We use minemeld and it works really well. Especially as a docker container, it just works. Add as many lists as you want and get the output aggregated without duplicates.
I'd say PA embedded dynamic lists don't reflect zero-day or even known-for-a-week malicious IP addresses.
I looked through several public IP BlackList web-sites and found practically useful this one.Just add it to Objects - EDL: http://lists.blocklist.de/lists/all.txt
Another vote of confidence for the included block lists. They've been running in the environment I previously managed for going on three years now with no negative impacts to our environment.
Im not sure I understand your question? these lists are generated by Palo Alto Networks through all kinds of threat aggregation and put into the content updates. they're not directly accessible by third parties AFAIK. if you want to share such lists you could consider setting up a MineMeld instance which also includes these sources and you can add additional ones, then share across different platforms an vendors. the ones listed above are only available in pan-os (but I do recommend using them to block undesirable source/destination IPs)
We use minemeld and it works really well. Especially as a docker container, it just works. Add as many lists as you want and get the output aggregated without duplicates.
I'd say PA embedded dynamic lists don't reflect zero-day or even known-for-a-week malicious IP addresses.
I looked through several public IP BlackList web-sites and found practically useful this one. Just add it to Objects - EDL: http://lists.blocklist.de/lists/all.txt
Another vote of confidence for the included block lists. They've been running in the environment I previously managed for going on three years now with no negative impacts to our environment.
yes, those are automatically updated via content updates in Device > Dynamic Updates > apps + threats
Those EDL get preloaded by default starting from 8.1
I set them up in both directions for every deployment I do and have not had any complaints so far ;) (minemeld feed is my own custom feed)