Our community is an active and collaborative place to learn more about best practices, digital events, share ideas, find answers and ask questions to fellow fans! Check out our most popular conversations happening right now!
There is not a community discussion for issues implementing 10.2.9-h1
We have a maintenance window to push out 10.2.9-h1 Thursday evening and with recent issues with 1.2.7.h3 and other roll outs i am starting this thread for the community.
Hello all,
For several weeks, I have been getting many VPN login attempts from different IPs trying to login using generic usernames, like "guest", "support", "admin", etc.
Is this normal? Is there anything that I can do to stop this from happeni
...
Does anyone know more on the use of the "annotation" field for use in a dynamic address group from a vm information source?
Can the notes or tags field in the summary tab in vCenter be used to apply custom annotations? Any assistance on the syntax wou
...
Helllo everybody,
I have a Cortex XDR Pro per GB and I've acquired a "Forensics" free trial license, which expired yesterday. I need to access the results of the forensics, would i be able to do it? or do i need to renew my license?
Awaiting any
...
Trying to find a Prisma report that will provide output of snapshots of resource configurations for manual review. The report would enable internal / external assessors to review configurations to manually validate compliance. Existing Prisma complia
...
Hi,
I'm trying to find a query which will show me computers with status "Connection Lost".
Sadly I'm not able to do this in both preset = host_inventory (can't find the computer which has this status in the Cortex Dashboard) as well as dataset =
...
I'm currently in the process of migrating my company from AnyConnect to Global Protect on our 5220s. I'm looking for your feedback on how you all "monitor" the VPN service?
When comparing the "dashboard" view of Cisco's ASDM I don't really see anyth
...
Hello team
How can we determine if your device logs match the known indicators of compromise (IoC) for this vulnerability?
I have already fixed the vulnerability and I have the TSF of my device and I want to see if I have been exploited before applyi
...
Hello All,
Its a twitter link but will try and summarize the process.
https://twitter.com/cyb3rops/status/1781294529586331650
Hi Team, I have a customer who wants to enable the "content-repository" built-in feature.
They tried the below steps:
1. First, they have enabled the feature successfully in DEV.
2. Next, when they enabled the feature in PROD, they got an error (refer
Hello, I need your help. I need feeds for domain classification and another feed for phishing, to determine whether domains, emails have been compromised or not. What do you recommend for Cortex XSOAR
What feed and integration people use??
I need
Cortex XSOAR 8 will have a new FQDN and IP Address in the new platform. May I know is there any existing playbook have pulled the XSOAR data, and export to third-party platform automatically? If yes, it may require to re-configure the IP Address.
C
...
soemtimes for testing purpose we need to create similar incident again but I am stuck at this phase. I have exisiting incident and i want to re run it(either manually create, duplicate and re run it or just simply re run exisitng incident, or importi
...
Hi,
I've created a playbook to analyze some alerts related to SOC and GPO, but the alerts come with ObjectGUID and I need to convert the GUID to DisplayName.
In PowerShell, the command is simple: (Get-GPO -Guid "$GUID").DisplayName.
I tried running
...
Hello Folks,
In the Cortex API documentation there is not mention of how to make BIOC rules using APIs or how to access them.
I was wondering if anyone has been able to use the API to create BIOC rules.
The proliferation of unsanctioned Post-Quantum Ciphers leads to blind spots in your network visibility, with PANW Firewalls you can now DETECT, LOG and BLOCK unsanctioned ciphers. The Quantum Threat o...
By Vinay Kumar M, Senior Staff Engineer Summary There are numerous security concerns while using 3rd party Webhooks Providers like pipedream, webhook.site, etc. However, a lesser known alternative is ...
By Vinay Kumar M, Senior Staff Engineer Summary As a Prisma Cloud user, you have access to a specific Prisma Cloud stack. When a user logs in to a stack, it gets a JWT token to access that specific st...
By Vinay Kumar M, Senior Staff Engineer Purpose The API which is to be used for Performing Config Search with Network RQL's - 'config from network ...' Symptom /search/config API - https://pan.dev/pri...
