GenAI-powered PAN-OS security posture validator
Firewise AI is a GenAI-powered security validation tool for Palo Alto Networks PAN-OS configurations. Upload an XML firewall config, ask natural language questions about your security posture, and get AI-generated analysis backed by real configuration context.
Built for network security engineers who need to rapidly audit PAN-OS deployments without manually parsing thousands of lines of XML.
Streamlit UI (app.py)
│
├── XML Config Upload
│ └── config_parser.py → extract_config_summary() → JSON context
│
├── Model Selector
│ └── Gemini or GPT-4
│
├── Q&A Input
│ └── full_prompt = config_context + user_question
│
└── ai_engines.py (get_ai_stream)
├── _stream_gemini() → google-generativeai
└── _stream_gpt() → openai
│
▼
st.write_stream() → Live streaming response
│
▼
export_tracker.py → CSV session log
- XML config upload — parse and summarize PAN-OS firewall configurations automatically
- Natural language Q&A — ask posture questions in plain English, get context-aware answers
- Dual AI engine — toggle between Google Gemini and OpenAI GPT-4 mid-session
- Streaming responses — real-time answer generation via Streamlit's
write_stream() - CSV export — download the full Q&A session log for audit records or reporting
- Session tracking — all interactions logged with timestamps for traceability
"Are any security zones missing egress rules?"
"Is the management interface exposed to untrusted zones?"
"Which policies allow any-to-any traffic?"
"Are there missing application-default service profiles?"
"Does this config comply with CIS PAN-OS Benchmark recommendations?"
| Layer | Technology |
|---|---|
| UI | Streamlit 1.33 |
| AI | google-generativeai 0.7, OpenAI 1.35 |
| Config parsing | xmltodict 0.13 |
| Data | Pandas 2.2 |
| HTTP | httpx 0.27 (proxy-bypass for network flexibility) |
| Config | python-dotenv |
git clone https://github.com/BadAsh99/firewise-ai.git
cd firewise-ai
python3 -m venv .venv && source .venv/bin/activate
pip install -r requirements.txt
cp .env.example .env # add API keys
streamlit run app.pyGOOGLE_API_KEY=
OPENAI_API_KEY=- PAN-OS XML configuration exports (full and partial)
- CSV-based policy exports
- Pre-deployment security posture review
- Rapid audit of inherited or undocumented firewall configurations
- Compliance gap analysis against PAN-OS security best practices
- Security team onboarding — understand an unfamiliar firewall config fast
Ash Clements — Sr. Principal Security Consultant | Cloud & AI Security | Palo Alto Networks Specialist github.com/BadAsh99