There is a change happening within the security industry. There has never been a greater accumulation of security data available to organizations, in as many forms, from as many sources, as we have today. The mantra has consistently been, “more data is better,” with the hope that this influx would result in increased protection from threats, especially more damaging, targeted and unique attacks. The reality has not delivered on this great promise, with successful cyberattacks and data breaches continuing to occur in organizations around the world.
This raises the inevitable question: how do we improve our ability to identify and prevent targeted attacks?
Here at Palo Alto Networks, we realized the problem facing security teams was not a lack of data, but an inability to prioritize the most critical attacks and quickly take action on them. Over the past few months, we have had the opportunity to share our newest service, AutoFocus™, with hundreds of customers during our Community Access program. Throughout this early access period, we were able to refine our vision, and create a leading cyberthreat intelligence service, which we are proud to make available worldwide today.
AutoFocus was built to help security teams address three fundamental challenges:
- Prioritize alerts for advanced attacks that require immediate attention.
- Understand the context around attacks, adversaries, and campaigns – including targeted industries.
- Respond proactively to threats and prevent future attacks.
This new service provides security teams the intelligence, analytics, and context required to understand which attacks require immediate response, as well as the ability to make indicators actionable and prevent future attacks. As more security leaders consider how to efficiently implement threat intelligence within their organization, we must change the view from “more data” to “truly the right, actionable intelligence.”
We encourage you to learn more about AutoFocus: www.paloaltonetworks.com/autofocus
[Palo Alto Networks Blog]