It is not possible to guarantee security in automation networks with a single solution or measure. Cyber threats are very varied and dynamic. Organizations need a multi-layered cyber security strategy for security controls for all of their systems. This approach ensures that intruders have to overcome several independent obstacles before they can cause real damage. This discourages attackers and gives organizations more time to recognize and block serious threats.
Palo Alto Networks CORTEX XDR / TRAPS - Next Generation Industrial Endpoint Protection
Palo Alto Networks Traps ™ endpoint protection and response blocks threats and coordinates security enforcement across industrial and cloud networks to prevent successful cyber attacks.
Traps blocks known and unknown malware, exploits, and ransomware by observing attack techniques and behaviors. In addition, it enables companies to automatically detect and respond to sophisticated attacks with machine learning techniques and artificial intelligence (AI) with data collected at the endpoint, industrial network, and cloud.
Traps prevents malicious files from being executed through a custom approach to combat traditional and modern attacks. In addition, administrators can use periodic scanning to identify inactive threats, maintain regulatory compliance, and expedite endpoint context incident response.
Figure: Traps Management Service Dashboard
WildFire Threat Intelligence
In addition to third-party feeds, Traps uses the intelligence gained from tens of thousands of WildFire® malware prevention service subscribers to continuously aggregate threat data and maintain collective immunity from all users across endpoints, networks and applications. a cloud.
1. Prior to running a file, Traps queries WildFire with the hash of any Windows®, macOS®, or Linux executable file, as well as any DLL or Office macro, to assess its position in the global threat community. WildFire returns an almost instant verdict on whether a file is malicious or not.
2. If a file is unknown, Traps goes ahead with other prevention techniques to determine if the file is a threat to block.
3. If a file is considered malicious, Traps automatically terminates the process and optionally quarantines the file.