TrustRadius Insights
The product offers a comprehensive threat intelligence report that allows users to easily track and analyze critical attacks. With this …
Overview
What is Palo Alto Networks AutoFocus?
AutoFocus™ contextual threat intelligence service, from Palo Alto Networks, accelerates analysis, correlation and prevention workflows. Targeted attacks are automatically prioritized with full context, allowing security teams to respond to critical attacks faster, without additional IT security resources.
Recent Reviews
Pricing
N/A
Unavailable
What is Palo Alto Networks AutoFocus?
AutoFocus™ contextual threat intelligence service, from Palo Alto Networks, accelerates analysis, correlation and prevention workflows. Targeted attacks are automatically prioritized with full context, allowing security teams to respond to critical attacks faster, without…
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
15 people also want pricing
Alternatives Pricing
What is AlienVault USM?
AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments,…
What is Egnyte?
Egnyte provides a unified content security and governance solution for collaboration, data security, compliance, and threat detection for multicloud businesses. More than 16,000 organizations trust Egnyte to reduce risks and IT complexity, prevent ransomware and IP theft, and boost employee…
Product Details
- About
- Tech Details
What is Palo Alto Networks AutoFocus?
| AutoFocus™ contextual threat intelligence service, from Palo Alto Networks, accelerates analysis, correlation and prevention workflows. Targeted attacks are automatically prioritized with full context, allowing security teams to respond to critical attacks faster, without additional IT security resources. |
Palo Alto Networks AutoFocus Technical Details
| Operating Systems | Unspecified |
|---|---|
| Mobile Application | No |
Comparisons
Compare with
Reviews and Ratings
(10)
Community Insights
TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!
- Business Problems Solved
The product offers a comprehensive threat intelligence report that allows users to easily track and analyze critical attacks. With this information, security teams are able to protect organizations from unique, targeted attacks. Customers have found the product to be particularly effective in preventing malware and targeted attacks on their networks, ensuring the removal of threats and risks to their businesses and intelligence.
One of the key use cases of the product is its ability to detect and block new threats, including 0-day vulnerabilities. It seamlessly integrates with firewalls and SOC software for automated updates and intelligence sources, making it a valuable asset in any security infrastructure. Users appreciate the product's tight integrations with various services, as well as its customization options for the dashboard. This makes it easy to integrate with existing perimeter devices and enhances incident analysis for SOC teams by providing threat-specific pinpoint data with minimal false positives. Furthermore, customers have praised the product for its ability to determine the authenticity of threats in seconds and provide timely notifications for emerging threats that may affect them.
Reviews
(1-4 of 4)Companies can't remove reviews or game the system. Here's why
December 23, 2021
Best value for the money
Auto focus is being used for threat intelligence integrated with all of the palo alto networks firewalls. We use it throughout the enterprise even for the subsidiary companies. It really helps the SOC team to enhance their incident analysis. It broadens the scope of analysis with threat specific pinpoint data with a little False Positive. Autofocus is a saas service. Licensing is based on the number of users. It leverages the analytics and correlation with cloud services whereas the correlation is based on the customer data. Dahsboard is customizable. I see more value on the autofocus data compared to panorama or palo alto firewalls dashboards. It has tight integrations with several services. There are feeds which we use and indirectly to import these lists to the firewalls with SOAR entegration.
- tagging and prioritization of events
- sectoral and peer/industry views compared to your company
- dnssec view is superb, I get more detail on the autofocus compared to my local implementation
- customizable alerts for specific indicators and events
- additional feed entegrations
- searches for IP, URL, hash
- minemeld integration throgh the indicators
- unit42 direct integration on the dashboard
- Views are cumbersome, you should know what to search and use the input
- It's solely to PaloAlto environment I can't integrate other vendors natively
- Application integrations is limited, you should have your own SOAR to automaion
- Concerns related to privacy, I can't hash some values or variables on the cloud
- Sharing option of the datas with cloud has limited configuration
- It's aimed for strata, I don't see data coming/analyzed or integration for the prisma cloud side.
- Analytics and correlation
- Threat Hunting
- Unit42 data
- company vs global vs industry view
- Search functionality
- Licensing is solid and based on numbers of users
- ROI time for the big enterprises is very fast
- Pinpoint accuracy on the threats, SOC does not waste time for additional analysis
- Superb easy integration
- Little maintenance for the service
- Service uptime is very high
If you have Palo Alto, autofocus is the selected choice. If you have Checkpoint than the threat cloud. Price of autofocus is much cheaper. Unit42 is the real differentiator. Minemeld is unique to PAN and working perfectly. Search outputs and are detailed and gives lots of data. Integration with SOAR is much easier with autofocus. Indicator list is huge. Tagging works magnificent.
December 22, 2021
Autofocus Simple & Smooth
Palo Alto Autofocus help our team as their main threat intelligence product, we have most of our perimeter with Palo Alto devices so it was easy to integrate the product with our current infrastructure. Palo Alto Autofocus helps us to determine if a threat is a real threat in a matter of seconds and also notify us when they are emerging threats that might affect us.
- Threat intelligence
- Emerging Threats
- Intelligence feeds
- Better GuI
- Not so many automation options
- Too simple queries
- Threat intelligence
- Emerging threats
- Notifications in real time
- Cheap for us
- Easy integration
- Easy management
Not sure if Palo Alto is better, but it integrates with our infrastructure seamlessly since all of our perimeter firewalls are Palo alto devices.
December 18, 2021
Excelent threat intelligence network
I implemented Palo Alto Networks AutoFocus in many companies as an intelligence threat network used to detect and block new threats and especially 0-day vulnerabilities . It's generally connected to firewalls and SOC software to enable automated updates and intelligence sources for files that need to be analyzed looking for malware.
- real time alerts
- detecting new malwares
- Proactively Response
- third party product integration
- simplicity of the managment console
- integration to cortex agents directly
- threat tags
- statistics and graphs of reports
- automatic attack prevention
- new attacks mitigation
- less need to hire personal to analyse data
- increase security level
AutoFocus helps the IT security team in the company become advanced threat hunters by giving them suited information. forensics and the It team could often rely on a broad range of scripts, open-source tools,
security devices. Palo Alto Networks AutoFocus can help them reach these objects, things that are not available with other products from other vendors.
December 13, 2021
Advanced Threat Intelligence Service from Paloalto
AutoFocus is a SaaS-based security service [that] offers a threat intelligence service that assists security teams on how to protect their organizations from unique, targeted attacks. In my organization as well, as part of our cybersecurity setup, threat intelligence has been an important focus area with the objective of leveraging a threat intelligence platform/service to secure against cybersecurity attacks.
- The ability to have quick access to the Palo Alto Networks threat intelligence repository is a big value add
- Each threat is enriched with a lot of contextual information
- Guidance on TI use cases
- Search mechanism needs improvement to optimize performance and reliability
- DNS Security dashboard could be improved
- UI improvements which could be made more intuitive
- Access to a massive repository of Palo Alto Networks threat intelligence data
- Helps understand better our attack surface and TI use cases
- Solution to operationalize TI in our cybersecurity program
- Very positive in setting up our TI practice