Alert generation / Test cases/samples for Cortex XDR protection module testing

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Alert generation / Test cases/samples for Cortex XDR protection module testing

L2 Linker

Hello Team, 

 

Could anyone assist with generating alerts and creating test cases or samples for testing the Cortex XDR protection module?

We successfully generated an alert using a WildFire PE file, but we now need to generate alerts for each policy module, for example Local Analysis, Behavioral Threat Protection, and Exploit Protection.

If you have any information or details on this, your help would be greatly appreciated.

 

Thanks in advance.

Cortex XDR 

 

1 REPLY 1

L4 Transporter

Hello @tejaspatil12 

 

Thanks for reaching out on LiveCommunity!

Unfortunately there is no document that contains all trigger/sample malware to generate alerts for all policy modules. You can create test IOC or BIOC rules and trigger them to see alerts related to IOC/BIOC. Additionally you can create double extension files or rename an application to a system process name to trigger BTP rules etc. Similarly you can create similar scenarios with respect to other modules to trigger alerts.

  • 416 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!