Threat & Vulnerability
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
528 PostsThis forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
528 PostsTraps Advanced Endpoint Protection prevents cyber breaches by protecting and enabling users to conduct their daily activities, and automating prevention by autonomously reprogramming itself using threat intelligence gained from WildFire.
21 PostsA forum to ask or share about Data Loss Prevention (DLP) strategy. DLP ensures sensitive or confidential information doesn't leak outside of the corporate network. Let's rethink DPL together.
14 PostsThis forum is to discuss Palo Alto Networks' Next-Generation CASB, an integrated, multi-faceted CASB solution that helps security teams meet the security challenges of today.
15 PostsDiscussions about IoT Security — aka the Internet of Things — a cybersecurity strategy that safeguards against the possibility of cyberattacks which specifically target physical IoT devices that are connected to the network.
27 PostsWelcome to the AI Access Security discussion area! Here, we focus on how AI Access Security facilitates safe Generative AI adoption by providing real-time visibility, streamlined access control, and robust data protection. Join us to share insights and discuss strategies for keeping sensitive information secure in AI applications.
3 Posts
Hi everyone,
When it comes to securing firewall management systems—those critical control points in any network—what strategies, best practices, or tools have you found most effective?
Whether it’s role-based access controls, dedicated management net
...
Hello,
What strategies or tools have you found most effective for protecting your firewall management infrastructure?
Best Regard,
Kely
Hello,
What best practices should organizations implement to protect identity and access management (IAM) systems from vulnerabilities like CVE-2023-23397 affecting Microsoft Outlook and Exchange servers?
Best Regard,
Dona
Hello,
I have a question regarding alert in Threat detection - type "virus"
Some endpoints were trying to update VLC player, but it detected as "virus" with this threat ID: 706518286. This is file name: mirror.alwyzon.net/videolan/vlc/3.0.21/win64/v
...
Port 5060 is still being blocked even after the security threat (Threat ID 40016) responsible for the block was added to the exemption list. We’ve already applied the threat exemption to the corresponding security policy, and also cleared the session
...
Hello,
What best practices should organizations follow to secure their PAN-OS management interfaces against vulnerabilities like CVE-2025-0111?
Best Regard,
Kerolina
File Macro SHA256: N/A
IF file macro SHA256 is not available then on what basis PNGFW detected alert "'Virus/Win32.WGeneric.lsngt' generated by PAN NGFW detected on 2 hosts ". Can someone please explain me this?
Please, check this false positive:
Link to Virustotal report for the file: https://www.virustotal.com/gui/file/512aee2bf9656af68d0c001af9470070563a1b592e668569d7191998828d1698?nocache=1
File hash: : 512aee2bf9656af68d0c001af9470070563a1b592e66856
...
Hello,
This past week I've started seeing traffic that's classified as Tunneling:isavscan.[tld] (threat type: dns-c2, ThreatID: 109001001) hitting our Outside intrazone rule where the source and destination are our public ARIN IPs (the rule is curren
...
Hello All,
We observered a Sev 1 issue last week which was related to internet slowness that impacted large number of users . During the issue start time , we observed DNS traffic blocks between our DNS server and URL services.disconnect.me ( Palo Al
...
Hi guys,
I received an alert regarding cortex-xdr-payload.exe
accessing lsass.exe
. The full path is: below: C:\ProgramData\Cyvera\LocalSystem\Download\protected_payload_execution\cortex-xdr-payload.exe
From my research, the legitimate cortex-xdr-paylo
Hello team,
We have some questions regarding the latest Management Web Interface Vulnerability. Please answer below questions :-
Are these two vulnerabilities CVE-2024-00012 and CVE-2025-0111 the same?
When was CVE-2025-0111 identified ?
Advanced Threat Prevention (ATP) is the industry's first IPS to stop Zero-day attacks inline. ATP is powered by Precision AI, a proprietary system that leverages the capability of Machine Learning, Deep Learning, and Generative AI. ATP’s security mo
...
I'm working on testing an Enterprise DLP data profile that includes blocking traffic for non-file-based detections (e.g., PCI data in a Teams message). For file-based detections, the behavior is fairly straight-forward: the upload fails, Teams throw
...
hello,
we onboarded IOT license on PA-400 series , we configured the tenant properly and we associated the device.
we enabled service edge ( green status ) and we enabled EAL logging , cloud logging ( in cortex data lake tab ) .
on the zones we
...Subject | Likes |
---|---|
1 Like Likes | |
1 Like Likes | |
1 Like Likes | |
1 Like Likes |
User | Likes Count |
---|---|
1 Likes | |
1 Likes | |
1 Likes | |
1 Likes |