article February 2023 Rewind: LIVEcommunity Highlights in News

article February 2023 Rewind: LIVEcommunity Highlights in News https://live.paloaltonetworks.com/t5/news/february-2023-rewind-livecommunity-highlights/ta-p/532515 <P><SPAN><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="february-rewind-2023.jpg" style="width: 960px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/48242i27AB91A052B0F64B/image-size/large?v=v2&px=999" role="button" title="february-rewind-2023.jpg" alt="february-rewind-2023.jpg" /></span></SPAN></P> <P> </P> <P><SPAN>Welcome to our February 2023 Rewind, where we review some of LIVEcommunity’s biggest headlines from the past month!</SPAN></P> <P> </P> <P><SPAN>In February, LIVEcommunity was busy sharing Palo Alto Networks’ Zero Trust OT Security announcement, an addition to our Member Testimonial series, playbooks for fighting cryptojacking, and more! </SPAN></P> <P> </P> <H2><FONT color="#FF6600"><STRONG><A id="link_6" class="page-link lia-link-navigation lia-custom-event" href="https://live.paloaltonetworks.com/t5/member-testimonials/livecommunity-member-testimonial-steve-cantwell/ba-p/532198" target="_blank" rel="noopener">LIVEcommunity Member Testimonial: Steve Cantwell</A></STRONG></FONT></H2> <P> </P> <P><FONT color="#FF6600"><STRONG><div class="video-embed-center video-embed"><iframe class="embedly-embed" src="https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FGX4oHn0-oXI%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DGX4oHn0-oXI&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2FGX4oHn0-oXI%2Fhqdefault.jpg&type=text%2Fhtml&schema=youtube" width="600" height="337" scrolling="no" title="LIVEcommunity Member Testimonial: Steve Cantwell" frameborder="0" allow="autoplay; fullscreen; encrypted-media; picture-in-picture;" allowfullscreen="true"></iframe></div></STRONG></FONT></P> <P class="lia-message-template-content-zone"> </P> <P class="lia-message-template-content-zone"><FONT color="#000000">Our new <A href="https://live.paloaltonetworks.com/t5/member-testimonials/bg-p/Member-Testimonials" target="_self">Member Testimonial video series</A> invites community members from around the world to share their experience on LIVEcommunity, the importance of connecting with peers in cybersecurity, and what keeps them coming back. <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/113304">@S.Cantwell</a> has been a member of LIVEcommunity since 2019 and part of community’s Cyber Elite program — which recognizes our most committed, helpful, and knowledgeable members — since it launched in 2020. He is an involved, responsive, and thoughtful member, and we’re grateful to have him as a part of LIVEcommunity: To date, he has made 745 posts, given 191 kudos and created 95 accepted solutions!</FONT></P> <P class="lia-message-template-content-zone"> </P> <H2><A href="https://live.paloaltonetworks.com/t5/blogs/introducing-ai-ml-powered-industrial-ot-security/ba-p/532275" target="_blank" rel="noopener"><STRONG>Introducing AI/ML Powered Industrial OT Security</STRONG></A></H2> <P> </P> <P class="lia-message-template-content-zone"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="jforsythe_0-1677609637702.png" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/48238i8F2EEA9FD5694D0C/image-size/large?v=v2&px=999" role="button" title="jforsythe_0-1677609637702.png" alt="jforsythe_0-1677609637702.png" /></span></P> <DIV class="lia-message-template-content-zone"> </DIV> <DIV class="lia-message-template-content-zone"><SPAN>Cyber attacks are increasingly disrupting manufacturing production, and CXOs are realizing that their current security measures are simply not enough to cope with changes in the OT network at their production facilities. Only Palo Alto Networks provides complete Zero Trust security so you can focus on uninterrupted operations and continued modernization of your production facilities. Read more about how </SPAN><A style="font-family: inherit; background-color: #ffffff;" href="https://live.paloaltonetworks.com/t5/blogs/introducing-ai-ml-powered-industrial-ot-security/ba-p/532275" target="_blank" rel="noopener">Palo Alto Networks Industrial OT Security solution</A><SPAN> allows you to achieve unprecedented levels of protection.</SPAN> <P> </P> <H2><A href="https://live.paloaltonetworks.com/t5/blogs/xsoar-marketplace-keeping-it-simple-with-microsoft-teams-via/ba-p/531135" target="_blank" rel="noopener"><STRONG>XSOAR Marketplace: Keeping it Simple with Microsoft Teams via Webhook</STRONG></A></H2> <P> </P> <P><SPAN>The Cortex XSOAR integration with Microsoft Teams is fantastic, and includes a lot of useful functionality, but how do you schedule a message? </SPAN></P> <P> </P> <P><SPAN>That question piqued my curiosity and a quick Google search gave me what was needed: Microsoft Teams supports messages via incoming webhook, and with Cortex XSOAR Bring Your Own Integration (BYOI) capabilities, it didn’t seem like an insurmountable challenge to write a simple integration that would simply send a message. Read on to learn how to </SPAN><A href="https://live.paloaltonetworks.com/t5/blogs/xsoar-marketplace-keeping-it-simple-with-microsoft-teams-via/ba-p/531135" target="_blank" rel="noopener"><SPAN>send a message using Microsoft Teams, webhook, and XSOAR</SPAN></A><SPAN>.</SPAN></P> <P> </P> <H2><A href="https://live.paloaltonetworks.com/t5/blogs/pancast-what-topics-do-you-want-covered-share-your-ideas-with-us/ba-p/529685#:~:text=Ideas%20With%20Us!-,What%20PANCast%20Episode%20Do%20You%20Want%20to%20Learn%20About%20Next%3F%20Share%20Your%20Ideas%20With%20Us!,-Jennaqualls" target="_blank" rel="noopener"><STRONG>PANCast Is Looking for Episode Ideas!</STRONG></A></H2> <P> </P> <P><SPAN>PANCast, a Palo Alto Networks podcast that provides actionable insights to customers, is looking for ideas! </SPAN><A href="https://live.paloaltonetworks.com/t5/pancast/tkb-p/palo-alto-networks-podcasts-PANCast" target="_blank" rel="noopener"><STRONG>PANCast</STRONG></A><SPAN> provides actionable insights from cybersecurity experts to customers, helping ensure each day is more secure than the one before it.</SPAN></P> <P><SPAN> </SPAN></P> <P><SPAN>Please share what topics you'd like to hear covered, simply by clicking "Suggest an idea" via this </SPAN><A href="https://live.paloaltonetworks.com/t5/pancast-episode-ideas-submission/idb-p/PANCast-Ideas" target="_blank" rel="noopener"><STRONG>PANCast Ideas page</STRONG></A><SPAN>. You can also listen to the </SPAN><A href="https://live.paloaltonetworks.com/t5/pancast/tkb-p/palo-alto-networks-podcasts-PANCast" target="_blank" rel="noopener"><SPAN>latest PANCast episodes now</SPAN></A><SPAN>.</SPAN></P> <P> </P> <H2><STRONG><A id="link_5" class="page-link lia-link-navigation lia-custom-event" href="https://live.paloaltonetworks.com/t5/blogs/how-to-use-cortex-xdr-to-monitor-cryptojacking-malware/ba-p/531108" target="_blank" rel="noopener">How to Use Cortex XDR to Monitor Cryptojacking Malware </A></STRONG></H2> <P> </P> <P> </P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="jforsythe_1-1677609637616.png" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/48237i3843DB4392B2DECA/image-size/large?v=v2&px=999" role="button" title="jforsythe_1-1677609637616.png" alt="jforsythe_1-1677609637616.png" /></span> <P> </P> <P><SPAN>Cryptojacking — a form of cryptomining that uses unauthorized access to someone else's device and resources to mine for cryptocurrency — is officially a thing. These two blogs take a look at how Cortex can be used to combat cryptojacking malware:</SPAN></P> <UL> <LI><A href="https://live.paloaltonetworks.com/t5/blogs/playbook-of-the-week-cloud-cryptojacking-response/ba-p/531126" target="_blank" rel="noopener"><STRONG>Playbook of the Week: Cortex XSOAR Cloud Cryptojacking Response</STRONG></A></LI> <LI><A href="https://live.paloaltonetworks.com/t5/blogs/poc-cortex-xdr-and-cryptojacking/ba-p/531108" target="_blank" rel="noopener"><STRONG>PoC - Cortex XDR and Cryptojacking</STRONG></A></LI> </UL> <P> </P> <H2><A href="https://live.paloaltonetworks.com/t5/blogs/tcp-mss-adjustments-updated-february-2023/ba-p/156881" target="_blank" rel="noopener"><STRONG>TCP MSS Adjustments</STRONG></A></H2> <P> </P> <P><SPAN>The Maximum Transmission Unit (MTU) specifies the largest amount of data that can be transmitted by a protocol in one TCP segment.