Issue link: https://insights.oneneck.com/i/1458399
56 Data Center & Hybrid Cloud Security For Dummies, Palo Alto Networks Special Edition These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. » Leverage existing investments: By automating repeatable actions and minimizing console-switching, security orches- tration enables teams to coordinate among multiple products easily and extract more value out of existing security investments. » Improve overall security posture: The sum of all of these benefits is an overall improvement of the organization's security posture and a corresponding reduction in security and business risk. Cloud-based threat intelligence Today, organizations must contend with an entire marketplace of malware and exploit developers selling or renting out their mali- cious tools, making them available to all classes of attackers. At the same time, advanced evasion techniques have been commod- itized, allowing attacks to sidestep legacy detection approaches. Now, even low-skilled adversaries can launch unique attacks capable of evading traditional threat identification and preven- tion approaches, requiring human intervention that cannot scale against the volume of unknown threats seen today. Cloud-based threat intelligence goes beyond traditional approaches used to detect unknown threats, bringing together the benefits of four independent techniques for high-fidelity and evasion-resistant discovery, including: » Dynamic analysis: Observes files as they detonate in a purpose-built, evasion-resistant virtual environment, enabling detection of zero-day exploits and malware using hundreds of behavioral characteristics. » Static analysis: Complements dynamic analysis with effective detection of malware and exploits, as well as providing instant identification of malware variants. Static analysis further leverages dynamic unpacking to analyze threats attempting to evade detection using packer tools. » Machine learning: Extracts thousands of unique features from each file, training a predictive machine learning model to identify new malware, which is not possible with static or dynamic analysis alone. » Bare metal analysis: Detonates evasive threats in a real hardware environment, entirely removing an adversary's ability to deploy anti-VM analysis techniques.