Call a Specialist Today! 844-294-0778

Advanced WildFire
Automatically Prevent Highly Evasive Zero-Day Exploits and Malware

Palo Alto Networks WildFire® malware prevention service is the industry’s most advanced analysis and prevention engine for highly evasive zero-day exploits and malware. The service employs a unique multi-technique approach, combining dynamic and static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and prevent even the most evasive threats.

WildFire Features


Find the Unknown With a Unique Multi-Technique Approach

Together, these four unique techniques allow WildFire to discover and prevent unknown malware and exploits with high efficacy and near-zero false positives.

WildFire Evasion-resistant discovery

Automated Orchestration of Prevention

WildFire also forms the central prevention orchestration point for the Security Operating Platform, allowing the enforcement of new controls through:

Most Advanced Malware Analysis Environment

The WildFire engine is based on two primary components:

Within the malware analysis environment, WildFire executes suspicious content in the Windows® XP, Windows 7, Windows 10, Android® and macOS® operating systems, with full visibility into commonly exploited file formats, such as EXE, DLL, ZIP, 7ZIP, RAR Archive, Mach-O, Mach-OSX DMG, ELF (Linux) and PDF, as well as Microsoft Office documents, Java files, Android APKs, Adobe Flash® applets and links within email messages. WildFire identifies files with potential malicious behaviors and delivers verdicts based on their actions, through:

In combination with WildFire, organizations can use AutoFocus to hone in on the most targeted threats with high relevance and context. AutoFocus provides the ability to hunt across all data extracted from WildFire, as well as third-party threat feeds, using MineMeld™ threat intelligence syndication engine. It allows users to correlate indicators of compromise and samples with human intelligence from the Unit 42 threat research team in the form of tags. Together, WildFire and AutoFocus provide a complete picture of unknown threats targeting your organization and industry, increasing your ability to quickly take action by:

  • Automatically updating External Dynamic Lists on Palo Alto Networks next-generation firewalls.
  • Automatically exporting indicators of compromise to third-party tools via STIX™, TAXII™ and APIs.
  • These actions require no human intervention and reduce the cost of adding specialized security staff.

    Safe, Scalable Cloud-Based Architecture

    The unique cloud-based architecture of WildFire supports unknown threat detection and prevention at massive scale across the network, endpoint and cloud. You can take advantage of the service as part of the Security Operating Platform without introducing a performance impact to the firewall. To meet even the strictest local privacy or regulatory requirements, WildFire is available in multiple deployment modes, including:

    Integrated Logging, Reporting and Forensics

    WildFire users receive integrated logs, analysis and visibility into malicious events through the PAN-OS® management interface, Panorama™ network security management, AutoFocus or the WildFire portal, enabling teams to quickly investigate and correlate events observed in their networks. This allows security staff to rapidly locate and take action on the data needed for timely investigations and incident response, including:

    Security Operating Platform

    Built on the Security Operating Platform, WildFire blocks known and unknown threats before they can cause harm, taking advantage of:

    The result is a unique, closed-loop approach to preventing cyberthreats, ensuring they are known to all and blocked across the attack lifecycle.

    WildFire Requirements

    WildFire analysis of certain file types requires the following version, or a newer version, of PAN-OS:

    Licensing Information

    The WildFire global cloud subscription provides:

    Download the Palo Alto Networks Advanced Wildfire Datasheet (PDF).

    Legacy Products