I am not able to install COrtex XDR in a WIN10 computer;
When we try to start the service below we received error message 1067
Hi all,
On one of our pc we can't uninstall the version 7.3.1.20981 of Cortex XDR.
When we try to uninstall the program appears the popup with the warning "Cortex XDR only supports per-machine installation" and the uninstall process fails.
Cortex X
...
Hi all,
I have a user whose agent generated a significant number of local malware alerts.
However, all of those alerts are generated on legit things like ms teams, vs code, iwconfig etc.
Morever, It's only on this user - those alerts dont pop up on the
...
Hi all, question - can the XDR block a thunderbolt dock for macs? furthermore - all device control violations logged in the xdr main console, right?
Hi,
After scanning, Cortex XDR agent detected some malicious files. But while taking live terminal and remote of that system, I cannot find those files in that particular path. Can anyone please tell, what might be the reason?
Regards
When running a SIEM, you need to have a huge team of many Analysts Level 1, Level 2, Level 3… Escalations to lateral teams (sometimes to take actions such as isolating endpoints/servers, gathering/deleting suspicious files, etc). It is laborious a
...
Hi, We received a PA notification about Microsoft Windows 10 version 21H2 running on specific hardware architectures are incompatible with a security engine in Cortex XDR agent 7.0.0 – 7.4.0. In our case we have the following scenario:
- Cortex agent
...
What is the purpose of the dypd process?
sudo /opt/traps/bin/cytool runtime query
Name PID User Status Command
pmd 32757 root Running /opt/traps/bin/pmd
analyzerd 534 474 Running /opt/traps/analyzerd/analyzerd 71 73 75
dypd 517 root Running /opt/traps/b
Hi All, I've been looking at the functionality of the cytool command line and cannot find a way to scan a particular file, which is available if you right click the file in Windows. Can anyone tell me if the ability to scan an individual file, or fol
...
I'm looking to create a link which takes me directly to the list of low, medium, or high alerts, purely based on what is in the query string in the URL. For example, adding
/incidents?severity=SEV_040_HIGH&mode=allto the end of my base XDR url works
...
Hello,
are there any Information about the future compatibility of Cortex and Windows 11.
Will it work one day and if so, is there a specific date that i can look forward to?
Thank you in Advance.
Hi all,
Iv'e a question about device control exceptions:
How do I exclude specific phones? Do I enter the manufacturer and then the phones serial number?
Hi all, I've a few questions about the linux agent:
- Are there any special permissions that i need to give the agent?
-What to do if i have an agent that doesn't want to checkin with the server? the pc is on, the service is up, and i did a manual chec
...
Our client has recently purchased the Cortex Data Lake license and we are trying to set this up for them. The firewalls are on version 10.0.7 and have valid certificates but under "Device -> Licenses", we do not see a license for Cortex Data Lake de
...
Hi,
I seemingly have a problem with the xdr agents installed on ubuntu workstations -I get "local malware analysis" alerts on seemingly benign programs and executables such as chrome, VS code, systemd and such.
WF shows either benign or unknown.
Proble
...
TomYoung
on:
Email Alerts
