Saucepan

User Tools

Site Tools

Trace: legal dns_security cli_commands
paloaltonetworks:dns_security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
paloaltonetworks:dns_security [2023/01/04 12:17] bstaffordpaloaltonetworks:dns_security [2025/08/29 13:27] (current) – [Details] bstafford
Line 7: Line 7:
  
 [[https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/datasheets/dns-security-service|DNS Security Data Sheet]] [[https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/datasheets/dns-security-service|DNS Security Data Sheet]]
 +===== DoT/DoH =====
 +PAN-OS 11.2.1 [[https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-networking-admin/dns/configure-a-dns-proxy-object|released the ability]] for DNS Proxy on PAN-OS to act as a DoT/DoH server and also forward on DoT/DoH.
  
-Data Sources Include:+ 
 +=====Data Sources=====
   * Passive DNS   * Passive DNS
   * URL Filtering   * URL Filtering
Line 16: Line 19:
   * [[https://unit42.paloaltonetworks.com/|Unit 42]]   * [[https://unit42.paloaltonetworks.com/|Unit 42]]
  
-Details:+=====Details=====
   * Response in <100 Milliseconds   * Response in <100 Milliseconds
   * More than 30 third-party sources of threat intelligence to enrich data and ensure you have coverage   * More than 30 third-party sources of threat intelligence to enrich data and ensure you have coverage
Line 24: Line 27:
   * Stops newly registered domains 6x faster than publicaly avaialble scanners   * Stops newly registered domains 6x faster than publicaly avaialble scanners
  
 +New in mid 2025
 +
 +  * Detection of unknown C2 threats developed using the open source Sliver C2 framework (ATP)
 +  * Enhanced Empire C2 deteciton
 +  * Protection against DNS relaying attacks, also known as Data Exfiltration via HTTP request headers (ATP+ADNS)
 +  * Domain Masquerading Detection, Malicious TDS Detection (ADNS)
 +  * AI Categorization, Crypto Scam Detection, DeepFake Phishing Detection (AURL)
 +  * Endpoint DLP
 +
 +=====URL Categories Blockable=====
 +  * Ad Tracking
 +  * Command and Control
 +  * Dynamic DNS Hosted
 +  * Grayware
 +  * Malware
 +  * Newly Registered Domains (NRD)
 +  * Parked
 +  * Phishing
 +  * Proxy Avoidance & Anonymizers
  
-URL Categories Blockable +===== DNS Techniques ===== 
-https://www.paloaltonetworks.com/network-security/wildfire+  * Dangling DNS (PAN only) 
 +  * WildCard DNS (PAN only) 
 +  * NXNS Attack (PAN only) 
 +  * CNAME Cloaking 
 +  * Ultra-Slow DNS Tunneling 
 +  * Data Theft 
 +  * DNS Tunneling 
 +  * DNS Infiltration 
 +  * Compromised DNS Zone 
 +  * DNS Rebinding 
 +  * Strategically Aged Domains 
 +  * Domain Squating 
 +  * Domain Generation Algorithm (DGA) 
 +  * Dictionary DGA 
 +  * Fast Flux Domains 
 +  * DNS Rebinding Attacks 
 +  * Dangling SNA Attacks
paloaltonetworks/dns_security.1672834637.txt.gz · Last modified: by bstafford