Skip to main content

PAN-OS - Block all unknown and unauthorized applications

This Playbook is part of the MITRECoA Pack.#

This playbook is used to find and remove all rules that allow unauthorized applications communication as any. The playbook performs the following tasks:

  • Lists PAN-OS policy rules.
  • Checks for a rule that allows applications as any.
  • Deletes the rule based on user approval.
  • Commits the configuration.


This playbook uses the following sub-playbooks, integrations, and scripts.


  • PAN-OS Commit Configuration


This playbook does not use any integrations.


This playbook does not use any scripts.


  • pan-os-list-rules
  • pan-os-delete-rule

Playbook Inputs#

NameDescriptionDefault ValueRequired
pre_postRules location. Can be 'pre-rulebase' or 'post-rulebase'. Mandatory for Panorama instances.Optional
device-groupThe device group for which to return addresses (Panorama instances).Optional
tagTag for which to filter the rules.Optional

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

Setup Account