Palo Alto Networks AutoFocus Review

Identifies critical attacks, easy to use, stable, and integrates well

What is our primary use case?

We are using AutoFocus with my playbooks. We use it on a daily basis.

We receive alerts on the Playbook. We receive alerts for threat intelligence, malware alerts, and virus alerts.

We use Autofocus to check if the verdict is benign malware.

All playbooks are on AutoFocus. We don't log in, it gives us access.

What is most valuable?

The most valuable feature is alerting. If you have had an incident, it tells you if it is malware.

It's easy to use and it implements well.

What needs improvement?

At times in AutoFocus, when you have a homegrown application or you check another threat intelligence feed, it's not malicious but is still categorized as gray. We need to request a change in the verdict, AutoFocus then deals with it and sends us an update that it is benign for us.

It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it.

For how long have I used the solution?

I have been using this solution for a couple of years.

We are using the most up-to-date version.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

It's a scalable solution. It integrates well with Playbooks.

How are customer service and technical support?

We always deal with Tech support. Their technical support is good. They are knowledgeable and responsive.

How was the initial setup?

The initial setup was done and in place before I started.

We have a team of six security engineers to maintain this solution.

What other advice do I have?

It's a very good solution. it identifies critical attacks and alerts you. If it's malicious, it tells you, or if it's in a gray area, if it's in the malware category or if it's benign.

If it's benign then you don't have to worry. If it's malware then it's worrisome for the security team and we need to run checks and take action immediately.

I would rate Palo Alto Networks AutoFocus an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Find out what your peers are saying about Palo Alto Networks, Recorded Future, Anomali and others in Threat Intelligence Platforms. Updated: June 2021.
522,946 professionals have used our research since 2012.
Add a Comment
ITCS user