What are best practices for Responding to Security Advisories from Palo Alto Network
5441
Created On 07/01/22 05:36 AM - Last Modified 11/25/24 19:34 PM
Question
I have received a security advisory by email from Palo Alto Networks. what are my next steps?
Environment
- All Palo Alto Networks Products.
- Supported PAN-OS versions.
- Security Advisory.
Answer
The security advisory is a public announcement sent by the Palo Alto Networks team about any newly discovered software, hardware, or services vulnerability.
Here are the steps that can be taken when one receives a security advisory.
- Visit the PAN security advisory page at https://security.paloaltonetworks.com/
- Search for the advisory of interest. It can be filtered as shown below.
- Check more details about the vulnerability as follows:
- CVSS Score: The higher the score, the more dangerous it is.
- Check on "affected version;" if your product has this software version you can upgrade to the "unaffected version."
- If your product is already in the "unaffected version," no action needs to be taken.
- Regarding vulnerabilities related to PAN-OS, please review the "Affected" and "Unaffected" columns of each advisory to view which PAN-OS is impacted by the particular vulnerability.
- The page also has 3rd party software vulnerability and if any Palo Alto product is using it, such as log4j.
- Click on the vulnerability, and a new webpage will open.
- The webpage opened is continuously updated with the Palo Alto Networks team.
- This page has the Description, Product status, Severity, Exploitation status, Weakness type, and, most importantly, the solution, workarounds, mitigations, frequently asked questions, and fix times.
- This information can help you to find the unaffected version, progress on a fix, mitigation, and more useful information.
Additional Information
- Report Palo Alto Networks product-related vulnerability:
- email us at PSIRT@PaloAltoNetworks.com, if you want additional security you can find the PAN PGP key here
- Product security assurance and vulnerability disclosure policy is here.
-
Report any other (non-product) vulnerability involving Palo Alto Networks i.e. vulnerabilities affecting paloaltonetworks.com here.
Keywords:
- Coordinated Vulnerability Disclosure:
- Palo Alto Networks follows the principle of coordinated Vulnerability Disclosure, i.e. when internal or external security researchers discover new software, hardware, and services vulnerability, they coordinate with vendors and CERT to share the information with all stack holders.