Saucepan

User Tools

Site Tools

Trace: rpz_feeds create_certificate_with_pki console_access ntp_on_infoblox nios_x_xaas discovery_vdiscovery threat_insight useful_nios licenses support_portal
paloaltonetworks:dns_security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
paloaltonetworks:dns_security [2023/01/04 12:19] bstaffordpaloaltonetworks:dns_security [2025/08/29 13:27] (current) – [Details] bstafford
Line 7: Line 7:
  
 [[https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/datasheets/dns-security-service|DNS Security Data Sheet]] [[https://www.paloaltonetworks.com/apps/pan/public/downloadResource?pagePath=/content/pan/en_US/resources/datasheets/dns-security-service|DNS Security Data Sheet]]
 +===== DoT/DoH =====
 +PAN-OS 11.2.1 [[https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-networking-admin/dns/configure-a-dns-proxy-object|released the ability]] for DNS Proxy on PAN-OS to act as a DoT/DoH server and also forward on DoT/DoH.
  
-====Data Sources====+ 
 +=====Data Sources=====
   * Passive DNS   * Passive DNS
   * URL Filtering   * URL Filtering
Line 16: Line 19:
   * [[https://unit42.paloaltonetworks.com/|Unit 42]]   * [[https://unit42.paloaltonetworks.com/|Unit 42]]
  
-====Details====+=====Details=====
   * Response in <100 Milliseconds   * Response in <100 Milliseconds
   * More than 30 third-party sources of threat intelligence to enrich data and ensure you have coverage   * More than 30 third-party sources of threat intelligence to enrich data and ensure you have coverage
Line 24: Line 27:
   * Stops newly registered domains 6x faster than publicaly avaialble scanners   * Stops newly registered domains 6x faster than publicaly avaialble scanners
  
 +New in mid 2025
  
 +  * Detection of unknown C2 threats developed using the open source Sliver C2 framework (ATP)
 +  * Enhanced Empire C2 deteciton
 +  * Protection against DNS relaying attacks, also known as Data Exfiltration via HTTP request headers (ATP+ADNS)
 +  * Domain Masquerading Detection, Malicious TDS Detection (ADNS)
 +  * AI Categorization, Crypto Scam Detection, DeepFake Phishing Detection (AURL)
 +  * Endpoint DLP
  
-====URL Categories Blockable====+=====URL Categories Blockable=====
   * Ad Tracking   * Ad Tracking
   * Command and Control   * Command and Control
Line 36: Line 46:
   * Phishing   * Phishing
   * Proxy Avoidance & Anonymizers   * Proxy Avoidance & Anonymizers
 +
 +===== DNS Techniques =====
 +  * Dangling DNS (PAN only)
 +  * WildCard DNS (PAN only)
 +  * NXNS Attack (PAN only)
 +  * CNAME Cloaking
 +  * Ultra-Slow DNS Tunneling
 +  * Data Theft
 +  * DNS Tunneling
 +  * DNS Infiltration
 +  * Compromised DNS Zone
 +  * DNS Rebinding
 +  * Strategically Aged Domains
 +  * Domain Squating
 +  * Domain Generation Algorithm (DGA)
 +  * Dictionary DGA
 +  * Fast Flux Domains
 +  * DNS Rebinding Attacks
 +  * Dangling SNA Attacks
paloaltonetworks/dns_security.1672834793.txt.gz · Last modified: by bstafford