07-29-2016 07:53 AM
Hey Everyone,
Has anyone come across an official RSS feed (or similar) from Palo Alto which allows easy access to recent security advisories. Within my company we're look at pulling these from all our vendors so we can easily automate the notification and tracking of them.
I know the vulnerabilities are published at the link below but these can't easily be processed automatically:
http://securityadvisories.paloaltonetworks.com/
Cisco and Juniper make there's available in much better format:
http://tools.cisco.com/security/center/rss.x?i=44
https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES
The quality obviously varies but just being able to get the title and CVE number is a start.
Credit where due, Cisco's new-ish OpenVULN API is very useful to work with and provides access to the same information as on their website but in a XML/JSON format, anyone would basic scripting skills could pull the info out and adapt as needed:
https://developer.cisco.com/site/PSIRT/
If they don't have one already Palo Alto could learn a lot from that.
I prefer not to have to deal with the CVE/NVD database if I can avoid it as it's getting very out-of-date with product details, they admit it themselves. This is again where Cisco's API works well as as the vulnerabily information gets added the list of products also does so you can match this up with the asset information for your company.
Thanks
Gu
