topic Re: Query on URL category change in General Topics

Query on URL category change

KarthikaSubbiah — Tue, 27 May 2025 17:58:57 GMT

We submitted the request to Palo Alto to have the URL category and risk changed and that was recategorized to 'low-risk' now. My question is will Palo Alto might identify the site as malicious again based on our activity in the future and change the category?

Re: Query on URL category change

Raido_Rattameister — Tue, 27 May 2025 19:14:08 GMT

If behavior of your site changes then Palo can re-classify the category.

Re: Query on URL category change

Brandon_Wertz — Thu, 29 May 2025 13:14:16 GMT

@KarthikaSubbiah wrote:

We submitted the request to Palo Alto to have the URL category and risk changed and that was recategorized to 'low-risk' now. My question is will Palo Alto might identify the site as malicious again based on our activity in the future and change the category?

There are 2 components to URL categorization, which you've mentioned (Category & Risk.) I wouldn't worry as much about "risk" as the category your site falls under. An organization can't really survive on blocking "high" risk sites alone as an attribute. There are legitime sites that also have a high risk association. It's my understanding that the risk definition is coming from some sort of observable activity from the website itself. So if your site is being defined as medium or high risk it might indicate your website might be compromised or being exploited in someway from a threat actor.