Convert Snort and Suricata rules into custom PAN-OS threat
Snort and Suricata are open-source intrusion
prevention system (IPS) tools that use uniquely formatted rules
to detect threats. The IPS Signature Converter enables you to leverage
these rules for immediate threat protection by translating the IPS
signatures into custom Palo Alto Networks threat
signatures. You can then register the signatures on Palo
Alto Networks firewalls in specified device groups and enforce policy
using Vulnerability Protection and Anti-Spyware Security Profiles.
you can export rules that list IP address indicators of compromise
(IOC) and use the resultant text file as an external dynamic list to
enforce policy on the entries contained in the list.