Friday, January 29, 2021

By Annabel Steele, Fuel HQ

Everything was going well for AJ Yawn, but he couldn’t shake the feeling that he could be doing better.

Yawn has a bachelor’s degree in social science from Florida State University (where he played on the men’s basketball team) and a master’s degree in technology management from Georgetown University. He had spent five years in the U.S. Army, ascending to the rank of Captain. After leaving the Army, he was working in the cybersecurity field as an auditor, performing SOC 2 examinations and ensuring people’s cloud environments were meeting SOC 2 requirements. He was doing better than he had done in any previous position, and putting himself in a good financial situation. In spite of all that, Yawn felt like he could be doing more.

Tuesday, January 19, 2021

By Charles Buege, Fuel Editorial Advisory Committee Member

At Palo Alto Networks’ Ignite ’20 virtual conference last November, Brittany Barbehenn and Alex Hinchliffe of Unit 42 gave a fantastic summary of several items that their research team had seen thus far on the different attack vectors out there. Here, we provide a rundown of the attacks they shared to keep on your radar in the new year and beyond.

Tuesday, December 22, 2020

By Fuel HQ

On December 13^th, SolarWinds announced that hackers had inserted malware into a service that provides software updates for its Orion platform. Palo Alto Networks has quickly responded with a number of resources to help navigate SolarStorm attack, the name they assigned to the recent campaign of attacks connected to a suspected nation state actor behind the SolarWinds SUNBURST malware.

Below is a roundup of resources that the Fuel community can access online.    

Monday, December 21, 2020

By Annabel Steele, Fuel HQ

Jason Blanchard’s path to the information security (InfoSec) field began in an unlikely spot: Fort Knox, Kentucky.

Stationed there as a combat cameraman, Blanchard’s job was to create content and videos for the military. Fort Knox is where tank operators are trained, so Blanchard was not lacking for interesting footage. When the time came to make the next step in his career, Blanchard left the military and went to film school at Full Sail University in Florida. With six years of filmmaking experience under his belt when he arrived, Blanchard quickly earned a new title: teacher.

Friday, December 18, 2020

By Charles Buege and Maril Vernon, Fuel User Group Members, Fuel Editorial Advisory Committee

View part one, part two and part three.

Ever been in the incident meeting where someone asks, “How did this happen?” And the IT department responds, “Well, it was the cloud provider’s responsibility,” and then the vendor on the phone counters with, “No, it is very clearly the customer’s responsibility.” Once you start pulling in different cloud providers, there are many misconceptions with regards to who is responsible for handling what tasks. Many times, it is assumed the cloud service provider (CSP) is taking care of something, and to the mental back-burner it goes. However, this assumption leaves you open to attack, compromise and theft of IP; otherwise known as “resume building events.”

Thursday, November 19, 2020

By Charles Buege, Fuel User Group Member

A few weekends ago, I embarked on the adventure of upgrading my PA-220 to PAN-OS 10. With the articles I’ve written in the past and since version 10 has been out for a while now, I wanted to start getting some experience with it myself, so I figured it was time to pull the trigger and upgrade my lab.

Thursday, November 12, 2020

By Maril Vernon and Charles Buege, Fuel User Group Members, Fuel Editorial Advisory Committee

View part one and part two.  

Probably the most common misunderstanding we have encountered about cloud computing is the varying degrees of consuming cloud services: IaaS (infrastructure as a service), PaaS (platform as a service) and SaaS (software as a service). If you already are or plan on utilizing this functionality, then there are some nuanced differences from on-prem that don’t necessarily carry over to cloud components. Additionally, the cloud, while elastic, is not a wide-open space in which servers can endlessly grow without consequences.

Thursday, October 29, 2020

By Ashley Savageau, Palo Alto Networks Cyber A.C.E.S. Program

At Palo Alto Networks, we believe protecting our digital way of life is a privilege, and with that privilege, we strive to educate the world on all aspects of cybersecurity. Four years ago, we embarked on a project to help educate girls and diversify the future cybersecurity workforce through a partnership with Girl Scouts USA. We then decided to make similar content available to students across the globe.

Thursday, October 15, 2020

By Maril Vernon and Charles Buege, Fuel User Group Members, Fuel Editorial Advisory Committee

Given the recent popularity and increasing utilization of cloud computing in place of previously self-hosted “on-prem” components in data centers, we at the FUEL user group want to make sure readers are aware of cloud-specific “gotchas” you may have heard around the community.

Thursday, October 1, 2020

By Charles Buege, Fuel User Group Member

When working on your Palo Alto Networks Firewall with Active Directory Integration, you may find it occasionally necessary to grant access to some users who need certain levels of access, but not full access. In my case, I recently had two specific instances where I needed to grant two different people these levels of administrative access: