I have come across numerous FPs. I am curious how the Palo Alto appliance alerts on files. The Threat Vault shows a file hash and a Virus total link generally. The files triggering signatures have nothing in common with the signatures often so I would appreciate any insight into the logic behind the appliance triggering, is it supposed to be matching on hash values? Thanks.
... View more