article October 2022 Rewind: Here's What You Missed on LIVEcommunity in News

article October 2022 Rewind: Here's What You Missed on LIVEcommunity in News https://live.paloaltonetworks.com/t5/news/october-2022-rewind-here-s-what-you-missed-on-livecommunity/ta-p/518957 <DIV class="lia-message-template-content-zone"> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="October 2022 LIVEcommunity Rewind" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/44909i4960D9B211D4C180/image-size/large?v=v2&px=999" role="button" title="Screen Shot 2022-10-26 at 10.28.42 PM.png" alt="October 2022 LIVEcommunity Rewind" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">October 2022 LIVEcommunity Rewind</span></span></P> <P> </P> <P><SPAN>Welcome to our October 2022 Rewind, where we review some of LIVEcommunity’s biggest headlines from the past month!</SPAN></P> <P> </P> <P><SPAN>In October, we recap new episodes of PANCast, a Palo Alto Networks podcast; Cortex XSIAM, Palo Alto Networks’ new autonomous platform powering the modern SOC; new webinars and more! Read on to learn about LIVEcommunity’s October 2022 highlights.</SPAN></P> <P> </P> <H2><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/blogs/xsiam-has-arrived-to-revolutionize-the-soc/ba-p/517529" target="_blank" rel="noopener"><STRONG><FONT color="#FF6600">XSIAM Has Arrived to Revolutionize the SOC</FONT></STRONG></A></FONT></H2> <P> </P> <A href="https://start.paloaltonetworks.com/the-modern-soc-reimagined#Register" target="_self"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="jforsythe_2-1666886103206.jpeg" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/44947i1C15E9A0C4AF8D41/image-size/large?v=v2&px=999" role="button" title="jforsythe_2-1666886103206.jpeg" alt="jforsythe_2-1666886103206.jpeg" /></span></A> <P> </P> <P><SPAN>We believe that the only way a SOC platform can operate at today’s scale is to completely rebuild from the ground up. So we’ve done exactly that with XSIAM, the autonomous security operations platform designed to enable all customers to achieve the outcomes Palo Alto Networks does in our own SOC. How? It all comes down to data that drives analytics, automation and proactivity. Read more about it in the blog from Lee Klarich, Palo Alto Networks Chief Product Officer, “</SPAN><A href="https://live.paloaltonetworks.com/t5/blogs/xsiam-has-arrived-to-revolutionize-the-soc/ba-p/517529" target="_blank" rel="noopener"><SPAN>XSIAM Has Arrived to Revolutionize the SOC</SPAN></A><SPAN>.”</SPAN></P> <P> </P> <H5 class="lia-align-center"><STRONG>Register now for the </STRONG><A href="https://start.paloaltonetworks.com/the-modern-soc-reimagined#Register" target="_blank" rel="noopener"><STRONG>The Modern SOC, Reimagined</STRONG></A>, a virtual event happening November 2, 2022<STRONG>.</STRONG></H5> <P> </P> <H2><FONT color="#FF6600"><STRONG>New Episodes of PANCast, a Palo Alto Networks Podcast</STRONG></FONT></H2> <P> </P> <P><FONT color="#FF6600"><STRONG><div class="video-embed-center video-embed"><iframe class="embedly-embed" src="https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FC8Y3BSnUiK0%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DC8Y3BSnUiK0&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2FC8Y3BSnUiK0%2Fhqdefault.jpg&type=text%2Fhtml&schema=youtube" width="600" height="337" scrolling="no" title="PANCast Episode 2: How Does GlobalProtect Split Tunneling Work?" frameborder="0" allow="autoplay; fullscreen; encrypted-media; picture-in-picture;" allowfullscreen="true"></iframe></div></STRONG></FONT></P> <P> </P> <P><SPAN>Have you listened to </SPAN><A href="https://live.paloaltonetworks.com/t5/pancast/tkb-p/palo-alto-networks-podcasts-PANCast" target="_blank" rel="noopener"><SPAN>PANCast</SPAN></A><SPAN> yet? This new Palo Alto Networks podcast provides actionable insights from cybersecurity experts to customers; episodes will cover a range of Palo Alto Networks products, offering valuable tips and key information for a successful adoption journey. Check out the newest episodes from </SPAN><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/53844">@jarena</a>: </P> <P> </P> <P><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/pancast/pancast-episode-2-how-does-globalprotect-split-tunneling-work/ta-p/516866" target="_blank" rel="noopener"><SPAN>PANCast Episode 2: How Does GlobalProtect Split Tunneling Work?</SPAN></A></FONT></P> <P><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/pancast/pancast-episode-3-url-filtering-allowing-and-blocking-the-right/ta-p/518607" target="_blank" rel="noopener"><SPAN>PANCast Episode 3: URL Filtering — Allowing and Blocking the Right Traffic</SPAN></A></FONT></P> <P> </P> <H2><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/blogs/playbook-of-the-week-teaching-xsoar-a-few-new-tricks-with-slack/ba-p/518946" target="_blank" rel="noopener"><STRONG><FONT color="#FF6600">Playbook of the Week: Teaching XSOAR a Few New Tricks with Slack Blocks</FONT></STRONG></A></FONT></H2> <P> </P> <P><SPAN>In most cases, SlackAsk does not provide enough information suitable for analyst investigations, as it focuses mainly on binary “yes/no” questions. It has become fairly common for SOC engineers to use the </SPAN><A href="https://xsoar.pan.dev/marketplace/details/Slack#new-slackblockbuilder" target="_blank" rel="noopener"><SPAN>SlackV3</SPAN></A><SPAN> content pack purely as a notification utility, but you shouldn’t have to be a Slack power user to utilize all that Slack blocks are capable of providing. </SPAN></P> <P> </P> <P><SPAN>The </SPAN><A href="https://xsoar.pan.dev/marketplace/details/Slack#what-does-this-pack-do" target="_blank" rel="noopener"><SPAN>Slack V3 content pack</SPAN></A><SPAN> allows you to interact with the Slack API by collecting logs and sending messages and notifications to your Slack team. It integrates with Slack's services to investigate failed login events and execute, create, read, update, and delete operations for employee lifecycle processes.</SPAN></P> <P> </P> <H2><FONT color="#FF6600"><STRONG><SPAN data-sheets-value="{"1":2,"2":"New AIOps Feature: On-Demand BPA"}" data-sheets-userformat="{"2":31555,"3":{"1":0},"4":{"1":2,"2":14277081},"9":0,"11":4,"12":0,"14":{"1":2,"2":10921496},"15":"Montserrat","16":12,"17":1}" data-sheets-hyperlink="https://live.paloaltonetworks.com/t5/blogs/new-aiops-feature-on-demand-bpa/ba-p/518810"><A class="in-cell-link" href="https://live.paloaltonetworks.com/t5/blogs/new-aiops-feature-on-demand-bpa/ba-p/518810" target="_blank" rel="noopener"><FONT color="#FF6600">New AIOps Feature: On-Demand BPA</FONT></A></SPAN></STRONG></FONT></H2> <P> </P> <P><SPAN>You can now run a best practice assessment (BPA) directly in AIOps for NGFW by uploading a Tech Support File (TSF). Now, you can <A href="https://docs.paloaltonetworks.com/aiops/aiops-for-ngfw/security-posture/on-demand-bpa-report/generating-on-demand-bpa-report" target="_blank" rel="noopener nofollow noreferrer">generate an on-demand BPA report</A> for devices that are not sending telemetry data or are not onboarded to AIOps (e.g. PAN-OS 9.1 devices), as well as devices that are onboarded to <A id="hoverCardLink" class="lia-link-navigation lia-product-hover-card-link lia-product-mention lia-tooltip-trigger" href="https://live.paloaltonetworks.com/t5/c-twzvq79624/AIOps+for+NGFW/pd-p/AIOps-for-NGFW" target="_blank" rel="noopener">AIOps for NGFW</A> with telemetry enabled.</SPAN></P> <P> </P> <H2><FONT color="#FF6600"><STRONG>Cortex XDR How-to Videos</STRONG></FONT></H2> <P><div class="video-embed-center video-embed"><iframe class="embedly-embed" src="https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fh9ZdoIizfuE%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Dh9ZdoIizfuE&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2Fh9ZdoIizfuE%2Fhqdefault.jpg&type=text%2Fhtml&schema=youtube" width="600" height="337" scrolling="no" title="Cortex XDR How-To Video: Endpoint Administration Cleanup" frameborder="0" allow="autoplay; fullscreen; encrypted-media; picture-in-picture;" allowfullscreen="true"></iframe></div></P> <P>Learn about a common use case for Endpoint Administration Cleanup, how Cortex XDR can ingest Windows DHCP logs to discover additional network devices; and how to use object data from Active Directory to create endpoint groups which can be used for policy targeting in the latest Cortex XDR how-to videos!