Overview
Explore
Expertise
Ecosystem
35 results found
Introduction to XQL: Writing Your First Query
Learning a new programming or query language can be daunting, but if you've used the boolean options in a web search engine before, you can master XQL queries in no time. Like with web searches, we start with a hypothesis of our search, add filters to limit our results, and then validate the results that are returned against our hypothesis.
Introduction to XQL: Writing Your First Correlation Rule
Correlation Rules in Cortex XDR and XSIAM are how we can use XQL queries to detect patterns, anomalies or sequences of activities that could indicate malicious behavior, even when each individual event might not appear suspicious on its own. Correlation Rules typically leverage data from multiple datasets, but for our example, we'll keep it simple to alert on failed login attempts to a NGFW, and build on the query later.
What is the Prisma Access Browser
The Prisma Access Browser, a custom Chromium-based browser by Palo Alto Networks, integrates advanced security services to offer seamless, robust protection. It validates users, limits access based on roles and eliminates the need for cumbersome VPNs, making it an ideal solution for modern, flexible work environments.
PAN-OS and EDLs - Everything You Wanted to Know about External Dynamic Lists
Looking to implement external dynamic lists in your Palo Alto NGFW or Prisma Access? This post will answer all your questions about how EDLs work in PAN-OS to dynamically improve your security posture.
Introduction to Cortex XDR
Learn how Cortex XDR secures the future by rewiring security operations.
Enterprise Browsers vs Virtual Desktop Infrastructure (VDI): What are they, what do they do and how are they different
In today's digital workspace, organizations seek secure, efficient solutions to manage remote access and application delivery. This blog post explores the concept of an enterprise browser and virtual desktop infrastructure (VDI), detailing their functionalities, use cases and key differences. By understanding these tools, businesses can make informed decisions on which solution best meets their usability, security and operational needs.
Introduction to XQL: Custom Datasets for Threat Hunting
Both Cortex XDR and XSIAM let you go well beyond endpoint telemetry from the XDR Agent by ingesting custom datasets through the Broker VM. Forwarding Proxmox syslogs, you can analyze failed logins and suspicious system activity directly in XQL. This unlocks the ability to correlate hypervisor events with endpoint, network, and identity data—all in one platform. Tracking brute-force attempts against pvedaemon, custom datasets give you visibility into layers that traditional EDR misses.
Demystifying Precision AI: How Palo Alto Networks Is Redefining Cybersecurity
Precision AI by Palo Alto Networks revolutionizes cybersecurity by integrating machine learning, deep learning and generative AI for real-time, high-confidence threat protection.
Introduction to XQL: Building Your First Widget
Widgets transform XQL query results into interactive visualizations, aiding SOC analysts in identifying trends and anomalies. This article demonstrates using widgets to graph failed GlobalProtect logins, helping detect brute-force attacks and misconfigurations, and providing proactive assistance to users.
The Grizzled CyberVet's Tactical Plan: Mapping Palo Alto Networks to MITRE ATT&CK
Next up in the Grizzled CyberVet series: A global enterprise faces a full-scale cyberattack spanning every stage of the MITRE ATT&CK framework. Armed with Palo Alto Networks' full security platform, they stop the threat at every turn. Learn how a unified security strategy can outmatch attackers before they succeed. Read on to see it in action!
Contractors and the Prisma Access Browser Solution
How the Prisma Access Browser can safely allow contractors or employees on personal devices access to protected resources
Prisma Access: How it Fits into your Environment
SASE feels like a confusing concept, but it is much simpler than you think