveraging
a cloud-based detection infrastructure, Intelligent Run-time Memory
Analysis detection engines operate a wide array of detection mechanisms
to target these highly-evasive malware. To keep up with the latest
threats, Advanced WildFire analysis engines are updated and deployed
automatically, without requiring the user to download content update
packages or run resource intensive, appliance-based analyzers.
Intelligent Run-time Memory
Analysis relies on the existing WildFire analysis profile settings
and does not require any additional configuration; it is only necessary
to install the new Advanced WildFire license on your preferred NGFW
platform. Samples that display or otherwise indicate evasive and/or
advanced malware qualities are automatically forwarded to the appropriate
analysis environments. Samples that receive a verdict with a high
level of certainty using other analysis platforms may forego Advanced
WildFire analysis. The resulting sample analysis details can be
further examined by reviewing the WildFire analysis reports, which
show a detailed account of what was discovered.
Run-time Memory Analysis...
supports PE sample analysis.
is not available in the WildFire EU and U.S. Government clouds.