As a follow up to last week’s post regarding Mariposa infection research, Yamata Li of the Palo Alto Networks Threat Research Team has developed a Wireshark plugin that will allow you to view obfuscated pcaps of traffic from a Mariposa infected client and actually decrypt them within Wireshark. The software is available to all as [...]

Over the past month, we’ve been pulled in by customers to analyze various “weird” behavior on the network. One of these instances happened a few weeks ago. A large Fortune 200 customer was reviewing application usage on the network using the Palo Alto Networks devices and discovered that there were a few devices in globally [...]

Now more than ever, business and security teams need to align their business priorities. Case in point, highlighted by two recent articles on social networking use in the business world. The first article, published in eWeek UK, states that most CIOs are blocking (or trying to block) social networking sites.
http://www.eweekeurope.co.uk/news/cios-frown-on-social-networking-at-work-2007 http://community.zdnet.co.uk/blog/0,1000000567,10014107o-114626b,00.htm https://www.mckinseyquarterly.com/home.aspx http://www.aiim.org/

Recently, Greg Young of Gartner blogged about Enterprise UTM’s, comparing them to Unicorns and Pixies. I could not have agreed more with everything that Greg has wrote in his blog and would like to focus on his last bullet point. Greg discusses the “Best of breed requirements” that keep enterprises from buying UTM’s.

When asked who’s the best illusionist of all time, you’ll likely hear anything from Harry Houdini to David Copperfield to David Blane, but they don’t have anything on your IPS vendor.
I often hear the question, how big or how good is Palo Alto Networks’ vulnerability research team? If you look at the website or collateral [...]

Greg Young and John Pescatore just authored an excellent note on next-generation firewalls (see the liner notes/background in Greg’s blog).
In the note, “Defining the Next-Generation Firewall,” Greg and John do an excellent job laying out the definition, the requirements, and their recommendations for next-generation firewalls in the enterprise.  Gartner notes that due to their dependence [...]

No doubt the first question you might have is what is Yoics! Simply put, Yoics! is a remote desktop access application that has been found in many of our customer’s networks. It is a good example of the types of applications being found that are not necessarily endorsed by corporate policy.
Let’s take a quick look [...]