What are the Unique Threat IDs for Advanced Threat Prevention (ATP)?

What are the Unique Threat IDs for Advanced Threat Prevention (ATP)?

1916
Created On 12/05/24 17:04 PM - Last Modified 10/28/25 19:55 PM


Question


What are the Unique Threat IDs for Advanced Threat Prevention (ATP)?

Environment


  • Palo Alto Firewalls
  • PANOS 10.2 and above

Answer


Profile TypeThreat NameThreat IDSeverityMin PANOS Version
VulnerabilityInline Cloud Analyzed SQL Injection Traffic Detection99950High11.0.2
VulnerabilityInline Cloud Analyzed CMD Injection Traffic Detection99951High11.0.2
SpywareEvasive HTTP C2 Traffic Detection89950High10.2
SpywareInline Cloud Analyzed HTTP2 Command and Control Traffic Detection89951High10.2
SpywareEvasive Cobalt Strike C2 Traffic Detection89955High11.0.2
SpywareEvasive Cobalt Strike C2 Traffic Detection89956High10.2
SpywareEvasive Cobalt Strike C2 Cross Session Traffic Detection89957High11.0.2
SpywareEvasive Empire C2 Traffic Detection89958High11.0.2
SpywareEvasive Sliver C2 Traffic Detection89961High11.2.7
SpywareInline Cloud Analyzed SSL Command and Control Traffic Detection89952High10.2
SpywareInline Cloud Analyzed Unknown-TCP Command and Control Traffic Detection89953High10.2
SpywareInline Cloud Analyzed Unknown-UDP Command and Control Traffic Detection89954High10.2
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000PQvuCAG&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language