This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

Start a conversation

Welcome to the Cortex XDR Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4319 Views
  • 0 replies
  • 3 Likes

Resolved! Admin password changes

I received an email yesterday saying the passwords for admin accounts will need to be updated before April14th.I just wanted to confirm that only admin passwords are being changed. Will there be any changes to integration API keys?

Resolved! Best Simulated (Fake) Malware To Use With Cortex XDR

Hi all,Do you all know what the best simulated malware is to use in testing out rules/responsiveness/etc on Cortex XDR and where to download these fake malware from. Ideally it'll be benign specially constructed so they trigger same alerts as actual malware. A dozen high-fives for tips, suggestions, participation, etc.

Cortex Subscription license doubt

We have deployed more than 800 agents in the network. Currently, we have a trial license but they will purchase the license the next month. If the actual license will come did we have to again reinstall the agents.

C:\ProgramData\Cyvera\Prevention folder piling up after installing cortex XDR

Hi Team, After installing cortex XDR, I can see C:\ProgramData\Cyvera\Prevention folder is getting filled up fast in one of the servers. There are a lot of activities on this server and Traps is catching some malicious activities often. This will definitely create logs, but i have below queries if anybody can help.is there any way to restrict th...

Resolved! XDR 3.2 Broker VM Kernel version

Hello ,We are using Cortex XDR Prevent 3.2 with 2 Broker VMs for Proxy access .I guess Broker VMs are Linux appliance . So is there any way to find the Linux kernel version which these VMs are running ?Thanks in advance for response

Balaraju by L2 Linker
  • 2844 Views
  • 2 replies
  • 0 Likes

XdrAgentCleaner Execution Monitoring

Is anyone monitoring XdrAgentCleaner execution? And if so i have a question, lets say when we run the XdrAgentCleaner, before the agent cleans all the Cortex traces, does it sends the EDR telemetry to cloud so in case if XdrAgentCleaner is used maliciously it can be tracked by creating detection rules of some sort?

Cortex XDR - Ticket system integration or linking options

Hi there, I am just getting started into what Cortex XDR can do. One item I cannot find a clear answer to so far is how XDR handles alerts forwarding or some API integration between it and, for example, Freshdesk/ServiceNow/Autotask etc. Is this possible with Cortex XDR? If you have any links to further reading please point me in the right direc...

IREPhil by L0 Member
  • 3343 Views
  • 1 replies
  • 0 Likes

Can Wildfire/Cortex XDR be Tweaked From Backend

Hi guys,We get a lot of false positives from Wildfire where it's reporting custom applications used on a "business as usual" (BAU) basis in our environment. Do you folks know if there are settings from the Wildfire backend that Palo Alto normally adjusts for customers so to decrease the sensitivity of the Wildfire engine where it's not reportin...

Resolved! Submissions to VirusTotal? VT Licence ?

Hello! As I know, samples which are provided to VT, are "lost" in the endless VT world. VT can do with the files what they want. (Sharing, etc.). When we connect Cortex XDR with VT, what will be transfered to VT? What are the limitiations with Cortex XDR and VT, if we only have a free VT license? BR Rob

Cyber1985 by L3 Networker
  • 2597 Views
  • 1 replies
  • 0 Likes

Palp alto TRAP XDR cortex

Is it safe to install paloalto cortex XDR solution?If we install in our premises then our client machine data may get compromised if cortex scan for malware on cloud. Then what is the use of proxy broker server. I want my data must be safe and it should on premises only. If my data my ip will be save on cloud then how i will be secured. What is...

Whitelist IP from XDR anlysis

Hello, We would ike to know if it is possible to create a list of IP's that will not be analysed by any of the XDR protection modules.We have a vulnerability scanning tool that uses all sorts of scripts to perform its tasks, At the moment, most of these scripts are blocked by Cortex because they look suspicious, which is true but not wanted in t...

  • 2582 Posts
  • 95 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks