Please share with the community what you think needs improvement with Palo Alto Networks AutoFocus.
What are its weaknesses? What would you like to see changed in a future version?
At times in AutoFocus, when you have a homegrown application or you check another threat intelligence feed, it's not malicious but is still categorized as gray. We need to request a change in the verdict, AutoFocus then deals with it and sends us an update that it is benign for us. It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it.
I would like to have more technical documentation that contains greater detail on the types of threats that are occurring. Examples of things that I would like more technical details about are specific malware and APTs. This solution seems to run slowly, although I haven't used another similar solution that I can use to compare it.
What do you like most about Palo Alto Networks AutoFocus?
Thanks for sharing your thoughts with the community!