Hello,
After using Cortex XDR on Linux RHEL for several months, we've observed that the support turnaround time for new RHEL kernels (from RHEL 6 to 9) is highly unpredictable. This can range anywhere from 2 to 10 weeks. Without supported ker
Hi All,
Can someone please share the query to detect if any file or folder is being hidden?
Regards,
Shahwaz
Hi Team,
Am unable to add multiple folders under Exception configuration page. I have 20+ folders which i need to exclude in Cortex XDR, i went to Exception Configuration-->Disable Prevention policy-->Add Rule. I have to do this each every time for e
...
Hi
Can i remove XDR Agent from PC and i don*t have supervisor password for disable antitampering...
Endpoint are not showing in XDR Console...
please help, i have problems with cca 200pc
best regards...
Hi,
I've just noticed this recently. A while ago when I added .csv file to a report, it was formatted with coma between columns. Now it is using a tab what cusses export to Excel more difficult. Is any setting which can be use to change it back?
I have tried using the below XQL query to identify the domains accessed and tried to test it using my own system but somehow I am not getting all the results. For eg : when I tried common domain names like "google.com", "reddit.com". It worked and fe
...
When setting the Agent profile in Cortex XDR, Under the check box when enabling "Monitor and Collect Enhanced Endpoint Data" is the following note:
Note: Before enabling enhanced endpoint data collection make sure your Strata Logging Service storage
...
Hello dear community,
is this now the long awaited feature, which gives us the possibility to have a CVE-scoring on Windows applications?
BR
Rob
Dear All,
Do you know why the content updated, cannot open the task manager?
Cortex XDR
"ruleId": "bioc.masqueraded_process_msft",
"fileIdx": 0,
"modules": [],
"profile": "Malware",
"sockets"
What is the difference between Legacy agent exception and Disable prevention rules?
This was asked in another discussion but the answer does not resolve the question asked (https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/exception-and-e
...
3.10 activated in our tenant yesterday and along with that, our endpoints started upgrading to 8.3 (we are one release behind the latest).
This morning we were deluged with calls about unresponsive endpoints.
We stopped the automatic endpoint upgra
...
I'm trying to run a query to get a count of how many times combinations of the values in "initiated_by" and "initiator_path" occur for an alert in the alerts dataset.
For example:
binary1.exe c:\temp\blah 6
binary2.exe c:\temp\blahblah 12
I'm trying to
Hello,
Is there a way to allow a legitimate parent process to create a legitimate child process on Cortex XDR that is being blocked due to "Suspicious Process Creation"? In my case, I whitelisted the child process but the block continues. I do not wa
...
Hello,
I do represent a company called Arx One. We have been publishing a backup software suite (backup agent, agent management console) for more than 15 years now and those software are installed on our customers' workstations, servers or NAS (Window
