Okay, so you found the 6 little Malware icons in the email we sent or Social Media post and now you're wondering: Where was
the malware and did my systems catch it?
Well if it was in the email, it was the "view in browser link". In the social media feed it was the google minifed link, and if you missed it well here is the link here: WildFire Test File
The best test for your malware defense is to see if you can stop all three: through your email, through web via hyperlink (this blog post) or by USB (after download). Using PAN Firewalls, Traps Agents or IntelliGO NAC.
- Adam Mansour, CTO IntelliGO Networks
How do you know if you caught it?
To check out if you caught it, the easiest way is using the automatic IOC detection in IntelliGO for your devices under Dashboard->Devices->IOC Detection.
Don't have IntelliGO? Well (Shameless Plug)
Try it out with a Proof of Concept or Request Demo
Have Palo Alto Next Generation Firewalls? Find it on your Firewall search for your name around the time you downloaded the file
For extra credit, your malware prevention (Traps) should also be able to detect and prevent it.
What if you Missed it?
Don't panic, the test file is for Palo Alto Networks Firewalls, there are others we can share with you if you don't have that. If only detected one scenario you can maximize prevention with IntelliGO and Palo Alto NGFWs/Traps Endpoint by doing the following:
1. Integrated User-ID will make sure users are identified to help find the infection quickly across all platforms.
2. With IntelliGO deploying SSL keys to the Browsers and OS you can Decrypt Traffic prevent or identify zero-day malware.
3. Indidcator of Compromise Detection: By synchronizing WildFire and IntelliGO you can detect IOCs on workstations and servers and limiting network access for the infected device.
4. Automatic Coordination Configuration. If you are simply missing the configuration in one appliance check out our video for the secure configuration Video Here Or have one of our PCNSE/IntelliGO Certified Staff help you configure it.
5. Test again. :) Oh, and Happy Holidays from IntelliGO Networks!