This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4327 Views
  • 0 replies
  • 3 Likes

Endpoint scanning

Hello, For Scans applied through polices for the pending machines how long the scan command remains upon scan initiation. for eg: I enabled scan policy on Monday the system was in disconnected state on that day and it comes back online on Thursday will the policy applied to it and initiate the scan on that system. Note: The policy will be not...

Compatibility xdr

Is windows os 2008 compatible for the installation of Cortex XDR ? Windows server 2008 and windows 8, windows 8.1? All Windows 8 variants are supported until January 2023 (Microsoft EOL + 3 years). Release 7.9-CE offers continued support for Windows 8.1.

Endpoints beyond license

Hello, Can you please help with the below query. What happens if we install more agents than the license and do those extra agents not work with maximum capabilities? If yes then what are the capabilities that don't work?

Multiple copies of cyreport.exe - 100% CPU

I have a scenario where I have installed a new Canon LiDE400 scanner on a classroom windows 10 desktop using the Canon Driver from the Canon Website. Reboot the desktop and runs fine. As soon as you launch any software that calls upon the scanner (windows fax and scan / Photoshop) and launch the scan - the machine spikes to 100% CPU with almos...

Fine tuning of Incidents

How to fine-tune the incidents similar incidents. We have added the hash and file path of such incidents on allow list and used the feature to exclude alerts. Still, we see incidents getting triggered.

Cortex XDR 7.9 blocking windows defender

Hello, Since upgrading our endpoints to version 7.9, we keep getting popups that Windows Defender is blocking some applications and now our endpoint support personnel is no longer able to make the needed changes to the local firewalls for the user. I didn't see anything in the release notes that reference this being an issue, can someone pleas...

Latest Use Cases

Hello Team, Can you please help us with some latest use cases. And if possible Industry-Specific Use Cases focusing on the finance sector. Also how to fine-tune similar kinds of incidents? Tried to whitelist the exe but incidents still trigger.

Issue while installing XDR on Linux Server

Hello, Even after installing cortex xdr on linux server it is not reflecting on console . We have tried to cytool reconnect force ,we checked comaptible(it is compatible) we tried runtime stop/start command as well. The services dypd, analyzerd and ited are not in running state no matter what we do. Please help in resolution of this issue. Regar...

Malware scan in cortex xdr

What is the difference between canceled scan, pending cancellation and pending scan with respect to endpoint scaning ? None: No scan initiatedPending- Scan was initiated ,waiting for action to reach endpointIn Progress- Scan is in progressSuccess-Scan CompletedPending Cancellation-Scan was aborted,waiting for action to reach endpointCanceled-...

Cortex XDR - File Exceptions

Hello, Could you please help us to understand few queries related to exceptions: 1. How do we create global exceptions for the file paths.2. Adding exceptions for the files in endpoint scanning module of the profile will only exclude these files for scanning or other modules also is this exclusion applicable?

Global Exceptions

Hello, We need to add a global exceptions on the paths. Currently we have added file paths in endpoint scanning allow list. So can you confirm if we exclude in this scan does it applicable for other profile like Portable Executable and DLL Examination, Anti Webshell Protection, Global Behavioral Threat Protection Rules, etc..

  • 2591 Posts
  • 97 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks