the Palo Alto Networks sandbox solution for analyzing unfamiliar
files—including unknown executable files. WildFire issues verdicts
for all scrutinized files: benign in the case of a safe file and
malicious in the case of malware. The WildFire integration with
Traps is an optional service that incorporates WildFire analysis
into your Traps endpoint solution.
When a user or a machine tries to open an executable file or
macro on the endpoint, Traps calculates a unique identifier (known
) using the SHA-256 algorithm. The ESM Server
then checks it against the WildFire database. If WildFire confirms
that a file is known malware, Traps blocks the file and notifies
the Endpoint Security Manager (for more information, see Manage
Hashes for Executable Files).