Palo Alto Networks NGFW
VulnCheck Initial Access Intelligence improves Palo Alto Networks NGFW deployments by providing real-time IP Address data via our Tags API.
Customers of Palo Alto Networks NGFW who purchase a VulnCheck Initial Access Intelligence license are able to leverage Palo Alto Networks' Dynamic Block List (DBL) functionality to block attacker Command & Control (C2) infrastructure detected by VulnCheck.
Working with Dynamic Block Lists in Palo Alto Networks NGFW
Palo Alto Networks NGFW provides an easy to use Dynamic Block List (DBL) feature, which may be used with third-party intelligence providers like VulnCheck.
For more information on these features from Palo Alto Networks see: How to Configure Dynamic Block List (DBL) or External Block List (EBL)
Block VulnCheck C2 Detections with Palo Alto Networks NGFW
On your Palo Alto Networks device:
- Go to
Objects > Dynamic Block List - Click
Add - In the
Namefield, type the name of the VulnCheck Tag, such asvulncheck-c2 - In the
Sourcefield, enter "https://api.vulncheck.com/v3/tags/vulncheck-c2?token=INSERT_VULNCHECK_TOKEN" - Fill in other fields as necessary and click OK
Fortinet FortiGate
VulnCheck Initial Access Intelligence improves Fortinet FortiGate deployments by providing real-time IP Address data via our Tags API.
Microsoft Power BI
Microsoft Power BI can leverage VulnCheck KEV API as an intelligence source for Known Exploited Vulnerabilities. Include timely evidence of CVE exploitation such as software vendor, products, reference articles and VulnCheck XDB links in your PowerBI applications.
