overview - PaloAltoNetworks/pan-tort GitHub Wiki

Pan Tort is designed as a suite of contextual query tools across various Palo Alto Networks and public domain platforms. This set of tools extend any pass/miss data from testing results to include insights as to why a miss happened. Examples may be inactive signatures, alert-only configurations based on severity, or benign verdicts.

The initial release supports md5, sha1, or sha256 hash lookups in Autofocus to determine Wildfire verdict, filetype, and current signature coverage.

Future work to include CVE#, URL filtering categories, and other test-related outputs that require automated contextual analysis.