Increasingly sophisticated cyberattacks are giving security professionals bigger fish to fry than malware minnows on the network firewall. Early detection and automated blocking can free them up to fight tougher battles if and when they arise, according to Terry Ramos (pictured), vice president of business development at Palo Alto Networks Inc.

“A simple piece of malware? They shouldn’t be having to look at that. That should be automatically stopped, prevented,” Ramos said.

Automatic prevention technology like that in Palo Alto Networks’ WildFire cloud-based threat analysis service puts out fires where possible. It is capable of preventing zero-day exploits for which there is no existing security patch, Ramos explained. When a new malware or exploit shows up, WildFire automatically creates and shares a prevention control in approximately five minutes with no human help.

Palo Alto Networks also partners with Splunk Inc. to render intelligent analysis of more complex threat types. Ramos spoke about the companies’ synergy with Dave Vellante (@dvellante) and John Walls (@JohnWalls21), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Splunk .conf2017 event in Washington, D.C. (* Disclosure below.)

Red-alert ready

“We’re the number one downloaded app for Splunk by far that’s a third party,” Ramos said. The app in question is the Palo Alto Networks app for Splunk available in the Splunkbase arsenal of apps and add-ons.

Palo Alto Networks was doing adaptive response security before it was called adaptive response, according to Ramos. Its collaboration with Splunk enhances this approach, bringing together the data visibility in Palo Alto Networks’ security platform and Splunk’s broad investigative and visual tools for in-depth security reporting and analysis.

“You see something in Splunk, you can actually take action back to a firewall to actually block something, quarantine something, anything like that. I’d be a liar if I said you can prevent everything — it’s just not possible,” Ramos said.

Early detection, however, can make what might be a devastating attack more manageable in the long run, he concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of Splunk .conf2017. (* Disclosure: Splunk Inc. sponsored this segment of theCUBE. Neither Splunk nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE