https://live.paloaltonetworks.com/t5/general-topics/tactics-technique-and-procedure-ttp-for-noob-threat-hunting/m-p/349562#M86871 <P>Welcome to PANW!</P> <P>&nbsp;</P> <P>So I think the best place, is to have you look/configure your FW for some best practices.</P> <P>&nbsp;</P> <P><A href="https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/best-practices-for-securing-your-network-from-layer-4-and-layer-7-evasions.html" target="_blank">https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/best-practices-for-securing-your-network-from-layer-4-and-layer-7-evasions.html</A></P> <P>&nbsp;</P> <P>This is a good place to start.</P> <P>&nbsp;</P> <P>This is another</P> <P>&nbsp;</P> <P><A href="https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention.html" target="_blank">https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention.html</A></P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 15 Sep 2020 23:45:20 GMT S.Cantwell 2020-09-15T23:45:20Z https://live.paloaltonetworks.com/t5/general-topics/tactics-technique-and-procedure-ttp-for-noob-threat-hunting/m-p/349520#M86867 <P>I am new to Palo Alto NGFW and Cortex, does anybody have&nbsp; any special TTP they want to share to noobs like me?</P> Tue, 15 Sep 2020 21:44:03 GMT https://live.paloaltonetworks.com/t5/general-topics/tactics-technique-and-procedure-ttp-for-noob-threat-hunting/m-p/349520#M86867 Retired Member 2020-09-15T21:44:03Z https://live.paloaltonetworks.com/t5/general-topics/tactics-technique-and-procedure-ttp-for-noob-threat-hunting/m-p/349562#M86871 <P>Welcome to PANW!</P> <P>&nbsp;</P> <P>So I think the best place, is to have you look/configure your FW for some best practices.</P> <P>&nbsp;</P> <P><A href="https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/best-practices-for-securing-your-network-from-layer-4-and-layer-7-evasions.html" target="_blank">https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/best-practices-for-securing-your-network-from-layer-4-and-layer-7-evasions.html</A></P> <P>&nbsp;</P> <P>This is a good place to start.</P> <P>&nbsp;</P> <P>This is another</P> <P>&nbsp;</P> <P><A href="https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention.html" target="_blank">https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention.html</A></P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 15 Sep 2020 23:45:20 GMT https://live.paloaltonetworks.com/t5/general-topics/tactics-technique-and-procedure-ttp-for-noob-threat-hunting/m-p/349562#M86871 S.Cantwell 2020-09-15T23:45:20Z https://live.paloaltonetworks.com/t5/general-topics/tactics-technique-and-procedure-ttp-for-noob-threat-hunting/m-p/350259#M86948 <P>I a spare PA220 that I can use to test this configuration before putting on Panorama.</P><P>&nbsp;</P><P>Thank you!</P> Fri, 18 Sep 2020 00:35:38 GMT https://live.paloaltonetworks.com/t5/general-topics/tactics-technique-and-procedure-ttp-for-noob-threat-hunting/m-p/350259#M86948 Retired Member 2020-09-18T00:35:38Z https://live.paloaltonetworks.com/t5/general-topics/tactics-technique-and-procedure-ttp-for-noob-threat-hunting/m-p/350260#M86949 <P>Here is a very good video on how Cortex XDR is used as TTP.</P><P>Optimize SecOps Investigation and Response to Stop Sophisticated Attacks with Cortex XDR and XSOAR</P><P><A href="https://www.youtube.com/watch?v=3ZAeF2MiSwY" target="_blank" rel="noopener">https://www.youtube.com/watch?v=3ZAeF2MiSwY</A></P><P>&nbsp;</P><P>&nbsp;</P> Fri, 18 Sep 2020 00:48:29 GMT https://live.paloaltonetworks.com/t5/general-topics/tactics-technique-and-procedure-ttp-for-noob-threat-hunting/m-p/350260#M86949 Retired Member 2020-09-18T00:48:29Z