https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/342422#M924 <P>Thanks for your advice, but based on severity level, like medium to critical, still there are a lot signatures. For sql-injection, I think PA can combine some signatures together to reduce the number of the signature.&nbsp;</P> Thu, 06 Aug 2020 08:21:49 GMT herman2018 2020-08-06T08:21:49Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/341177#M920 <P>Hi all, in palo alto, there are 380+ signatures which are related to sql injection, and the default action for all is set to "alert". Now we want to change the action to reset, can anyone please advise how to choose the signature? it is not possible to change for all, right? Thanks in advance.&nbsp;</P> Wed, 29 Jul 2020 07:04:58 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/341177#M920 herman2018 2020-07-29T07:04:58Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/341638#M921 <P>You can create a rule that precedes the severity-based rules in the Vulnerability Protection profile, that is defined specifically for signatures in the sql-injection Category.</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Screen Shot 2020-07-31 at 10.38.52 AM.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/27104iDB16C9D2964A5410/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="Screen Shot 2020-07-31 at 10.38.52 AM.png" alt="Screen Shot 2020-07-31 at 10.38.52 AM.png" /></span></P> Fri, 31 Jul 2020 17:41:09 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/341638#M921 mivaldi 2020-07-31T17:41:09Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/342422#M924 <P>Thanks for your advice, but based on severity level, like medium to critical, still there are a lot signatures. For sql-injection, I think PA can combine some signatures together to reduce the number of the signature.&nbsp;</P> Thu, 06 Aug 2020 08:21:49 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/342422#M924 herman2018 2020-08-06T08:21:49Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/342494#M925 <P>That is a good idea but you won't see any change picked up from ideas posted on the forums. You can reach out to your Palo Alto Networks SE to have a Feature Request filed.</P> Thu, 06 Aug 2020 15:32:57 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/342494#M925 mivaldi 2020-08-06T15:32:57Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/583694#M2182 <P>Thank you share this answere and post!!</P> Mon, 15 Apr 2024 07:29:43 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/how-to-choose-signature-for-sql-injection/m-p/583694#M2182 Garde1962 2024-04-15T07:29:43Z