February 2023 Rewind: LIVEcommunity Highlights

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Community Team Member
No ratings

february-rewind-2023.jpg

 

Welcome to our February 2023 Rewind, where we review some of LIVEcommunity’s biggest headlines from the past month!

 

In February, LIVEcommunity was busy sharing Palo Alto Networks’ Zero Trust OT Security announcement, an addition to our Member Testimonial series, playbooks for fighting cryptojacking, and more! 

 

LIVEcommunity Member Testimonial: Steve Cantwell

 

 

Our new Member Testimonial video series invites community members from around the world to share their experience on LIVEcommunity, the importance of connecting with peers in cybersecurity, and what keeps them coming back. @S.Cantwell has been a member of LIVEcommunity since 2019 and part of community’s Cyber Elite program — which recognizes our most committed, helpful, and knowledgeable members — since it launched in 2020. He is an involved, responsive, and thoughtful member, and we’re grateful to have him as a part of LIVEcommunity: To date, he has made 745 posts, given 191 kudos and created 95 accepted solutions!

 

Introducing AI/ML Powered Industrial OT Security

 

jforsythe_0-1677609637702.png

 
Cyber attacks are increasingly disrupting manufacturing production, and CXOs are realizing that their current security measures are simply not enough to cope with changes in the OT network at their production facilities. Only Palo Alto Networks provides complete Zero Trust security so you can focus on uninterrupted operations and continued modernization of your production facilities. Read more about how Palo Alto Networks Industrial OT Security solution allows you to achieve unprecedented levels of protection.

 

XSOAR Marketplace: Keeping it Simple with Microsoft Teams via Webhook

 

The Cortex XSOAR integration with Microsoft Teams is fantastic, and includes a lot of useful functionality, but how do you schedule a message? 

 

That question piqued my curiosity and a quick Google search gave me what was needed: Microsoft Teams supports messages via incoming webhook, and with Cortex XSOAR Bring Your Own Integration (BYOI) capabilities, it didn’t seem like an insurmountable challenge to write a simple integration that would simply send a message. Read on to learn how to send a message using Microsoft Teams, webhook, and XSOAR.

 

PANCast Is Looking for Episode Ideas!

 

PANCast, a Palo Alto Networks podcast that provides actionable insights to customers, is looking for ideas! PANCast provides actionable insights from cybersecurity experts to customers, helping ensure each day is more secure than the one before it.

 

Please share what topics you'd like to hear covered, simply by clicking "Suggest an idea" via this PANCast Ideas page. You can also listen to the latest PANCast episodes now.

 

How to Use Cortex XDR to Monitor Cryptojacking Malware 

 

 

jforsythe_1-1677609637616.png

 

Cryptojacking — a form of cryptomining that uses unauthorized access to someone else's device and resources to mine for cryptocurrency — is officially a thing. These two blogs take a look at how Cortex can be used to combat cryptojacking malware:

 

TCP MSS Adjustments

 

The Maximum Transmission Unit (MTU) specifies the largest amount of data that can be transmitted by a protocol in one TCP segment. The larger it is, the less overhead you have but the more retransmits you'll get in case of a problem. The larger frame also means increased latency due to time necessary to transmit. The smaller it is, the more overhead you'll have but less to retransmit if there is a problem. Learn more about how to manage TCP MSS adjustments in this blog.

 

Cortex XSOAR: How to Archive Hosted Data for XSOAR 6

 

There are many benefits to being a hosted XSOAR customer, such as offloading the care and feeding of the XSOAR environment. That being the case, it does require a different process when the time comes to archive the data to prevent slow performance or running out of storage. Let's review how to archive and retrieve your data, including best practices, recommendations and FAQs for archiving. 

 

Playbook of the Week: Speed Up Phishing Response with the Cortex XSOAR Deployment Wizard

 

Phishing is involved in almost 40% of security incidents, according to the 2022 Unit 42 Incident Response Threat Report. Attacks that once relied on poorly written phishing emails to find victims have rapidly increased in sophistication and targeting due to the growing amount of personal information easily found on the internet.


With Cortex XSOAR, phishing responses can easily be automated and it is one of the most popular use cases for automation. The Phishing pack helps organizations reduce the time spent managing phishing alerts and provides a standardized, methodical process to handle phishing.

 

TLP Update (2.0), Going Softer on AMBER and Adding AMBER+STRICT

 

The Traffic Light Protocol (TLP) can play a major role in your XSOAR instance. As you may have seen already, every Threat Intelligence Feed you can add will come with this option to be set. The traffic light protocol was first developed by first.org, a security professional community in the area of incident response but actually mainly CERT related.

 

As you may imagine, when CERT people come together they are keen on sharing knowledge and insights as well as the latest and most urgent events they are facing with each other. But how do you end up not over sharing information while publicly exposing that your company may or may not be affected by a certain threat actor or vulnerability? How can you make sure that your effort of investigating a certain threat gets public knowledge?


Autonomous Digital Experience Management Use-Cases

 

Over ninety-five percent of end users report experiencing unanticipated application downtime, which causes businesses to lose valuable productivity. Find and fix problems with the user experience using autonomous digital experience management, all before those problems have an effect on your company.

 

Feb ‘23 Discussion Highlight: Posts With Accepted Solutions

 

Nominated Discussions help LIVEcommunity Solutions Engineers highlight a discussion that has an Accepted Solution, and turn it into an article with additional helpful information, documentation, and clarity! Here are the Nominated Discussions we published this past month:



Content From Our Cyber Elite Experts:

 

@Nikoolayy1 is a longtime Cyber Elite expert and wrote two posts for LIVEcommunity this  past month! Nikolay is a Senior Cybersecurity Consultant who is responsible for the implementation of NGFW as the primary leader in Palo Alto firewalls, WAF systems, and DDOS/Bot protection technologies. He is an expert in Palo Alto Networks’ security solutions and his insights are well-worth a read:

 


You're now fully briefed on LIVEcommunity's February 2023 highlights!

 

If this was helpful, be sure to give this blog a thumbs up. See you next month!

Rate this article:
  • 2157 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Contributors
Article Dashboard
Version history
Last Updated:
‎02-28-2023 10:56 AM
Updated by: