eyeExtend for Palo Alto Networks® WildFire® - Forescout Marketplace

Features and Benefits

Leverage shared threat intelligence to maximize joint threat hunting and detection
When WIldFire identifies malware and other malicious activity detection, it sends basic information about the indicators of
compromise (IOCs) and the endpoint to the Palo Alto Networks NGFW, which then sends this information to Forescout. Forescout
can then query WildFire to get more in-depth information about the IOC and scan other endpoints attempting to connect or that
are already connected for the presence of the IOCs, including endpoints outside of Palo Alto Networks NGFW control. Forescout
therefore extends WildFire threat intelligence monitoring to the entire network—including unmanaged BYOD, guest and IoT
devices—for IOCs. Forescout can also automate device isolation and initiate remediation in response, preventing the spread of
threats from any device across the network.
Accelerate and automate policy-driven threat response
When an infected endpoint is detected, the Forescout platform limits or blocks its network access per policy. This prevents
lateral movement of the infection to other devices. The Forescout platform also remediates infected devices by killing suspicious
processes and notifying stakeholders with details about which threats were detected on which devices. This helps organizations
react in real time to threats based on predefined security policies.

Scan all Network Devices
Scan all network devices for
IOCs discovered by Palo Alto
Networks WildFire
Contain Threats
Contain threats by limiting or
blocking access of infected
devices to the network in
real time
Remediate Infected Devices
Remediate infected devices
by killing suspicious
processes running on them
Notify Stakeholders
Notify stakeholders such as
security teams via emails
detailing specific threats
and their affected devices

Similar Applications