Integration Spotlight: Palo Alto Networks

Integration Spotlight: Palo Alto Networks

Assemble and deliver actionable threat intelligence from Palo Alto Networks and Recorded Future.

Table of Contents


Product Overview

Palo Alto Networks is the next-generation security company maintaining trust in the digital age by helping tens of thousands of organizations worldwide prevent cyber breaches. Its innovative security platform with game-changing technology natively brings network, cloud, and endpoint security into a common architecture. By doing this, it safely enables applications, users, and content; delivers visibility, automation, and control; and detects and prevents threats at every stage of the attack lifecycle, so organizations can securely and efficiently move their businesses forward.

Challenges Overcome Through Integration

To prevent successful cyberattacks, many organizations collect indicators of compromise (IOCs) from various threat intelligence providers with the intent of creating new controls for their security devices. Unfortunately, legacy approaches to aggregation and enforcement are highly manual in nature, often creating complex workflows and extending the time needed to identify and validate which IOCs should be blocked.


Integration Description

Recorded Future and Palo Alto Networks have partnered to deliver real-time threat intelligence from the entire web that enables security operations teams to proactively defend against threats before they impact the business. Recorded Future threat intelligence correlation enables protection rules to be delivered with greater confidence to Palo Alto Networks next-generation firewalls. Security operators quickly gain full context on threat actors, their TTPs, malware, and other IOCs.
The Palo Alto Networks and Recorded Future integration provides:

  • Real-time threat intelligence from the entire web — open, deep, and dark — enabling customers of Palo Alto Networks to benefit from protection rules with more confidence.
  • Instant context around an IOC with easy-to-read intelligence cards, giving security operations all relevant information in a consolidated view.
  • Evidence-based risk scores for indicators, enabling security operations teams to make faster verdicts.