In Prisma cloud how do i track base images. that is the know who is using the defined base images and who is not using them. like can i get a list of all containers leveraging the defined base images?
Hi Everyone,
I am currently setting up Cortex XDR to run alongside a parallel EDR solution and want to ensure proper exclusions are configured to avoid conflicts and performance issues.
Could anyone share the recommended file and folder exclusions sp
...
Dear experts,
Here is my question:
Our customer has registered new URL domains and configured the firewall to block all newly registered domains via the URL filtering configuration. They noticed that the new domain is NOT blocked right away but abo
...
Hi Team,
Just one of our customer received an security query points where they wanted the firewall to block reverse TCP shells and other potential backdoor connections.
For backdoor i have went through the backdoor signatures in threat vault.
So we ha
...
It is suggested to upgrade to version 10.2.12-h2 to remediate the vulnerability. However, the firmware version 10.2.12-h2 is currently in monitoring status. It is also mentioned that the same fix is available in version 10.2.10-h9, which is the prefe
...
We cannot update Adobe Creative cloud when on our network or Global protect. What I'm seeing is in the Threat logs for adobe-creative-cloud-base threat ID 678983911, content version Antivirus-4995-5513,
ccmdls.adobe.com/AdobeProducts/KCCC/1/win64
...
Good morning,
I would like to know if there is a way to leave a field blank when editing an asset. For example, when I change the information of an asset that has been detected wrongly, it does not allow me to leave the OS Family section blank. Is the
Hello,
Please fix false positive detection:
https://www.virustotal.com/gui/file/5259f523e41ffa42af0753df4c020f911a585b311c3267f17703c14920a352b8?nocache=1
Thank you!
Hi,
After the update PA to version 11.1.0 (currently we are using version 11.1.1 but the problem still exists), Nessus discovered open TCP port 9339 and alerted about vulnerability SWEET32 (screen attached below).
It is weird, because port 9339 is u
...
didn't received any incident alert logs from cortex xdr agent to cortex manager.
using cortex broker version 25.0.44 and cortex agent version 8.5
Hello,
I was wondering, is it possible to customize out of the box Cortex XDR notifications?
They are good and informative, but I would like to see tenant name in incident e-mail notification.
My work involves multiple tenants, and when I receive incide
We have Cortex XDR Prevent Version in Our Environment and its license is been Expired 33 Days ago and as Per the Prevent Guide on 31'st of the day from License Expiration the Tenant is been Decommissioned and Agent Capabilities is been Seized , if we
...
Does anyone know if you can create Geo-location address groups? I want to create a group for all the bad Countries instead of having to add all the Countries to every Geo-location rule.
Example: Add Russia, Crimea, North Korea, Iran, etc.. into a "Ba
...
Hi all -
With regard to CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect and other issues, our PA-820 is running PAN- OS 11.1.0, should it be updated to PAN-OS 11.2.1?
Thank you