</P> <P> </P> <P><A href="https://live.paloaltonetworks.com/t5/cortex-xdr-how-to-videos/cortex-xdr-how-to-video-endpoint-group/ta-p/513765" target="_blank" rel="noopener"><SPAN>Cortex XDR How-To Video: Endpoint Group</SPAN></A></P> <P><A href="https://live.paloaltonetworks.com/t5/cortex-xdr-how-to-videos/cortex-xdr-how-to-video-configure-cloud-identity-agent/ta-p/513622" target="_self">Cortex XDR How-To Video: Configure Cloud Identity Agent</A></P> <P><A href="https://live.paloaltonetworks.com/t5/cortex-xdr-how-to-videos/cortex-xdr-how-to-video-windows-dhcp-log-ingestion/ta-p/514078" target="_blank" rel="noopener"><SPAN>Cortex XDR How-To Video: Windows DHCP Log Ingestion</SPAN></A></P> <P> </P> <H2><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/blogs/blogworkflowpage/blog-id/CommunityBlog/article-id/2533?prePageCrumb=BlogDashboardPage" target="_blank" rel="noopener"><STRONG><FONT color="#FF6600">What's New: IoT Security, October '22 Update</FONT></STRONG></A></FONT></H2> <P> </P> <P><SPAN>In the October what’s in IoT Security update, we learned about a new third-party integration with BlueCat IPAM — which expands visibility into the structure and organization of the IP address—improvements to appearance and behavior, and a new </SPAN><A href="https://rhisac.org/press-release/intelligence-trends-summary-2022/" target="_blank" rel="noopener"><SPAN>report from RHISAC</SPAN></A><SPAN> on the latest cyber threats from the retail, hospitality, and travel sectors. </SPAN></P> <P> </P> <H2><FONT color="#FF6600"><STRONG>Two New Posts Written By Cyber Elite Expert @</STRONG><A href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/153031" target="_blank" rel="noopener"><STRONG>Nikoolayy1</STRONG></A></FONT></H2> <P> </P> <P><SPAN>Cyber Elite Expert @</SPAN><A href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/153031" target="_blank" rel="noopener"><SPAN>Nikoolayy1</SPAN></A><SPAN> wrote two super-helpful posts for LIVEcommunity this month! Check ‘em out:</SPAN></P> <P> </P> <P><FONT color="#FF6600"><STRONG><A href="https://live.paloaltonetworks.com/t5/blogs/ocr-for-enterprise-dlp-and-saas-security-api/ba-p/515593" target="_blank" rel="noopener">OCR for Enterprise DLP and SaaS Security API</A> </STRONG></FONT></P> <P><SPAN>Optical Character Recognition or Optical Character reader (OCR), which is the electronic or mechanical conversion of images of typed, handwritten or printed text into machine-encoded text. This new feature is configured in Enterprise DLP cloud portal and functions for Prisma Access or on-prem firewalls with the Panorama Plug-in. </SPAN></P> <P> </P> <P><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/general-articles/xdr-isolation-exceptions-and-exclusions-use-case/ta-p/515583" target="_blank" rel="noopener"><SPAN><STRONG>XDR Isolation Exceptions and Exclusions Use Case</STRONG></SPAN></A></FONT></P> <P><SPAN>When you isolate an endpoint, you halt all endpoint network access — except for traffic to </SPAN><SPAN>#Cortex XDR</SPAN><SPAN>. This can prevent a compromised endpoint from communicating with other endpoints, which reduces an attacker’s mobility. But traffic to </SPAN><A href="https://live.paloaltonetworks.com/t5/c-twzvq79624/Cortex+XDR/pd-p/Cortex_XDR" target="_blank" rel="noopener"><SPAN>Cortex XDR</SPAN></A><SPAN> can be halted while still ensuring communication to Cortex XDR is always allowed.</SPAN></P> <P> </P> <H2><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/blogs/tips-amp-tricks-how-to-get-updates-from-the-internet-without/ba-p/517581" target="_blank" rel="noopener"><STRONG><FONT color="#FF6600">Tips & Tricks: How to Get Updates From the Internet Without Internet Access</FONT></STRONG></A></FONT></H2> <P> </P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="jforsythe_3-1666886165136.png" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/44948iA8D7D99B6F20C05C/image-size/large?v=v2&px=999" role="button" title="jforsythe_3-1666886165136.png" alt="jforsythe_3-1666886165136.png" /></span> <P> </P> <P> </P> <P><SPAN>Did you know that you can avoid messy work-arounds for not having internet access with Service Routes. This cool feature makes certain services use a dataplane interface (instead of the management interface). Special shoutout to Cyber Elite </SPAN><A href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/7608" target="_blank" rel="noopener"><SPAN>@reaper</SPAN></A><SPAN> for his contribution to this blog! </SPAN></P> <P> </P> <H2><FONT color="#FF6600"><STRONG><A id="link_5" class="page-link lia-link-navigation lia-custom-event" href="https://live.paloaltonetworks.com/t5/blogs/october-2022-livecommunity-member-spotlight-layer-8/ba-p/519321" target="_blank" rel="noopener"><FONT color="#FF6600">October 2022 LIVEcommunity Member Spotlight: @LAYER_8</FONT></A></STRONG></FONT></H2> <P> </P> <P>For the October 2022 Member Spotlight, we’d like to applaud one of our community members,<SPAN> </SPAN><STRONG><A href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/160615" target="_blank" rel="noopener">@LAYER_8</A></STRONG>, for their participation and engagement in the LIVEcommunity! </P> <P> </P> <P><SPAN>Since joining the community in July 2014, they have written </SPAN><STRONG>293 posts</STRONG><SPAN>, received </SPAN><STRONG>79 likes</STRONG><SPAN>, and authored </SPAN><STRONG>32 solutions</STRONG><SPAN> (and counting). Thank you for your contribution and participation in the community <A href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/160615" target="_blank" rel="noopener">@LAYER_8</A>!</SPAN></P> <P> </P> <H2><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/blogs/vm-series-virtual-firewalls-integrate-with-azure-gateway-load/ba-p/518169" target="_blank" rel="noopener"><STRONG><FONT color="#FF6600">VM-Series Virtual Firewalls Integrate with Azure Gateway Load Balancer</FONT></STRONG></A></FONT></H2> <P> </P> <P><SPAN>Palo Alto Networks is pleased to announce the General Availability of integration of </SPAN><A href="https://www.paloaltonetworks.com/prisma/vm-series" target="_blank" rel="noopener"><SPAN>VM-Series virtual firewalls</SPAN></A><SPAN> with </SPAN><A href="http://aka.ms/gatewaylb" target="_blank" rel="noopener"><SPAN>Microsoft Azure Gateway Load Balancer</SPAN></A><SPAN>. This integration has been designed to efficiently augment native Microsoft Azure network security capabilities with next-generation threat protection — so customers can more easily attain greater performance and scalability. </SPAN></P> <P> </P> <H2><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/blogs/tips-amp-tricks-block-high-risk-apps-with-application-filters/ba-p/517730" target="_blank" rel="noopener"><STRONG><FONT color="#FF6600">Tips & Tricks: Block High-Risk Apps with Application Filters</FONT></STRONG></A></FONT></H2> <P><SPAN> </SPAN></P> <P><SPAN>Often overlooked, Application Filter objects can be a useful tool for administrators to streamline the security policy rulebase. An Application Filter is a dynamic object that can be created based on administrator-defined application attributes, including category, subcategory, risk factor, tags, and characteristics. Read more in this blog by </SPAN><SPAN><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/220841">@JayGolf</a></SPAN><SPAN> — again with help from Cyber Elite expert </SPAN><SPAN><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/7608">@reaper</a></SPAN><SPAN>! <span class="lia-unicode-emoji" title=":party_popper:">🎉</span></SPAN></P> <P> </P> <H2><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/blogs/drift-detection/ba-p/516812" target="_blank" rel="noopener"><STRONG><FONT color="#FF6600">Prisma Cloud Code Security and Drift Detection</FONT></STRONG></A></FONT></H2> <P> </P> <P><SPAN>Drift Detection is a feature that is included with Prisma Cloud Code Security that helps detect unwanted changes to your project’s source code. A few lines of code can turn your project upside down by creating easy entry points for hackers to use in order to leak data or turn your repository into malware.