especially across multiple tenants or environments

Hello,

How to efficiently triage and prioritize alerts (especially across multiple tenants or environments)?

Threat ID 31671 - SCADA ICCP Unauthorized COTP Connection Established

I think the description of "Threat ID: 31671 - SCADA ICCP Unauthorized COTP Connection Established" is incorrect. Below is the description of the Threat, but it describes a successful connection there doesn't seem to be anything malicious to it. I'm

DNS Traffic slow/time out after applying Anti Spyware

Hi everyone,

We are using PAN OS 9.1.5.

Our internal hosts and DNS server are in different PA Zones.

We have a policy to allow all hosts to access DNS servers with application "dns".

We used strict anti spyware profile on the above mentioned security pol

reduce exposure to PAN-OS vulnerabilities like CVE-2025-0111

Hello,

What immediate steps should network admins take to reduce exposure to PAN-OS vulnerabilities like CVE-2025-0111 when no official patch is yet available?

mitigate risks from vulnerabilities

Hello,

How can network administrators mitigate risks from vulnerabilities in PAN-OS, such as CVE-2025-0111, before patches are available?

High alert with signature

Hello,

I'm sending out a message in a bottle — I'm noticing a very high number of false positives on signatures with a high severity level, whether they are Anti-Spyware or Vulnerability Protection signatures. The issue is that the solution doesn't

Inquiry About Building and Publishing a Cortex XDR Integration

Threat ID: 31671 - SCADA ICCP Unauthorized COTP Connection Established

SCADA, or Supervisory Control and Data Acquisition, systems are critical industrial control systems that monitor and manage sensitive processes. This alert, "Threat ID: 31671 - SCADA ICCP Unauthorized COTP Connection Established," signifies that an u

PAN-OS management interfaces against vulnerabilities like CVE-2025-0111?

Hello,

What best practices should organizations follow to secure their PAN-OS management interfaces against vulnerabilities like CVE-2025-0111?

Best Regard,

Kerolina

I'm not able get community Edition

Dear Team,

Please, can anyone help to get the community version of the XSOAR OVA file? Already I have registered but not received any mail

Packet Buffer Protection (PBP)

We are receiving multiple alerts for Packet Buffer Protection (PBP) being triggered on internal-to-internal and internal-to-external traffic. My understanding is that PBP is primarily intended to protect against DoS attacks, which are typically exter

Raspberry PI Custom Alert

How do I setup a Custom Alert is IoT Security to detect a Raspberry pi device.  I have the following vendor codes, and I want to setup a custom alert if a raspberry device connects to our network.  

Vendor Codes

28:cd:c1

2c:cf:67

B8:27:be

D8:3a:dd

critical control points

Hi everyone,

When it comes to securing firewall management systems—those critical control points in any network—what strategies, best practices, or tools have you found most effective?

Whether it’s role-based access controls, dedicated management net

most effective for protecting

Hello,

What strategies or tools have you found most effective for protecting your firewall management infrastructure?

Best Regard,

Kely

organizations implement to protect identity

Hello,

What best practices should organizations implement to protect identity and access management (IAM) systems from vulnerabilities like CVE-2023-23397 affecting Microsoft Outlook and Exchange servers?

Best Regard,

Dona