Welcome to the Custom Signatures discussion forum. This forum exists as a resource for security professionals to discuss the creation process of custom signatures in their PAN-OS appliance. Please feel free to engage with other community members and Palo Alto Networks staff. Ideas, questions, research, and observations regarding the process of custom signature creation are all actively encouraged.
For an introduction to the forum, please see the sticky!
This forum is provided for Live Community members to discuss and share information pertaining to custom signatures. Please use the information from this forum at your own risk and make sure to test and verify any signature and code presented here. For information on contacting Palo Alto Networks support, click here.
The purpose of this board is to discuss everything related to custom signature creation in PAN-OS devices. Pal...10-19-2015 Posted by rcole
Just seeking a Custom App-ID forWindows Update Delivery Optimization (WUDO).05-06-2019 Posted by DonJarmon
Hi,In my environment, we have a requirement to block download/upload any types of files between two machines.I...03-30-2020 Posted by Jayanth_Lakshmipathy
It's possible to block custom file hash-256It's possible to block custom file hash-256 in Palo alto.Please let...09-14-2020 Posted by Mohammed_Yasin
I'm trying to write a custom threat signature. The pattern matches just fine if I send it using netcat, but it...09-15-2020 Posted by John.Petrucci
I have a requirement, where the customer wants to allow only the below url:https://chrome.google.com/webstore/...07-14-2020 Posted by saprakash
Hi Team,These are the below sign identified in our network and want to know the reason for this trigger.Please...05-14-2020 Posted by Veerendra
I want to stop the MortiAgent malware by applying /using snort rule & also using yara rule?How to configur...05-07-2020 Posted by Mohammed_Yasin
Could anyone help me to build a custom application with a pattern.Application: JabberPort: TCP/5222I want to u...03-09-2020 Posted by tkumbhakar01
Hi all,i'm finally converting an old Juniper ScreenOS firewall to a PaloAlto firewall (5020). I have some prob...11-25-2019 Posted by Gianpiero
We have a custom vulnerability for Datanyze Scraping that is being idenfied but only alerting. This signature ...09-17-2019 Posted by tom.mccomb
Hi communityDoes anyone already managed to block access to websites available directly with their IP? Actually...04-27-2019 Posted by vsys_remo
I created custom app for ldaps tcp/636 based on signature (ssl-rsp-certificate) which contains text from certi...04-05-2019 Posted by olukacko