We changed our name from IT Central Station: Here's why

Palo Alto Networks AutoFocus OverviewUNIXBusinessApplication

Palo Alto Networks AutoFocus is #12 ranked solution in top Threat Intelligence Platforms. PeerSpot users give Palo Alto Networks AutoFocus an average rating of 8 out of 10. Palo Alto Networks AutoFocus is most commonly compared to Cisco Threat Grid: Palo Alto Networks AutoFocus vs Cisco Threat Grid. The top industry researching this solution are professionals from a comms service provider, accounting for 21% of all views.
What is Palo Alto Networks AutoFocus?

AutoFocus contextual threat intelligence service accelerates analysis, correlation and prevention workflows. Unique, targeted attacks are automatically prioritized with full context, allowing security teams to respond to critical attacks faster, without additional IT security resources.

Buyer's Guide

Download the Threat Intelligence Platforms Buyer's Guide including reviews and more. Updated: January 2022

Palo Alto Networks AutoFocus Customers

Telkom Indonesia

Palo Alto Networks AutoFocus Video

Palo Alto Networks AutoFocus Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Senior Staff Security Engineer at a renewables & environment company with 1,001-5,000 employees
Real User
Top 5
Identifies critical attacks, easy to use, stable, and integrates well
Pros and Cons
  • "The most valuable feature is alerting."
  • "It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it."

What is our primary use case?

We are using AutoFocus with my playbooks. We use it on a daily basis.

We receive alerts on the Playbook. We receive alerts for threat intelligence, malware alerts, and virus alerts.

We use Autofocus to check if the verdict is benign malware.

All playbooks are on AutoFocus. We don't log in, it gives us access.

What is most valuable?

The most valuable feature is alerting. If you have had an incident, it tells you if it is malware.

It's easy to use and it implements well.

What needs improvement?

At times in AutoFocus, when you have a homegrown application or you check another threat intelligence feed, it's not malicious but is still categorized as gray. We need to request a change in the verdict, AutoFocus then deals with it and sends us an update that it is benign for us.

It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it.

For how long have I used the solution?

I have been using this solution for a couple of years.

We are using the most up-to-date version.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

It's a scalable solution. It integrates well with Playbooks.

How are customer service and technical support?

We always deal with Tech support. Their technical support is good. They are knowledgeable and responsive.

How was the initial setup?

The initial setup was done and in place before I started.

We have a team of six security engineers to maintain this solution.

What other advice do I have?

It's a very good solution. it identifies critical attacks and alerts you. If it's malicious, it tells you, or if it's in a gray area, if it's in the malware category or if it's benign.

If it's benign then you don't have to worry. If it's malware then it's worrisome for the security team and we need to run checks and take action immediately.

I would rate Palo Alto Networks AutoFocus an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Ram Balaji
Pre-sales Engineer at VFM Systems And Services
Real User
Top 5
Easy to install with a nice interface and dashboard
Pros and Cons
  • "The feature that I like best is the dashboard."
  • "I would like to have more technical documentation that contains greater detail on the types of threats that are occurring."

What is our primary use case?

We are a solution provider and this is one of the products that we implement for our clients. It makes up part of their network security, helping them to detect threats. 

How has it helped my organization?

autofocus help our customer to prioritize and identify related IOC of a threat or malicious content

What is most valuable?

The feature that I like best is the dashboard. The interface is good.

What needs improvement?

I would like to have more technical documentation that contains greater detail on the types of threats that are occurring. Examples of things that I would like more technical details about are specific malware and APTs.

This solution seems to run slowly, although I haven't used another similar solution that I can use to compare it.

For how long have I used the solution?

I have been using AutoFocus for almost a year and a half.

What do I think about the stability of the solution?

This is a stable solution.

What do I think about the scalability of the solution?

Scalability has not been an issue for us. I have two customers using this solution and there are perhaps ten people using it. These are enterprise-level businesses.

How are customer service and technical support?

I am satisfied with the technical support.

Which solution did I use previously and why did I switch?

Prior to Palo Alto AutoFocus, I did not use another solution.

How was the initial setup?

It is very easy to install and set up AutoFocus. Deploying it, including the licensing, may take an hour or two.

What about the implementation team?

As its a saas model implementation/integration is very easy.

What other advice do I have?

My advice to anybody who is considering this solution is to look at a demonstration of its use. I don't think that a proof of concept is necessary because there are not many things to evaluate. Rather, a demo should be sufficient to see if it meets the requirements.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Find out what your peers are saying about Palo Alto Networks, Recorded Future, Cisco and others in Threat Intelligence Platforms. Updated: January 2022.
564,643 professionals have used our research since 2012.
Darshil Sanghvi
Consultant at a tech services company with 501-1,000 employees
Reseller
Top 5Leaderboard
Can be easily used to sort, identify, and search for tags
Pros and Cons
  • "It integrates well with other solutions and provides good threat intelligence in terms of external threats."
  • "It is a completely cloud-based product at present."

What is our primary use case?

We have our sorting in-house. If any kind of alert has been identified, they will cross-check with the feed in AutoFocus. They will do the correlation, manual correlation, in the case of a known feed or known intelligence. So, they will identify whether any malicious activity is going on through the AutoFocus portal.

What is most valuable?

I've found the correlation itself to be valuable, not the filter or data feed from the Palo Alto firewall or Palo Alto Networks products, which has a feed or intel from Windows, which has feeds from Symantec and many other security products.

They have their own Unix team who do the research, and they list and give us a specific tag. For example, let's say there is a ransomware attack that's still happening in India, and the source country is or the source attackers are from Russia. They will create a specific hashtag, and we can search for the hashtag. So, it is very easy and playful to sort, identify, and search for the tags.

We have had no issues with stability.

What needs improvement?

It must be on-premises as well; it must have a server on-premises. It is a completely cloud-based product at present.

For how long have I used the solution?

I've been using Palo Alto Networks AutoFocus for more than 12 months.

What do I think about the stability of the solution?

It is stable, and we have never faced any downtime or issues with stability.

What do I think about the scalability of the solution?

We have around six users who access Palo Alto Networks AutoFocus.

How was the initial setup?

The initial setup was straightforward.

What other advice do I have?

It integrates well with other solutions and provides good threat intelligence in terms of external threats. I would rate Palo Alto Networks AutoFocus at eight on a scale from one to ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Buyer's Guide
Download our free Threat Intelligence Platforms Report and find out what your peers are saying about Palo Alto Networks, Recorded Future, Cisco, and more!