Welcome to the Threat and Vulnerability discussion forum. This forum exists as a resource for security professionals to discuss and share information pertaining to the topics of threats and vulnerabilities.
Not a LIVEcommunity member? Simply click here and register!
Welcome to the Threat and Vulnerability Forum
The purpose of this forum is to discuss security vulnerabilities and threats. Palo Alto Networks believes that understanding todays threat landscape is critical to effectively detecting and preventing cyb
...
Don't tell me how to fix this, I already know how it works.
I need to know why Palo Alto does not have a separate APPID update and Threat update just like AV and WF are separate.
Using PA as an everything device we actually need Vulnerability and Ant
...
In reading up on DNS Security I found that URL's provided for testing in the following document, Enabling DNS Security, do not accurately ensure DNS Security feature license is installed and configured. A very accurate indicator of this is that all o
...
Does restricting the management interface from external exposure reduce the likelihood external exploitation of this vulnerability?
Is there a way to view and/or log dns queries and responses (outside of anti-spyware rules)? The passive DNS telemetry configuration seems to do what we want but those fqdn to IP mappings are sent to Palo and it doesn't appear that we can view what f
...
hey community -
tearing my hair out here...I've set up a RoDC in my environment and added a test group to the allowed password replication group. I've configured the user and credential agents on the RoDC and they say connected to my firewall, and
...
As far as I can tell there isn't a CVE for this yet, but I would guess there will be one pretty soon. Hoping that Palo Alto is working on a signature as I write this, since SandboxExcaper released a POC...
Hi,
just wondering on expected release for signature for this Vulnerability?
CVE-2019-0708 - Remote Desktop Services Remote Code Execution Vulnerability
Details here:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
reg
...
Any idea if/when PAN may be providing signatures for the new Oracle WebLogic Server deserialization vulnerability (CVE-2019-2725)?
https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html
We are currently using the default "allow" on port scan (including openvas) and udp flood, since that is the default. Is there any reason not to block those threats?
Anyone seeing this new signature as FP prone?
Can PA file blocking profile be used to block OLE embedded documents
Thanks
This is a very easy question for everybody. A lot of people have most likely created custom signatures from Snort or otherwise to apply to a PaloAlto firewall. Does anyone know of a news group or community in which those signatures have been conver
...
Disk-space on the WF-500 was full and conent updates have been failing. The commands below were used to resolve the issue:
delete wildfire-metadata update panup-all-wfmeta-<release>
request wf-content upgrade check
request wf-content upgrade downloa
OtakarKlier
on:
Denial of Service Investigating
