Query to Search For Password Files in Cortex XDR Pro
Hello community! Do you know whether it´s possible in Cortext XDR Pro to build a query to Search For Password Files ? Many thanks!
Forum Posts
Global Protect saml autentication and azure ad configuration?
Hi, I have configured gp with saml autentication; my azure ad connector is configured for hash pass synchronization.I noticed that gp always authenticates me regardless of whether the password has expired or not.there is no way to force me to change ...
Cortex XDR also impacting opening of files on the shares.
Hi Team, We have been notified that Cortex is taking up a lot of memory on Desktops and servers, is there any performance tweaks you can make? Cortex XDR also impacting opening of files on the shares, I need to understand what all things we can check...
Device Control - Exception
Dear guru, Currently testing the flexibility of the Device Control Feature under XDR. Aim:Block all the mobile phone connecting to Endpoint except some VIPs. Gone thru the Admin manual, added a Device Config policy to block all Windows Portable Devic...
Resolved! Cortex XDR - Operations for an offline agent (isolated from internet access) - Concerns regarding installation and updates.
Dear Palo Alto Community Members, I hope you will be able to help me out or point me in the correct direction. I'm struggling to find appropriate information about the operations for a cortex agent which will not be connected to the internet and will...
Resolved! Cortex XDR clean-up activity
Hi All, I have been assigned a task where i need to do cleanup in Cortex xdr, this is specifically for agent clean-up to determine how may more licenses we required.I need to understand what all things I should check and perform. RegardsAsif Siddiqui
Cortex XDR: iexplorer.exe execution triggers the Memory Corruption Exploit Module
Hi, I am having this problem in a host managed by Cortex XDR , whenever I execute iexplorer.exe or outlook an xdr agent alarm is triggered indicating that it's a Memory Corruption Exploit. Except creating an Exploit profile and excluding this kind of...
Auto Scan For External Devices
im looking to enable auto scans for all external devices connected to the endpoint (we use Cortex xdr) For example: If a USB drive gets plugging in it will get auto scanned by XDR. Cant seem to find the location of this setting Please advise,A
Cortex XDR Agent rollout strategy
We will be rolling out to production soon and we need to have full AV protection while Cortex XDR is in monitor mode for up to 2 weeks. The previous Cylance AV agent must be uninstalled prior to the Cortex agent being installed so running in parallel...
Resolved! Auto update XDR agent when new station connects.
Is it possible to automate the endpoint updates so any workstations reporting into Cortex will get upgraded to a minimum version ?Right now we have a query that can check for lower than minimum version and detected devices can be selected to be upgra...
Resolved! Cortex XDR for Mac version 7.4.0
HiI am using a MAC with BigSur version 11.4 and Cortex XDR for Mac version 7.4.0Suddenly I am no loger able to debug in Xcode, since the debug server i killed by Cortex.Also when I debug from VSCode in C# I get a notification, but debugging does take...
Enter multiple sha256 request in one sweep
Hello all Is in the query Builder a way to enter many sha256 in one go? Thank youroger
IOC rule creation
If I add a file hash in IOC list, will it be automatically blocked as well?
DTRH: Scripting Anything and Reaping Data
DTRH: Scripting Anything and Reaping Data OverviewCustomers are always asking for additional capabilities in the product and often times these feature request may come during a POC where having that capability can be the deciding factor in winning th...
Resolved! Periodic Scanning Question
Hello,When periodic scanning is enabled, is the time based on the local time of the machine the XDR agent is installed on? Thank you
- zsolomon on: Query to Search For Password Files in Cortex XDR Pro
- gjenkins on: Global Protect saml autentication and azure ad configuration?
- gjenkins on: Cortex XDR also impacting opening of files on the shares.
- gjenkins on: Device Control - Exception
- A_Adamski on: Cortex XDR - Operations for an offline agent (isolated from internet access) - Concerns regarding installation and updates.
- WSeldenIII on: Cortex XDR clean-up activity
- zsolomon on: Cortex XDR: iexplorer.exe execution triggers the Memory Corruption Exploit Module
-
vsys_remo
on:
Auto Scan For External Devices
-
vsys_remo
on:
Auto update XDR agent when new station connects.
- gjenkins on: Cortex XDR for Mac version 7.4.0
Copyright 2007 - 2021 - Palo Alto Networks
