This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4322 Views
  • 0 replies
  • 3 Likes

Resolved! Symantec Uninstall or disable and Enable Cortex

All Thanks in advance for help We have Cortex in Report/Audit mode and Symantec Endpoint protect in block mode . We want to enable Cortex for Block mode and either disable or uninstall Symantec . Has anybody have got any advice or experience with this ? Symantec has a cleanwipe tool however its a GUI and does not have command line options ...

Balaraju by L2 Linker
  • 4596 Views
  • 3 replies
  • 0 Likes

Limitations Cortex XDR Pro with Threat Intelligence Feeds

Hello dear community, I'd like to know more about how you fill your IOCs in Cortex XDR Pro. There are so many TI Feeds outside: https://www.comparitech.com/net-admin/best-threat-intelligence-feeds/ I'd would prefer the low cost variant (XDR Pro is not the cheapest one). Here are my questions: 1. Does Cortex XDR Pro offer a API for uplo...

RFeyertag by L4 Transporter
  • 2576 Views
  • 2 replies
  • 0 Likes

Resolved! Agent upgrade failure 5.0.11

Hello, I have issue to upgrade the affected version 5.0.11 to 5.0.12 on windows server 2008, when I install the msi rollback to the last version. Is anyone has the same issue. thanks

elfayafi by L0 Member
  • 2540 Views
  • 2 replies
  • 0 Likes

Detect where a process has been killed

We have a scenario where users are able to kill a certain process to bypass security. How can we leverage XDR to detect where the specific process name has been killed and, ideally, prevent it? I thought maybe an IOC or BIOC but the IOC doesn't seem to have anything, and the BIOC is limited to execution/injection and doesn't cover termination of...

SARowe_NZ by L3 Networker
  • 5637 Views
  • 3 replies
  • 0 Likes

cortex xdr agent causing noticable heating on endpoints

Hi all, has anyone encountered a heating issue on endpoints with XDR installed? My IT team tells me that a lot of users in the organisation are complaining about their endpoints heating up after the XDR was installed, both on mac and windows. I'd like to note that I have not encountered such issues with my mac(I'm the XDR admin in the org), nor...

Compliance Process

Hello, What are the services/features which should be running by Cortex XDR for compliance. Also, is XDR in high availability(HA) mode? If yes can you suggest where we can see this

Resolved! how to specify Cloud Info "vpc-id" in Endpoint Group?

In the Cortex XDR console I am trying to setup a new Endpoint Group using the AWS 'Cloud Info' values as the filter. That info is presented as JSON with various nested values and it looks straight-forward to use, i.e., I can specify the "Cloud Info" field, then provide a key:value pair. But it only works for 'top-level' key:value pairs, e.g. "cl...

Compliance Processes for Cortex XDR

Hi Team, Our internal team is going to enable the feature “Secure Compliance Check” for end users who are working from home. They have enabled feature for other AV solution. Also we want to add the service for "Cortex XDR". There are multiple services running for XDR and need to define any one process to identify cortex xdr in user's machines....

Gokul_K by L1 Bithead
  • 1924 Views
  • 1 replies
  • 0 Likes
  • 2588 Posts
  • 95 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks