Wildfire Malware Analysis Engine
Automatic detection and prevention of unknown malware by the industry leading cloud-based analysis engine.
Going beyond traditional sandboxing.
WildFire® cloud-based threat analysis service is the industry’s most advanced analysis and prevention engine for highly evasive zero-day exploits and malware. The cloud-based service employs a unique multi-technique approach combining dynamic and static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and prevent even the most evasive threats.
Find the Unknown With a Unique Multi-Technique Approach
WildFire goes beyond legacy approaches used to detect unknown threats, bringing together the benefits of four independent techniques for high-fidelity and evasion-resistant discovery, including:
- Dynamic analysis: Observes files as they detonate in a custom-build evasion resistant virtual environment, enabling detection of zero-day malware and exploits using hundreds of behavioral characteristics.
- Static analysis: Highly effective detection of malware and exploits that attempt to evade dynamic analysis, as well as instantly identifying variants of existing malware.
- Machine learning: Extracts thousands of unique features from each file, training a predictive machine learning classifier to identify new malware and exploits not possible with static or dynamic analysis alone.
- Bare metal analysis: Evasive threats are automatically sent to a real hardware environment for detonation, entirely removing an adversary’s ability to deploy anti-VM analysis techniques.
Together, these techniques allow WildFire to discover and automatically prevent unknown exploits and malware with high efficacy and near-zero false positives.
The power of the threat intelligence cloud
As part of the Palo Alto Networks Threat Intelligence Cloud, WildFire is the world’s largest distributed sensor system focused on identifying and preventing unknown threats, with more than 19,500 enterprise, government, and service providers contributing to the collective immunity of all other users. When a novel malware or exploit is seen, WildFire automatically creates and shares a new prevention control in about 5 minutes, without human intervention.