Safeguard
Tag

palo-alto

Safeguard articles tagged "palo-alto" — guides, analysis, and best practices for software supply chain and application security.

8 articles

Vulnerability Analysis

Palo Alto PAN-OS CVE-2026-0265: CAS Signature-Verification Auth Bypass (May 2026)

Palo Alto disclosed CVE-2026-0265 on May 13, 2026, a cryptographic-signature-verification flaw in Cloud Authentication Service that bypasses PAN-OS authentication. Researchers claim live GlobalProtect portal bypasses. Full analysis.

May 15, 202612 min read
Vulnerability Response

CVE-2026-0300 in Palo Alto PAN-OS: Patch Posture & SBOM Response

PAN-OS Captive Portal pre-auth RCE scored CVSS 9.3 and landed on CISA KEV with a three-day patch deadline. Defender playbook below.

May 7, 20267 min read
Cloud Security

Wiz vs Prisma Cloud in 2026

Two CNAPPs at the top of every shortlist, and they are not interchangeable. A detailed look at agentless coverage, runtime depth, pricing pressure, and deployment realities.

Feb 4, 20266 min read
Vulnerability Analysis

Palo Alto PAN-OS Authentication Bypass: CVE-2025-0108

A path traversal flaw in Palo Alto Networks PAN-OS management web interface allowed unauthenticated access to sensitive REST API endpoints. Exploitation began within days of disclosure.

Feb 12, 20255 min read
Vulnerability Analysis

Palo Alto Expedition CVE-2024-9463: Command Injection in Migration Tool

Critical command injection vulnerabilities in Palo Alto Networks Expedition tool exposed firewall credentials and configurations, with CISA confirming active exploitation in November 2024.

Nov 7, 20246 min read
Vulnerability Management

Palo Alto GlobalProtect Zero-Day: Response Timeline

CVE-2024-3400 hit GlobalProtect with pre-auth RCE and ongoing exploitation. Here is the response timeline, the UPSTYLE tradecraft, and what worked.

Apr 18, 20245 min read
Vulnerability Analysis

Palo Alto PAN-OS Zero-Day CVE-2024-3400: Command Injection in GlobalProtect

A critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProtect feature was exploited as a zero-day, giving attackers root access to firewalls protecting enterprise networks.

Apr 12, 20245 min read
Tool Reviews

Prisma Cloud Container Security: Palo Alto's Cloud Native Play

A review of Prisma Cloud's container and cloud workload security features, covering image scanning, runtime protection, compliance, and the Twistlock heritage.

Mar 20, 20245 min read
palo-alto — Safeguard Blog