- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
We currently have deployed LSA Protection and code integrity in Windows 11 (build 24H2).
Cortex XDR agent 8.6.0 is installed. When trying to load a DLL from another security tool (Ivanti Device and Application Control), Code Integrity is blocking the
...
Hello everyone,
I was trying to check all the downloaded exe's via firewall on all the endpoints in past 24hrs. I tried retrieving all downloaded exe's in downloads folder with the help of this query below.
dataset = xdr_data
| filter event_type =
kindly we need your support, I want to get alert when a USB drive is connected to workstation and not blocked by Symantec AV.
I have tried several times with correlation rule, I found XQL query very effective, and it is as follows:
Dear all,
Kindly note that we are receiving when exiting the cortex XDR APP always the notification :
Cortex XDR: App terminated!
The agent is not running
Tap to open the Cortex XDR app and leave it running in the background ( also image attached to
We’ve noticed that with Cortex XDR installed on a MacBook running macOS Sequoia 15.2, AirPlay functionality no longer works for presentations. When attempting to connect to Apple TV via AirPlay, the connection times out. The native macOS firewall is
...
Hello,
I have an exception rule on a file that is being applied correctly. The file executes because of this exception, but in the user agent you get a warning that an unusual activity has been encountered or that a malicious activity has been encount
The Forensic investigations feature in Cortex XDR truly impressed me; it saves me a lot of time collecting evidence during investigations. But why does Cortex XDR only support Forensic investigations for two platforms, Windows and macOS? Windows is c
...
Hello !
Is it possible with CORTEX XDR Agent installed on Windows/Linux Server to detect:
- ssh/rdp/ftp and WEB apps brute force attack.
-NMAP scans.
Thanks in advance,
BR,
Max
Hello,
Anyone have experience installing XDR agent on on-prem cluster with docker installed.
The agent compatibility matrix mentioned XDR version 8.6 is supported
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Compatibility-Matr
...
Hello dear community,
we have 2 groups in the Dashboard. The client os team and the incl. server os team. Only the server os team can use the device permanent exceptions for device control.
Are there any plans to solve this issue?
RBAC is nice,
...
Need help to create a xql query to detect the COnnection lost devices along with the reasons for connection lost.
expensive,
Would you have an xql where it brings from the machines in my park which ones have the cortex installed or not?
We are encountering an error during the installation of the Cortex XDR agent on one of the machines.
"Cortex xdr requires rollback/Commit to be enabled"
Could you kindly provide the solution to resolve this issue?
Cortex XDR
Hi,
We have to configure 3 alerts that are sent via email.
Condition 1:
When cortex agent services are stopped then raise an alert via email.
Condition 2:
When system is powered off/turned off then wait will 10 minutes, if systems do not come b
...Subject | Likes |
---|---|
2 Likes | |
2 Likes | |
2 Likes | |
2 Likes | |
1 Like |