{"id":7152,"date":"2014-11-05T06:00:16","date_gmt":"2014-11-05T14:00:16","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=7152"},"modified":"2023-03-28T13:41:02","modified_gmt":"2023-03-28T20:41:02","slug":"web-security-tips-pan-db-plays-important-role-cyber-kill-chain","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2014\/11\/web-security-tips-pan-db-plays-important-role-cyber-kill-chain\/","title":{"rendered":"Web Security Tips: How PAN-DB Plays an Important Role in the Cyber \u201cKill Chain\u201d"},"content":{"rendered":"

Organizations are facing persistent, elusive and sophisticated cyber-attacks more than ever. Sometimes these attacks might seem unavoidable, leading you to believe that your network and data cannot be protected. But if you think about how cybercriminals need to successfully infiltrate your network, remember the various steps in the cyber kill chain required to do so, including \u201cbreach premier,\u201d \u201cdeliver malware,\u201d \u201cendpoint operation\u201d and \u201cexfiltrate data.\u201d<\/p>\n

The good news is that blocking just one step in this cyber-attack chain, you can protect your network and data from attack.<\/p>\n

\"CKC\"<\/span><\/div><\/a><\/p>\n

The above model shows how we think about the\u00a0cyber kill chain at Palo Alto Networks. PAN-DB plays a critical role in three of the four stages, highlighted in red. As we discussed in the recent blog post, \u201cWeb security tips: How PAN-DB works<\/a>,\u201d PAN-DB has a rich database of malicious URLs that can be used to block malware downloads, and to disable Command and Control (C&C) communications. This database will help you to block attacks throughout the cyber kill chain.<\/p>\n

Here are a few examples<\/h3>\n

Breach perimeter<\/h4>\n

Advanced attacks commonly try to breach the perimeter. PAN-DB gives you protection against breach perimeter by blocking risky websites such as hacking, phishing, malware, drive-by-download and exploit sites.<\/p>\n

Deliver malware<\/h4>\n

Once the perimeter is breached, attackers try to make you download malware on to your network. PAN-DB helps you to block downloads from malware sites. In addition, by blocking file downloads from unknown URL category (as we discussed in another recent blog, \u201cWeb security tips: Using URL categories in your security policy<\/a>\u201d),<\/strong> you can reduce the risk of downloading malware significantly.<\/p>\n

Exfiltrate data<\/h4>\n

Malware can enter your network by evading your gateway security, such as through an employee\u2019s own laptop or USB drive. Malware in your network communicates with the attackers and exfiltrates data. But PAN-DB helps you to disable such C&C communications by utilizing C&C URL and IP database as provided in WildFire.<\/p>\n

URL filtering should do more than prevent unwanted web browsing<\/h3>\n

Traditional URL filtering was born to block non-business web access for productivity and compliance purposes. Although those purposes still hold true for URL filtering, the solution is incomplete unless it can also filter harmful websites to protect your network and data from cyber-attacks.<\/p>\n

PAN-DB will add more protection to your Palo Alto Networks Enterprise Security Platform. We hope you utilize the power of PAN-DB to protect your network from advanced attacks.<\/p>\n

To learn more about web security, please visit our resource page, \u201cControl Web Activity with URL Filtering.<\/a>\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

Organizations are facing persistent, elusive and sophisticated cyber-attacks more than ever. Sometimes these attacks might seem unavoidable, leading you to believe that your network and data cannot be protected. But if you …<\/p>\n","protected":false},"author":40,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[155,744],"tags":[388,745,783,506,69],"coauthors":[716],"class_list":["post-7152","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-2","category-web-security","tag-kill-chain","tag-pan-db","tag-url-categories","tag-url-filtering","tag-wildfire"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/7152","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=7152"}],"version-history":[{"count":8,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/7152\/revisions"}],"predecessor-version":[{"id":182174,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/7152\/revisions\/182174"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=7152"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=7152"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=7152"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=7152"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}