Cortex XDR linux agent questions

Hi all, I've a few questions about the linux agent:

- Are there any special permissions that i need to give the agent?

-What to do if i have an agent that doesn't want to checkin with the server? the pc is on, the service is up, and i did a manual chec

Cortex Data lake License

Our client has recently purchased the Cortex Data Lake license and we are trying to set this up for them. The firewalls are on version 10.0.7 and have valid certificates but under "Device -> Licenses", we do not see a license for Cortex Data Lake  de

Possible FP alerts on linux

Hi,

I seemingly have a problem with the xdr agents installed on ubuntu workstations -I get "local malware analysis" alerts on seemingly benign programs and executables such as chrome, VS code, systemd and such.

WF shows either benign or unknown. 

Proble

Join Our AMA on Cortex Training and Credentialing Opportunities!

LIVEcommunity’s latest Ask Me Anything (AMA) session is all about Education Services Training and Credentialing opportunities for all things Cortex! From digital learnings and instructor-led trainings to the first-ever Cortex XDR certification, this

XDR OSX Monterey (12.x) support status

Hello 

I see that OSX 12.X Monterey is currently not supported by any XDR agents. Is there an indication when this may be likely in the road map?

I have several users eager to update 

Can Cortex XDR be installed to be standalone?

We're in a situation where HQ has moved to Cortex XDR, at the satellite facilities, there are PC/Laptops that never touches HQ network and are often standalone systems or is on a competely separate domain and those domain is to never communicate with

Endpoint disconnected - Admin console

I am having issues with an endpoint connecting to the Cortex XDR dashboard,

The Cortex XDR console from within the OS is showing as 'Enabled' however it is disconnected from the endpoint administrator console.

I have attempted restart the services usi

Windows version 21H2 - Cortex incompatibility

Hi,

We received a PA notification about Microsoft Windows 10 version 21H2 running on specific hardware architectures are incompatible with a security engine in Cortex XDR agent 7.0.0 – 7.4.0.

In our case we have the following scenario:
- Cortex agent

Disk Encryption Status Not Compliant and Disk Not Encryption

Hi Expert,

I wanna ask about disk encryption, I already follow guide from Palo for create policy disk encryption.

But after I checked my volume device still same, and status is Not Compliant

please give me advice for this

Ignore all authentication requests alerts from a particular IP

We use a vulnerability scanner internally to test all endpoints for any known vulnerabilities or leaked credentials.

Cortex has been alerting to this, but since we know this is intentional traffic, is there a way to ignore certain authentication requ

Live Terminal over Broker VM

Hello everybody.

I want to know if we can initiate a live terminal session over Broker VM ( our agents dont have internet access so they use Broker VM ). 

1) In documentation Palo Alto say that network requirements for Broker VM are these:

     - br-<X

Memory Corruption Exploit Alerts - Incidents

Hello LiveCommunity, I wondered if any others are seeing a very high number of recently created (in the last few hours) "Memory Corruption Exploit" alerts in Cortex XDR?

Beginning around 1015 Pacific this morning (11 Oct) thru as recent at 1518 Pacifi