Which component scans for threats in allowed traffic?

Security profiles are the components that scan for threats in allowed traffic. Security profiles are sets of rules or settings that define how the firewall will inspect and handle traffic based on various threat prevention technologies, such as antivirus, anti-spyware, vulnerability protection, URL filtering, file blocking, data filtering, and WildFire analysis. Security profiles can be applied to Security policy rules to enforce granular protection against known and unknown threats in allowed traffic. Intelligent Traffic Offload, TLS decryption, and NAT are not components that scan for threats in allowed traffic, but they are related features that can enhance security and performance. References: Palo Alto Networks Certified Software Firewall Engineer (PCSFE), [Security Profiles Overview], [Threat Prevention Datasheet]