A Decade of Showing Up Greetings Everyone! Over the last ten years, this community has becom...
Explore why monitoring the Terraform ecosystem (registry, providers, APIs) is essential in orchestra...
The Cloud-Delivered Security Service Edge: The Monthly Newsletter for Security That Never Sleeps ...
AI Canvas is your no-code platform for data exploration in Strata Cloud Manager. This essential guid...
In this episode of Threat Vector, host David Moulton, Senior Director of Thought Leadership for U...
In this episode of Threat Vector, host David Moulton, Senior Director of Thought Leadership for U...
AI traffic surged $\text{300\%}$, making the broad "Artificial Intelligence" URL category obsolete a...
We're excited to announce full Web Proxy support on the high-performance PA-5450 Next-Generation Fir...
Malware evolution is now fueled by LLMs, bypassing manual security. We're introducing Code Gene, a r...
Hi Team, This is bit silly question, but i would like to get an expert advice here. I am part of risk assessment team and i was reviewing hostfirewall rules and configuration details and i see the below weird rule set. Is this even really secure configuration..? * We have allowed only approved ports and legitimate application traffic rule. * Rul...
want to know how you guys deal with low severity alerts.. do you monitor/analyze them or only focus on incidents with medium/high/critical severity? do you run any playbook automation against these low sev alerts? are there any best practices from PAN around handling of low severity alerts? i cannot seem to find any. thanks in adv
We have the Trend Micro agent installed on the endpoints, and it is running smoothly. However, the application is still being identified as "ssl", even though the packet captures show the correct SNI value in the Client Hello. In the Server Hello, both the SAN and CN fields contain multiple wildcard entries ending with *.trendmicro.com. The URL...
Microsoft Teams e911 calling does not display the location when connected to Global Protect. We have split tunneled the Microsoft Teams subnets (i.e. 52.112.0.0/14, 52.122.0.0/15, 52.238.119.141/32, 52.244.160.207/32) as per the Microsoft 365 URLs and IP address ranges (https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-addre...
Hi,Could you provide an XQL query to detect password spraying, specifically when the same IP address attempts logins on multiple AD accounts?Thank you.
Hi Everyone, We are currently experiencing an issue where WhatsApp on iOS devices is unable to connect, while Android devices and laptops work without any problems. After some investigation and troubleshooting, we found that even after allowing all WhatsApp applications along with their dependencies (including SSL and web-browsing), the issu...
What are the Latency / Bandwidth Requirements for HA1 interfaces links between 2 HA members? I saw a similar discussion here, but there is no actual answer in it https://live.paloaltonetworks.com/t5/general-topics/high-availability-bandwidth-latency-requirements/m-p/71357 There is another related article: Next-Generation Firewall :HA Timers,...
Hi everyone, on Cortex XDR 4 ,we can build small playbooks, and one of the available actions is AD Query.My question is: what is required to configure this integration? I see that the integration asks for the IP address, domain user, and other parameters, but if the Active Directory is on-premises, how does Cortex XDR establish the connection?Wh...
Hi, someone have Cortex XDR 4? i my case, i've adopted some playbooks, and all playbooks have problems with configuration. Configuration using old json values (context values), for example:incident.id and correct is issue.id etc etc
So if I understand correctly, the new certifications are technically still the PCNSA/PCNSE. Just broken down into different categories. If this is the case would any existing materials and courses from say CBT Nuggets still be relevant learning materials for the exam?
A Decade of Showing Up Greetings Everyone! Over the last ten years, this community has become a place people rely on every day. Whether they’re troubleshooting something urgent, sharing hard-earned experience, or helping someone avoid hours of trial and error. What’s kept LIVEcommunity moving forward isn’t marketing or big campaigns. It’s...
Hi All, we have had a large amount of the following alerts via this filename. We think it could be related to a Microsoft update. Has anyone else seen this? Virus/Win32.WGeneric.esuykr(752144200) via filename=msvcp140_2_app.dll
I'm trying to forward my NGFW logs that are stored in Strata Logging Service to our SIEM, Microsoft Sentinel. This setup is documented in PAN docs linked here: https://docs.paloaltonetworks.com/prisma-access/integration/microsoft-integrations-with-prisma-access/set-up-https-log-forwarding-to-microsoft-sentinel The issue we are running into ...
Hi All,What is the effect of restarting device server on Data traffic?and also what is the difference between device server and management server? what is the effect in both ?Regards,Gururaj
This blog was written by Sabitha Muppuri (Sr Staff Site Reliability Engineer) The Critical Need for Vendor Tool Health Monitoring in Orchestration Environments In today's highly orchestrated and autoscaling cloud environments, vendor tool health plays an important role in maintaining application stability and performance. This blog entry wil...
This blog was written by Sabitha Muppuri (Sr Staff Site Reliability Engineer) The Critical Need for Vendor Tool Health Monitoring in Orchestration Environments In today's highly orchestrated and autos...
The Cloud-Delivered Security Service Edge: The Monthly Newsletter for Security That Never Sleeps Welcome to the November 2025 edition of the Cloud-Delivered Security Services (CDSS) Newsletter The Clo...
A Decade of Showing Up Greetings Everyone! Over the last ten years, this community has become a place people rely on every day. Whether they’re troubleshooting something urgent, sharing hard-earned ex...
Author: @vangupta What is AI Canvas? AI Canvas is your no-code data exploration platform within Strata Cloud Manager. It revolutionizes how you interact with your security data, empowering you to ask ...
