Endpoints secured, everywhere

Traps™ advanced endpoint protection stops threats on the endpoint and coordinates enforcement with cloud and network security to prevent successful cyberattacks.

Newly released NSS Labs report recommends Traps

In the new 2018 Advanced Endpoint Protection Test Report from NSS Labs, Traps received a Recommended rating – the highest rating NSS Labs offers. NSS Labs tested a variety of advanced endpoint protection products against a variety of malware, exploits, blended threats and evasions. Traps blocked 100% of evasions and exploits with zero false positives. These results – and the recommendation – validate the power of Traps and its prevention-first approach. Watch this short video to learn more.

Download NSS Labs Report

Stop endpoint attacks before they get started

An attacker must complete a sequence of events to steal information or run ransomware. And nearly every attack relies on compromising an endpoint. Traps disrupts an attack before it can infect an endpoint. By combining multiple methods of prevention, Traps stands apart in its ability to protect endpoints. It blocks security breaches and successful ransomware attacks that leverage malware and exploits, known or unknown, before they can compromise endpoints.

Learn more

Comprehensive Endpoint Security

  • Stops malware, exploits and ransomware before they can compromise endpoints.
  • Provides protection while endpoints are online and offline, on network and off.
  • Coordinates enforcement with network and cloud security to prevent successful attacks.
  • Detects threats and automates containment to minimize impact.
  • Includes WildFire® cloud-based threat analysis service with your Traps subscription.
  • Integrates with the Palo Alto Networks® Security Operating Platform.

Minimize endpoint infections

Effective prevention from malware, exploits and ransomware requires an approach that protects against all three. Traps puts multiple methods of protection at critical phases of an attack lifecycle to prevent the execution of malicious programs and stop the exploitation of legitimate applications.

Read More

Coordinate enforcement

As an integral part of the Palo Alto Networks Next-Generation Security Platform, Traps continuously exchanges data with WildFire and the Palo Alto Networks Logging Service to help organizations coordinate and automate enforcement across their entire security ecosystem – including endpoints, networks and clouds.

Read More

Detect threats, automate containment

Traps leverages the Palo Alto Networks Logging Service to correlate endpoint and network indicators. It automatically isolates infected endpoints, prevents malicious use and mitigates the risk of cyber breaches. To assist in incident response or meet compliance requirements, Traps can periodically scan endpoints to help identify and neutralize dormant threats.

Read More

Automatically Convert Threat Intelligence Into Prevention


Traps continuously exchanges threat intelligence with the WildFire® threat analysis service, with more than 23,000 enterprise, government and service provider customers contributing to the collective immunity of all other users. Traps uses this intelligence to automatically reprogram itself to prevent malware on the endpoint, in the network or in a SaaS application. This all but eliminates the opportunity for an attacker to use unknown and advanced malware to infect a system.

Easy, efficient management


Simple cloud-based management

With the Traps management service, a cloud-based endpoint security service, you save the time and cost of having to build out your own global security infrastructure. Deployment is simple and fast, requiring no server licenses, databases or other infrastructure to get started.


Intuitive user experience

Traps provides an intuitive interface that makes it easy to manage policies and events, and accelerate incident response – helping to minimize the operational challenges associated with protecting your endpoints. From the Traps management service web console, you can manage the endpoint security policy, review security events as they occur, and perform additional analysis of associated logs.


Lightweight, non-disruptive agent

The Traps agent enforces your security policy on the endpoint and reports when it detects a threat. The Traps endpoint agent consists of various drivers and services yet requires minimal memory and CPU usage to ensure a non-disruptive user experience. Following its deployment, system administrators have complete control over all Traps agents in the environment through the Traps management service.