This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Resolved! XdrAgentCleaner commands?

I wrote a script a long time ago that used the -ep (encrypted password) parameter using the XdrAgentCleaner. My password has been updated and I need to create a new encrypted password and I can't for the life of me remember for find the parameter use

...

M_Brown by L0 Member
  • 7206 Views
  • 2 replies
  • 0 Likes

more Content Update version questions

I see this discussion has come up before here:   (https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/manually-update-content-version/m-p/440628#M1142)

And I don't see yet an answer to FIX the problem or resources indicated as to what to look

...

Cortex Doubt Operations

Hello everyone;

Cortex:
The console reports 481 agents of which it gives with lost connection 110, in the licensing section it indicates 371 agents installed of the 500 licensed, so it seems that it does not take into account those of lost connection,

...

Alpalo by L4 Transporter
  • 1815 Views
  • 1 replies
  • 0 Likes

Resolved! Researcher for evading Cortex XDR & my PoC XP

Dear Community, 

 

Here I have found a researcher which evaded Cortex XDR protection.

 https://0xsp.com/security%20research%20&%20development%20(SRD)/defeat-the-castle-bypass-av-advanced-xdr-solutions

Are there any connections to researcher like the one

...

Cyber1985 by L3 Networker
  • 4485 Views
  • 7 replies
  • 0 Likes

Update from Traps to Cortex

Hello everyone,

I'm trying to update the Traps agent 5.0.11 to Cortex 7.4.0 on Windows Server 2008/2008R2.

When I'm installing the new version, in the moment to start the services, the installation go in rollback.

I've tried to install directly the new

...

There is not enough space on the disk

Hi Expert,

 

I have facing issue about XDR agent.

My XDR agent has status no connection in XDR console, but after I checked in the XDR Tenant status for my device has connected status.

After I checked logg in agent I find logg  c:\ProgramData\Cyvera\Loca

...

Resolved! Blocking Domain/URL

Hi Team,

 

I know we can block IP addresses with new feature called host firewall,.Since the ip is dynamic , its not a good option for me. Is it possible to block url or domain in cortex xdr?

 

Cortex XDR ransomware response

Hi everyone,

I wonder how Cortex XDR would take action if, for some reason, an encription script starts.

Until now i have seen that Cortex kill the script at the start, before the encription take action, but what happen if the malware start to encript

...

CORTEX

Hello

We would need to know how this announced incompatibility affects our case and it is necessary to take some action. On the other hand, we do not quite understand what impact the following paragraph has on us: While only Windows 10 version 21H2 an

...

Cortex Xdr Partial protected (7.4)

Hi everyone , 

we have a problem with some of our linux servers ,
the status is partial Protected ,

  • the secure boot is disabled
  • the kernel supported
  • the policy is the same on all servers (also those with status 'protected')

the only thing that i find is th

...

chaim_Avisrur_0-1642512485745.png

Agent Blocking Command Prompt/Powershell

The agent has been blocking acess to the CMD , The licensing has been expired due to which the dashboard cannot be logined. I tired to uninstall agent using Cleaner but even the Agent Cleaner has been blocked. What sort of procedures i should follow

...

Resolved! Dynamic group "starts with"

Hi all,

I need to create a dynamic group based on the first letters of device name, like "starts with" or "not starts with".

I cannot use contains because, for example, I have server name that starts with QQ that should not be inside the group, but ser

...

N2Z2 by L2 Linker
  • 2913 Views
  • 3 replies
  • 0 Likes
  • 2039 Posts
  • 81 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks