Someone know what is the url for customers do feature request related with Cortex XDR #??
I see one portal for Cortex XSOAR ...
Hello,
Have anybody integrate with Panorma? There is an option to do so under the NGFW integration:
How exactly does it work?
I have integrated XDR with NGFW and everything works fine, logs are collected, but I am wondering what is the use case t
...
Hi Team,
As shown in the "Cortex XDR Agent Release" official document that 8.3.2 has been released on June 24th 2024, but we are not getting that agent version in our instance "Agent Installations".
Hi, community.
How can I integrate a firewall with cortex to enable the EDL?
On the console, I only see the following
But, I understand how to connect the firewall with cortex xdr.
Can someone help me?
Thank you
Hello everybody,
I sometimes receive alerts from our firewall blocking a malicious DNS request, but when I want to track it to the application that made that request, I just see Windows DNS cache service. Is there any way to audit specific DNS reques
...
We recently encountered an issue where a user's computer got infected with a USB virus after inserting a USB drive. The virus uses USB Driver.exe to create some directories and malicious programs as shown in the attached image. Additionally, it uses
...
Hello Everyone,
Cortex XDR has the functionality does allows you to use XQL queries to create lookups or datasets.
The problem is that these are static and cannot be dynamically updated for detection rules.
The use case I had in mind is that I have
Hello all,
I am trying to install cortex XDR but the installer ends prematurely with msi error code 1603
when going through Microsoft guides on error 1603 nothing applies to my machine! anyone faced this issue?
Hello Community,
The BIOC Analytics has recently added these alerts and I wanted to get some insight and I hope this thread can be used in the future by others as well.
While the same seems straightforward there are some issues. The name of the aler
...
Hi,
I cannot find a single "Start" event under my Agent Audit Logs. If I can see there is a "Start" if I use "Sub-Type" as a filter so I suppose there must be "Start" event. Does anyone have idea?
Hi Community,
I have a query. I am interested in retrieving the user access history for a specific URL in the browser for the last 3 months. Is it possible to run a Python script to retrieve this information?
Hi All,
Looking for an XQL query to detect extensions installed from an applications marketplace to use within the application. For eg. someone installing "github actions" extension from the azure marketplace.
We have branch network connected to Data center via MPLS VPN link. All branch PCs internet traffic going out from the DC firewall. From all the branch PCs (Around 8000), we have observed a huge outbound traffic towards internet related to Cortex XDR
...
Hi everyone,
I'm trying to use the 'run_script' API to start the built-in 'Execute_Commands' script on a target machine. I've worked through a few error messages already regarding the command string having black slashes, timeout not being set as in
...
Hi,
Can anyone tell me what is the purpose of the "Cluster Name" and "Development Platform" fields when creating a Cortex XDR Kubernetes Agent Install Package? Both fields are not mentioned in the documentation.
Thanks
Cortex XDR
