Welcome to our March 2023 Rewind, where we review some of LIVEcommunity’s biggest headlines from the past month! In March, LIVEcommunity was busy sharing news about PAN-OS 11.0, celebrating Women’s History month with Palo Alto Networks product experts, member testimonial videos, and more! Which PAN-OS version are you currently running in your environment? If you're looking to stop more Zero Day threats, simplify your security architecture, and improve your security posture, read on to learn how PAN-OS 11.0 Nova can help do just that. PANCast Has New Episodes — Now Available on Your Favorite LIstening Platform! In March, we published new episodes of PANCast (check them out for more info about IPSec Tunnels and SAML). Plus, PANCast is now available on Apple Podcasts, Spotify, and more! Check out the PANCast landing page on LIVEcommunity to get direct links to all the podcast platforms it’s hosted on. LIVEcommunity Celebrates Women’s History Month During Women’s History month, we reflect on the strong pathfinders and trailblazers who came before us and those who continue to push for a more just, equitable society. To celebrate our female peers and pioneers, we sat down with four Palo Alto Networks colleagues to get to know them better: Women's History Month Q&A: SoniaWomen's History Month Q&A: ReneeWomen's History Month Q&A: MontreWomen's History Month Q&A: Maria Special Recognition Our Community Members If you’re a regular LIVE visitor, you already know how much we love to honor our members! This month, we published two Member Testimonials and a Member Spotlight. These highly involved users help keep the wheels turning in LIVEcommunity: LIVEcommunity February Member Spotlight: @Raido_RattameisterLIVEcommunity Member Testimonial: Aleksandar AstardzhievLIVEcommunity Member Testimonial: Pavel Kucera Cobalt Strike is a commercial threat emulation platform designed to provide long-term, covert command-and-control (C2) communication between Beacon agents and the attacker-controlled Team Server. A domain-specific language called Malleable C2 is exposed to Cobalt Strike operators which allows them to create highly flexible and evasive network profiles. The platform is popular among security engineers to test the defenses of the networks that they protect. However, Cobalt Strike is frequently abused for malicious ends. Find out more — including all the ways Palo Alto Networks customers receive protections from and mitigations for Cobalt Strike Beacon and Team Server C2 communication — in this blog: Cobalt Strike Attack Detection & Defense Technology Overview. Palo Alto Networks XSIAM (extended security intelligence and automation management) is designed to be the center of SOC activity. LIVEcommunity has a new Cortex XSIAM page which is home to discussions, videos, blogs and additional resources on Cortex XSIAM to make your adoption and deployment journey as simple as possible. Prisma Cloud provides code-to-cloud coverage to centralize your cloud security for lift-and-shift as well as cloud-native applications. We are launching a new guided focus to secure the code, infrastructure, workloads, data and applications across your multi-cloud and hybrid environments in a single platform. Check out this video to learn more. Also of note in March, LIVEcommunity launched a new-and-improved Prisma Cloud Customer Journey Guide following CBDR (Code, Build, Deploy and Run) adoption guidelines and implementation plans. If you’re a customer, simply log into your customer account to access the Customer Journey Guide! Palo Alto Networks has added a new detection for DNS Security called Subdomain Reputation which is available as part of Grayware Category. Learn about the Subdomain Reputation and how it can help fight attackers using subdomains of apex public domains to carry out targeted attacks like phishing, malware distribution and command and control. Users can leverage recent enhancements to Prisma Cloud’s Projects screen to streamline their risk prioritization and decision making processes. Check out the Prisma Cloud Project Screens 2.0 Playlist on YouTube to learn more. The Palo Alto Networks Cortex team has been on a mission to radically transform the cybersecurity industry, starting with the SOC. Today, customers who want to detect identity-related attacks must rely on disparate, siloed products, such as user and endpoint behavior analytics (UEBA), insider risk management, endpoint-based identity threat detection and response (ITDR), etc. However, relying on disjointed approaches only gives a partial view and often results in poor security outcomes, alert overload and time wasted on triage. Learn more about the Cortex portfolio provides a unified solution for the modern SOC, designed to empower security analysts to take control of their threat landscape. Product Tips and Resources For Customers Choosing the Right Meta Data for Phishing and Email Incidents: Take a deeper look into the metadata provided by email, and how Cortex XSOAR gives you a great tool called Mapping to make sure that certain metadata is stored in the incident fields. Tips & Tricks: How to Disable, Enable & Clone Rules: Not all policy rules look the same. You may have encountered a rulebase where the rules are color-coded, modified, or even disabled. Why do some policy rules look so different from others? Read this blog to learn the differences in rulebases, and about your ability to manipulate the ruleset. Cortex XSOAR: How to Archive Hosted Data for XSOAR 6: There are many benefits to being a hosted XSOAR customer, such as offloading the care and feeding of the XSOAR environment. In this blog, learn how to Archive and Retrieve your data, highlight best practices, recommendations and FAQs. Discover Your VMware ESXi Exposures with Cortex Xpanse: Cortex Xpanse Active Attack Surface Management helps prevent fires when known CVEs are being actively exploited by threat actors and even goes a step further by helping organizations prepare for new CVEs. Setting Up Auto-Triage Use Cases in Cortex XSOAR Using KAPE and Cortex XDR: This post describes one approach you could take to set up an auto-triage use case in Cortex XSOAR by combining the forces of the Kroll Artifact Parser and Extractor (KAPE) triage tool and Cortex XDR. Prisma Access and Microsoft Integrations: Microsoft and Palo Alto Networks have enjoyed a longstanding strategic partnership focused on integrating our products to protect customer applications and data on Microsoft Azure, in Microsoft 365, on customer networks as well as customer endpoints. Cloud NGFW for AWS: How to Delete Resource in Console: Watch this how-to video to find out how to delete the Cloud NGFW resource from the Console. March ‘23 Discussion Highlight: Posts With Accepted Solutions Nominated Discussions help LIVEcommunity Solutions Engineers highlight a discussion that has an Accepted Solution, and turn it into an article with additional helpful information, documentation, and clarity! Here are the Nominated Discussions we published this past month: You're now fully briefed on LIVEcommunity's March 2023 highlights! If this was helpful, be sure to give this blog a thumbs up. See you next month!
