Palo Alto Networks incident

ADNS/ADNSR - False Positive Detection Incident

Critical Resolved View vendor source →
Started
Mar 06, 2026, 08:22 PM UTC
Resolved
Mar 06, 2026, 08:24 PM UTC
Duration
1m
Detected by Pingoru
Mar 06, 2026, 08:22 PM UTC

Affected components

ADNS Resolver 96.9.97.9ADNS Resolver 96.9.96.9

Update timeline

  1. investigating Mar 06, 2026, 08:22 PM UTC

    One of our detectors is experiencing an issue that caused false positive blocking. Specifically, res-stls-prod[.]edgesuite[.]net.globalredir[.]akadns88[.]net was misclassified as phishing from 3/6/2026 13:08 UTC to 3/6/2026 16:50 UTC. This domain is a CNAME of res.cdn.office[.]net and res-stls-prod.edgesuite[.]net. So, the DNS resolution of res.cdn.office[.]net or res-stls-prod.edgesuite[.]net might experience blockage during the period of time mentioned above.

  2. investigating Mar 06, 2026, 08:23 PM UTC

    We have disabled the false positive signature to resume customer utility. We are continuing to investigate the root cause.

  3. resolved Mar 06, 2026, 08:24 PM UTC

    This incident has been resolved. We have identified the root cause. The incorrect verdict was due to multiple 3rd party intelligence feeds providing malicious verdicts. Enhancement measure will be added to reduce false positives caused by CNAME domains from 3rd party intelligence ingestions.

Looking to track Palo Alto Networks downtime and outages?

Pingoru polls Palo Alto Networks's status page every 5 minutes and alerts you the moment it reports an issue — before your customers do.

  • Real-time alerts when Palo Alto Networks reports an incident
  • Email, Slack, Discord, Microsoft Teams, and webhook notifications
  • Track Palo Alto Networks alongside 5,000+ providers in one dashboard
  • Component-level filtering
  • Notification groups + maintenance calendar
Start monitoring Palo Alto Networks for free

5 free monitors · No credit card required