Threat & Vulnerability
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
488 PostsThis forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
488 PostsTraps Advanced Endpoint Protection prevents cyber breaches by protecting and enabling users to conduct their daily activities, and automating prevention by autonomously reprogramming itself using threat intelligence gained from WildFire.
1 PostsA forum to ask or share about Data Loss Prevention (DLP) strategy. DLP ensures sensitive or confidential information doesn't leak outside of the corporate network. Let's rethink DPL together.
11 PostsThis forum is to discuss Palo Alto Networks' Next-Generation CASB, an integrated, multi-faceted CASB solution that helps security teams meet the security challenges of today.
10 PostsDiscussions about IoT Security — aka the Internet of Things — a cybersecurity strategy that safeguards against the possibility of cyberattacks which specifically target physical IoT devices that are connected to the network.
23 Posts
Hi,
I am currently in the process of setting up IoT Security, Does not Require Data Lake service but I am running into issues. I have managed to setup the portal and that is reachable. The problem seems to be sending the logs from the A/P units to th
...
Hello , we are doing a poc for IOT security license , the IOT cloud service is identifying 85% of devices correctly , the rest of these devices are identified in a wrong and unacceptable way . For example the same device sometimes is identified as wi
...
Unit42 updated the threat brief at Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 (Updated April 22) (paloaltonetworks.com) on 22 April to include remediation steps for each observed level of exploit atte
...
Hello Team,
Work around is for mentioned vul is to install latest Applications and Threats content version
Applications and Threats content version 8833-8684 is already installed in our firewall, could you please confirm is our firewall affected?
...
In which situations do the services in the screenshot run?
1) Why is File Prevalence service disabled? What is Service used for?
2) Why is File Scanning disabled?
3)Why are the following services disabled and will there be problems when we enable them?
Hello team
How can we determine if your device logs match the known indicators of compromise (IoC) for this vulnerability?
I have already fixed the vulnerability and I have the TSF of my device and I want to see if I have been exploited before applyi
...
Hi Team,
Please help me to understand the below:
Firewall 1 - 10.2, GP portal & Gateway, Device telemetry enabled
Firewall 2 - 10.2, only GP portal & gateway, no device telemetry enabled
Firewall 3 - 10.2, no GP portal and gateway, only device te
...
Hello, I am a student wondering, is a firewall the best for safeguarding sensitive information and network assets
Is Pan-OS 10.1.12 susceptible to CVE-2023-51384 or CVE-2023-513845?
Our Tenable scans says it is, but I see no fix recommended for it (for any PAN-OS release). We have updated our ciphers to remediate CVE-2023-48795 but it also still shows up on
...
Hi all, in palo alto, there are 380+ signatures which are related to sql injection, and the default action for all is set to "alert". Now we want to change the action to reset, can anyone please advise how to choose the signature? it is not possible
...
Following the Cortex XDR Windows agent update to 8.3.0.49434 we started to see the following error affecting some application DLLs.
Clicking Ok makes the message go away and the application keeps working. TAC case was logged and an temporary Support
...
Hi,
The question is related to following vulnerability: https://security.paloaltonetworks.com/CVE-2024-3400
In this it said "Recommended Mitigation: Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling
...
Now Schedule Form IoT Portal can not auto generate report. But reports working successfully on manual.
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodul
...
Hello,
Following file is matched as malicious by the following signature Virus/Win32.WGeneric.efgjql when trying to download via Palo Alto FW.
Every other security vendor marks the file as benign, see VirusTotal
File is available via https://cdn.devo
...Subject | Likes |
---|---|
3 Likes | |
2 Likes | |
2 Likes | |
1 Like | |
1 Like |
User | Likes Count |
---|---|
4 | |
3 | |
3 | |
2 | |
2 |