https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-does-pa-identity-an-application-as-quot-threat-quot/m-p/201718#M252 <P>Hello guys,</P><P>&nbsp;</P><P>We have an application - "sina-weibo-base" is allowed to be accessed for internet access policy, but when user access to it, PA block it and the "Session End Reason" is "Threat".</P><P>&nbsp;</P><P>Does this mean PA consider this application a threat?</P><P>&nbsp;</P><P>Thanks</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 22 Feb 2018 08:36:41 GMT qd_056 2018-02-22T08:36:41Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-does-pa-identity-an-application-as-quot-threat-quot/m-p/201718#M252 <P>Hello guys,</P><P>&nbsp;</P><P>We have an application - "sina-weibo-base" is allowed to be accessed for internet access policy, but when user access to it, PA block it and the "Session End Reason" is "Threat".</P><P>&nbsp;</P><P>Does this mean PA consider this application a threat?</P><P>&nbsp;</P><P>Thanks</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 22 Feb 2018 08:36:41 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-does-pa-identity-an-application-as-quot-threat-quot/m-p/201718#M252 qd_056 2018-02-22T08:36:41Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-does-pa-identity-an-application-as-quot-threat-quot/m-p/201811#M253 <P>No, it means that a Threat Prevention feature detected a threat and executed a blocking action on the traffic.</P> <P>You *should* be able to see related threat log entries if you click on the Detailed Log entries (using magnifying glass icon&nbsp;at the left of the Traffic log entry). Once the Detailed view opens, you will see related log entries at the bottom. If you see a Threat Log, click in it and you should get the details for the block.</P> <P>&nbsp;</P> <P>If you don't see a log entry, discovery of the threat block will require additional debuggin through packet diagnostic feature ctd detector. You can open a case with Support to explore this troubleshooting option.</P> Thu, 22 Feb 2018 17:47:56 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-does-pa-identity-an-application-as-quot-threat-quot/m-p/201811#M253 mivaldi 2018-02-22T17:47:56Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-does-pa-identity-an-application-as-quot-threat-quot/m-p/204527#M266 <P>Please share the snap shot for the understanding</P> Fri, 09 Mar 2018 10:23:16 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-does-pa-identity-an-application-as-quot-threat-quot/m-p/204527#M266 Fahadvu 2018-03-09T10:23:16Z