INFRA
INFRA
INFRA
Preventing zero-day exploits, malware with automated security
Increasingly sophisticated cyberattacks are giving security professionals bigger fish to fry than malware minnows on the network firewall. Early detection and automated blocking can free them up to fight tougher battles if and when they arise, according to Terry Ramos (pictured), vice president of business development at Palo Alto Networks Inc.
“A simple piece of malware? They shouldn’t be having to look at that. That should be automatically stopped, prevented,” Ramos said.
Automatic prevention technology like that in Palo Alto Networks’ WildFire cloud-based threat analysis service puts out fires where possible. It is capable of preventing zero-day exploits for which there is no existing security patch, Ramos explained. When a new malware or exploit shows up, WildFire automatically creates and shares a prevention control in approximately five minutes with no human help.
Palo Alto Networks also partners with Splunk Inc. to render intelligent analysis of more complex threat types. Ramos spoke about the companies’ synergy with Dave Vellante (@dvellante) and John Walls (@JohnWalls21), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Splunk .conf2017 event in Washington, D.C. (* Disclosure below.)
Red-alert ready
“We’re the number one downloaded app for Splunk by far that’s a third party,” Ramos said. The app in question is the Palo Alto Networks app for Splunk available in the Splunkbase arsenal of apps and add-ons.
Palo Alto Networks was doing adaptive response security before it was called adaptive response, according to Ramos. Its collaboration with Splunk enhances this approach, bringing together the data visibility in Palo Alto Networks’ security platform and Splunk’s broad investigative and visual tools for in-depth security reporting and analysis.
“You see something in Splunk, you can actually take action back to a firewall to actually block something, quarantine something, anything like that. I’d be a liar if I said you can prevent everything — it’s just not possible,” Ramos said.
Early detection, however, can make what might be a devastating attack more manageable in the long run, he concluded.
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of Splunk .conf2017. (* Disclosure: Splunk Inc. sponsored this segment of theCUBE. Neither Splunk nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
