Depending on your WildFire™ deployment—public, private,
or hybrid—you can view samples submitted to WildFire and analysis
results for each sample using the WildFire portal, by accessing
the firewall that submitted the sample (or Panorama, if you are
centrally managing multiple firewalls), or by using the WildFire API.
After WildFire has analyzed a sample and delivered a verdict
of malicious, phishing, grayware, or benign, a detailed analysis
report is generated for the sample. WildFire analysis reports viewed
on the firewall that submitted the sample also include details for
the session during which the sample was detected. For samples identified
as malware, the WildFire analysis report includes details on existing
WildFire signatures that might be related to the newly-identified
malware and information on file attributes, behavior, and activity
that indicated the sample was malicious.
See the following topics for details on how to monitor WildFire
submissions, to WildFire analysis reports for samples, and to set
up alerts and notifications based on submissions and analysis results:
The AutoFocus threat intelligence portal provides
a different lens through which to view WildFire analysis details
for a sample. AutoFocus layers statistics over WildFire analysis
data to indicate high-risk artifacts found during sample analysis
(such as an IP address or a domain).