Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 745 Views
  • 0 replies
  • 2 Likes

Security Test / poor result

Hello dear Community! 

Does this result reflect the strenght of PA Cortex XDR?

 

https://papers.vx-underground.org/papers/Malware%20Defense/AV%20Tech/An%20Empirical%20Assessment%20of%20Endpoint%20Security%20Systems%20Against%20Advanced%20Persistent%2

...

Cyber1985 by L3 Networker
  • 1662 Views
  • 2 replies
  • 0 Likes

Correlation Rule for services

Is it possible to create a correlation rule to identify when new services are present on an endpoint

For example,

Create a correlation rule ,using a query that returns all services on an endpoint, that creates a new data set of the results..say there a

...

Resolved! Specific Cortex XDR Alert

Hello PA community ,

 

Please could you clarify a doubt ?

 

In Cortex XDR is there any way to alert if the endpoint is disconnected?

 

From my knowledge . i can confirm that we can retrieve disconnected agent by creating a filter from endpoint administrati

...

Cortex XDR with Citrix App Layering and MCS

We're in the process of installing a new setup with Citrix App Layering (Full User layers) and MCS. I've followed the suggestions here on non-persistent installation (VDI_ENABLED=1); even though our setup technically is sort of persistent (because of

...

BocoIP by L1 Bithead
  • 6468 Views
  • 4 replies
  • 0 Likes

Endpoint Connection Lost

Hi all,

 

Some of our endpoints in our Cortex XDR Console shows  a "Connection Lost" Status but the endpoint is still active.

The cytray shows disabled and no connection. We also checked the control panel and upon checking, The installed Cortex XDR Agen

...

EJaspe by L1 Bithead
  • 2324 Views
  • 2 replies
  • 0 Likes

Cortex XDR disk encryption

Hello,

 

I can't turn off disk encryption. I disabled the disk encryption policy for an endpoint, then the encryption status returned as not configured. But I can still see bitlocker on the endpoint is ON. How can I turn off bitlocker on endoint not ma

...

CIDR Lookup or Join for IP Enrichment

I would like to use some custom datasets to enrich some of our XQL searches.  It could be our subnets from our IPAM or in this example the ASN information.  I have used lookups and joins in the past to accomplish this in others tools and would like t

...

  • 2280 Posts
  • 86 Subscriptions
Top Solution Authors
Top Liked Authors