</SPAN><SPAN> The larger it is, the less overhead you have but the more retransmits you'll get in case of a problem. The larger frame also means increased latency due to time necessary to transmit. The smaller it is, the more overhead you'll have but less to retransmit if there is a problem. Learn more about how to manage TCP MSS adjustments in this blog.</SPAN></P> <P> </P> <H2><A href="https://live.paloaltonetworks.com/t5/blogs/cortex-xsoar-archiving-hosted-data-for-xsoar-6/ba-p/531871" target="_blank" rel="noopener"><STRONG>Cortex XSOAR: How to Archive Hosted Data for XSOAR 6</STRONG></A></H2> <P> </P> <P><SPAN>There are many benefits to being a hosted XSOAR customer, such as offloading the care and feeding of the XSOAR environment. That being the case, it does require a different process when the time comes to archive the data to prevent slow performance or running out of storage. Let's review how to archive and retrieve your data, including best practices, recommendations and FAQs for archiving. </SPAN></P> <P> </P> <H2><A href="https://live.paloaltonetworks.com/t5/blogs/playbook-of-the-week-speed-up-phishing-response-with-the-cortex/ba-p/530362" target="_blank" rel="noopener"><STRONG>Playbook of the Week: Speed Up Phishing Response with the Cortex XSOAR Deployment Wizard</STRONG></A></H2> <P> </P> <P><SPAN>Phishing is involved in almost 40% of security incidents, according to the </SPAN><A href="https://www.paloaltonetworks.com/unit42/2022-incident-response-report" target="_blank" rel="noopener"><SPAN>2022 Unit 42 Incident Response Threat Report</SPAN></A><SPAN>. Attacks that once relied on poorly written phishing emails to find victims have rapidly increased in sophistication and targeting due to the growing amount of personal information easily found on the internet.</SPAN></P> <BR /> <P><SPAN>With Cortex XSOAR, phishing responses can easily be automated and it is one of the most popular use cases for automation. The </SPAN><A href="https://cortex.marketplace.pan.dev/marketplace/details/Phishing/" target="_blank" rel="noopener"><SPAN>Phishing pack</SPAN></A><SPAN> helps organizations reduce the time spent managing phishing alerts and provides a standardized, methodical process to handle phishing.</SPAN></P> <P> </P> <H2><A href="https://live.paloaltonetworks.com/t5/blogs/tlp-update-2-0-going-softer-on-amber-and-adding-amber-strict/ba-p/530512" target="_blank" rel="noopener"><STRONG>TLP Update (2.0), Going Softer on AMBER and Adding AMBER+STRICT</STRONG></A></H2> <P> </P> <P><SPAN>The Traffic Light Protocol (TLP) can play a major role in your XSOAR instance. As you may have seen already, every Threat Intelligence Feed you can add will come with this option to be set. </SPAN><SPAN>The traffic light protocol was first developed by </SPAN><A href="https://draft.blogger.com/blog/post/edit/5635472147002872161/7188741757965164567?hl=de#" target="_blank" rel="noopener"><SPAN>first.org</SPAN></A><SPAN>, a security professional community in the area of incident response but actually mainly CERT related.</SPAN></P> <P><SPAN> </SPAN></P> <P><SPAN>As you may imagine, when CERT people come together they are keen on sharing knowledge and insights as well as the latest and most urgent events they are facing with each other. But how do you end up not over sharing information while publicly exposing that your company may or may not be affected by a certain threat actor or vulnerability? How can you make sure that your effort of investigating a certain threat gets public knowledge?</SPAN></P> <BR /> <H2><A href="https://live.paloaltonetworks.com/t5/internal-knowledge-base/autonomous-digital-experience-management-use-cases/ta-p/529050/message-revision/529050%3A1" target="_blank" rel="noopener"><STRONG>Autonomous Digital Experience Management Use-Cases</STRONG></A></H2> <P> </P> <P><SPAN>Over ninety-five percent of end users report experiencing unanticipated application downtime, which causes businesses to lose valuable productivity. Find and fix problems with the user experience using autonomous digital experience management, all before those problems have an effect on your company.