This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About adminBandE
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About adminBandE
01-11-2023
6Posts
3Likes
0Solutions
Jan 11, 2023Last Visited
User
Activity
User
Profile
Latest posts by adminBandE
| Subject | Views | Posted |
|---|---|---|
| 474 | 01-11-2023 01:19 PM | |
| 627 | 12-13-2022 07:26 PM | |
| 1177 | 08-09-2022 03:49 PM | |
| 1936 | 08-04-2022 07:45 PM | |
| 3158 | 05-10-2022 12:25 PM | |
| 3185 | 05-10-2022 11:59 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 2 Likes | 05-10-2022 12:25 PM | |
| 1 Like | 05-10-2022 11:59 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 1 Like | |||
| 2 Likes |
User Badges
Community Statistics
| Member Since | 03-30-2017 08:17 PM |
| Date Last Visited | 01-11-2023 04:48 PM |
| Posts | 6 |
| Total Likes Received | 3 |
01-11-2023
01:19 PM
Thanks Afurze for confirming.
... View more
12-13-2022
07:26 PM
Hi community,
Starting with this disclaimer: Yes I know the product is designed to scan on execution and what I'm asking may not be most effective, but hear me out...
Is there a way to setup a periotic scan to only scan a single folder, not a full system scan?
Scenario: I have a webserver customers will upload PDF's and Office docs to. The system validates the mime type of the file, but does not verify it's contents.
The file is stored locally for a short period of time before a backend process collects it from the webserver.
I'm wanting to scan the folder between collections, to prevent a dangerous file from being collected.
Cortex will run on the back end so will scan when it's being processed, but I'm wanting to detect it before it gets to this point.
Legitimate files may also contain PII so connecting an API to virustotal for automated submission is not an option.
Has anyone been able to configure Cortex to perform this sort of functionality?
Thanks in advance.
... View more
08-09-2022
03:49 PM
We are also ignoring due to the risk of missing a legitimate alert. Not seeing this occur much in the environment and only on servers, thankfully.
... View more
08-04-2022
07:45 PM
Hi community,
Wondering if anyone else is seeing BT alerts for sdiagnhost.exe appearing over the last 24 hours? We have had similar things occur in the past due to over excited signature updates cause false positives.
This process is one that MSDT Follina uses but the servers it popping up on do not run any Office products running so confident it's not that, and mitigated MSDT issues back when they first hit the news.
Cheers
... View more
05-10-2022
12:25 PM
2 Kudos
Update from my Case: From the case description, I understand that you are receiving BTP alerts for smss.exe for the rule other.malware_gen_task.105 I would like to inform you that it is a false positive BTP alert and multiple customers where reported the same. We are working on the fix and will update you as soon as available. As a workaround please create an alert exception for now reference. I just created the (temporary) exception, lets see if it takes effect! Edit: It does work. Apply the alert exception from the incident under alerts & insights, right-click the alert and select manage alert - create alert exception. It will then appear under your global BTP rules.
... View more
05-10-2022
11:59 AM
1 Kudo
Getting this too. It occurs after the latest content & policy update. I can manually trigger it but clicking check-in now button, so its like the process that applies the policy update is triggering itself lol. You can verify this in the endpoint log on portal, it triggers same time as the policy update. Support case logged also: CASE #: 02191983
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks