The Advantages of the Cloud Come with Certain Risk. Organizations must concentrate on a prevention-focused cloud security architecture for deployment — designed to stop threats across all potential attack vectors. The key questions to consider when adopting secure cloud services include: 1. Who’s really responsible for our data? You. In public cloud environments, as the data owner, you’re responsible for your data — not the cloud service provider (CSP). And although the CSP will secure the underlying infrastructure, the safety of your applications and data is your responsibility. So you need …
Hi, Users trying to update AdobeCC are getting blocked, the PA seems to think the below files are wildfire-virus, but when uploaded to WF they are tagged as benign. http://ccmdl.adobe.com/AdobeProducts/KCCC/1/win32/packages/ACCC_4_1_1_utils_202/Utils.zip This triggers wildfire-virus 182090415 - Win32.WGeneric.mkcan - SHA256 - f1edb3877014862c8a08a48384cffad392f11f5490bcfa4a46f03250ae7f2eda and so does CreativeCloudSetup.exe is also triggering the
Hi, There doesn't seem to be anything official on how to set up Minemeld to use corporate proxies. When trying to contact external URLs from within minemeld, it does not respect the proxy settings in either /etc/profile or /etc/default. It tries to access the Internet directly, and fails miserably,
Hello, I have a problem with json output. I have configured output node with "value":true configured but I still cant get indicator value in json format. I try to get data in this way -> https://xxx.xxx.xxx.xxx/feeds/node-1498136004722?v=json But value field in reply is empty: 0 indicator
Hi, Could you please white-list our software installer as it's marked as generic.pup on virustotal.com website which should be a false-positive. 1/ File Hash: 2a20eb78c8d47b6e1da47e476a0adf13693f1c21336bfb53590dfdb980c3f523 Current VT Verdict: generic.pup Link to Virustotal for the file: https://www.virustotal.com/en/file/2a20eb78c8d47b6e1da47e476a0adf13693f1c21336bfb53590dfdb980c3f523/analysis/1498454618/ Description: False positive detection in driver-updater-setup-auslogics.exe with Palo Alto Networks definition version 20170529 on
File Hash: 867a8834dcdcd53b9b61b54d950d4eee77da9bb2c2b8b95b149d47c477952c74 Link to Virustotal report for the file: https://www.virustotal.com/en/file/867a8834dcdcd53b9b61b54d950d4eee77da9bb2c2b8b95b149d47c477952c74/analysis/1498305645/ Current VirustTotal Verdict: generic.ml Description: Update tool for Network Auditor application
Hello, I am new to MineMeld and was trying to figure out how to customiz the alienvault reputation prototype to only pull in values with a alienvault_reliability > 5. I have the feed setup to an stdlib.aggregatorIPv4Generic and then to a FeedHCwithValue that I customized to drop anything with an
Hi guys, I am working on migrating Juniper SRX firewall xml configs into the PAN. Everything works with the exception of the static routes. The MT logs show no errors. The version is 3.1. The vr1 instance for the interfaces shows no routes ('0'). The Juniper's xml follows this
Taken from the install guide, but is this still the correct repostitory: :~$ sudo add-apt-repository "deb http://minemeld-updates.panw.io/ubuntu trusty-minemeld main" :~$ sudo apt-get update Hit http://security.debian.org wheezy/updates Release.gpg Hit http://security.debian.org wheezy/updates Release Hit http://security.debian.org wheezy/updates/main Sources Hit http://security.debian.org wheezy/updates/main amd64 Packages Hit http://security.debian.org wheezy/updates/main Translation-en Hit http://debian.uchicago.edu wheezy Release.gpg Hit http://debian.uchicago.edu
TOM, KIM, and JOE take on your questions from Ignite, with both the posted answer (but a sticky note can hold only so much info, right?) as well as more expansive responses where irresistible. We think you'll really like our dedicated Live Community engineers' perspectives on your questions. We'll continue to present more questions
The typical journey to the cloud is based on a partnership between the cloud vendor and an enterprise or business, so the next logical question becomes: who is responsible for what, when it comes to securing cloud applications and the very important data within? Solely relying on the cloud provider for security is not a viable approach. Rather, cloud security is a shared responsibility between the provider and the tenant that should be meticulously defined and understood by both parties. Only then can they work together to prevent successful cyberbreaches. …
Establishing, maintaining, and demonstrating compliance with the Payment Card Industry Data Security Standard (PCI DSS) is a necessity for everyone in payment card processing—including merchants, processors, acquirers, issuers, and service providers, as well as companies that store, process or transmit cardholder data (CHD) and/or sensitive authentication data. With approximately three hundred individual requirements to address, organizations subject to the standard have their work cut out for them.
This white paper will explain how Palo Alto Networks® Next Generation Security Platform allows PCI system operators to significantly enhance security and exceed PCI DSS requirements through segmentation and mitigating risks of malware and unpatched systems.
Advanced attacks have been able to evade traditional security measures, target specific users and vulnerable applications, steal sensitive information or commit outright fraud. One approach to preventing such advanced persistent threats (APTs) is to identify and protect against new exploits, malware and malicious URLs. This can be accomplished by “sandbox” analysis of unknown threats. Organizations such as financial institutions that are uncomfortable with cloud-based threat analysis may choose on-premise threat analysis solutions to address any data privacy concerns.
Download this whitepaper to read about how Financial Services organizations can use on-premise threat analysis solutions to mitigate compliance risks and maximize prevention against cyberattacks.
A couple more great questions and answers posted on the #GetAnswers wall at Ignite2017 I hope can be useful to anyone with similar questions How can you do a wildcard search in Traffic Monitor? Posted answer: Wildcards cannot be used in the traffic log filter. My side
Palo Alto Networks Unit 42 threat intelligence team has just released new research that has uncovered a previously unknown second wave of Shamoon 2 attacks: Second Wave of Shamoon 2 Attacks Identified Based on our analysis, these attacks were timed to occur on November 29, 2016, twelve days after the initial Shamoon 2 attacks that we wrote about previously. Like the initial Shamoon 2 attacks, this second wave of Shamoon 2 attacks utilize the Disttrack wiper malware. Disttrack is optimized to destroy systems by targeting their hard drives and to …
Table of Contents Introduction. Chromebooks and GlobalProtect. GlobalProtect App Configuration and Deployment from the Google Chromebook Management Console View the User Settings for the GlobalProtect App. Configure Policies and Settings for Everyone in an Org Unit. Test the Connection. Squid Proxy Server Configuration and Deployment. Chromebooks and User-ID. Setup
Girl Scouts can start earning cybersecurity badges next year, thanks to an effort by the Girl Scouts of America and cybersecurity firm Palo Alto Networks. The youth organization came up with the idea simply by asking Scouts what they want. And the girls want to hack.
They can start fires, manage money, splint an injury and navigate trails. And beginning in 2018, Girl Scouts can learn to detect and defend themselves against cyberthreats, cyberbullying, data breaches and hacking.
There is no doubt that a lot of GREAT things were happening at Ignite'17. If you were not able to come, we all understand, but look forward to seeing you at another Ignite. The Live Community booth was an exciting place to be. We met so many wonderful people
Establishing, maintaining and demonstrating compliance with the Payment Card Industry Data Security Standard (PCI DSS) is a necessity for all entities involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD). For all system components included in or connected to the Cardholder Data Environment (CDE), organizations must comply with more than three hundred requirements. It is in every organization’s best interest, therefore, to take advantage of network segmentation provisions stated in the PCI DSS to effectively isolate their CDE and thereby decrease the amount of infrastructure that is considered in scope.
I've recently created a new device group on our Panorama. When I am inside the tool and attempt to import the config for a new baseline, my new device group doesn't show. I can see it connecting to the local firewalls. The config imports just fine, just not my new