Multiple copies of cyreport.exe - 100% CPU

I have a scenario where I have installed a new Canon LiDE400 scanner on a classroom windows 10 desktop using the Canon Driver from the Canon Website.

Reboot the desktop and runs fine. As soon as you launch any software that calls upon the scanner (

Fine tuning of Incidents

How to fine-tune the incidents similar incidents. We have added the hash and file path of such incidents on allow list and used the feature to exclude alerts. Still, we see incidents getting triggered.

Cortex XDR 7.9 blocking windows defender

Hello,

Since upgrading our endpoints to version 7.9, we keep getting popups that Windows Defender is blocking some applications and now our endpoint support personnel is no longer able to make the needed changes to the local firewalls for the user.

How the Remote IP can be blocked

I want to block a remote IP Which the user been trying to connect, How can I block that remote IP. Please let us know the path for it.

Latest Use Cases

Hello Team,

Can you please help us with some latest use cases.

And if possible Industry-Specific Use Cases focusing on the finance sector.

Also how to fine-tune similar kinds of incidents? Tried to whitelist the exe but incidents still trigger.

Issue while installing XDR on Linux Server

Hello,

Even after installing cortex xdr on linux server it is not reflecting on console . We have tried to cytool reconnect force ,we checked comaptible(it is compatible) we tried runtime stop/start command as well.

The services dypd, analyzerd and i

Malware scan in cortex xdr

What is the difference between canceled scan, pending cancellation  and pending scan with respect to endpoint scaning ?

None: No scan initiated
Pending- Scan was initiated ,waiting for action to reach endpoint
In Progress- Scan is in progress
Success-

Cortex XDR - File Exceptions

Hello,

Could you please help us to understand few queries related to exceptions:

1. How do we create global exceptions for the file paths.
2. Adding exceptions for the files in endpoint scanning module of the profile will only exclude these files

Global Exceptions

Hello,

We need to add a global exceptions on the paths. Currently we have added file paths in endpoint scanning allow list. So can you confirm if we exclude in this scan does it applicable for other profile like Portable Executable and DLL Examinat

Cortex XDR Block List Question

I want to know the maximum number of IOC hash that can be stored in the blocklist of the Cortex XDR Platform.

I want a reply from the Paloalto official. Thanks.

Cortex XDR Configure the disk space to allot for XDR agent logs.

Hello ,

How much disk space should be ideally assigned in cortex XDR agent setting for XDR agent logs? by default it seems palo alto has set 5000 Mb space .  does reducing this space affects the performance of the system or functionality of cortex