This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

New Advanced URL Filtering Category: Compromised-website

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

New Advanced URL Filtering Category: Compromised-website

hsrinath
L2 Linker
‎12-11-2024 02:42 PM

New Advanced URL Filtering Category: Compromised-website

 

 

Palo Alto Networks will release a new Advanced URL Filtering category called “Compromised-website” via Content update on January 02, 2025, and activate it on April 02, 2025. 

 

ACTION: An action may be required. The Compromised-website category action is set to BLOCK only for the default profile. If you have multiple URL Filtering Security profiles, you must update the default action to the recommended BLOCK action for each.

 

How is the Compromised-website category defined?

Palo Alto Networks defines the Compromised-website category as benign or legitimate sites that have been hacked or infected with content such as malicious scripts, viruses, trojans, or executables.

 

Will the Compromised-website category be visible across all PAN-OS software?

The Compromised-website category will be visible on all supported PAN-OS software versions.

 

What is the recommended action for the Compromised-website category?

The recommended action for the Compromised-website category is BLOCK.

 

When will the Compromised-website category appear in Content Updates?

The “Compromised-website” category will be introduced in the content version released on January 02, 2025. This new category will be visible on the administrator management console after you install the content version released on this date or later. 

 

When will the Compromised-website category be functional?

Although the new category appears in firewalls with content released on January 02, 2025, or later, we will activate it on April 02, 2025. On that date, we will begin publishing URLs that will be categorized as Compromised-website, making the category functional.

 

What happens if the Content version used is older than the update released on January 02, 2025?

If the Content version is older than the update released on January 02,2025, URLs published in this new category will not be categorized under Compromised-website and will instead be classified as Malware and Unknown.

 

Apart from BLOCKing, is there some other action to take when a URL is categorized as Compromised-website?

The website owner could be informed about the compromise, and they can take action to clean up the website. After the website is cleaned, a category change request can be submitted via the Palo Alto Networks Test A Site portal. 

 

What is the Palo Alto Networks test URL for Compromised-website?

The test URL for the new Compromised-website category is:

http://urlfiltering.paloaltonetworks.com/test-compromised-website

  

Additional Information

For more information on best practices when managing URL Filtering categories, check out these resources:

URL Filtering Category Recommendations

Complete List of PAN-DB URL Filtering Categories

 

0 Likes Likes
  • 108 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Labels
Popular Blogs
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks