IT Central Station is now PeerSpot: Here's why

Palo Alto Networks AutoFocus OverviewUNIXBusinessApplication

Palo Alto Networks AutoFocus is #12 ranked solution in top Threat Intelligence Platforms. PeerSpot users give Palo Alto Networks AutoFocus an average rating of 8 out of 10. Palo Alto Networks AutoFocus is most commonly compared to Cisco Threat Grid: Palo Alto Networks AutoFocus vs Cisco Threat Grid. Palo Alto Networks AutoFocus is popular among the large enterprise segment, accounting for 64% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 20% of all views.
Buyer's Guide

Download the Threat Intelligence Platforms Buyer's Guide including reviews and more. Updated: June 2022

What is Palo Alto Networks AutoFocus?

AutoFocus contextual threat intelligence service accelerates analysis, correlation and prevention workflows. Unique, targeted attacks are automatically prioritized with full context, allowing security teams to respond to critical attacks faster, without additional IT security resources.

Palo Alto Networks AutoFocus Customers

Telkom Indonesia

Palo Alto Networks AutoFocus Video

Palo Alto Networks AutoFocus Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Senior Staff Security Engineer at a renewables & environment company with 1,001-5,000 employees
Real User
Top 5
Identifies critical attacks, easy to use, stable, and integrates well
Pros and Cons
  • "The most valuable feature is alerting."
  • "It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it."

What is our primary use case?

We are using AutoFocus with my playbooks. We use it on a daily basis. We receive alerts on the Playbook. We receive alerts for threat intelligence, malware alerts, and virus alerts. We use Autofocus to check if the verdict is benign malware. All playbooks are on AutoFocus. We don't log in, it gives us access.

What is most valuable?

The most valuable feature is alerting. If you have had an incident, it tells you if it is malware. It's easy to use and it implements well.

What needs improvement?

At times in AutoFocus, when you have a homegrown application or you check another threat intelligence feed, it's not malicious but is still categorized as gray. We need to request a change in the verdict, AutoFocus then deals with it and sends us an update that it is benign for us. It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it.

For how long have I used the solution?

I have been using this solution for a couple of years. We are using the most up-to-date version.
Buyer's Guide
Threat Intelligence Platforms
June 2022
Find out what your peers are saying about Palo Alto Networks, Cisco, Recorded Future and others in Threat Intelligence Platforms. Updated: June 2022.
608,713 professionals have used our research since 2012.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

It's a scalable solution. It integrates well with Playbooks.

How are customer service and support?

We always deal with Tech support. Their technical support is good. They are knowledgeable and responsive.

How was the initial setup?

The initial setup was done and in place before I started. We have a team of six security engineers to maintain this solution.

What other advice do I have?

It's a very good solution. it identifies critical attacks and alerts you. If it's malicious, it tells you, or if it's in a gray area, if it's in the malware category or if it's benign. If it's benign then you don't have to worry. If it's malware then it's worrisome for the security team and we need to run checks and take action immediately. I would rate Palo Alto Networks AutoFocus an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Darshil Sanghvi - PeerSpot reviewer
Consultant at a tech services company with 501-1,000 employees
Reseller
Top 5Leaderboard
Can be easily used to sort, identify, and search for tags
Pros and Cons
  • "It integrates well with other solutions and provides good threat intelligence in terms of external threats."
  • "It is a completely cloud-based product at present."

What is our primary use case?

We have our sorting in-house. If any kind of alert has been identified, they will cross-check with the feed in AutoFocus. They will do the correlation, manual correlation, in the case of a known feed or known intelligence. So, they will identify whether any malicious activity is going on through the AutoFocus portal.

What is most valuable?

I've found the correlation itself to be valuable, not the filter or data feed from the Palo Alto firewall or Palo Alto Networks products, which has a feed or intel from Windows, which has feeds from Symantec and many other security products.

They have their own Unix team who do the research, and they list and give us a specific tag. For example, let's say there is a ransomware attack that's still happening in India, and the source country is or the source attackers are from Russia. They will create a specific hashtag, and we can search for the hashtag. So, it is very easy and playful to sort, identify, and search for the tags.

We have had no issues with stability.

What needs improvement?

It must be on-premises as well; it must have a server on-premises. It is a completely cloud-based product at present.

For how long have I used the solution?

I've been using Palo Alto Networks AutoFocus for more than 12 months.

What do I think about the stability of the solution?

It is stable, and we have never faced any downtime or issues with stability.

What do I think about the scalability of the solution?

We have around six users who access Palo Alto Networks AutoFocus.

How was the initial setup?

The initial setup was straightforward.

What other advice do I have?

It integrates well with other solutions and provides good threat intelligence in terms of external threats. I would rate Palo Alto Networks AutoFocus at eight on a scale from one to ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Threat Intelligence Platforms Report and find out what your peers are saying about Palo Alto Networks, Cisco, Recorded Future, and more!
Updated: June 2022
Buyer's Guide
Download our free Threat Intelligence Platforms Report and find out what your peers are saying about Palo Alto Networks, Cisco, Recorded Future, and more!