topic Re: A question from the Malware Pack v2 webinar: EDR alerts in Cortex XSOAR Discussions https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/a-question-from-the-malware-pack-v2-webinar-edr-alerts/m-p/523507#M1504 <P>A reply by @ssokolovich &amp;&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/163552">@bkatzir</a>&nbsp;</P> <P><SPAN>Currently, We are providing and displaying this information through the investigation tab. We are looking to enhance the layout to show more sections and support that from the first tab, but for now, you can go ahead and check the investigation to see more information. From the playbook perspective, we are supporting multiple files (also for the file retrieval path and file detonation).</SPAN></P> Wed, 07 Dec 2022 16:04:36 GMT rtsedaka 2022-12-07T16:04:36Z A question from the Malware Pack v2 webinar: EDR alerts https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/a-question-from-the-malware-pack-v2-webinar-edr-alerts/m-p/523506#M1503 <P><SPAN>How would you handle an EDR alert that involves more than one file? How does this playbook present this to the user?</SPAN></P> <P>&nbsp;</P> <P><SPAN>Note: This question was asked as part of</SPAN><A href="https://live.paloaltonetworks.com/t5/customer-success-webinars/cortex-xsoar-customer-success-webinar-malware-investigation-amp/ta-p/523004" target="_blank"> <SPAN>Cortex XSOAR Customer Success Webinar: Malware Investigation &amp; Response V2&nbsp;</SPAN></A></P> Wed, 07 Dec 2022 16:03:14 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/a-question-from-the-malware-pack-v2-webinar-edr-alerts/m-p/523506#M1503 rtsedaka 2022-12-07T16:03:14Z Re: A question from the Malware Pack v2 webinar: EDR alerts https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/a-question-from-the-malware-pack-v2-webinar-edr-alerts/m-p/523507#M1504 <P>A reply by @ssokolovich &amp;&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/163552">@bkatzir</a>&nbsp;</P> <P><SPAN>Currently, We are providing and displaying this information through the investigation tab. We are looking to enhance the layout to show more sections and support that from the first tab, but for now, you can go ahead and check the investigation to see more information. From the playbook perspective, we are supporting multiple files (also for the file retrieval path and file detonation).</SPAN></P> Wed, 07 Dec 2022 16:04:36 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/a-question-from-the-malware-pack-v2-webinar-edr-alerts/m-p/523507#M1504 rtsedaka 2022-12-07T16:04:36Z