Paloalto case number 02759964

I want to align an engineer for the case raised mentioned in the subject. Please help in doing so asap

Which is best PA IPS or Azure IDPS

Which is best PA threat protection or Azure IDPS

Vulnerability Assessment-CVE-2022-0778

Hi,

We have CVE-2022-0778 affected for couple of our boxes and we are in midst of patching as well.

Apparently, we don’t have SSL inspection enabled on any of our boxes. Hence would like to confirm if there is any impact to us.

Need to confirm whet

wildfire-virus threatID 602574714 false positive ?

Good Morning,

Has anyone had WildFire-Virus threat events with the following  threat ID:602574714 ?

Antivirus Signatures 

Threat 86751 - PotatoVPN Detection

I am getting hits on this threat, categorized as Spyware, but as far as I can see it is a legitimate client VPN  product.  Why is this being classed as malicious or is it mis-classified?

Threat ID 86798 - BruteRatel C4 Command and Control Traffic Detection

Hi all,

since yesterday I see this threat as a critical. I suppouse that is false posotive action.

Didn't find any suspicious actions on the computer and just want to know is there any of you that have observed similar alerts?

Maybe I have to dig

Denial of Service Investigating

If I wanted to to troubleshoot / investigate for a potential DoS attack, what are some logs to look for using the Palo Alto?

Cortex XDR Remote account enumeration

Hello,

today we have interesting alert

At least 33 distinct non-existing accounts failed to remotely log in to XX-Laptop1. Users list: name.user, user name, user.name, username

User has no idea - all day at school, behind NAT. What I cannot reall

out of date CVEs

I am curious about the listing of vulnerabilities in the vulnerabilities assessment.  It seems like it is catching old out dated CVE's and attaching them to fully updated machines.  for example i have numerous machines showing a vulnerability CVE-202

Apps and Threats Mismatch

Hi All

I have a pair of Panorama managed Firewalls configured in a HA Setup . However I m observing a mismatch on the App and Threat versions across both devices . Although the "Synch To Peer" option is enabled on the App and Threat schedule settin

Vulnerability Protection Profile

Hello!

I have a rule with a vulnerability protection profile enabled between my VPN users and DMZ.

I need to WebGUI (8443/8080) into a new DMZ server, but VP is stopping it.

How do I make an exception for this traffic?

Thanks,

DC

Blocking external IP addresses and blacklists

Hi,

I have some questions regarding the PAN-OS and blocking IP addresses. 

We are getting daily emails with lists of IP's that are port scanning and probing th FW. The customer wants all these addresses blocked. For example over the last 2 weeks I ha