Cloud Delivered Security Services
Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Palo Alto Networks’ Cloud Delivered Security Services.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cloud Delivered Security Services
Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Palo Alto Networks’ Cloud Delivered Security Services.

Browse the Community

Threat & Vulnerability

This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.

458 Posts

Endpoint (Traps) Discussions

Traps Advanced Endpoint Protection prevents cyber breaches by protecting and enabling users to conduct their daily activities, and automating prevention by autonomously reprogramming itself using threat intelligence gained from WildFire.

337 Posts

Enterprise Data Loss Prevention Discussions

A forum to ask or share about Data Loss Prevention (DLP) strategy. DLP ensures sensitive or confidential information doesn't leak outside of the corporate network. Let's rethink DPL together.

11 Posts

Next-Generation CASB Discussions

This forum is to discuss Palo Alto Networks' Next-Generation CASB, an integrated, multi-faceted CASB solution that helps security teams meet the security challenges of today.

9 Posts

IoT Security Discussions

Discussions about IoT Security — aka the Internet of Things — a cybersecurity strategy that safeguards against the possibility of cyberattacks which specifically target physical IoT devices that are connected to the network.

17 Posts

Activity in Cloud Delivered Security Services

Student extensive use of VPNs.

Hello Livecommunity. We are in a bind. We have numerous students on our school networks that are bypassing security profile rules with VPNs. So frustrating. I do have rulesets that look for annnomizers and proxies. I also have explicit rules that loo

...

JCMoritz by L1 Bithead
  • 1649 Views
  • 5 replies
  • 0 Likes

Changes on an Endpoint and Duplicates

In Cortex XDR, what changes on an endpoint could cause duplicate endpoint instances to appear? 

Example: Host A appears twice, but one instance is connected, the other instance has a connection lost status and is using a different IP address.

 

Under

...

HYPER-V AND GLOBAL PROTECT

Good morning, I have a problem with Hyper-V and Global Protect VPN, when using the Global network connection does not work the network in Hyper-V even if I configure the PANGP Virtual Ethernet Adapter, does anyone know what can be done to make it wor

...

Resolved! Enterprise DLP with NGFW

Are all of the Enterprise DLP functions performed in the DLP cloud service or are some of the functions performed on the NGFW?

 

From the E-DLP data sheet:
"Embedded in a next-generation firewall (NGFW) as a cloud-delivered service that inspects web
tr

...

John_J by L1 Bithead
  • 304 Views
  • 1 replies
  • 0 Likes

Resolved! CVE-2023-38802

Hi,

 

Regarding CVE-2023-38802, DDOS in BGP software,  would this apply only to public ASNs/BGP sessions established on public internet?   I have BGP configured on PAN firewalls but only running BGP over IPSec tunnels using private ASNs

 

I would thi

...

Malicious .zip file detected as "HackTool/Win32.mimikatz" by AV policy and action shows as 'reset-both' but the file was not blocked

Hello,

 

While doing testing around our security controls, we did intentionally try to download Mimikatz onto an isolated workstation to see if Palo Alto blocks the download, however though Palo did alert with multiple threat names starting with "Hac

...

Network

Hi Team,

We have a customer he is facing issue with, Sliver Framework Command and Control Traffic Detection - ThreatID 86680.

He is getting below sync error,

URL : mail.google.com/sync/u/0/i/s?hl=en&c=649&rt=r&pt=ji 

I have gone through the below art

...

Resolved! Spyware Detections

Hi Community,

 

Lately we are noticing on one of our clients environment where PA is flagging traffic to "mail.google.com" as Spyware. The captured signature is "sliver framework command and control traffic detection".

 

I did run the captured URL "m

...

Remove asset from iot security

Good morning everyone, I was wondering if there is a way to delete an asset in IOT Security. I think I should have put it that if at some point there was a device that has been detected correctly but for whatever reason has been removed should be abl

...

Register or Sign-in
Top Solution Authors
Top Liked Posts
Top Liked Authors