This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Modify Alerts Going to An Endpoint Group

 

Hello all,

I have setup an endpoint group of high profile laptops.  I would like the following configured on XDR.

 

- Prefix all Incident names going to endpoints in that group with "VIP Endpoint [Incident Name] (e.g. VIP Endpoint Wildfire Malware Dete

...

How most decisions are made by Cortex XDR ?

Greetings ,

 

I am using Cortex XDR Prevent and keen to know how most decisions are made by Cortex XDR about File/process/macro being malicious or not ?  So assume there are no Hash exceptions and need to know if below is true :

- First Wildfire cache i

...

Balaraju by L2 Linker
  • 1716 Views
  • 1 replies
  • 0 Likes

Resolved! Enabling CSV Export on Cortex XDR Reports

Hi all,

Is there some configuration or third-party connector, or some service that can be used to enable exporting to CSV from Cortex XDR Reports?  Right now the only option to export a report is through a PDF which is super inconvenient.  I attached

...

Malware Scan for Linux OS

I know that Malware Scans are not currently available for Linux OS. Just wondering the reason for that, and if there are any future plans to enable malware scans for Linux devices?

pdysart by L1 Bithead
  • 2440 Views
  • 1 replies
  • 1 Likes

Resolved! Cortex XDR black screen after windows login

We have about 8 Windows 10 computers that have Cortex XDR installed.  When the user can login but Windows only displays a black screen, you can bring up the task manager with Ctrl+Shift+Esc.  I have tried to stop and restart explorer.exe but not luck

...

False positive detection

I'm representing a productivity management software manufacturer and I'm sumbitting this request  to report that our software is being flagged as malware, but this result is a false positive. Please, can you help us?

 

  • File HASH: 8475477dd7cdb0493e2d5d
...

Usercentric.Exe on MS Teams

Hi,

 

There are recent articles on MS Teams security incident. Attackers attach usercentric.exe files to Teams chats to install a Trojan on the end-user's computer. This Trojan is then used to install malware that self-administers the computer.

 

Does Co

...

PGP1234 by L0 Member
  • 1961 Views
  • 1 replies
  • 0 Likes

Resolved! Log360 Syslog

I'm trying to connect Cortex XDR to my Syslog server which is Log360. I have a public IP NATed to the internal server and have opened the firewall to our tenant IPs.

The test message sends from the Cortex end but at the moment I can see nothing in Log

...

TimGowen by L1 Bithead
  • 2722 Views
  • 1 replies
  • 0 Likes

XDR external syslog encryption

Hi all,

Im trying to set up encrypted communication to a syslog server from the XDR using a self signed certificate.

However I cant seem to get it to work - the XDR says that no connection is available.

I should note that without the certificate, on reg

...

  • 2080 Posts
  • 82 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks