11-18-2022 05:56 AM
Hello,
We intend to perform scheduled scanning on all endpoints. So we wondered if active scanning was required on all endpoints repeatedly, or if cortex developed its own scan whenever a new file was created or added to the system.
11-21-2022 07:06 PM
Hi RamyashreeMada,
Cortex XDR protection capabilities only apply when processes execute, we do not scan files on-write. The periodic scan feature allows you to identify malicious files stored on disk which are not attempting to execute.
12-21-2022 01:12 AM
Hello,
Can we run malware scan based on IP range?
12-22-2022 12:26 PM
RamyashreeMada,
There are two ways you can run Malware scans in XDR, documented in our Tech Docs. First, you can set up periodic malware scans via the Malware Protection profile. If you want to run an ad-hoc scan, you can use an action, from Incident Response -> Action Center or on the All Endpoints page by right clicking the endpoint. From either location, you can filter to find endpoints you want to target, for example, using IP address in a range, and then execute a malware scan action.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
