- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Palo Alto Networks will release a new Advanced URL Filtering category called “Compromised-website” via Content update on January 02, 2025, and activate it on April 02, 2025.
ACTION: An action may be required. The Compromised-website category action is set to BLOCK only for the default profile. If you have multiple URL Filtering Security profiles, you must update the default action to the recommended BLOCK action for each.
How is the Compromised-website category defined?
Palo Alto Networks defines the Compromised-website category as benign or legitimate sites that have been hacked or infected with content such as malicious scripts, viruses, trojans, or executables.
Will the Compromised-website category be visible across all PAN-OS software?
The Compromised-website category will be visible on all supported PAN-OS software versions.
What is the recommended action for the Compromised-website category?
The recommended action for the Compromised-website category is BLOCK.
When will the Compromised-website category appear in Content Updates?
The “Compromised-website” category will be introduced in the content version released on January 02, 2025. This new category will be visible on the administrator management console after you install the content version released on this date or later.
When will the Compromised-website category be functional?
Although the new category appears in firewalls with content released on January 02, 2025, or later, we will activate it on April 02, 2025. On that date, we will begin publishing URLs that will be categorized as Compromised-website, making the category functional.
What happens if the Content version used is older than the update released on January 02, 2025?
If the Content version is older than the update released on January 02,2025, URLs published in this new category will not be categorized under Compromised-website and will instead be classified as Malware and Unknown.
Apart from BLOCKing, is there some other action to take when a URL is categorized as Compromised-website?
The website owner could be informed about the compromise, and they can take action to clean up the website. After the website is cleaned, a category change request can be submitted via the Palo Alto Networks Test A Site portal.
What is the Palo Alto Networks test URL for Compromised-website?
The test URL for the new Compromised-website category is:
http://urlfiltering.paloaltonetworks.com/test-compromised-website
Additional Information
For more information on best practices when managing URL Filtering categories, check out these resources:
URL Filtering Category Recommendations
Complete List of PAN-DB URL Filtering Categories
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Subject | Likes |
---|---|
3 Likes | |
1 Like | |
1 Like | |
1 Like | |
1 Like |