How to allow software for specific user
We are going to block the software by hash or process if in the future user requests an exception for a specific endpoint and how to create an exception for one particular endpoint and allow the software
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.
We are going to block the software by hash or process if in the future user requests an exception for a specific endpoint and how to create an exception for one particular endpoint and allow the software
Hello dear community!
Has anyone of you some expirience with Cortex XDR agent and Wazuh Agent?
We are discussing to setup wazuh as a SIEM, instead of splunk, Cortex DL, etc.
BR
Rob
Hello dear community,
I want to share with you my little XQL script which can identify and alert connected Clients which have no assigned endpoint group.
This can happen:
- Cortex is installed, but the endpoint name does not match the defined c
...
Dear community,
I tried to make some agents connect directly to the server without using a broker.
However, it's not able not connect to server.
I referred to the practices of others, and tried executing "cytool reconnect force", but still couldn't
...
Hi everyone,
I want to run Cytool reconnect on multiple computers,
I tried the following
echo <password>| cytool reconnect force
it works, but still displays "Enter supervisor password:", so you still need to press enter to let it continue r
...
Hello dear community,
we are running several terminal server (MS Windows) and we would like to now, why these ones (installed with TS_ENABLED=1) do not get upgraded automaticliy, when there is a new agent version available.
BR
Rob
Dear LIVEcommunity,
Did anyone encounter problem such as hostname does not match with the IP address for alert ingested from NGFW?
This is especially true when come to host that doesn't have Cortex XDR agent installed. Now, if the host cannot insta
...
We successfully implemented the cloud identity engine on-prem and in the cloud, and we enabled the engine on the cortex as well, but we don't know how to view the logs. Could you please tell us where to look for the login logs on the cortex?
Hello,
Does anyone know how to generate a report of the number of incidents per month on cortex ?
I can only generate for the current month and not for the past months.
Thanks in advance.
Greeting to all!
I have faced an interesting use case with Cortex XDR and I haven't seen solution to it ever before.
Short description of the situation - We have a successful vulnerability exploitation event. We know for sure, that it was exploited an
Dear Palo Alto Community,
I hope this message finds you well. As an active member of the community, I would like to reach out and seek your expertise regarding the capabilities of Cortex XDR, specifically in relation to the integration of URL Indic
...
Hi
does anyone know
How to add investigation powershell to the Agent script Library of XDR Action Center. That I can choose it to do incident investigation when using XDR interactive script mode
Dear Community,
When I first started the Cortex XDR Project and started installing the agents, I made a mistake and deleted the outdated installation packages from the portal.
After that I started getting a lot of disconnected agents as if they try
...
Hi, we have recently malware scanned an endpoint and upon checking the results, it appears that there were 3 malicious files on the host.
Now, I tried to right click and view related alerts on the 3 malicious files and it just shows nothing. What's
...
Subject | Likes |
---|---|
3 Likes | |
2 Likes | |
2 Likes | |
2 Likes | |
2 Likes |