Get a Demo

Palo Alto Networks + D3 Smart SOAR

Automate Across the PAN Application Framework

Smart SOAR integrates with the Palo Alto Networks Application Framework so that you can orchestrate response workflows that include threat intelligence enrichment, malware analysis, and firewall blacklists—all from a single dashboard. 

Automate dozens of actions across PAN tools

Three feature-rich integrations

Increase the quality of investigations

Get the D3 Integrations Guide

Expert-Built and Maintained Integrations

D3’s integration team takes the burden of coding, troubleshooting, and updating integrations off your hands. Our deep research into integrated technologies has produced important integrations with several PAN tools, including:

  • Palo Alto Networks Firewall: Orchestrate 20+ firewall actions to quickly respond to threats and block attackers.
  • Palo Alto Networks Autofocus: Enrich incidents by searching across Autofocus threat intelligence.
  • Palo Alto Networks WildFire: Automate reputation checks and file detonation, and ingest the reports into the incident workflow.
Flowchart depicting the integration process between Palo Alto Networks and D3 Security's Smart SOAR

Use CAse

Automated Incident Response

Integrating Smart SOAR with your Palo Alto Networks tools enables you to enrich alerts with valuable contextual data, including Autofocus threat intelligence and MITRE ATT&CK matrix correlations, to inform decisions and determine the next steps. Smart SOAR can then trigger a response playbook that orchestrates tasks across your security infrastructure, such as blocking malicious IPs, URLs, and applications across your network and firewall. 

  • Eliminate manual triage and response tasks
  • Reduce MTTR from hours to seconds
  • Full-lifecycle playbooks for network threats

Use Case

Potential Phishing Incident Analysis

With Smart SOAR’s integration with PAN tools, when a phishing attempt is reported to the SOC, it triggers an automated phishing playbook in Smart SOAR that parses out the elements of the email, including the potentially malicious attached file. The file is then uploaded to Wildfire for analysis and risk scoring. If it is confirmed as a genuine incident, Smart SOAR can then orchestrate the appropriate actions in other Palo Alto tools. 

  • Automatically update network and firewall rules based on the results of the investigation
  • Detonate suspicious files in Wildfire’s sandbox
  • Correlate IOCs against Autofocus intelligence

Why Smart SOAR?

Joint users of Palo Alto Networks tools and D3 Smart SOAR don’t just get automated incident response and malware analysis, they also get the countless other features that make Smart SOAR the leading independent SOAR solution, including:

Expert-built codeless integrations across the stack

Tier 1–3 automation, based on deep research into the capabilities of common tools

The Event Pipeline, which reduces alert volume by up to 98%

Cross-dimension correlation, which acts across tools, timeframes, TTPs, and artifacts

Palo Alto Networks Integrations: Summary

Key Details
Three feature-rich integrations
Developed and maintained by D3
Drag integration into visual playbooks
Test integration from playbook
Automated network security remediation actions

Integrations Done the Right Way

An unlimited number of pre-built integrations, expertly maintained by the largest technical team in security automation. Thoroughly researched, tested and built—and delivered for free. Always.

See All Integrations