</SPAN></P> <P> </P> <P><SPAN>If you already have a Prisma Cloud Code Security subscription, you can learn how to set up </SPAN><A href="https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-code-security/scan-monitor/drift-detection" target="_blank" rel="noopener"><SPAN>Drift Detection for your repositories</SPAN></A><SPAN> now. Otherwise, read this blog on </SPAN><A href="https://live.paloaltonetworks.com/t5/blogs/drift-detection/ba-p/516812" target="_blank" rel="noopener"><SPAN>Prisma Cloud and Drift Detection</SPAN></A><SPAN> to learn about how Drift Detection can help you maintain your security posture.</SPAN></P> <P> </P> <H2><FONT color="#FF6600"><A href="https://live.paloaltonetworks.com/t5/blogs/url-categories-match-different-categories/ba-p/516971" target="_blank" rel="noopener"><STRONG><FONT color="#FF6600">URL Filtering: Assigning Multiple Categories to URLs</FONT></STRONG></A></FONT></H2> <P> </P> <P><SPAN>Did you know that Palo Alto Networks URL filtering can assign </SPAN><A href="https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/url-filtering/how-to-use-url-categories" target="_blank" rel="noopener"><SPAN>multiple categories to URLs</SPAN></A><SPAN> that classify a website’s content, purpose, and safety? Every URL can have up to four categories, including a security-focused URL category (or "risk category" for short) that indicates how likely it is that the site will expose you to threats.</SPAN></P> <P><SPAN> </SPAN></P> <P><SPAN>These </SPAN><A href="https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/url-filtering/url-categories/url-risk-categories" target="_blank" rel="noopener"><SPAN>risk categories</SPAN></A><SPAN> enable you to implement simple security and decryption policies based on website safety, without requiring you to research and individually assess the sites that are likely to expose you to web-based threats.</SPAN></P> <P> </P> <H2><FONT color="#FF6600"><STRONG>This Month’s Nominated Discussions With Accepted Solutions</STRONG></FONT></H2> <P> </P> <P><SPAN>Nominated Discussions help LIVEcommunity Solutions Engineers highlight a discussion post that has an </SPAN><A href="https://live.paloaltonetworks.com/t5/welcome-guide/how-to-recognize-accepted-solutions/ta-p/439722" target="_blank" rel="noopener"><SPAN>Accepted Solution</SPAN></A><SPAN>, and turn it into an article with additional helpful information, documentation, and clarity. Here are the Nominated Discussions we published this past month:</SPAN></P> <P> </P> <UL> <LI style="font-weight: 400;" aria-level="1"><A href="https://live.paloaltonetworks.com/t5/general-articles/nominated-discussion-multiple-isps-with-path-monitoring/ta-p/516776" target="_blank" rel="noopener"><SPAN>Multiple ISPs with Path Monitoring</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://live.paloaltonetworks.com/t5/general-articles/nominated-discussion-url-filtering-profile-set-to-allow/ta-p/516907" target="_blank" rel="noopener"><SPAN>URL Filtering Profile Set to Allow Ransomware</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://live.paloaltonetworks.com/t5/general-articles/nominated-discussion-global-protect-authentication-happened-two/ta-p/518325" target="_blank" rel="noopener"><SPAN>Global Protect Authentication Happened Two Time While Using RADIUS</SPAN></A></LI> </UL> <P><SPAN> </SPAN></P> <P><SPAN>You're now fully briefed on LIVEcommunity's October 2022 highlights!</SPAN></P> <P><SPAN> </SPAN></P> <P><STRONG><I>If this was helpful, be sure to give this blog a thumbs up. See you next month!</I></STRONG></P> <P> </P> </DIV> Mon, 31 Oct 2022 15:20:45 GMT jforsythe 2022-10-31T15:20:45Z October 2022 Rewind: Here's What You Missed on LIVEcommunity https://live.paloaltonetworks.com/t5/news/october-2022-rewind-here-s-what-you-missed-on-livecommunity/ta-p/518957 <P><SPAN>Welcome to our October 2022 Rewind, where we review some of LIVEcommunity’s biggest headlines from the past month!</SPAN></P> Mon, 31 Oct 2022 15:20:45 GMT https://live.paloaltonetworks.com/t5/news/october-2022-rewind-here-s-what-you-missed-on-livecommunity/ta-p/518957 jforsythe 2022-10-31T15:20:45Z