Create a IOC without incident

Good morning,

Today I would like to create a block for two malicious files that I found in our environment. I noticed that I can create an IOC to block paths, file names, IPs, etc. I have already created an IOC using a wildcard for the file name: PDF

Cortex XDR 8.9 Non-Persistent Citrix Servers and Cache Write Issue

Hello everyone,

We have encountered and issue where the target servers do not get content updates.  The citrix Windows servers reboot nightly with the golden image configurations but do not receive the latest content updates.  At the same time, aroun

Windows Installer DB: Current agent installation is missing

I am currently experiencing an issue while attempting to upgrade agents in the Cortex XDR console. The upgrade process fails with the following error message:

"Windows Installer DB: Current agent installation is missing."

I attempted to clean the e

Reconnect after endpoint cleanup

Hello,

I'm thinking about using the Endpoint Administration Cleanup tool.

However, I wanted to be sure if an endpoint is mistakenly deleted would shows up again in our tenant (if connected in the next 90 days).

Did anyone has experienced it yet?

Cortex XDR Pro / Browser extensions

Has anyone ever configured their environment to detect on unauthorized or unsupported browser extensions? Or conduct a threat hunt based on known facts?

We've seen some slip through the cracks and I know Cortex doesn't natively detect abused or mal

Detect and Block Openclaw with XDR!?

hello experts, 

my company is using XDR Pro, we noticed the importance of colleagues may use Openclaw... 
is there any way to detect or even block Openclaw from XDR or Firewall?

Thanks

SdG

Cortex XDR NGFW 

Inquiry regarding Tenant Backu & Recovery

I am looking for detailed information regarding the backup and recovery lifecycle for a Cortex XDR tenant. Specifically, I have the following questions:

1. Automated Backups: Does Palo Alto Networks perform regular backups of tenant-specific configurat

Cortex Management Report

I want to know if I can generate a report of Cortex's actions over the last year or 3 months, such as what he blocked, quarantined, isolated, etc., but in a graph format. I tried using a widget library, but I can't find a way to represent that action

XDR 5.0 - opinion

Cortex Cortex XDR 5.0 tenant. What's your opinion

https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-5.x-Release-Notes/Release-Information

unwanted installation of crtex xdr

Hi,

Since yesterday, one of my customers have the software cortex xdr on their computer. But thy don't have cortex licence, and i don't work with cortex xdr. What can i do ?