Security Lifecycle Review (SLR) Updates
Table of Contents
Expand all | Collapse all
-
- About Security Lifecycle Review (SLR)
- Security Lifecycle Review (SLR)—What’s in the Report?
- Activate the Security Lifecycle Review (SLR) App
- Create a New Security Lifecycle Review (SLR) Report
- Customize Security Lifecycle Review (SLR) Reports
- Security Lifecycle Review (SLR) Support Requirements
- Security Lifecycle Review (SLR) Updates
Security Lifecycle Review (SLR) Updates
See what’s new, and the issues we’re working on to make
Security Lifecycle Review (SLR) even better.
Here’s what’s new in Security Lifecycle Review (SLR),
and the issues we’re working on to make your reports even better.
What’s New
Learn about new SLR features, and how they can give
you a view into your organization’s risk exposure.
Release | New Features |
---|---|
August 2024 |
|
February 2023 |
|
June 2021 | The section of the report that was previously designated as URL Activity has been relabeled as
Advanced URL Filtering Analysis to reflect statistics data from
the new real-time URL analysis security service, and now
includes additional network activity metrics and threat trends.
The updated section provides more details and a centralized view
of your URL and domain statistics to help you assess the attack
surface and specific attack vectors that make your organization
vulnerable to web threats. ![]() |
May 2020 | A new navigation bar gives you easy access
to SLR report features and customization options:
![]() |
August 2019 | We’ve added a new section to the SLR report!
DNS is an often overlooked attack vector—advanced attackers in particular
use DNS-based techniques like DNS tunneling and domain generation
algorithms (DGAs) to exfiltrate data and set up command-and-control
(C2) communication channels. The new DNS Security Analysis section
gives you visibility in to threats hidden within DNS traffic. Learn
more about what’s in an SLR
report or create a new SLR report now.![]() |
April 2019 New Threat Data | The Threats section
of an SLR report summarizes your organization’s risk exposure by
breaking down the attacks detected in your network. Threat data
now shows you:
Keep reading to learn more about
each of these features... |
Malware
That Was First Detected at the Endpoint Get visibility
into the malware on your network that was first found on an endpoint.
This shows you malware that might go undetected without an endpoint
security solution in place, or without a solution that works consistently
with your network security policy. ![]() The
availability of information on malware detected on the endpoint
is based on the products deployed and the malware found in the network. | |
Real-World
Context for Threats AutoFocus tags show you
when malware indicates a larger threat—like a targeted campaign
or the activity of a specific malicious actor. AutoFocus tags in
your SLR report give you context for the malicious activity on your
network, and can help you to think about where to focus both prevention
and remediation efforts. ![]() | |
The
Countries Threats Are Targeting Now you can see the geographic
locations that are most targeted by the malware found on your network. ![]() |
Known Issues
We’re working on the following open issues
to improve your SLR experience:
Issue | Description |
---|---|
WildFire data is not always accurate.
|
Verify that WildFire is active and enabled, and that logs are
triggered. If not, email slr_support@paloaltonetworks.com.
|
The application name is not readable.
|
If the application names are not readable when initially creating
the SLR, reload the page. This issue is being addressed in a
future release.
|
Addressed Issues
The following issues have been addressed in SLR.
Issue | Description |
---|---|
Fixed in August 2024
|
Network Bandwidth consumption PB shown in SLR report sections.
This was a PAN-OS bug (issue was also in the logs) and has been
resolved. Upgrade and run the SLR again.
|
FIXED on March 5, 2019
|
SLR does not include summary details for unknown malware detected
by WildFire.
As of March 5, 2019, SLR reports include summary details for
malware that was unknown before WildFire detection. See the
Threats section in an SLR report for details on unknown
malware found in your network. |