Hi. when our machines login to our domain some files are copied over.. i cannot find the filename, but the hash is 9ffc443a0264e41efc6db2cb24bb159f66fc4d53272210021fa1a054425309f9 and it keeps getting detected.. since yesterday when i setup the new 3220 it has been detected 3.300 times.. im not sure what the file is,
Symptoms Azure external account does not have real-time alerting configured. After removing an Azure resource, relevant alerts remain open indefinitely Diagnosis Check if latest reports contain Azure alerts for resources that no longer exist in the Azure environment. Solution Configure Azure real-time alerting
Question How does modifying Scan Interval affect the next time a scan is scheduled? Answer Evident Monitoring will check the recorded "last_scan" time for each service, and compare that to the scan interval. If enough time has passed since the last time a service was scanned, then all the signatures for
When an alert ends and is replaced by another alert, the alert notification sent from SNS Integration will have the replaced_by_id and replaced_by_status fields. However, if the alert that replaces it is a general error alert with no resource_id, then the original alert's replaced_by_id and replaced_by_status fields will be empty.
When the "Send Alert Updates" option is enabled on an Integration, notifications will be sent whenever an alert is updated. An alert can be updated for any of the following reasons: metadata changes tags changes user attribution added alert ended alert reopened alert suppressed Note that "Send Alert Updates" is
Chris Yates is a Senior Security Architect working for Critical Start in Oklahoma City, Okla. Critical Start is one of our partners who have achieved CPSP status. This is Chris’s story on why he became a CPSP with Palo Alto Networks
Hi, I have a 5050 firewall with multiple VSYS and I want to migrate from these two VSYS to a new chassis. For this I would like to simply import the existing config into the migration tool, remove the remaining VSYS and load the finished config file into the
Name: Identity Theft Preventer Website with download link: https://shieldapps.com/products/identity-theft-preventer/ MD5: 159c00692e9f9aeff3a294c28f18baf6 SHA256: f81d996ae7ad5ab04a6dc3a9a1200c0b9760d17d0162ae1cfd82b74316170314 Link to Virustotal report for the file: https://www.virustotal.com/#/file/f81d996ae7ad5ab04a6dc3a9a1200c0b9760d17d0162ae1cfd82b74316170314/detection Current VirustTotal Verdict: generic.ml
Hello, I am a software qualiticien at SAGE FRANCE. When checking the executable of one of our applications under VirusTotal website we got a return from your antivirus engine. I'm forwarding you the link https://www.virustotal.com/#/file/e3ee7c74d7f61bc51f3f0eca3e613deae74b181d2b43330f0fd394c31c8692ae/detection Can you include our application in your whitelist. Thank you for your help. Regards
Despite the accelerated adoption of cloud and modern computing solutions, many organizations are still trying to get cloud security off the ground. However, with cybercriminals lurking about, the job and goal of IT security professionals remains consistent: protect your data from cyberthreats. In this eBook, you’ll learn how Palo Alto Networks and Microsoft Azure can help you modernize and cut costs with next-generation security that prevents cyberthreats - from servers to the cloud to endpoints and everywhere in between.
The Expedition Transformation and Best Practices Adoption Tool helps to improve your security posture by comparing the device and policy configurations against the Palo Alto Networks Best Practices Adoption Tools and automatically identify and provide remediation recommendations.
Palo Alto Networks® lets you deliver consistent, automated protections across public and private clouds so you can adopt SaaS apps, rapidly roll out cloud-delivered services and apps, and avoid business disruption.
Infrastructure-as-a-service and platform-as-a-service offerings – IaaS and PaaS, respectively – are gaining traction for application development, analytics, business intelligence and more, but they also create new risks. Fragmented security, manual operations and human error can cause breaches as well as slow down application deployments
There’s no question about the business value of the cloud – the question is how to adapt your security to work for the cloud. Palo Alto Networks® lets you deliver consistent, automated protections across public and private clouds so you can adopt SaaS apps, rapidly roll out cloud-delivered services and apps, and avoid business disruption.
Use of software-as-a-service, or SaaS, applications is exploding, but so are the security risks of SaaS clouds. Sanctioned and unsanctioned SaaS adoption alike can increase the risk of data exposure, breaches and noncompliance.
WHY IGNITE? What's else is in it for me...and you? Still got that burning question? #GetAnswers...and other stuff...at Ignite Live and in person Visit the Live Community in Booth 304 May 21-24 at the Anaheim Convention Center Register for Ignite now This four-day event in Anaheim,
Question If you cannot Quarantine 'Drop Box' Cloud App on Aperture while being able to Quarantine other Cloud Apps, it is possibly due to not configuring an Admin Account. This is specific only to 'Drop Box' application. Answer CloudApp settings for dropbox require Admin email for dropbox quarantine to work as
Symptoms Splunk is configured for Evident Monitoring Integration. Splunk environment is installed with "Evident.io App for Splunk" Splunk was upgraded (e.g. from 6 to 7) Diagnosis Login to Splunk server and run the following command within Splunk's directory: grep -i "token" -R splunk_app_evidentio/* | grep inputs.conf This should
Hello, I'm trying to get simple data from https://ips.zscaler.net/pac/json. I tried to exploit the extractor with http://jmespath.org/ but really, I don't think I need an extractor here, just indicator "ip". But it doesn't work : age_out: default: null interval: 257 sudden_death: true attributes: confidence: 100 share_level: green type: IPv4 indicator: ip prefix: