WildFire Integration

WildFire is the Palo Alto Networks sandbox solution for analyzing unfamiliar files—including unknown executable files. WildFire contains verdicts for all scrutinized files: benign in the case of a safe file and malicious in the case of malware. The WildFire integration with Traps is an optional service that incorporates WildFire analysis into your Traps endpoint solution.
When a user or a machine tries to open an executable file on the endpoint, Traps calculates a unique identifier (known as a hash) using the SHA-256 algorithm. The ESM Server then checks it against the WildFire database. If WildFire confirms that a file is known malware, Traps blocks the file and notifies the Endpoint Security Manager (for more information, see Manage Hashes for Executable Files).

Related Documentation