This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.
About Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.

Discussions

Start a conversation

Welcome to the Threat & Vulnerability Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4172 Views
  • 0 replies
  • 0 Likes

Exfiltration Shield - Prevent data exfiltration via DNS relay attack

Advanced Threat Prevention (ATP) is the industry's first IPS to stop Zero-day attacks inline. ATP is powered by Precision AI, a proprietary system that leverages the capability of Machine Learning, Deep Learning, and Generative AI. ATP’s security models are trained with high-fidelity data to accurately detect and prevent rapidly evolving cyber ...

kvarshney_0-1742872783500.png

CVE Mapping for Zero-day Exploits: Enhancement in Threat content release notes and Cloud reports

Advanced Threat Prevention (ATP) is industry's first IPS to stop Zero-day attacks inline. ATP is powered by Precision AI, a proprietary system that leverages the capability of Machine Learning, Deep Learning, and Generative AI. These security models are trained with high-fidelity data to accurately detect and prevent rapidly evolving threats i...

Screenshot 2025-01-30 103833.png

Welcome to the Threat & Vulnerability Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4172 Views
  • 0 replies
  • 0 Likes

Translate Suricata IPS signatures into custom Palo Alto Networks threat signatures

Threat Prevention goes beyond a typical intrusion prevention system (IPS) to inspect all traffic for threats (regardless of port, protocol, or encryption), and automatically blocks known vulnerabilities, malware, exploits, spyware, and command-and-control. Customers can easily automate workflows to rapidly apply IPS signatures in popular formats...

Malicious Traffic related to CVE-2024-9472 and CVE-2024-3393 DoS Vulnerabilities.

Can anyone share any technical insight into what the attack payload might be or you may be observing in your Threat logs?We have found some malformed DNS packet sent to port 53 that the FW labels as MS Windows NAT Helper DNS Query DoS Vulnerability (31339)These packets contain a NULL Pointer Dereference payload that we think is triggering the vu...

Resolved! PAN-OS logs

I looking for the log file that tracks the IP addresses of devices that have connected to our Palo Alto Networks firewall. I am interested in any logs that show source and destination IP addresses for network connections. Could you please point me to the file path or location of these logs? If they are exported or stored in a specific directory,...

CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

It is suggested to upgrade to version 10.2.12-h2 to remediate the vulnerability. However, the firmware version 10.2.12-h2 is currently in monitoring status. It is also mentioned that the same fix is available in version 10.2.10-h9, which is the preferred version. My question is: if the fix is available in the preferred version, why recommend upg...

StratogentNetworkTeam_0-1732216517067.png

Resolved! Does vulnerability-CVE-2023-51385 have any impact on PanOS firewalls, Panorama or Wildfire?

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

Netdata1 by L0 Member
  • 21420 Views
  • 12 replies
  • 0 Likes

Wrong behavior of Advanced URL filter

Dear experts, Here is my question: Our customer has registered new URL domains and configured the firewall to block all newly registered domains via the URL filtering configuration. They noticed that the new domain is NOT blocked right away but about 15 minutes after the first time it becomes reachable. Is this behavior expected? The customer ...

Resolved! Cannot update Adobe Creative Cloud

We cannot update Adobe Creative cloud when on our network or Global protect. What I'm seeing is in the Threat logs for adobe-creative-cloud-base threat ID 678983911, content version Antivirus-4995-5513, ccmdls.adobe.com/AdobeProducts/KCCC/1/win64/packages/ACCC_6_4_0_ADS_361/ADS.zip Name: Virus/Win32.WGeneric.ekybxu Unique Threat ID: 67898391...

ksauer507 by L3 Networker
  • 7115 Views
  • 2 replies
  • 0 Likes
  • 545 Posts
  • 78 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks