This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.
About Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.

Discussions

Start a conversation

Welcome to the Threat & Vulnerability Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4175 Views
  • 0 replies
  • 0 Likes

CVE-2022-0778 mitigation with Threat Prevention

Hi, Following the CVE-2022-0778 vulnerability, I would like to apply the workaround to reduce the risk of attack until the PAN-OS update is released. According to the security ticket, you have to activate the Threat IDs 92409 and 92411 but how to do it ? I found this link but I'm not sure of the procedure: https://knowledgebase.paloaltonetworks....

feelgood by L2 Linker
  • 4425 Views
  • 3 replies
  • 1 Likes

policy, objects and smtp

howdy,I can not get my head around how to do this.Allow smtp from a country but block every other service, application.You can negate countries but not services/applications.can one do any/any with an exception?Thank you

PA200-1 by L1 Bithead
  • 3189 Views
  • 3 replies
  • 1 Likes

How to Block RClone

If I search for rclone in the applications on my PAN 3220 w 9.1, I am not spotting "rclone". Is there a means of identifying and blocking rclone traffic? https://research.nccgroup.com/2021/05/27/detecting-rclone-an-effective-tool-for-exfiltration/

palomed by L3 Networker
  • 3231 Views
  • 0 replies
  • 1 Likes

Palo Alto Networks PAN-OS 8.1.x / 9.0.x / 9.1.x / 10.0.x Improper Input Validation

Hi All,I would like to verify some vulnerability as in PAN OS Advisory for "Low- PAN-OS 8.1.x / 9.0.x / 9.1.x / 10.0.x Improper Input Validation"Also there are detected by Nessus scanner for "High- SQLi scanner and low- Auto completion finding". Is it these vulnerabilities detected will be resolved if we upgrade to PAN OS 10.1.4 version?

Resolved! Detection of Critical Vulnerabilities, what does it mean ?

Hi All,When Palo alto firewall detects a vulnerability ( in the ACC tab, threats widget ), what does it mean exactly?( The source IP is private IP and destination is a public IP )1.Does it mean that the server is infected and is sending out traffic to some malicious IP. 2.Does it mean that the server is not infected but it contains software whic...

Virus/Win32.WGeneric.cfzcwn False/Positive?

Received multiple alert for comms between two systems triggered by virus signature ( date of released on 3/3/2022). Anyone else received these, is it false/positive?Name: Virus/Win32.WGeneric.cfzcwnUnique Threat ID: 468826517Create Time: 2022-02-03 11:48:01 (UTC)Hash: ab19a2c1a7621f777185863c0789e2045d2cc8b61958b26cbaa9483f4dd5aaf8 Virus Total i...

No entry in the User-Agent field in threat logs

Hi All, We had recently got threat log entries on the PA firewall. While checking the logs the Browser "User-Agent" column in the threat field is empty. While reading the documentations it is advised that this filed will be populated only for HTTP traffic. We had Web-Browsing in the application field and traffic being destined to destination por...

Block on APP-ID (Apache Log4j )

Hello All,After a bit of help ...I' have never created a block type rule on a Palo and now my boss wants me to create a .block rule for the above.We have about 300 policies in the our firewall so no idea how to create a block and apply it .Can anybody give me any pointers ? Regards

Scott64 by L1 Bithead
  • 5042 Views
  • 3 replies
  • 1 Likes
  • 545 Posts
  • 78 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks