MALWARE PATROL FOR PALO ALTO

Unleash the full potential of your Palo Alto Next-Generation Firewall (NGFW) by integrating it with Malware Patrol’s threat intelligence. Designed for compatibility with Palo Alto’s industry-leading platform, our feeds deliver real-time, actionable data that extends your firewall’s ability to detect, block, and neutralize a wide spectrum of cyber threats.

We offer the following threat feeds formatted specifically for PAN NGFW: 

1. DNS-over-HTTPS (DoH) Servers: This feed helps you monitor and control encrypted DNS traffic in your environment. DoH can obscure malicious communications by tunneling DNS queries through HTTPS, a tactic used by multiple malware families for stealthy C2 connections. Blocking known DoH servers restores visibility and control over this evasive threat vector.

2. Malicious Domains: Block connections to domains linked to phishing, ransomware, malware, cryptojacking, and command-and-control infrastructure. Cutting off C2 communication disrupts the attack chain which prevents data exfiltration, payload deployment, and ransomware encryption before damage is done.

3. Malicious IP Addresses: This feed includes IPs currently serving malware, hosting C2 servers, or used in active threat campaigns. Blocking these addresses reduces exposure to evolving or unknown threats sharing the same infrastructure.

4. Malware & Ransomware URLs: Achieve precision blocking at the URL level. This feed enables you to stop access to malicious files or payloads without affecting entire domains. This is especially valuable when threats are hosted on trusted platforms like Dropbox or Google Drive. Avoid collateral damage while keeping users protected.