Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Http logs collector example not working

Hi
hope this is the right place to ask this question
We were given a temp user to play around with the Cortex XDR and we are trying to insert some dummy data into it.

I am trying to insert data using an Http logs collector, following this guide
unfortuna

...

Resolved! Differentiating mail from multi-tenant XDR

I am working with a multi-tenant XDR configuration and I would like to differentiate between the Alert Emails to ascertain from which tenant the Alert has been produced . For example: Tenant 1 and Tenant 2 (mssp). When I receive an email notification

...

Resolved! Cortex Change managing server

Hi Team,

 

I'm seeing the different tenant address in Cortex xdr agent console it is connecting to another management server,

Could someone please help me to replace the correct managing server name, 

Because currently that agent is not reporting to Cort

...

XQL - Hunt for Kerberos Relay Up Activity

Just posting, if this is useful for someone who might be hunting for Kerberos Relay Up (Privilege Escalation on Windows System) Activity.

The purpose of this hunt is to look for suspicious logon on windows system using Kerberos Auth Package where the

...

Securing old web server IIS6

Hello,

 

We are solving a case of an IIS6.1 vulnerability on an old Windows 2008 R2 SP1 system. Microsoft no longer has support for Windows update. The customer cannot migrate to the newer system yet.
Would Cortex XDR be able to secure IIS v6.1 web serv

...

Fido by L0 Member
  • 2770 Views
  • 4 replies
  • 0 Likes

Resolved! Correct resolve types for XDR Incidents

Hi All,

 

I tried to find this on PA Knowledge base but unsuccessful. Our team tries not to make exceptions/whitelisting unless absolutely needed. Therefore, I believe teaching Cortex XDR correctly on what is safe and what is not is crucial. 

 

For examp

...

  • 2058 Posts
  • 81 Subscriptions
Top Solution Authors
Top Liked Authors