This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- Security Operations
- Cortex XDR Discussions
- Who rated this post
Who rated this post
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-19-2023 10:14 AM
Some advice from past experience is you can install a third party agent (Midland, Seasoft, Townsend) to forward AS/400 event logs via syslog if there are system activities you want to be alerted on. Alternatively, instrumenting the XDR agent on any endpoint that has a direct path to the AS/400 system provides the ability to detect and respond to adversaries actions before they get to the AS/400. I have found many organizations use this strategy for systems that cannot run an EDR/EPP agent.
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks