08-28-2024 10:57 PM
Hello Team,
Could anyone assist with generating alerts and creating test cases or samples for testing the Cortex XDR protection module?
We successfully generated an alert using a WildFire PE file, but we now need to generate alerts for each policy module, for example Local Analysis, Behavioral Threat Protection, and Exploit Protection.
If you have any information or details on this, your help would be greatly appreciated.
Thanks in advance.
Cortex XDR
08-29-2024 10:44 AM
Hello @tejaspatil12
Thanks for reaching out on LiveCommunity!
Unfortunately there is no document that contains all trigger/sample malware to generate alerts for all policy modules. You can create test IOC or BIOC rules and trigger them to see alerts related to IOC/BIOC. Additionally you can create double extension files or rename an application to a system process name to trigger BTP rules etc. Similarly you can create similar scenarios with respect to other modules to trigger alerts.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
