This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About jdub_cloud
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About jdub_cloud
09-20-2023
4Posts
0Likes
0Solutions
Sep 20, 2023Last Visited
User
Activity
User
Profile
Latest posts by jdub_cloud
| Subject | Views | Posted |
|---|---|---|
| 1799 | 07-26-2022 05:02 PM | |
| 1847 | 07-25-2022 02:54 PM | |
| 2262 | 07-22-2022 02:38 PM | |
| 1187 | 08-17-2021 09:42 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like |
User Badges
Community Statistics
| Member Since | 09-04-2019 12:19 PM |
| Date Last Visited | 09-20-2023 07:11 PM |
| Posts | 4 |
07-26-2022
05:02 PM
Right on! Thanks so much @Adrian_Jensen
I feel like this should be the responsibility of TAC engineering to identify / test their patterns, but if it can help others, I'll give it a go. 🙂
... View more
07-25-2022
02:54 PM
Just like you, I'm receiving these alerts on traffic NOT going to Atlassian instances.
Looking at the PCAP, I see:
GET /max_groupm_vimp/cqBEM_QBMxlLhguztF9yWmT6DTPGVEEVnYEQlMjfCLPdRn-yMBZug....
...
Host: pdc.bidswitch.net
...
Referer: https://www.usatoday.com/
... View more
07-22-2022
02:38 PM
We are seeing the same false positive.
I opened a ticket the TAC and they are requesting a full packet capture. I'm hesitant to do this on prisma gateways because it's unclear how to reproduce the traffic AND the destination IP changes so the packet capture could be running and running.
We are using the SaaS version of Atlassian, and according to the Security Advisory (https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html) :
Atlassian Cloud sites are protected If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable. Our investigations have not found any evidence of exploitation of Atlassian Cloud.
So I'm tempted to make a signature exception in the Antivirus Profile.
Other ideas?
... View more
08-17-2021
09:42 AM
Reviving this post. We are also looking for ways to improve our change management procedures to satisfy compliance requirements. Currently, we are using Panorama to manage our firewalls and use the "Commit Comment" section to include Jira ticket numbers where we can reference the config changes and approvers. We also use the "Audit Commit" but that only applies to policy changes. Unfortunately, this has many limitations: 1. It's easy to forget to add the ticket number 2. There is no explicit way for another team member to approve the change in Panorama/FW. 3. There are times when commits are generated without the comment addition (i.e. upgrades) Are there any ideas to overcome these challenges? We'd love to use git, but that would require a heavy lift to create a CI/CD pipeline, and potentially change how we use Panorama. We are happy with Panorama, but just wish there were better features to incorporate change management. Other ideas? Thanks!!
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
09-20-2023
07:11 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks