This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
538 PostsTraps Advanced Endpoint Protection prevents cyber breaches by protecting and enabling users to conduct their daily activities, and automating prevention by autonomously reprogramming itself using threat intelligence gained from WildFire.
22 PostsA forum to ask or share about Data Loss Prevention (DLP) strategy. DLP ensures sensitive or confidential information doesn't leak outside of the corporate network. Let's rethink DPL together.
15 PostsThis forum is to discuss Palo Alto Networks' Next-Generation CASB, an integrated, multi-faceted CASB solution that helps security teams meet the security challenges of today.
15 PostsDiscussions about IoT Security — aka the Internet of Things — a cybersecurity strategy that safeguards against the possibility of cyberattacks which specifically target physical IoT devices that are connected to the network.
29 PostsWelcome to the AI Access Security discussion area! Here, we focus on how AI Access Security facilitates safe Generative AI adoption by providing real-time visibility, streamlined access control, and robust data protection. Join us to share insights and discuss strategies for keeping sensitive information secure in AI applications.
3 PostsWelcome to the Advanced DNS Security discussion area. Here, we focus on delivering real-time, AI-powered protection against DNS-layer threats—ensuring visibility, control, and prevention across all network environments.
1 PostsHello, How to efficiently triage and prioritize alerts (especially across multiple tenants or environments)?
I think the description of "Threat ID: 31671 - SCADA ICCP Unauthorized COTP Connection Established" is incorrect. Below is the description of the Threat, but it describes a successful connection there doesn't seem to be anything malicious to it. I'm thinking more should have been added to the description to describe why the threat is malicious. ...
Configured device for SNMP polling. Checked devices in path to ensure they weren't blocking traffic. I can ping the device just fine. However, I am unable to complete discovery and I see no traffic in the traffic logs for port 161/162.
Hi everyone,We are using PAN OS 9.1.5.Our internal hosts and DNS server are in different PA Zones.We have a policy to allow all hosts to access DNS servers with application "dns".We used strict anti spyware profile on the above mentioned security policy.After applying anti-spyware profile, we see that the DNS queries timeout most of the times an...
Hello, What immediate steps should network admins take to reduce exposure to PAN-OS vulnerabilities like CVE-2025-0111 when no official patch is yet available?
Hello, How can network administrators mitigate risks from vulnerabilities in PAN-OS, such as CVE-2025-0111, before patches are available?
Hello, I'm sending out a message in a bottle — I'm noticing a very high number of false positives on signatures with a high severity level, whether they are Anti-Spyware or Vulnerability Protection signatures. The issue is that the solution doesn't implement a scoring system to determine the relevance of its alerts. I'm wondering if anyone has...
Hi Team,We have a customer interested in developing a data connector for Cortex XDR, with the intention of making it publicly available via the Cortex XDR Marketplace. Our team will take full ownership of the development process, and we’d appreciate your guidance on best practices, platform limitations, and the overall integration and publishing...
why the Nested Profile Incident in Palo Alto EDLP doesn't show the correct keyword count, while the Nested Data Profile test does.1. I created Nested profile. Test for Nested Data Profile shows correct count of occurances.however when pushed through Panorama, Incident Got generated, but count of occurances of keywords is not accurate.2. And not ...
Welcome to the Advanced DNS Security discussion area! Here, you can engage in conversations about Advanced DNS Security, explore new insights, and stay updated on ongoing discussions. Check back regularly for the latest updates and community insights on Advanced DNS Security.
SCADA, or Supervisory Control and Data Acquisition, systems are critical industrial control systems that monitor and manage sensitive processes. This alert, "Threat ID: 31671 - SCADA ICCP Unauthorized COTP Connection Established," signifies that an unauthorized ICCP (Inter-Control Center Communications Protocol) client has successfully establish...
Looking for PRISMA SAAS CASB IMPLEMENTATION GUIDE.
Hello, interested in exporting device list from iot platform. I see a API endpoint for this but it doesn't have examples or document how to do filtering or page next since the it is capped to 1000 devices per request. please advise. https://pan.dev/iot/api/device-inventory/ > https://api.strata.paloaltonetworks.com/pub/v1/device/list ...
Hello Everyone, What does Discover Mobile Device Attributes the limitation mean? ========== IoT Security can learn mobile (cellular) device attributes, add the devices to its inventory, and track them by the IMEI numbers. You can then see various mobile device attributes for them on the AssetsDevices and Device Details pages. You can also ...
Hello, What best practices should organizations follow to secure their PAN-OS management interfaces against vulnerabilities like CVE-2025-0111? Best Regard, Kerolina
