Threat & Vulnerability
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
503 PostsThis forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
503 PostsTraps Advanced Endpoint Protection prevents cyber breaches by protecting and enabling users to conduct their daily activities, and automating prevention by autonomously reprogramming itself using threat intelligence gained from WildFire.
11 PostsA forum to ask or share about Data Loss Prevention (DLP) strategy. DLP ensures sensitive or confidential information doesn't leak outside of the corporate network. Let's rethink DPL together.
12 PostsThis forum is to discuss Palo Alto Networks' Next-Generation CASB, an integrated, multi-faceted CASB solution that helps security teams meet the security challenges of today.
12 PostsDiscussions about IoT Security — aka the Internet of Things — a cybersecurity strategy that safeguards against the possibility of cyberattacks which specifically target physical IoT devices that are connected to the network.
24 Posts
Hello,
Please fix false positive detection:
https://www.virustotal.com/gui/file/5259f523e41ffa42af0753df4c020f911a585b311c3267f17703c14920a352b8?nocache=1
Thank you!
Hi.
I following the IoT Security Administrator’s Guide
I'm at the section 'Preparing your firewall for IoT Security and I have reached Step 2. I have successfully created the certificate, but I am stuck at Logging Service Certificate – One-Time Pas
...
is there a way to monitor cortex xdr protection, for those endpoint who didn't conencted to the console??
FILE HASH: 9329f42ac6f2c7470c070863af04572c9f32148c1d86cdbb6e0e301c7f5d780e
Link To Virus Total: LINK
This file -- MSJT4JLT.DLL is being detected as wildfire-virus and being blocked by WildFire but Virustotal link and Wildfire portal itself categori
...
Hi all -
With regard to CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect and other issues, our PA-820 is running PAN- OS 11.1.0, should it be updated to PAN-OS 11.2.1?
Thank you
I am looking to clear out the false positive: Virus/WIN32.WGeneric.edxqeb from the Palo Alto summary report. I went into the WildFire report in the firewall an added a rule to block it but it still shows up on the report. Also does anyone how I can o
...
Paloalto is detecting the file transfer from from Bitdefender server to clients as virus and the traffic is been blocked. The file is a legit Bitdefender file used for updating Bitdefender Linux agents, the hash of the file is not been detected as ma
...
I want to be able to malware scan one single file with Cortex XDR from the administrator perspective and using automation. Does anyone have any experience with this?
Here is my example:
I have an SFTP server where files are uploaded to. As each file
...
My customer has a persistent VDI environment, but during installation forgot to set the VDI-enabled=1 flag. Is there a way to change this without reinstalling the agent? For example via the registry keys?
We're in the process of tuning DLP policies and struggling to filter out a lot of detections for driver's licenses from non-US countries. We've disabled all profiles that reference any of the non-US countries, but still seeing incidents detected for
...
Not seeing anything on this anywhere I search. Nessus is showing CVE-2008-4309 - SNMP 'GETBULK' Reflection DDoS on our PA-1410 on 11.0.3-h10.
Nessus was able to determine the SNMP service can be abused in an SNMP
Reflection DDoS attack :
Request siz
Hi Everyone,
Greetings!,
I'm facing challenges writing a date and time-based query. One specific issue is that dates aren't converting into a string format, especially when I try to convert the date '01' into 'Monday/Mon' and date '02' into 'Tue
...
Cordial greetings
Team
Currently some users are trying to download an .exe file located in a server directory path.
As I mentioned, the download is using the ms-ds-smbv3 protocol and is being stopped by the File-Blocking profile. We have performed th
...
Hi everyone,
I have the following Cortex XDR question to ask , the information is as follows:
1. If I have not purchased HostInsight License, does it support to get the installedAppList of the endpoint through API?
2. Can I export the Cortex XDR
...
Hi Everyone,
I have encountered two Broker VM log collection and dumping problems want to ask, and then please help you help, the problem is as follows:
1. Can Broker VM tandem dump logs?
Description: As shown in the figure below, a customer wa
...