Device Control - Continue to Block, but not create a Violation

With regard to leveraging Device Control Profile and Policies, with regard to Disable USB Hard Drive.  Am I missing what is the process to continue to BLOCK a USB Hard Drive, but to not generate a Violation entry for it.

Use Case:
We are aware of this

Cortex XDR

Hello everybody

We recently saw a Cortex XDR app ( Pro per endpoint 200, Pro per TB 1) for activation which was purchased in 5 august in our customer support portal (in Cortex XDR Gateway)   . But we did not request any Cortex XDR app. Is it possible

Syslog Splunk Parsing

Hey everyone, 

First time poster. We just rolled out XDR and having some issues getting data into Splunk. The Splunk TA App says it does not support Syslog, but there is loads of documentation for getting agent logs, alerts, management logs sent to S

Duplicate endpoints both are connected

I'm using Cortex XDR Prevent, 

I found a duplicate value of one host with different users, different IP's and both are connected, little bit confused how it is possible, ?

What are the consequences of having the endpoint protection status: disabled in Cortex?

Enable the Agent

I had disabled the agent from the portal, how to re-enable it back from the portal, please support.

I have two queries for Cortex XDR for cloud identity engine and browser protection.

Hi,

I have deployed Cortex XDR in my environment and I have two queries it features.

1. I have integrated the on-premises AD with the help of a DSS agent and cert. It is connected and is synced in the cloud identity engine. So what is the purpose of

High Alert wininfo.exe

received alert from Traps regarding malware detection of the maximum system due to file “Wininfo.exe”.

Please find a snapshot of one system and suggest how to fix this. Is there any impact?

CORTEXXDR

WildFire Malware

High

Source:XDR Agent

Category:Malwa

After Uninstall Trap 7.2.2 from the machine - Cisco AnyConnect VPN started to work

When logging into Cisco AnyConnect VPN, the prompt: Login denied. Your environment does not meet the access criteria defined by your administrator.

After trying various methods, it cannot be solved:

Then we have uninstalled the Traps - 7.2.2 from th

Anyone using Palo Alto Cortex XDR and/or Critical Start?

Cortex XDR 7.4.1 in MAC having Malware Definition date as year 1970

Cortex XDR 7.4.1 in MAC having Malware Definition date as year 1970 in The Global Protect.

Somehow, the AV definition date for Cortex in Global Protect is showing as 1970. User is not able to connect to Global Protect as its failing HIP match from

What does it mean Prevented(Blocked) by the Agent XDR?

Hi all,

What does the Prevented (Blocked) action of the XDR agent mean? Does the user receive/see any notification?

And, how do I prevent the XDR agent from blocking that key artifact?

Thank you,

David.