Our recent enhancements to Traps have focused on reinforcing prevention capabilities and introducing innovative techniques for protecting against malware, exploits and ransomware. At the same time, our team has also been focused on transforming Traps into a cloud-delivered advanced endpoint protection service.
Today, we are excited to announce Traps 5.0, the most significant release for Traps to date.
Let’s take a look at what’s included in the Traps 5.0 release.
Traps Management Service
The multi-region, cloud-based Traps management service saves organizations from having to invest in building out their own global security infrastructures and ties into Palo Alto Networks Next-Generation Security Platform for additional integration and value. The service is simple to deploy and requires no server licenses, databases or other infrastructure to get started, enabling organizations to protect hundreds to millions of endpoints without incurring additional operating costs.
Palo Alto Networks Logging Service Integration
Integration into the Palo Alto Networks Logging Service allows more effective event management, threat hunting and incidence response, combining endpoint, network and cloud context.
The Traps management service and agents forward all logs to our Logging Service, which is viewable in the Traps management service itself. Logging Service becomes a central repository for the collection and storage of events and incident data captured by Traps, regardless of location.
Reimagined User Interface
You asked; we listened! Traps 5.0 brings a new user interface specifically designed to be more intuitive and minimize the operational challenges that are often associated with endpoint security management. This new interface delivers out-of-the-box protections that streamline the process of protecting new endpoints which come online, and key workflows that focus on policy and event management.
Some of the many capabilities delivered by the new interface include simplified workflows for creating and executing policies that follow the order of operations; sensitivity ranked alerts to enable quick and prioritized event triage; and dynamic grouping so, as new endpoints are added, policy associated with the appropriate policy group is immediately applied.
Additionally, WildFire reports are now viewable directly from security alerts within Traps. The WildFire reports contain critical event details including targeted users, application(s) that delivered the threats, URLs involved in the delivery of threats, and the behavior that was observed in WildFire dynamic analysis.
Linux rounds out the list of major OS platforms now supported by Traps, enabling customers to protect resource- and performance-sensitive cloud workloads against exploits with host-based security. With many of these Linux-based workloads moving to the cloud, the lightweight Traps agent gives you exploit protection with minimal impact on performance and system resources.
Proactive Scanning for Incident Response and Compliance
Previous versions of Traps focused on refining the ability to block malware as it attempted to execute. Traps 5.0 introduces the ability to periodically scan endpoints for dormant malware. If a malicious file is identified, Traps can automatically quarantine the file, ensuring it does not detonate and potentially infect the endpoint and spread to other endpoints.
To learn more about Traps 5.0: