https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/trapsd-log-contains-allowed-files-in-restriction-profile/m-p/501426#M2137 <P>It is normal in the fact that this how it's done currently, but now is it secure to do this, no it isn't. Try to raise it through a support ticket, I guess the more that raise those kind of issues the more chance there is for Palo Alto to fix it.</P> Tue, 07 Jun 2022 17:42:22 GMT Luc_Desaulniers 2022-06-07T17:42:22Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/trapsd-log-contains-allowed-files-in-restriction-profile/m-p/501321#M2133 <P>Is it normal behavior that the trapsd.log file contains the list of allowed files in my restriction profile.</P><P>Since this is only names of files and not hashes, an attacker could take advantage of this list</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="NathanBradley_0-1654614988465.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/41642iDCD48B94AD8DCE7A/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="NathanBradley_0-1654614988465.png" alt="NathanBradley_0-1654614988465.png" /></span></P><P>&nbsp;</P> Tue, 07 Jun 2022 15:16:58 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/trapsd-log-contains-allowed-files-in-restriction-profile/m-p/501321#M2133 NathanBradley 2022-06-07T15:16:58Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/trapsd-log-contains-allowed-files-in-restriction-profile/m-p/501426#M2137 <P>It is normal in the fact that this how it's done currently, but now is it secure to do this, no it isn't. Try to raise it through a support ticket, I guess the more that raise those kind of issues the more chance there is for Palo Alto to fix it.</P> Tue, 07 Jun 2022 17:42:22 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/trapsd-log-contains-allowed-files-in-restriction-profile/m-p/501426#M2137 Luc_Desaulniers 2022-06-07T17:42:22Z