</SPAN></P> <P> </P> <H2><FONT color="#000000"><STRONG>Feb ‘23 Discussion Highlight: Posts With Accepted Solutions</STRONG></FONT></H2> <P> </P> <P><SPAN>Nominated Discussions help LIVEcommunity Solutions Engineers highlight a discussion that has an </SPAN><A href="https://live.paloaltonetworks.com/t5/welcome-guide/how-to-recognize-accepted-solutions/ta-p/439722" target="_blank" rel="noopener"><SPAN>Accepted Solution</SPAN></A><SPAN>, and turn it into an article with additional helpful information, documentation, and clarity! Here are the Nominated Discussions we published this past month:</SPAN></P> <BR /> <UL> <LI style="font-weight: 400;" aria-level="1"><A href="https://live.paloaltonetworks.com/t5/general-articles/nominated-discussion-how-to-change-forward-decrypt-trust/ta-p/529594" target="_blank" rel="noopener"><SPAN>Nominated Discussion: How to Change Forward Decrypt Trust Certificate</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://live.paloaltonetworks.com/t5/general-articles/nominated-discussion-delete-all-address-objects/ta-p/530489" target="_blank" rel="noopener"><SPAN>Nominated Discussion: Delete All Address Objects</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://live.paloaltonetworks.com/t5/general-articles/nominated-discussion-how-to-add-risk-based-apps-to-a-custom/ta-p/531059" target="_blank" rel="noopener"><SPAN>Nominated Discussion: How to Add Risk Based Apps to a Custom Group</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://live.paloaltonetworks.com/t5/general-articles/nominated-discussion-qos-cleartext-match-issue/ta-p/532093" target="_blank" rel="noopener"><SPAN>Nominated Discussion: QoS Cleartext Match Issue</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://live.paloaltonetworks.com/t5/general-articles/nominated-discussion-palo-alto-integration-with-azure-sentinel/ta-p/532000" target="_blank" rel="noopener"><SPAN>Nominated Discussion: Palo Alto integration with Azure Sentinel</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://live.paloaltonetworks.com/t5/general-articles/nominated-discussion-url-filtering-in-tls-v1-3/ta-p/532455" target="_blank" rel="noopener"><SPAN>Nominated Discussion: URL Filtering in TLS v1.3</SPAN></A></LI> </UL> <BR /> <H2><FONT color="#000000"><STRONG>Content From Our Cyber Elite Experts:</STRONG></FONT></H2> <P> </P> <P><SPAN>@</SPAN><A href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/153031" target="_blank" rel="noopener"><SPAN>Nikoolayy1</SPAN></A><SPAN> is a longtime Cyber Elite expert and wrote two posts for LIVEcommunity this  past month! Nikolay is a Senior Cybersecurity Consultant who is responsible for the implementation of NGFW as the primary leader in Palo Alto firewalls, WAF systems, and DDOS/Bot protection technologies. He is an expert in Palo Alto Networks’ security solutions and his insights are well-worth a read:</SPAN></P> <P> </P> <UL> <LI><A href="https://live.paloaltonetworks.com/t5/general-articles/automating-the-palo-alto-ngfw-s-process-deamon-restarts/ta-p/529328" target="_blank" rel="noopener"><STRONG>Automating the Palo Alto NGFW's Process/Deamon Restart</STRONG></A></LI> <LI><A href="https://live.paloaltonetworks.com/t5/general-articles/advanced-wildfire-as-an-icap-alternative/ta-p/531881" target="_blank" rel="noopener"><STRONG>Advanced Wildfire as an ICAP Alternative</STRONG></A></LI> </UL> <HR /> <P><SPAN>You're now fully briefed on LIVEcommunity's February 2023 highlights!</SPAN></P> <P><SPAN> </SPAN></P> <P><STRONG><I>If this was helpful, be sure to give this blog a thumbs up. See you next month!</I></STRONG></P> </DIV> Tue, 28 Feb 2023 18:56:13 GMT jforsythe 2023-02-28T18:56:13Z February 2023 Rewind: LIVEcommunity Highlights https://live.paloaltonetworks.com/t5/news/february-2023-rewind-livecommunity-highlights/ta-p/532515 <P><SPAN>Welcome to our February 2023 Rewind, where we review some of LIVEcommunity’s biggest headlines from the past month!</SPAN></P> <P> </P> <P><SPAN><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="february-rewind-2023.jpg" style="width: 960px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/48242i27AB91A052B0F64B/image-size/large?v=v2&px=999" role="button" title="february-rewind-2023.jpg" alt="february-rewind-2023.jpg" /></span></SPAN></P> Tue, 28 Feb 2023 18:56:13 GMT https://live.paloaltonetworks.com/t5/news/february-2023-rewind-livecommunity-highlights/ta-p/532515 jforsythe 2023-02-28T18:56:13Z