Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
About Threat & Vulnerability Discussions

Welcome to the Threat and Vulnerability discussion forum. This forum exists as a resource for security professionals to discuss and share information pertaining to the topics of threats and vulnerabilities.
Not a LIVEcommunity member? Simply click here and register!

Discussions

Block on APP-ID (Apache Log4j )

Hello All,

After a bit of help ...I' have never created a block type rule on a Palo and now my boss wants me to create a .block rule for the above.

We have about 300 policies in the our firewall so no idea how to create a block and apply it .

Can anybod

...

Scott64 by L1 Bithead
  • 3355 Views
  • 3 replies
  • 1 Likes

Abnormal SSL traffic on 443

Hello I was looking into an pan threat on the logs I noticed that I Abnormal traffic is being detected  does anyone have any ideas to minimize the threat or Best Practices or more possible features I can add to the Panorama

 

Thanks  

Block High Risk TLDs

Hi All,

 

I want to start blocking 'high risk' top level domains within PAN-OS. Has anyone else done this successfully? 

 

I presume the following should work based on PAN-OS RegEX:

 

URL Category:

 

*.eg/

*.ex/

etc....

 

Set URL Category to 'Block' within exist

...

Josh990 by L2 Linker
  • 3426 Views
  • 3 replies
  • 0 Likes

Threat Log False Positives

Hi,

 

In short - I'm looking to a way to identify false positives.

 

My organisation's anti virus profiles within our Palo NGFWs are detecting multiple generic threats of a 'medium' level and blocking them. I'm trying to determine whether any of these ar

...

ShaneMcG by L0 Member
  • 3832 Views
  • 3 replies
  • 0 Likes

Minemeld & Log4j

Hello

 

Is Minemeld affected by Log4j?

I see Palo's Security Advisories about Log4j (https://security.paloaltonetworks.com/CVE-2021-44228) - but there is no Minemeld in it. 

Is anybody out there, who can answer this?

 

thanks

roger

Resolved! Palo Alto Firewall Actions

Hi folks, I am not much familiar with palo alto logs as we're getting logs in siem console in which event name is url filtering and action for this event is allow so can someone please shed some light on this issue?

simr12 by L1 Bithead
  • 4337 Views
  • 5 replies
  • 0 Likes
  • 478 Posts
  • 63 Subscriptions
Top Solution Authors
Top Liked Authors