Palo Alto Networks' AutoFocus

This article describes the Intelligence Card Extension for Palo Alto Networks' AutoFocus. 

About Palo Alto Networks' Autofocus

AutoFocus™ threat intelligence service accelerates analysis, hunting and response workflows. Unique, targeted attacks are automatically prioritized with full context, enabling security teams to respond to critical attacks faster, without additional IT security resources.

You must have commercial access to Palo Alto Networks - AutoFocus™ to use this extension.  Please also see the Getting Started With Intelligence Card Extensions page if you're interested in enabling this extension.

Extending Hash Intelligence Cards

You can enrich any Hash Intelligence Card with the following threat intelligence from AutoFocus™:

  • Tags associated with the Hash
  • Wildfire Verdict
  • Other hashes for the file (e.g., SHA1, SHA256, MD5) 
  • Sample file stats
  • Anti-Virus (AV) Scanner summary and detailed results
  • Link to sample report in AutoFocus™

You can pivot in Recorded Future on these elements of the AutoFocus™ response:

  • File Hashes

Example:

Other Resources

AutoFocus Overview: https://www.youtube.com/watch?v=FsT7rzKB8vE

This content is confidential. Do not distribute or download content in a manner that violates your Recorded Future license agreement. Sharing this content outside of licensed Recorded Future users constitutes a breach of the terms and/or agreement and shall be considered a breach by your organization.
Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more