Palo Alto Security Advisories RSS

L1 Bithead

Palo Alto Security Advisories RSS

Hey Everyone,

 

Has anyone come across an official RSS feed (or similar) from Palo Alto which allows easy access to recent security advisories. Within my company we're look at pulling these from all our vendors so we can easily automate the notification and tracking of them.

 

I know the vulnerabilities are published at the link below but these can't easily be processed automatically:

http://securityadvisories.paloaltonetworks.com/

 

Cisco and Juniper make there's available in much better format:

http://tools.cisco.com/security/center/rss.x?i=44

https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES

 

The quality obviously varies but just being able to get the title and CVE number is a start.

 

Credit where due, Cisco's new-ish OpenVULN API is very useful to work with and provides access to the same information as on their website but in a XML/JSON format, anyone would basic scripting skills could pull the info out and adapt as needed:

https://developer.cisco.com/site/PSIRT/

 

If they don't have one already Palo Alto could learn a lot from that.

 

I prefer not to have to deal with the CVE/NVD database if I can avoid it as it's getting very out-of-date with product details, they admit it themselves. This is again where Cisco's API works well as as the vulnerabily information gets added the list of products also does so you can match this up with the asset information for your company.

 

Thanks

 

Gu

L3 Networker

Re: Palo Alto Security Advisories RSS

While it is not RSS, I receive email alerts from PAN when these come out.

L7 Applicator

Re: Palo Alto Security Advisories RSS

I think you are looking for this, the security advisory postings.

 

https://securityadvisories.paloaltonetworks.com/

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
L1 Bithead

Re: Palo Alto Security Advisories RSS

For a human being, that's fine and what I currently use (along with Email)

 

What I was looking for is something that can be processed by a script, hence RSS/XML (or even JSON) format being suggested.

 

Palo Alto can be very inconsistent at times, they don't provide a easy means of getting the config out of the device so a human can view it (e.g. CSV of security rules), yet information that needs to be acted on relatively quickly is not made available in a format which can be processed by a non-human. Would have thought in the age of mass data consumption, they'd have thought of something as simple as this.

 

Oh well guess we'll have to stick with the CVE/NVD database for now.

 

 

L1 Bithead

Re: Palo Alto Security Advisories RSS

Ciao,

same problem ! same problem !!

I'd like to access Security Advisor (SA) in a scripting way . Witj CIsco I'm using openVulnQuery and API as well.

I tried in python parsing https://securityadvisories.paloaltonetworks.com/ using xml/http library and it works, but it's not scalable.

 

What I'm thinking is getting informations like SA, lastest PAN-OS, Content-update, etc in API.

Let me know !

Thanks 

 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!