Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XDR Discussions
Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.
About Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

Please note: All postings in LIVEcommunity are visible to other users; please keep your network secure by refraining from posting live IP address’s or domain names here. Contact your Customer Success team for network-specific questions.

Discussions

XQL query to pull USB plug-in statistic

Dear community,

 

I'm trying to generate the USB plug-in statistic to build case around it. Hence the following 2 XQL queries were built. The only issue is I'm not sure which one is the more accurate data as i found both results are not even close.
Do

...

Resolved! XQL Query to Help Create Correlations Rules

Hello i'm trying to do query for the specific fields in the datasets, im trying to do regextract to filter out some specific value in the fields then i use alter to move it to the new fields. But the problem is the value of the fields that im trying

...

F.Triaji by L0 Member
  • 1097 Views
  • 2 replies
  • 0 Likes

Legacy Agent Exception

Hello, 

I have a file and when I run it, Cortex XDR blocks it and shows me some information:
"""

Application information:
Application name:  Windows Explorer
Application version:  10.0.22621.3007
Application publisher:  Microsoft Corporation
Process ID:  

...

Resolved! Cortex XDR alert log notification delay

Hi All:

 

We found that the Alert notification sent by XDR was delayed in delivery.
It often took over a minute to arrive, and on one occasion it took over forty minutes for our log server to receive it.
Does anyone know how to improve this issue, or i

...

Resolved! Periodic Endpoint Scanning Report

Hi All,

 

We have configured periodic endpoint scanning in all the malware profiles in our infrastructure. We needed to get the scanning report, or at the very least, the scan's status, such as how many systems got scanned or failed. How and where ca

...

MithunKT by L2 Linker
  • 3883 Views
  • 6 replies
  • 0 Likes

Secshow.net

Hi All,

 

can you help for information i need

attach the picture.

what are the meaning thread id tunneling:secshow.net ?

 

thanks

1000003980.jpg
ade.reza by L0 Member
  • 5683 Views
  • 12 replies
  • 1 Likes

Resolved! Automatic retrive alert data on VDI XDR

Hello,
In my company, we have many non-persistent VDIs, and sometimes an alert arises and I couldn't perform the 'Retrieve alert data' because when i see alert the user has already logged out of the VDI.

My question is, is it possible in the Cortex X

...

  • 1989 Posts
  • 78 Subscriptions
Top Liked Authors