Skip to main content
Introducing Polarity Intel Edition: Streamlining Intel Distribution for SecOps
Polarity Intel Edition
Request a Demo

Palo Alto Threat Intelligence

ThreatConnect® and Palo Alto Networks® have established a partnership to deliver validated threat intelligence to Palo Alto Networks next-generation firewalls, enabling security operations (SOC) teams to proactively protect their network from today’s sophisticated attacks. The joint solution ensures that customers can prioritize which threats are relevant to their organization. ThreatConnect’s threat intelligence operations platform provides the relevant context about the type and level of threat to Palo Alto Networks firewalls to automatically alert or block.

Specialties

Integrations

Palo Alto Networks NGFW

The integration ensures that customers can prioritize which threats are relevant to their organization. ThreatConnect threat intelligence provides relevant context about the type and level of threat to Palo Alto Networks’ firewalls to automatically alert or block. The benefits of this integration are:

  • Drives multi-sourced, normalized and correlated threat intelligence from the ThreatConnect Platform into Palo Alto NGFW.
  • Allows jobs in Palo Alto NGFW to automatically alert or block based on the indicator’s tags or threat rating in ThreatConnect.
  • Develop intelligence-driven alerting and blocklists based on data from ThreatConnect.
  • Enables AE's threat intelligence to work in real-time by automatically blocking IPs & URLs in Palo Alto NGFW.

The following actions are available to manage threat intelligence in Palo Alto Networks:

  • Deploy Domains: This action deploys a domain(s).
  • Deploy IPs: This action deploys an ip(s).
  • Delete Domains: This action deletes a domain(s).
  • Delete Ips: This action deletes an ip(s).

This app can be found in the ThreatConnect App Catalog under the name: Palo Alto Networks NGFW.

Keep Reading
dark orange ThreatConnect TC logo

Built By ThreatConnect

Palo Alto Networks WildFire

This Palo Alto Wildfire Playbook App allows you to submit Files for sandbox analysis and retrieve analysis results. In addition to sandboxing, the app lets users retrieve enrichment information for Address, Host, URL, and File IOCs.

The following actions are available to use machine learning and crowdsourced Palo Alto threat intelligence to:

  • Analyze File
  • Get File Enrichment
  • Get Address Enrichment
  • Get Host Enrichment
  • Get URL Enrichment
  • Get File Analysis Results
  • Advanced Request

This app can be found in the ThreatConnect App Catalog under the name: Palo Alto Wildfire

Keep Reading

Related Resources

dark orange ThreatConnect TC logo

Built By ThreatConnect

Looking for an
integration not shown?