This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About SMutlu
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About SMutlu
05-26-2023
3Posts
1Like
0Solutions
May 26, 2023Last Visited
User
Activity
User
Profile
Latest posts by SMutlu
| Subject | Views | Posted |
|---|---|---|
| 110 | 05-25-2023 01:54 AM | |
| 265 | 05-02-2023 05:33 AM | |
| 571 | 04-13-2023 03:38 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 04-13-2023 03:38 AM |
User Badges
Community Statistics
| Member Since | 03-23-2022 07:04 AM |
| Date Last Visited | 05-26-2023 08:27 AM |
| Posts | 3 |
| Total Likes Received | 1 |
05-25-2023
01:54 AM
Hi All,
I saw that, WAAS have new feature for detect risk path from WASP API Top 10 list, but there is no any details about detection mechanism and request/response details. It only shows as risky but I need more details to understand alarms are f/p or not.
As WAAS haven't scan the API definitions, how does prisma cloud compute detect API rate limiting capabilities from technical perspective?
How can I investigate the case or traffic that identifies as WASP API Top 10 risk on paths that are found to be risky?
Kind Regards
@EGunay
Prisma Cloud
... View more
05-02-2023
05:33 AM
Hi Everyone,
This query works for that case ;
config from cloud.resource where cloud.type = 'gcp' AND api.name = 'gcloud-compute-firewall-rules-list' AND json.rule = disabled is false and direction equals INGRESS and (allowed[?any( (ports is member of (22) or ports contains _Port.inRange(22,22) or ports does not exist) and (IPProtocol contains tcp or IPProtocol contains "all" ))] exists) and (sourceRanges[ * ] size does not equal 5 or (sourceRanges[ * ] does not contain "MY IP1" or sourceRanges[ * ] does not contain "MY IP2" or sourceRanges[ * ] does not contain "MY IP3" or sourceRanges[ * ] does not contain "MY IP4" or sourceRanges[ * ] does not contain "MY IP5" ))
Kind Regards
Seyma Nur
... View more
04-13-2023
03:38 AM
1 Kudo
Hi All,
I am looking for some support for the RQL.
I am trying to detect if any firewall rule on GCP allows SSH port 22 traffic from except the PSM IP addresses. I developed some queries but it's not able to catch every scenario. I am trying to develop a query that should check exact match with the IP addresses that I've write. Need your comments for this use-case. Thank you !
Example Query :
config from cloud.resource where cloud.type = 'gcp' AND api.name = 'gcloud-compute-firewall-rules-list' AND json.rule = disabled is false and direction equals INGRESS and sourceRanges[*] is not member of (IP Addresses separeted with comma) and allowed[?any(ports is member of (22) or ports contains _Port.inRange(22,22) and (ports does not exist and (IPProtocol contains tcp)))] exists
Kind Regards
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks