Palo Alto Networks Adds Machine Learning to Traps Endpoint Protection

Palo Alto Networks is adding new machine learning capabilities to its Traps advanced endpoint protection solution, according to an announcement made yesterday. 

The Santa Clara, CA-based IT vendor has added ‘static analysis’ capabilities to the platform, which use machine learning to examine hundreds of characteristics of a file to determine if it is malware. Threat intelligence available through the Palo Alto Networks WildFire subscription is then used to train a machine learning model to recognize malware, especially previously unknown variants. This new functionality allows Traps to rapidly determine if a file should be allowed to run even before receiving a verdict from WildFire.

Palo Alto hopes these updates will draw customers away from legacy antivirus products to protect endpoints, such as laptops, servers and VDI instances, which the company believes are insufficient to fight modern advanced threats.

“The sophistication and frequency of cyberattacks are growing too quickly for legacy antivirus tools that rely on malware signatures to keep pace,” says Rob Westervelt, research manager, Security Products, IDC. “The Palo Alto Networks Traps offering takes an innovative approach to endpoint security, keeping endpoints more secure despite a growing landscape of cyberthreats and reducing the resources required by IT teams to track and install security patches.”

Version 3.4 of Traps will be available by the end of August on the Palo Alto Networks Support portal and also includes updates to trusted publisher identification technology, grayware classification, and the ability to quarantine malicious executables.