Hi All,
Does XDR have below capabilities -
I know it has DF with the pro license, just wanted to know more about it also can we just click on it an enable it on the license page or does it requi
...
Does anyone knows which is the dataset for cloud inventory?
I cant seem to find the dataset meant for cloud inventory specifically for AWS.
Does anyone know if this is even available for xql searches?
Also, I cant seem to have asset widget for manag
...
Hello,
I'm trying to figure out how the vulnerability assessment (VA) feature works since I've got so many false positives.
I've check the documentation but it's not clear enough for me.
For Windows, does VA looking for installed KB? If the KB is
...
On February 19th ConnectWise released a security bulletin and update for their ScreenConnect software. https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8
On February 20th ConnectWise announced that exploitat
We have Cortex XDR 8.2.0 and 8.2.1 agents (with plans to upgrade to 8.3.0) and the threat alert logs sent to QRadar are no longer categorized properly. The events are categorized by QRadar as "unknown". Are there any plans to update the DSM Cortex
...
Hi,
How can I create an exclusion in Cortex XDR to stop it from scanning a specific executable??
We have a critical software in our company, and we've noticed that Cortex is constantly analyzing it, causing the machine high CPU and MEM.
How can we excl
Hi community,
We have assigned the Windows Portable Device block policy to some endpoints. However, we have observed that USBs are still accessible on those machines.
For future troubleshooting, we need to verify whether the policy is correctly a
...
Hello everyone.
We recently upgraded to Pro and this XQL stuff looks like an entirely different language to me still. I need some help if possible in getting started.
I'm looking to build two queries.
1) I need to go through our AD infrastructure (
...
I have a script to silently upgrade GlobalProtect clients to 6.2.2 using an msi, while avoiding disconnecting active users and reboots. It's simple and it works, but I looking to improve it by having successful upgrade status or reason for failure r
...
Hi all,
some of the users reported a BSOD after updating their Win10 endpoints. I'm thinking this might be due to the incompatibility between the driver and newest OS updates or something similar (looking into the stop code).
Stop code: DRIVER_IRQL_
I'm doing some Powershell detection testing and I noticed that when I open the Powershell GUI in windows and run a command below it doesn't trigger a Powershell detection. However, when I add powershell in front of the command it does trigger an eve
...
Hi Community! Our Tenant was recently updated to XDR version 3.9 and since then the main dashboard seems to be much slower and unresponsive. Anyone else in the community experiencing this? I have been testing using Edge and chrome the quick launcher
...
I've now finally sucessfully installed Cortex XDR in an Ubuntu-22.04 image in WSL2 in Windows 11.
However the provided cortex.conf file in the tar-file is missing a newline on the last line of the file, making it not work properly.
Editing the file a
...
Hello,
I want to activate Windows Event Collector on my system. I am looking my documentation. https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Activate-the-Windows-Event-Collector?tocId=JKwlSDeDaqpS9R1bOJda
...
Hello,
Can I Integrate Cortex XDR with Microsoft Teams. I mean can XDR send alerts and some notifications to teams?
