All Cygwin apps see the decoy files

Hi. My organization forced the installation of Cortex XDR 7.4.2.35695 on my workstation and When I use Cygwin it lists the anti-ransomware decoy files. It's especially troublesome when I copy directories because real files are created then.

Move an Endpoint agent to another tenant

How to move an Endpoint agent to another tenant? I just tried to transfer a Cortex XDR agent from one tenant to another tenant. But unfortunately, the said agent is keeping listed at the current tenant rather than the new tenant.

High memory consumption on newer agent versions

Hello everyone,

 I have sporadic servers in our environment producing high memory consumption with the XDR agent. Cyserver.exe will climb to 350-400mb in some instances until the service is rebooted and it brings it down to an acceptable level. Has a

Advanced Training For Cortex XDR

Hi all,

Does any of you support members, or experienced Cortex XDR users know if there's reasonably priced advanced training for the platform (on-demand or instructor-led).  Please I'm not talking about the on-demand training available at this link a

When I put my pc to sleep, it turns off automatically

Hi Team,

When I put my pc to sleep, it turns off automatically but without  Cortex XDR it's working fine.

Please suggest 

cortex xdr agent management dashboard

what is url for login to cortex xdr agent management dashboard.

How to add IP to the XDR whitelist without any security analysis

My user generated a behavioral threat alert, which caused the two PCs to not be able to communicate with each other. After we turned off the protection function of xdr agent, they were able to communicate with each other. I did not see the block ip o

How do you manage agent upgrades?

I am trying to manage agent upgrades without allowing the agent to upgrade to new and unstable releases.  For example, I do NOT want 7.5.0 upgraded on any system, but I do want the most recent 7.4 release upgraded on all systems.  I have run into iss

Bitlocker Disk Encryption Visibility = Not Supported

I am still working through our older PCs with our prior AV and disk encryption and getting over to Cortex and BitLocker.  Just noticed all the systems I completed today report "Not Supported" for the Status column.  Mousing over says the OS is not su

Device Control - Continue to Block, but not create a Violation

With regard to leveraging Device Control Profile and Policies, with regard to Disable USB Hard Drive.  Am I missing what is the process to continue to BLOCK a USB Hard Drive, but to not generate a Violation entry for it.

Use Case:
We are aware of this

Cortex XDR

Hello everybody

We recently saw a Cortex XDR app ( Pro per endpoint 200, Pro per TB 1) for activation which was purchased in 5 august in our customer support portal (in Cortex XDR Gateway)   . But we did not request any Cortex XDR app. Is it possible

Syslog Splunk Parsing

Hey everyone, 

First time poster. We just rolled out XDR and having some issues getting data into Splunk. The Splunk TA App says it does not support Syslog, but there is loads of documentation for getting agent logs, alerts, management logs sent to S

Duplicate endpoints both are connected

I'm using Cortex XDR Prevent, 

I found a duplicate value of one host with different users, different IP's and both are connected, little bit confused how it is possible, ?