As you already know, Expedition was conceived to reduce the time and efforts a security admin needs to improve and optimize their Palo Alto Networks configurations. Following that effort, we have added, within Expedition, support not only to run a BPA analysis if not also be able to remediate some of the failed checks (all related to Device Config) and now integration with the project IronSkillet.
IronSkillet is basically a template that provides several best practices to minize the time to deploy a Day 1 Configuration in your Palo Alto Networks devices.
With this article, we show you how to create a new Base Configuration file plus remediate some of the checks failed at the time to run the BPA and export that configuration to your device. With this example, you will get a config that is 67% following the BPA recomendations.