https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/testing-malware-blocking-and-alerting-in-the-xdr/m-p/441594#M1156 <P>hello, I have always used those and have not had an issue. I was using them to get all my alerting setup to ingest into my siem.</P><P>have tried to execute them? simply downloading them won't get caught unless you have the file scanning set up.</P> Mon, 18 Oct 2021 13:34:39 GMT P.Jacob 2021-10-18T13:34:39Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/testing-malware-blocking-and-alerting-in-the-xdr/m-p/441377#M1153 <P>Hi all,</P><P>I'm trying to run checks on my mac, that has a cortex xdr agent, trying to see how the blocking &amp; quarantine functions before setting the policy to all endpoint in my organization.</P><P>However, EICAR files, and the test file that palo alto provides here -&nbsp;<A href="https://docs.paloaltonetworks.com/wildfire/10-1/wildfire-admin/submit-files-for-wildfire-analysis/verify-wildfire-submissions/test-a-sample-malware-file" target="_blank">https://docs.paloaltonetworks.com/wildfire/10-1/wildfire-admin/submit-files-for-wildfire-analysis/verify-wildfire-submissions/test-a-sample-malware-file</A>&nbsp;- Don't generate any alerts nor any incidents.</P><P>I'd appreciate help in the matter&nbsp;&nbsp;</P> Sun, 17 Oct 2021 13:09:06 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/testing-malware-blocking-and-alerting-in-the-xdr/m-p/441377#M1153 Daniel_Itenberg 2021-10-17T13:09:06Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/testing-malware-blocking-and-alerting-in-the-xdr/m-p/441594#M1156 <P>hello, I have always used those and have not had an issue. I was using them to get all my alerting setup to ingest into my siem.</P><P>have tried to execute them? simply downloading them won't get caught unless you have the file scanning set up.</P> Mon, 18 Oct 2021 13:34:39 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/testing-malware-blocking-and-alerting-in-the-xdr/m-p/441594#M1156 P.Jacob 2021-10-18T13:34:39Z