Cortex XDR Discussions

Cortex XDR Co-Existing with MDfE

Hi There,
We have an Enterprise customer here in NZ who wants to have Cortex & Microsoft solutions on all their Windows 10 endpoints. So here is my query - Can Cortex XDR co-exist with Microsoft Defender for Endpoint on same endpoints and both operate

...

Network Visibility on Cortex XDR

Hello,

In my organization we has recieved multiple alerts recently regarding suspicious communication towards our WEB servers.
The communication was from a workstation in the organization but we can't understand from which workstation because the commu

...

Cortex errors on laptop

Hi All,

I have been notified that few of the users are receiving errors (attached) related to Cortex.

I need to investigate this but not sure where to start and what to look for, Can anyone guide me here.

Regards

Asif Siddiqui

Cortex XDR: iexplorer.exe execution triggers the Memory Corruption Exploit Module

Hi,

I am having this problem in a host managed by Cortex XDR , whenever I execute iexplorer.exe or outlook an xdr agent alarm is triggered indicating that it's a Memory Corruption Exploit. Except creating an Exploit profile and excluding this kind of

...

Resolved! Cortex XDR - Operations for an offline agent (isolated from internet access) - Concerns regarding installation and updates.

Dear Palo Alto Community Members,

I hope you will be able to help me out or point me in the correct direction.

I'm struggling to find appropriate information about the operations for a cortex agent which will not be connected to the internet and will

...

Cortex XDR also impacting opening of files on the shares.

Hi Team,

We have been notified that Cortex is taking up a lot of memory on Desktops and servers, is there any performance tweaks you can make? Cortex XDR also impacting opening of files on the shares,

I need to understand what all things we can che

...

Global Protect saml autentication and azure ad configuration?

Hi, I have configured gp with saml autentication; my azure ad connector is configured for hash pass synchronization.
I noticed that gp always authenticates me regardless of whether the password has expired or not.
there is no way to force me to change

...

Device Control - Exception

Dear guru,

Currently testing the flexibility of the Device Control Feature under XDR.

Aim:

Block all the mobile phone connecting to Endpoint except some VIPs.

Gone thru the Admin manual, added a Device Config policy to block all Windows Portable Devic

...

Resolved! Cortex XDR clean-up activity

Hi All,

I have been assigned a task where i need to do cleanup in Cortex xdr, this is specifically for agent clean-up to determine how may more licenses we required.

I need to understand what all things I should check and perform.

Regards

Asif Siddiqu

...

Enter multiple sha256 request in one sweep

Hello all

Is in the query Builder a way to enter many sha256 in one go?

Thank you

roger

Resolved! Auto update XDR agent when new station connects.

Is it possible to automate the endpoint updates so any workstations reporting into Cortex will get upgraded to a minimum version ?

Right now we have a query that can check for lower than minimum version and detected devices can be selected to be upgra

...

Auto Scan For External Devices

im looking to enable auto scans for all external devices connected to the endpoint (we use Cortex xdr)

For example: If a USB drive gets plugging in it will get auto scanned by XDR.

Cant seem to find the location of this setting

Please advise,

A

Resolved! Cortex XDR for Mac version 7.4.0

Hi
I am using a MAC with BigSur version 11.4 and Cortex XDR for Mac version 7.4.0
Suddenly I am no loger able to debug in Xcode, since the debug server i killed by Cortex.
Also when I debug from VSCode in C# I get a notification, but debugging does take

...

Resolved! Periodic Scanning Question

Hello,

When periodic scanning is enabled, is the time based on the local time of the machine the XDR agent is installed on?

Thank you

IOC rule creation

If I add a file hash in IOC list, will it be automatically blocked as well?

Discussions

Cortex XDR Co-Existing with MDfE

Network Visibility on Cortex XDR

Cortex errors on laptop

Cortex XDR: iexplorer.exe execution triggers the Memory Corruption Exploit Module

Resolved! Cortex XDR - Operations for an offline agent (isolated from internet access) - Concerns regarding installation and updates.

Cortex XDR also impacting opening of files on the shares.

Global Protect saml autentication and azure ad configuration?

Device Control - Exception

Resolved! Cortex XDR clean-up activity

Enter multiple sha256 request in one sweep

Resolved! Auto update XDR agent when new station connects.

Auto Scan For External Devices

Resolved! Cortex XDR for Mac version 7.4.0

Resolved! Periodic Scanning Question

IOC rule creation

distributed network scan - Network Location Configuration - XDR Agent profile

Where is agent v8.5???

Cortex XDR agent's CE versions missing from the list & version downgrading

Target while adding Allow/Block list

Portal XDR - Customer Feature Request

Re: Cortex XDR agent's CE versions missing from the list & version downgrading

Required Windows Event IDs for the best Cortex XDR detection performance

Re: Query on the difference in Cortex XDR Agent

Re: xql query for file \ folder name.

Re: xql query for file \ folder name.

Unlock your full community experience!

Resolved! Cortex XDR - Operations for an offline agent (isolated from internet access) - Concerns regarding installation and updates.

Resolved! Cortex XDR clean-up activity

Resolved! Auto update XDR agent when new station connects.

Resolved! Cortex XDR for Mac version 7.4.0

Resolved! Periodic Scanning Question