This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.
About Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.

Discussions

Start a conversation

Welcome to the Threat & Vulnerability Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4172 Views
  • 0 replies
  • 0 Likes

Raspberry PI Custom Alert

How do I setup a Custom Alert is IoT Security to detect a Raspberry pi device. I have the following vendor codes, and I want to setup a custom alert if a raspberry device connects to our network. Vendor Codes 28:cd:c1 2c:cf:67 B8:27:be D8:3a:dd dc:a6:32 e4:5f:01

Seeing DNS Tunnel traffic to/from our Public Ranges?

Hello, This past week I've started seeing traffic that's classified as Tunneling:isavscan.[tld] (threat type: dns-c2, ThreatID: 109001001) hitting our Outside intrazone rule where the source and destination are our public ARIN IPs (the rule is currently set to allow while I make sure I have all the traffic we need like BGP and IPSec allowed in o...

public to public DNS tunnel.PNG

Newsletter: Cloud Delivered Security Services, Oct-2025

Welcome to the CDSS Monthly Newsletter The Cloud-Delivered Security Services (CDSS) Monthly Newsletter brings you the latest updates, insights, and innovations from Palo Alto Networks’ cloud-powered security platform. Each month, we spotlight key product releases, upcoming events, technical tips, and best practices across our Advanced Core Sub...

Resolved! Upgrade from Basic Threat Prevention to Advanced Threat Prevention

Currently, two PA-320 peers are in HA configuration with Basic Threat Prevention license which is expiring in Feb 2026. I am going to buy ATP license in the upcoming renewal. Do I have to configure the ATP profiles from starch and bind those profiles with the security rules OR Basic Threat prevention profiles(such as AV, Vulnerability protection...

Ajay358 by L2 Linker
  • 14922 Views
  • 1 replies
  • 0 Likes

Welcome to the Advanced Threat Prevention Discussion Area!

Welcome to the Advanced Threat Prevention discussion area! Here, you can engage in conversations about the Advanced capabilities of Threat Prevention - protection against zero-day threats with Precision AI, stopping exploits, malware, and C2 attacks in real time. Check back regularly for the latest updates and community insights on Advanced Th...

rgwalani by L0 Member
  • 12037 Views
  • 1 replies
  • 0 Likes

Threat ID 31671 - SCADA ICCP Unauthorized COTP Connection Established

I think the description of "Threat ID: 31671 - SCADA ICCP Unauthorized COTP Connection Established" is incorrect. Below is the description of the Threat, but it describes a successful connection there doesn't seem to be anything malicious to it. I'm thinking more should have been added to the description to describe why the threat is malicious. ...

K.Nand by L0 Member
  • 12955 Views
  • 1 replies
  • 0 Likes

DNS Traffic slow/time out after applying Anti Spyware

Hi everyone,We are using PAN OS 9.1.5.Our internal hosts and DNS server are in different PA Zones.We have a policy to allow all hosts to access DNS servers with application "dns".We used strict anti spyware profile on the above mentioned security policy.After applying anti-spyware profile, we see that the DNS queries timeout most of the times an...

High alert with signature

Hello, I'm sending out a message in a bottle — I'm noticing a very high number of false positives on signatures with a high severity level, whether they are Anti-Spyware or Vulnerability Protection signatures. The issue is that the solution doesn't implement a scoring system to determine the relevance of its alerts. I'm wondering if anyone has...

  • 545 Posts
  • 78 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks